> > + # check propagate on bridge itself > > + return 1 if $self->check_any($username, $path, $privs, > > $noerr); > > this doesn't actually check propagation though? for that you could > either: > - use $self->permissions (it returns the propagate bit) > - query a non-existing vlan child path with check_any > >
do we really need to check propagation ? Here, we want to check if user have permission to the bridge, if user have an acl on a vlan of the bridge or if user have access to the bridge (propagate or not). for example, if I check with a dummy vlanid ,/sdn/zones/myzone/vnet1/0, It'll be ok if user have propagate on vnet1, but not if user don't have propagate _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
