that are not available with API tokens for security reasons, such as access
control related endpoints.
Signed-off-by: Fabian Grünbichler <f.gruenbich...@proxmox.com>
---
Notes:
pairs with patch in pve-common that adds this to the schema-schema. any
modules
setting that flag need a corresponding versioned depends on
libpve-common-perl..
PVE/HTTPServer.pm | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/PVE/HTTPServer.pm b/PVE/HTTPServer.pm
index 65f3a1d8..5a271e5c 100755
--- a/PVE/HTTPServer.pm
+++ b/PVE/HTTPServer.pm
@@ -7,7 +7,7 @@ use PVE::SafeSyslog;
use PVE::INotify;
use PVE::Tools;
use PVE::APIServer::AnyEvent;
-use PVE::Exception qw(raise_param_exc raise);
+use PVE::Exception qw(raise_param_exc raise_perm_exc raise);
use PVE::RPCEnvironment;
use PVE::AccessControl;
@@ -148,6 +148,9 @@ sub rest_handler {
$uri_param->{$p} = $params->{$p};
}
+ raise_perm_exc("URI '$rel_uri' not available with API token, need
proper ticket.\n")
+ if $auth->{api_token} && $info->{notoken};
+
# check access permissions
$rpcenv->check_api2_permissions($info->{permissions}, $auth->{userid},
$uri_param);
--
2.20.1
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
