From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <pve-devel-bounces@lists.proxmox.com> Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 19C611FF16F for <inbox@lore.proxmox.com>; Thu, 13 Feb 2025 18:21:41 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id B704FBC89; Thu, 13 Feb 2025 18:21:36 +0100 (CET) Message-ID: <68d023cf-0e18-40ac-b7a2-8402f57d7ac4@proxmox.com> Date: Thu, 13 Feb 2025 18:21:03 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>, Filip Schauer <f.schauer@proxmox.com> References: <20250120112842.36450-1-f.schauer@proxmox.com> <20250120112842.36450-4-f.schauer@proxmox.com> Content-Language: en-US From: Fiona Ebner <f.ebner@proxmox.com> In-Reply-To: <20250120112842.36450-4-f.schauer@proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL -0.046 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pve-devel] [PATCH storage v6 3/7] api: content: support moving backups between path based storages X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com> List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe> List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/> List-Post: <mailto:pve-devel@lists.proxmox.com> List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help> List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe> Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com> Am 20.01.25 um 12:28 schrieb Filip Schauer: > This commit adds the "backup+size" export format. When this format is > used, the data stream starts with metadata of the backup (protected flag > & notes) followed by the contents of the backup archive. > > Signed-off-by: Filip Schauer <f.schauer@proxmox.com> > --- > src/PVE/API2/Storage/Content.pm | 15 ++++++++++-- > src/PVE/Storage.pm | 10 +++++++- > src/PVE/Storage/Plugin.pm | 42 +++++++++++++++++++++++++++++---- > 3 files changed, 60 insertions(+), 7 deletions(-) > > diff --git a/src/PVE/API2/Storage/Content.pm b/src/PVE/API2/Storage/Content.pm > index ac451dc..9ee3c51 100644 > --- a/src/PVE/API2/Storage/Content.pm > +++ b/src/PVE/API2/Storage/Content.pm > @@ -548,10 +548,10 @@ __PACKAGE__->register_method ({ > > my $cfg = PVE::Storage::config(); > > - my ($vtype) = PVE::Storage::parse_volname($cfg, $src_volid); > + my ($vtype, undef, $ownervm) = PVE::Storage::parse_volname($cfg, $src_volid); > die "use pct move-volume or qm disk move" if $vtype eq 'images' || $vtype eq 'rootdir'; > die "moving volume of type '$vtype' not implemented\n" > - if (!grep { $vtype eq $_ } qw(import iso snippets vztmpl)); > + if (!grep { $vtype eq $_ } qw(backup import iso snippets vztmpl)); > > my $rpcenv = PVE::RPCEnvironment::get(); > my $user = $rpcenv->get_user(); > @@ -560,10 +560,21 @@ __PACKAGE__->register_method ({ > > if ($delete) { > $rpcenv->check($user, "/storage/$src_storeid", ["Datastore.Allocate"]); > + > + if ($vtype eq 'backup') { > + my $src_cfg = PVE::Storage::storage_config($cfg, $src_storeid); > + my $src_plugin = PVE::Storage::Plugin->lookup($src_cfg->{type}); > + my $protected = $src_plugin->get_volume_attribute($src_cfg, $src_storeid, $volname, 'protected'); I'd prefer this to use the function from the storage module rather than calling into the plugin itself. > + die "cannot delete protected backup\n" if $protected; > + } > } else { > $rpcenv->check($user, "/storage/$dst_storeid", ["Datastore.AllocateSpace"]); > } > > + if ($vtype eq 'backup' && $ownervm) { > + $rpcenv->check($user, "/vms/$ownervm", ['VM.Backup']); > + } Don't you just need to pass $ownervm to check_volume_access()? Because having this check rules out a user with Datastore.Allocate to use the API if they don't also have the backup permission. _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel