From 87ed6ff7cd57bcc51b441689b07d772c7adab095 Mon Sep 17 00:00:00 2001 From: Peter Krempa Date: Fri, 17 Feb 2023 16:02:09 +0100 Subject: [PATCH] access: Allow 'node-device.read' permission for anonymous users MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For all other objects we allow the 'read' permission for anonymous users. In fact the idea is to allow all permissions users using the readonly connection would have. This impacts the following APIs (in terms of RPC procedure names): $ git grep -A 3 node_device:read | grep REMOTE src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_GET_XML_DESC = 114, src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_GET_PARENT = 115, src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_NUM_OF_CAPS = 116, src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_LIST_CAPS = 117, src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_GET_AUTOSTART = 433, src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_IS_PERSISTENT = 435, src/remote/remote_protocol.x- REMOTE_PROC_NODE_DEVICE_IS_ACTIVE = 436, Fixes: a93cd08f Signed-off-by: Peter Krempa Reviewed-by: Daniel P. Berrangé --- src/access/viraccessperm.h | 1 + 1 file changed, 1 insertion(+) diff --git a/src/access/viraccessperm.h b/src/access/viraccessperm.h index 051246a7b6..2f04459ed9 100644 --- a/src/access/viraccessperm.h +++ b/src/access/viraccessperm.h @@ -473,6 +473,7 @@ typedef enum { /** * @desc: Read node device * @message: Reading node device configuration requires authorization + * @anonymous: 1 */ VIR_ACCESS_PERM_NODE_DEVICE_READ,