From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 671841FF13A for ; Wed, 29 Apr 2026 12:00:16 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 0B29827A80; Wed, 29 Apr 2026 12:00:16 +0200 (CEST) Message-ID: Date: Wed, 29 Apr 2026 11:59:42 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH proxmox-backup] EncryptionKeysView: Fix API2 error alert messages To: pbs-devel@lists.proxmox.com References: <20260428150950.50795-1-a.bied-charreton@proxmox.com> Content-Language: en-US, de-DE From: Christian Ebner In-Reply-To: <20260428150950.50795-1-a.bied-charreton@proxmox.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1777456685187 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.071 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Message-ID-Hash: F25NV2TLD2YU33XD5DBDPCD5WHEOMZOM X-Message-ID-Hash: F25NV2TLD2YU33XD5DBDPCD5WHEOMZOM X-MailFrom: c.ebner@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox Backup Server development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On 4/28/26 5:08 PM, Arthur Bied-Charreton wrote: > The errors returned by the encryption-keys and tape-encryption-keys > endpoints are not plain strings, so the alerts displayed on API2 errors > like failed permission checks end up being empty and therefore not very > helpful. > > Extract the error messages to display them correctly in alerts. > > Signed-off-by: Arthur Bied-Charreton > --- Thanks for the patch, definitely fine as stop-gap for now. But I think I have to improve the error handling here in general. This should probably include setting the error mask if neither permissions for tape or sync keys are given to the user, and less invasive show the missing permissions for other combinations.