noticed this while testing https://lore.proxmox.com/pve-devel/20241031134629.144893-1-d.k...@proxmox.com
the first patch fixes the already allowed "permission self-service" for users as the web UI implements it (it always passes the $userid parameter). the second patch extends that self-service to allow users without Sys.Audit on /access to evaluate their own tokens' ACLs/permissions, which seems sensible to me ;) Fabian Grünbichler (2): api: permissions: allow users to view their own permissions api: permissions: allow users to check their own tokens src/PVE/API2/AccessControl.pm | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) -- 2.39.5 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
