From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH access-control 2/2] pools: record parent/subpool information
Date: Thu, 16 Nov 2023 16:33:06 +0100 [thread overview]
Message-ID: <20231116153306.792091-1-f.gruenbichler@proxmox.com> (raw)
In-Reply-To: <20231116153128.788593-1-f.gruenbichler@proxmox.com>
and ensure a missing intermediate pool exists at all times.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
Notes:
a "missing link" should never happen when modifying via the API (both deletion
with children and addition without the parent existing is blocked there), but
it could happen when manually editing the config.
src/PVE/AccessControl.pm | 14 +++++++++++++-
src/test/parser_writer.pl | 4 ++++
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index d9ae611..e33f844 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1529,7 +1529,19 @@ sub parse_user_config {
}
# make sure to add the pool (even if there are no members)
- $cfg->{pools}->{$pool} = { vms => {}, storage => {} } if !$cfg->{pools}->{$pool};
+ $cfg->{pools}->{$pool} = { vms => {}, storage => {}, pools => {} } if !$cfg->{pools}->{$pool};
+
+ if ($pool =~ m!/!) {
+ my $curr = $pool;
+ while ($curr =~ m!^(.*)/[^/]+$!) {
+ # ensure nested pool info is correctly recorded
+ my $parent = $1;
+ $cfg->{pools}->{$curr}->{parent} = $parent;
+ $cfg->{pools}->{$parent} = { vms => {}, storage => {}, pools => {} } if !$cfg->{pools}->{$parent};
+ $cfg->{pools}->{$parent}->{pools}->{$curr} = 1;
+ $curr = $parent;
+ }
+ }
$cfg->{pools}->{$pool}->{comment} = PVE::Tools::decode_text($comment) if $comment;
diff --git a/src/test/parser_writer.pl b/src/test/parser_writer.pl
index 65a70eb..80c346b 100755
--- a/src/test/parser_writer.pl
+++ b/src/test/parser_writer.pl
@@ -237,21 +237,25 @@ my $default_cfg = {
'id' => 'testpool',
vms => {},
storage => {},
+ pools => {},
},
test_pool_members => {
'id' => 'testpool',
vms => { 123 => 1, 1234 => 1},
storage => { 'local' => 1, 'local-zfs' => 1},
+ pools => {},
},
test_pool_duplicate_vms => {
'id' => 'test_duplicate_vms',
vms => {},
storage => {},
+ pools => {},
},
test_pool_duplicate_storages => {
'id' => 'test_duplicate_storages',
vms => {},
storage => { 'local' => 1, 'local-zfs' => 1},
+ pools => {},
},
acl_simple_user => {
'path' => '/',
--
2.39.2
next prev parent reply other threads:[~2023-11-16 15:33 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-16 15:31 [pve-devel] [RFC access-control/manager 0/4] fix #1148: nested pools Fabian Grünbichler
2023-11-16 15:31 ` [pve-devel] [PATCH access-control 1/2] allow up to three levels of pool nesting Fabian Grünbichler
2023-11-17 10:00 ` Wolfgang Bumiller
2023-11-17 15:31 ` Fabian Grünbichler
2023-11-16 15:31 ` [pve-devel] [PATCH access-control 2/2] pools: record parent/subpool information Fabian Grünbichler
2023-11-17 10:10 ` Wolfgang Bumiller
2023-11-17 15:29 ` Fabian Grünbichler
2023-11-16 15:33 ` Fabian Grünbichler [this message]
2023-11-16 15:54 ` [pve-devel] [RFC access-control/manager 0/4] fix #1148: nested pools Philipp Hufnagl
2023-11-17 7:09 ` [pve-devel] [PATCH manager 1/2] api: pools: support " Fabian Grünbichler
2023-11-17 7:09 ` [pve-devel] [PATCH manager 2/2] ui: pools: switch to new API endpoints Fabian Grünbichler
2023-11-17 11:58 ` [pve-devel] [PATCH manager 1/2] api: pools: support nested pools Wolfgang Bumiller
2023-11-17 15:27 ` Fabian Grünbichler
2023-11-20 7:22 [pve-devel] [PATCH access-control/manager 0/4] fix #1148: " Fabian Grünbichler
2023-11-20 7:22 ` [pve-devel] [PATCH access-control 2/2] pools: record parent/subpool information Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231116153306.792091-1-f.gruenbichler@proxmox.com \
--to=f.gruenbichler@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox