[pve-devel] [PATCH v3 manager 1/4] vzdump: storage info: move out activate storage call

[pve-devel] [PATCH v3 manager 1/4] vzdump: storage info: move out activate storage call

[Fabian Ebner]

Otherwise storage_info() cannot be used for (at least) PBS storages from an API
call without 'protected => 1', because the password cannot be read from
'/etc/pve/priv'. Note that the function itself does not need the storage to be
active, because it only uses storage_config() and get_backup_dir().

AFAICT new() is the only existing user of this function and can be responsible
for activating the storage itself.

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
---

New in v3

 PVE/VZDump.pm | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/PVE/VZDump.pm b/PVE/VZDump.pm
index 02858d8e..fb4c8bad 100644
--- a/PVE/VZDump.pm
+++ b/PVE/VZDump.pm
@@ -106,8 +106,6 @@ sub storage_info {
     die "can't use storage '$storage' for backups - wrong content type\n"
 	if (!$scfg->{content}->{backup});
 
-    PVE::Storage::activate_storage($cfg, $storage);
-
     my $info = {
 	scfg => $scfg,
     };
@@ -505,6 +503,13 @@ sub new {
     my $errors = '';
 
     if ($opts->{storage}) {
+	my $storage_cfg = PVE::Storage::config();
+	eval { PVE::Storage::activate_storage($storage_cfg, $opts->{storage}) };
+	if (my $err = $@) {
+	    chomp($err);
+	    $errors .= "could not activate storage '$opts->{storage}': $err";
+	}
+
 	my $info = eval { storage_info ($opts->{storage}) };
 	if (my $err = $@) {
 	    chomp($err);
-- 
2.20.1

[pve-devel] [PATCH v3 manager 2/4] api: vzdump: add call to get currently configured vzdump defaults

[Fabian Ebner]

on a given node (and storage).

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
---

New in v3

 PVE/API2/VZDump.pm | 89 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 89 insertions(+)

diff --git a/PVE/API2/VZDump.pm b/PVE/API2/VZDump.pm
index 44376106..109e178b 100644
--- a/PVE/API2/VZDump.pm
+++ b/PVE/API2/VZDump.pm
@@ -146,6 +146,95 @@ __PACKAGE__->register_method ({
 	return $rpcenv->fork_worker('vzdump', $taskid, $user, $worker);
    }});
 
+__PACKAGE__->register_method ({
+    name => 'defaults',
+    path => 'defaults',
+    method => 'GET',
+    description => "Get the currently configured vzdump defaults.",
+    permissions => {
+	description => "The user needs 'Datastore.Audit' or " .
+	    "'Datastore.AllocateSpace' permissions for the specified storage " .
+	    "(or default storage if none specified). Some properties are only " .
+	    "returned when the user has 'Sys.Audit' permissions for the node.",
+	user => 'all',
+    },
+    proxyto => 'node',
+    parameters => {
+	additionalProperties => 0,
+	properties => {
+	    node => get_standard_option('pve-node'),
+	    storage => get_standard_option('pve-storage-id', { optional => 1 }),
+	},
+    },
+    returns => {
+	type => 'object',
+	additionalProperties => 0,
+	properties => PVE::VZDump::Common::json_config_properties(),
+    },
+    code => sub {
+	my ($param) = @_;
+
+	my $node = extract_param($param, 'node');
+	my $storage = extract_param($param, 'storage');
+
+	my $rpcenv = PVE::RPCEnvironment::get();
+	my $authuser = $rpcenv->get_user();
+
+	my $res = PVE::VZDump::read_vzdump_defaults();
+
+	$res->{storage} = $storage if defined($storage);
+
+	if (!defined($res->{dumpdir}) && !defined($res->{storage})) {
+	    $res->{storage} = 'local';
+	}
+
+	if (defined($res->{storage})) {
+	    $rpcenv->check_any(
+		$authuser,
+		"/storage/$res->{storage}",
+		['Datastore.Audit', 'Datastore.AllocateSpace'],
+	    );
+
+	    my $info = PVE::VZDump::storage_info($res->{storage});
+	    foreach my $key (qw(dumpdir prune-backups)) {
+		$res->{$key} = $info->{$key} if defined($info->{$key});
+	    }
+	}
+
+	if (defined($res->{'prune-backups'})) {
+	    $res->{'prune-backups'} = PVE::JSONSchema::print_property_string(
+		$res->{'prune-backups'},
+		'prune-backups',
+	    );
+	}
+
+	$res->{mailto} = join(",", @{$res->{mailto}})
+	    if defined($res->{mailto});
+
+	$res->{'exclude-path'} = join(",", @{$res->{'exclude-path'}})
+	    if defined($res->{'exclude-path'});
+
+	# normal backup users don't need to know these
+	if (!$rpcenv->check($authuser, "/nodes/$node", ['Sys.Audit'], 1)) {
+	    delete $res->{mailto};
+	    delete $res->{tmpdir};
+	    delete $res->{dumpdir};
+	    delete $res->{script};
+	    delete $res->{bwlimit};
+	    delete $res->{ionice};
+	}
+
+	my $pool = $res->{pool};
+	if (defined($pool) &&
+	    !$rpcenv->check($authuser, "/pool/$pool", ['Pool.Allocate'], 1)) {
+	    delete $res->{pool};
+	}
+
+	delete $res->{size}; # deprecated, to be dropped with PVE 7.0
+
+	return $res;
+    }});
+
 __PACKAGE__->register_method ({
     name => 'extractconfig',
     path => 'extractconfig',
-- 
2.20.1

