From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 399BF1FF183 for ; Wed, 5 Nov 2025 11:07:52 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 81DB41FF6A; Wed, 5 Nov 2025 11:08:32 +0100 (CET) Message-ID: <917c24e9-55f1-4119-82b6-92ef530c0fbe@proxmox.com> Date: Wed, 5 Nov 2025 11:07:58 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Beta To: Proxmox Datacenter Manager development discussion , Lukas Wagner References: <20251103123521.266258-1-l.wagner@proxmox.com> <20251103123521.266258-4-l.wagner@proxmox.com> Content-Language: en-US From: Dominik Csapak In-Reply-To: <20251103123521.266258-4-l.wagner@proxmox.com> X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1762337260094 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.029 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pdm-devel] [PATCH datacenter-manager v2 03/12] acl: add '/view' and '/view/{view-id}' as allowed ACL paths X-BeenThere: pdm-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Datacenter Manager development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Datacenter Manager development discussion Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: pdm-devel-bounces@lists.proxmox.com Sender: "pdm-devel" Reviewed-by: Dominik Csapak On 11/3/25 1:35 PM, Lukas Wagner wrote: > These paths will be used for ACL objects for views. A view has filter > rules that specify which resources/remotes are included in the view. If > a user has permissions on the corresponding ACL object for the view, > then the privileges are transitively applied to the included resources > as well. > > Signed-off-by: Lukas Wagner > --- > server/src/acl.rs | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/server/src/acl.rs b/server/src/acl.rs > index 52a1f972..f5f57c03 100644 > --- a/server/src/acl.rs > +++ b/server/src/acl.rs > @@ -150,6 +150,12 @@ impl proxmox_access_control::init::AccessControlConfig for AccessControlConfig { > _ => {} > } > } > + "view" => { > + // `/view` and `/view/{view-id}` > + if components_len <= 2 { > + return Ok(()); > + } > + } > _ => {} > } > _______________________________________________ pdm-devel mailing list pdm-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel