User permissions

[jurekk]

Hi,
I'm trying to give a permission to a user to manage his VM. I've used a Built-In Role PVEVMUser. Unfortunately The user is able to see nodes as well (see screenshot). I assumed that the user will be able to see the VM only, I don't think he should be able to see any physical resources of datacenter. Is this expected behaviour? Is there a way lets say to deny server view and force the user to pool view? Thank you in advance.

 

[dcsapak]

the api design makes it necessary that even a vm user needs to see at least the node where a vm of his might be on, otherwise it would not be possible to do any action on the vm
the path for starting a vm is for example: /nodes/NODENAME/qemu/VMID/start
so at least the name of the node has to be known

 

[jurekk]

Thank you for the explanation. That makes sense. Regarding the attributes he is able to see not only the name of the node but subscription level as well (unfortunately its not visible on the screenshot). I don't think this is a good solution. Any advice how to prevent the user to see subscription levels on nodes? It would be ideal to deny the access to server view and allow pool view only (dropdown in the upper left corner). It that view the user sees only his vm's.

 

[dcsapak]

t would be ideal to deny the access to server view and allow pool view only (dropdown in the upper left corner). It that view the user sees only his vm's.

the user can still do api requests then so this is only a visual barrier...

 

[jurekk]

I can filter out the API requests as I have the cluster behind a reverse proxy to harden the ssl. Therefore the restricted gui would be great.