[pve-devel] [PATCH v3 manager 3/4] ui: backup: fill in some of the configured vzdump defaults

[Fabian Ebner]

Do not fill in the default for compression, because the initial default for the
backend is to not compress, while the current default for the UI is zstd, which
is preferable.

The 'defaults' API call expects the user to have permissions on the storage,
because retention options are storage-dependent. Use a flag initialDefaults to
make sure storage-independent properties are only set once, so they are not
reset when a user changes the storage after editing them.

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
---

New in v3

 www/manager6/window/Backup.js | 52 +++++++++++++++++++++++++++--------
 1 file changed, 40 insertions(+), 12 deletions(-)

diff --git a/www/manager6/window/Backup.js b/www/manager6/window/Backup.js
index 615073f3..a6dc1798 100644
--- a/www/manager6/window/Backup.js
+++ b/www/manager6/window/Backup.js
@@ -24,6 +24,20 @@ Ext.define('PVE.window.Backup', {
 	    fieldLabel: gettext('Compression'),
 	});
 
+	let modeSelector = Ext.create('PVE.form.BackupModeSelector', {
+	    fieldLabel: gettext('Mode'),
+	    value: 'snapshot',
+	    name: 'mode',
+	});
+
+	let mailtoField = Ext.create('Ext.form.field.Text', {
+	    fieldLabel: gettext('Send email to'),
+	    name: 'mailto',
+	    emptyText: Proxmox.Utils.noneText,
+	});
+
+	let initialDefaults = false;
+
 	var storagesel = Ext.create('PVE.form.StorageSelector', {
 	    nodename: me.nodename,
 	    name: 'storage',
@@ -41,6 +55,30 @@ Ext.define('PVE.window.Backup', {
 		    } else if (!compressionSelector.getEditable()) {
 			compressionSelector.setDisabled(false);
 		    }
+
+		    Proxmox.Utils.API2Request({
+			url: `/nodes/${me.nodename}/vzdump/defaults`,
+			method: 'GET',
+			params: {
+			    storage: v,
+			},
+			waitMsgTarget: me,
+			success: function(response, opts) {
+			    const data = response.result.data;
+
+			    if (!initialDefaults && data.mailto !== undefined) {
+				mailtoField.setValue(data.mailto);
+			    }
+			    if (!initialDefaults && data.mode !== undefined) {
+				modeSelector.setValue(data.mode);
+			    }
+
+			    initialDefaults = true;
+			},
+			failure: function(response, opts) {
+			    Ext.Msg.alert(gettext('Error'), response.htmlStatus);
+			},
+		    });
 		},
 	    },
 	});
@@ -55,19 +93,9 @@ Ext.define('PVE.window.Backup', {
 	    },
 	    items: [
 		storagesel,
-		{
-		    xtype: 'pveBackupModeSelector',
-		    fieldLabel: gettext('Mode'),
-		    value: 'snapshot',
-		    name: 'mode',
-		},
+		modeSelector,
 		compressionSelector,
-		{
-		    xtype: 'textfield',
-		    fieldLabel: gettext('Send email to'),
-		    name: 'mailto',
-		    emptyText: Proxmox.Utils.noneText,
-		},
+		mailtoField,
 	    ],
 	});
 
-- 
2.20.1

[pve-devel] [PATCH v3 manager 4/4] fix #2745: ui: backup: allow specifying remove parameter for manual backup

[Fabian Ebner]

and also show the retention options that will be used for a given storage. A
user with Datastore.AllocateSpace and VM.Backup can already remove backups from
the GUI manually, so it shouldn't be a problem if they can set the remove flag
when starting a manual backup in the GUI.

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
---

Changes from v2:
    * hide Prune checkbox if there are no prune-settings or if keep-all=1
    * also show the retention options that are going to be used

 www/manager6/window/Backup.js | 67 +++++++++++++++++++++++++++++++++--
 1 file changed, 65 insertions(+), 2 deletions(-)

diff --git a/www/manager6/window/Backup.js b/www/manager6/window/Backup.js
index a6dc1798..886ef6f2 100644
--- a/www/manager6/window/Backup.js
+++ b/www/manager6/window/Backup.js
@@ -36,6 +36,39 @@ Ext.define('PVE.window.Backup', {
 	    emptyText: Proxmox.Utils.noneText,
 	});
 
+	const keepNames = [
+	    'keep-last',
+	    'keep-hourly',
+	    'keep-daily',
+	    'keep-weekly',
+	    'keep-monthly',
+	    'keep-yearly',
+	];
+
+	let pruneSettings = keepNames.map(
+	    name => Ext.create('Ext.form.field.Display', {
+		name: name,
+		fieldLabel: gettext(name),
+		hidden: true,
+		disabled: true,
+	    }),
+	);
+
+	let removeCheckbox = Ext.create('Proxmox.form.Checkbox', {
+	    name: 'remove',
+	    checked: false,
+	    hidden: true,
+	    uncheckedValue: 0,
+	    fieldLabel: gettext('Prune'),
+	    autoEl: {
+		tag: 'div',
+		'data-qtip': gettext('Prune older backups afterwards'),
+	    },
+	    handler: function(checkbox, value) {
+		pruneSettings.forEach(field => field.setDisabled(!value));
+	    },
+	});
+
 	let initialDefaults = false;
 
 	var storagesel = Ext.create('PVE.form.StorageSelector', {
@@ -74,6 +107,35 @@ Ext.define('PVE.window.Backup', {
 			    }
 
 			    initialDefaults = true;
+
+			    // always update storage dependent properties
+			    if (data['prune-backups'] !== undefined) {
+				const keepParams = PVE.Parser.parsePropertyString(
+				    data["prune-backups"],
+				);
+				if (!keepParams['keep-all']) {
+				    removeCheckbox.setHidden(false);
+				    pruneSettings.forEach(function(field) {
+					const keep = keepParams[field.name];
+					if (keep) {
+					    field.setValue(keep);
+					    field.setHidden(false);
+					} else {
+					    field.reset();
+					    field.setHidden(true);
+					}
+				    });
+				    return;
+				}
+			    }
+
+			    // no defaults or keep-all=1
+			    removeCheckbox.setHidden(true);
+			    removeCheckbox.setValue(false);
+			    pruneSettings.forEach(function(field) {
+				field.reset();
+				field.setHidden(true);
+			    });
 			},
 			failure: function(response, opts) {
 			    Ext.Msg.alert(gettext('Error'), response.htmlStatus);
@@ -96,7 +158,8 @@ Ext.define('PVE.window.Backup', {
 		modeSelector,
 		compressionSelector,
 		mailtoField,
-	    ],
+		removeCheckbox,
+	    ].concat(pruneSettings),
 	});
 
