check if user have access to 1 vlan of the bridge or the bridge itself Signed-off-by: Alexandre Derumier <aderum...@odiso.com> --- src/PVE/RPCEnvironment.pm | 17 +++++++++++++++++ 1 file changed, 17 insertions(+)
diff --git a/src/PVE/RPCEnvironment.pm b/src/PVE/RPCEnvironment.pm index 8586938..fb010cc 100644 --- a/src/PVE/RPCEnvironment.pm +++ b/src/PVE/RPCEnvironment.pm @@ -324,6 +324,23 @@ sub check_full { } } +sub check_sdn_bridge { + my ($self, $username, $path, $privs, $noerr) = @_; + + my $cfg = $self->{user_cfg}; + my $bridge_acl = PVE::AccessControl::find_acl_tree_node($cfg->{acl_root}, $path); + if ($bridge_acl) { + my $vlans = $bridge_acl->{children}; + for my $vlan (keys %$vlans) { + my $vlanpath = "$path/$vlan"; + return 1 if $self->check_any($username, $vlanpath, $privs, $noerr); + } + # check propagate on bridge itself + return 1 if $self->check_any($username, $path, $privs, $noerr); + } + return; +} + sub check_user_enabled { my ($self, $user, $noerr) = @_; -- 2.30.2 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel