On 06/04/2024 10:37, Thomas Lamprecht wrote: >> Still, right now I think the primary motivation for this overruling >> feature is to save GUI users some frustration and/or clicks. In this >> scenario, a user will overrule only their own tasks, which is possible >> with the current check. What do you think about keeping the check as it >> is for now, and making it more permissive once the need arises? > > I think that allowing users that hold the respective Sys.Modify and > VM.PowerMgmt to overrule any tasks from the start wouldn't be to much > "speculative future-proofing" but rather something expected while still > safe.
Makes sense. > FWIW, you could also drop the $authuser then and just get it from > the RPCEnv singleton available in all API call-paths and then do > the permission check in the helper directly. > This would IMO be also a bit better w.r.t. conveying why we do it this > way. OK, sounds good! I'll send a v3 then. _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