 	var form = me.formPanel.getForm();
@@ -110,7 +173,7 @@ Ext.define('PVE.window.Backup', {
 		    storage: storage,
 		    vmid: me.vmid,
 		    mode: values.mode,
-		    remove: 0,
+		    remove: values.remove,
 		};
 
 		if (values.mailto) {
-- 
2.20.1

[pve-devel] applied: [PATCH v3 manager 1/4] vzdump: storage info: move out activate storage call

[Thomas Lamprecht]

On 11.03.21 10:22, Fabian Ebner wrote:
> Otherwise storage_info() cannot be used for (at least) PBS storages from an API
> call without 'protected => 1', because the password cannot be read from
> '/etc/pve/priv'. Note that the function itself does not need the storage to be
> active, because it only uses storage_config() and get_backup_dir().
> 
> AFAICT new() is the only existing user of this function and can be responsible
> for activating the storage itself.
> 
> Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
> ---
> 
> New in v3
> 
>  PVE/VZDump.pm | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
>

applied, thanks!

Re: [pve-devel] [PATCH v3 manager 2/4] api: vzdump: add call to get currently configured vzdump defaults

[Thomas Lamprecht]

On 11.03.21 10:22, Fabian Ebner wrote:
> on a given node (and storage).
> 
> Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
> ---
> 
> New in v3
> 
>  PVE/API2/VZDump.pm | 89 ++++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 89 insertions(+)
> 
> diff --git a/PVE/API2/VZDump.pm b/PVE/API2/VZDump.pm
> index 44376106..109e178b 100644
> --- a/PVE/API2/VZDump.pm
> +++ b/PVE/API2/VZDump.pm
> @@ -146,6 +146,95 @@ __PACKAGE__->register_method ({
>  	return $rpcenv->fork_worker('vzdump', $taskid, $user, $worker);
>     }});
>  
> +__PACKAGE__->register_method ({
> +    name => 'defaults',
> +    path => 'defaults',
> +    method => 'GET',
> +    description => "Get the currently configured vzdump defaults.",
> +    permissions => {
> +	description => "The user needs 'Datastore.Audit' or " .
> +	    "'Datastore.AllocateSpace' permissions for the specified storage " .
> +	    "(or default storage if none specified). Some properties are only " .
> +	    "returned when the user has 'Sys.Audit' permissions for the node.",

style nit: you can go up to 100 character columns here, also we 

> +	user => 'all',
> +    },
> +    proxyto => 'node',
> +    parameters => {
> +	additionalProperties => 0,
> +	properties => {
> +	    node => get_standard_option('pve-node'),
> +	    storage => get_standard_option('pve-storage-id', { optional => 1 }),
> +	},
> +    },
> +    returns => {
> +	type => 'object',
> +	additionalProperties => 0,
> +	properties => PVE::VZDump::Common::json_config_properties(),

above may suggest that all those properties are returned, but we delete some
out flat, so even if one would access this as root@pam they won't get all of
those and may get confused due to API schema/return value mismatch.

Maybe we could derive a hash from above list at module scope, and delete those
keys that never will be returned. That list could also be reused below for
filtering out those unwanted keys too then.

