both where previously missing. the existing 'check_storage_access'
helper is not applicable here since it operates on a full set of VM
config options, not just storage IDs.
Signed-off-by: Fabian Grünbichler <f.gruenbich...@proxmox.com>
---
PVE/API2/Qemu.pm | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 6eba8d0..33ae0a6 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -3453,15 +3453,27 @@ __PACKAGE__->register_method({
my $storecfg = PVE::Storage::config();
if (my $targetstorage = $param->{targetstorage}) {
+ my $check_storage = sub {
+ my ($target_sid) = @_;
+ PVE::Storage::storage_check_node($storecfg, $target_sid,
$target);
+ $rpcenv->check($authuser, "/storage/$target_sid",
['Datastore.AllocateSpace']);
+ my $scfg = PVE::Storage::storage_config($storecfg, $target_sid);
+ raise_param_exc({ targetstorage => "storage '$target_sid' does
not support vm images"})
+ if !$scfg->{content}->{images};
+ };
+
my $storagemap = eval {
PVE::JSONSchema::parse_idmap($targetstorage, 'pve-storage-id') };
raise_param_exc({ targetstorage => "failed to parse targetstorage
map: $@" })
if $@;
+ $rpcenv->check_vm_perm($authuser, $vmid, undef, ['VM.Config.Disk'])
+ if !defined($storagemap->{identity});
+
foreach my $source (keys %{$storagemap->{entries}}) {
- PVE::Storage::storage_check_node($storecfg,
$storagemap->{entries}->{$source}, $target);
+ $check_storage->($storagemap->{entries}->{$source});
}
- PVE::Storage::storage_check_node($storecfg, $storagemap->{default},
$target)
+ $check_storage->($storagemap->{default})
if $storagemap->{default};
PVE::QemuServer::check_storage_availability($storecfg, $conf,
$target)
--
2.20.1
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
