On 2/3/25 12:49, Fiona Ebner wrote:
Am 04.12.24 um 16:11 schrieb Daniel Kral:
Let the API endpoint `DELETE /access/roles/{roleid}` or command
`pveum role delete <roleid>` remove any ACL rules in the user
configuration, which reference the removed role.
Before this change, the removal of a role has caused the role to remain
in existing ACL rules, which referenced the removed role. Therefore, on
each parse of the user configuration, a warning was be displayed:
user config - ignore invalid acl role '<role>'
Might be good to note that the next modification of the configuration
would drop the unknown role (even if a role with the same name is
re-added right away).
Thanks, will mention that in the v2!
Just for clarification, what could be an/the use case of deleting and
re-adding the role? It could be certainly beneficial to add a small
reminder in the WebUI, that removing a user/group/role will also delete
its dependents.
On 2/3/25 12:49, Fiona Ebner wrote:
What would be really nice is to have some tests for various
add/modify/delete sequences touching user.cfg :) I don't think current
tests cover that yet.
I'll gladly provide these with a v2 to document the changes and also
just enforce this behavior in the future :).
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