> +    },
> +    code => sub {
> +	my ($param) = @_;
> +
> +	my $node = extract_param($param, 'node');
> +	my $storage = extract_param($param, 'storage');
> +
> +	my $rpcenv = PVE::RPCEnvironment::get();
> +	my $authuser = $rpcenv->get_user();
> +
> +	my $res = PVE::VZDump::read_vzdump_defaults();
> +
> +	$res->{storage} = $storage if defined($storage);
> +
> +	if (!defined($res->{dumpdir}) && !defined($res->{storage})) {
> +	    $res->{storage} = 'local';
> +	}
> +
> +	if (defined($res->{storage})) {
> +	    $rpcenv->check_any(
> +		$authuser,
> +		"/storage/$res->{storage}",
> +		['Datastore.Audit', 'Datastore.AllocateSpace'],
> +	    );
> +
> +	    my $info = PVE::VZDump::storage_info($res->{storage});
> +	    foreach my $key (qw(dumpdir prune-backups)) {

style nit, for new code use `for`, `foreach` has no additional value/functionality
over `for` since a long time (if ever, actually not too sure from top of my head).

> +		$res->{$key} = $info->{$key} if defined($info->{$key});
> +	    }
> +	}
> +
> +	if (defined($res->{'prune-backups'})) {
> +	    $res->{'prune-backups'} = PVE::JSONSchema::print_property_string(
> +		$res->{'prune-backups'},
> +		'prune-backups',
> +	    );
> +	}
> +
> +	$res->{mailto} = join(",", @{$res->{mailto}})
> +	    if defined($res->{mailto});
> +
> +	$res->{'exclude-path'} = join(",", @{$res->{'exclude-path'}})
> +	    if defined($res->{'exclude-path'});
> +
> +	# normal backup users don't need to know these
> +	if (!$rpcenv->check($authuser, "/nodes/$node", ['Sys.Audit'], 1)) {
> +	    delete $res->{mailto};
> +	    delete $res->{tmpdir};
> +	    delete $res->{dumpdir};
> +	    delete $res->{script};
> +	    delete $res->{bwlimit};

The bwlimit could be exposed though, similarly to how we do already on backup restore.
For not so privileged user we may want to do something like getting the
min($api_bwlimit, $storage_or_dc_options_bwlimit) to ensure an user cannot weasel
themself out of admin imposed restrictions... Also, this does not needs to be in
that series, just a general idea...

> +	    delete $res->{ionice};
> +	}
> +
> +	my $pool = $res->{pool};
> +	if (defined($pool) &&
> +	    !$rpcenv->check($authuser, "/pool/$pool", ['Pool.Allocate'], 1)) {
> +	    delete $res->{pool};
> +	}
> +
> +	delete $res->{size}; # deprecated, to be dropped with PVE 7.0
> +
> +	return $res;
> +    }});
> +
>  __PACKAGE__->register_method ({
>      name => 'extractconfig',
>      path => 'extractconfig',
> 

Re: [pve-devel] [PATCH v3 manager 2/4] api: vzdump: add call to get currently configured vzdump defaults

[Fabian Ebner]

Am 01.04.21 um 15:40 schrieb Thomas Lamprecht:
> On 11.03.21 10:22, Fabian Ebner wrote:
>> on a given node (and storage).
>>
>> Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
>> ---
>>
>> New in v3
>>
>>   PVE/API2/VZDump.pm | 89 ++++++++++++++++++++++++++++++++++++++++++++++
>>   1 file changed, 89 insertions(+)
>>
>> diff --git a/PVE/API2/VZDump.pm b/PVE/API2/VZDump.pm
>> index 44376106..109e178b 100644
>> --- a/PVE/API2/VZDump.pm
>> +++ b/PVE/API2/VZDump.pm
>> @@ -146,6 +146,95 @@ __PACKAGE__->register_method ({
>>   	return $rpcenv->fork_worker('vzdump', $taskid, $user, $worker);
>>      }});
>>   
>> +__PACKAGE__->register_method ({
>> +    name => 'defaults',
>> +    path => 'defaults',
>> +    method => 'GET',
>> +    description => "Get the currently configured vzdump defaults.",
>> +    permissions => {
>> +	description => "The user needs 'Datastore.Audit' or " .
>> +	    "'Datastore.AllocateSpace' permissions for the specified storage " .
>> +	    "(or default storage if none specified). Some properties are only " .
>> +	    "returned when the user has 'Sys.Audit' permissions for the node.",
> 
> style nit: you can go up to 100 character columns here, also we
> 

