From: Thomas Lamprecht <t.lamprecht@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>,
Lukas Wagner <l.wagner@proxmox.com>
Subject: [pve-devel] applied: [PATCH pve-manager] api: notification targets: fix permission check for POST/PUT
Date: Fri, 29 Nov 2024 11:46:16 +0100 [thread overview]
Message-ID: <295298fb-fc8f-4217-9b5c-58ba71e26ef8@proxmox.com> (raw)
In-Reply-To: <20241129085908.44049-1-l.wagner@proxmox.com>
Am 29.11.24 um 09:59 schrieb Lukas Wagner:
> This fixes the error:
> unknown permission test at /usr/share/perl5/PVE/RPCEnvironment.pm line 536. (500)
> which occured when trying to create or update a notification target.
>
> The cause was a permission 'check' parameter for the API handlers which was nested
> one level too deep by accident.
>
> This regression was introduced in a previous commit which raised the
> needed permissions for notification target management. It likely went
> unnoticed because the permission check is skipped for root@pam, so
> the error occurs only if using another user.
>
> Reported in the community forum:
> https://forum.proxmox.com/threads/158101
>
> Fixes: a3fe9c54 ("api: notifications: require powerful privileges for target management")
> Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
> ---
> PVE/API2/Cluster/Notifications.pm | 96 +++++++++++++------------------
> 1 file changed, 40 insertions(+), 56 deletions(-)
>
>
applied, thanks!
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
prev parent reply other threads:[~2024-11-29 10:46 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-29 8:59 [pve-devel] " Lukas Wagner
2024-11-29 10:46 ` Thomas Lamprecht [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=295298fb-fc8f-4217-9b5c-58ba71e26ef8@proxmox.com \
--to=t.lamprecht@proxmox.com \
--cc=l.wagner@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal