On 8/10/23 09:16, Fiona Ebner wrote:
But it should. After all, the operation is modifying the original pool, so the user better have an appropriate permission to do so.
Currently, Permissions.Modify|VM.Allocate on the VM and Pool.Allocate on the target pool would be enough to "steal" the guest, no permissions required on the original pool at all. IMHO, the user really should have a Pool.Allocate on the original pool as well.
You are right! It would be possible to "steal" a VM in a way that it was not before!
Thank you for finding this! Will fix!
Since I noticed it in v3: we usually use "api:" and "ui:" as prefixes rather than "backend:" and "frontend:". Would be nice if you could use them too for consistency.
Ok. Good to know. I will do that. Thanks _______________________________________________ pve-devel mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