Ok

>> +	user => 'all',
>> +    },
>> +    proxyto => 'node',
>> +    parameters => {
>> +	additionalProperties => 0,
>> +	properties => {
>> +	    node => get_standard_option('pve-node'),
>> +	    storage => get_standard_option('pve-storage-id', { optional => 1 }),
>> +	},
>> +    },
>> +    returns => {
>> +	type => 'object',
>> +	additionalProperties => 0,
>> +	properties => PVE::VZDump::Common::json_config_properties(),
> 
> above may suggest that all those properties are returned, but we delete some
> out flat, so even if one would access this as root@pam they won't get all of
> those and may get confused due to API schema/return value mismatch.
> 
> Maybe we could derive a hash from above list at module scope, and delete those
> keys that never will be returned. That list could also be reused below for
> filtering out those unwanted keys too then.
> 

The only key that is always dropped is the deprecated 'size' key. For 
privileged users, all others are returned. And the schema says that all 
properties are optional. We could create a new hash and drop the 
'optional' for those with a default value that are never dropped, but 
not sure if that's worth it...

>> +    },
>> +    code => sub {
>> +	my ($param) = @_;
>> +
>> +	my $node = extract_param($param, 'node');
>> +	my $storage = extract_param($param, 'storage');
>> +
>> +	my $rpcenv = PVE::RPCEnvironment::get();
>> +	my $authuser = $rpcenv->get_user();
>> +
>> +	my $res = PVE::VZDump::read_vzdump_defaults();
>> +
>> +	$res->{storage} = $storage if defined($storage);
>> +
>> +	if (!defined($res->{dumpdir}) && !defined($res->{storage})) {
>> +	    $res->{storage} = 'local';
>> +	}
>> +
>> +	if (defined($res->{storage})) {
>> +	    $rpcenv->check_any(
>> +		$authuser,
>> +		"/storage/$res->{storage}",
>> +		['Datastore.Audit', 'Datastore.AllocateSpace'],
>> +	    );
>> +
>> +	    my $info = PVE::VZDump::storage_info($res->{storage});
>> +	    foreach my $key (qw(dumpdir prune-backups)) {
> 
> style nit, for new code use `for`, `foreach` has no additional value/functionality
> over `for` since a long time (if ever, actually not too sure from top of my head).
> 

Will do, but might be worth updating the style guide:
"use either of foreach or for when looping over a list of elements."

https://pve.proxmox.com/wiki/Perl_Style_Guide#Perl_syntax_choices

>> +		$res->{$key} = $info->{$key} if defined($info->{$key});
>> +	    }
>> +	}
>> +
>> +	if (defined($res->{'prune-backups'})) {
>> +	    $res->{'prune-backups'} = PVE::JSONSchema::print_property_string(
>> +		$res->{'prune-backups'},
>> +		'prune-backups',
>> +	    );
>> +	}
>> +
>> +	$res->{mailto} = join(",", @{$res->{mailto}})
>> +	    if defined($res->{mailto});
>> +
>> +	$res->{'exclude-path'} = join(",", @{$res->{'exclude-path'}})
>> +	    if defined($res->{'exclude-path'});
>> +
>> +	# normal backup users don't need to know these
>> +	if (!$rpcenv->check($authuser, "/nodes/$node", ['Sys.Audit'], 1)) {
>> +	    delete $res->{mailto};
>> +	    delete $res->{tmpdir};
>> +	    delete $res->{dumpdir};
>> +	    delete $res->{script};
>> +	    delete $res->{bwlimit};
> 
> The bwlimit could be exposed though, similarly to how we do already on backup restore.
> For not so privileged user we may want to do something like getting the
> min($api_bwlimit, $storage_or_dc_options_bwlimit) to ensure an user cannot weasel
> themself out of admin imposed restrictions... Also, this does not needs to be in
> that series, just a general idea...
> 

Ok. From the top of my head, it should be enough to do a 
get_bandwith_limit call for the storage together with the potential 
override, i.e. res->{bwlimit}.

I mean the admin imposed restriction would still take place on the 
vzdump call afterwards, but of course better if the value returned here 
is actually what's to be expected afterwards.

>> +	    delete $res->{ionice};
>> +	}
>> +
>> +	my $pool = $res->{pool};
>> +	if (defined($pool) &&
>> +	    !$rpcenv->check($authuser, "/pool/$pool", ['Pool.Allocate'], 1)) {
>> +	    delete $res->{pool};
>> +	}
>> +
>> +	delete $res->{size}; # deprecated, to be dropped with PVE 7.0
>> +
>> +	return $res;
>> +    }});
>> +
>>   __PACKAGE__->register_method ({
>>       name => 'extractconfig',
>>       path => 'extractconfig',
>>
> 

Re: [pve-devel] [PATCH v3 manager 2/4] api: vzdump: add call to get currently configured vzdump defaults

[Thomas Lamprecht]

On 02.04.21 14:27, Fabian Ebner wrote:
> Am 01.04.21 um 15:40 schrieb Thomas Lamprecht:
>> On 11.03.21 10:22, Fabian Ebner wrote:
>>> +    user => 'all',
>>> +    },
>>> +    proxyto => 'node',
>>> +    parameters => {
>>> +    additionalProperties => 0,
>>> +    properties => {
>>> +        node => get_standard_option('pve-node'),
>>> +        storage => get_standard_option('pve-storage-id', { optional => 1 }),
>>> +    },
>>> +    },
>>> +    returns => {
>>> +    type => 'object',
>>> +    additionalProperties => 0,
>>> +    properties => PVE::VZDump::Common::json_config_properties(),
>>
>> above may suggest that all those properties are returned, but we delete some
>> out flat, so even if one would access this as root@pam they won't get all of
>> those and may get confused due to API schema/return value mismatch.
>>
>> Maybe we could derive a hash from above list at module scope, and delete those
>> keys that never will be returned. That list could also be reused below 
for
>> filtering out those unwanted keys too then.
>>
> 
> The only key that is always dropped is the deprecated 'size' key. For privileged users, all others are returned. And the schema says that all properties are optional. We could create a new hash and drop the 'optional' 
for those with a default value that are never dropped, but not sure if that's worth it...

hmm, yeah in that case it's probably not worth it...

> 
>>> +    },
>>> +    code => sub {
>>> +    my ($param) = @_;
>>> +
>>> +    my $node = extract_param($param, 'node');
>>> +    my $storage = extract_param($param, 'storage');
>>> +
>>> +    my $rpcenv = PVE::RPCEnvironment::get();
>>> +    my $authuser = $rpcenv->get_user();
>>> +
>>> +    my $res = PVE::VZDump::read_vzdump_defaults();
>>> +
>>> +    $res->{storage} = $storage if defined($storage);
>>> +
>>> +    if (!defined($res->{dumpdir}) && !defined($res->{storage})) {
>>> +        $res->{storage} = 'local';
>>> +    }
>>> +
>>> +    if (defined($res->{storage})) {
>>> +        $rpcenv->check_any(
>>> +        $authuser,
>>> +        "/storage/$res->{storage}",
>>> +        ['Datastore.Audit', 'Datastore.AllocateSpace'],
>>> +        );
>>> +
>>> +        my $info = PVE::VZDump::storage_info($res->{storage});
>>> +        foreach my $key (qw(dumpdir prune-backups)) {
>>
>> style nit, for new code use `for`, `foreach` has no additional value/functionality
>> over `for` since a long time (if ever, actually not too sure from top of my head).
>>
> 
> Will do, but might be worth updating the style guide:
> "use either of foreach or for when looping over a list of elements."
> 
> https://pve.proxmox.com/wiki/Perl_Style_Guide#Perl_syntax_choices

good catch, done!