netinvent/npbackup
1
1
Fork 0
mirror of https://github.com/netinvent/npbackup.git synced 2025-09-10 23:15:37 +08:00
Code Issues Projects Releases Packages Wiki Activity

Add restore_only permission

Browse source
This commit is contained in:
deajan 2025-01-30 16:19:11 +01:00
parent 7f798b02c1
commit 825269eb39
6 changed files with 13 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -63,6 +63,7 @@ Please check https://github.com/netinvent/npbackup/releases
- Repository permissions allowing to limit clients
- Backup only permission
- Backup, list and restore permissions
- Restore only permissions
- Full permissions including destructive operations
- Encrypted data viewing requires additional password
- AES-256 keys can't be guessed in executables thanks to Nuitka Commercial compiler
@ -245,6 +246,7 @@ In that case, you can set permissions via the GUI or directly in the configurati
Permissions are:
- full: Set by default, allows all including destructive operations
- restore: Allows everything backup does plus restore, check and dump operations
- restore_noly: Allows only restoring backups, but not creating ones
- backup: Allows, backup, snapshot/object listing operations and repo unlocking
## Logs

13
npbackup/core/runner.py
View file

@ -520,6 +520,7 @@ class NPBackupRunner:
Possible permissions are:
- backup: Init, Backup, list backups and unlock
- restore: Init, Backup, restore, recover and list snapshots
- restore_only: Restore only
- full: Full permissions
Only one permission can be set per repo
@ -531,13 +532,13 @@ class NPBackupRunner:
required_permissions = {
"init": ["backup", "restore", "full"],
"backup": ["backup", "restore", "full"],
"has_recent_snapshot": ["backup", "restore", "full"],
"snapshots": ["backup", "restore", "full"],
"has_recent_snapshot": ["backup", "restore", "restore_only", "full"],
"snapshots": ["backup", "restore", "restore_only", "full"],
"stats": ["backup", "restore", "full"],
"ls": ["backup", "restore", "full"],
"find": ["backup", "restore", "full"],
"restore": ["restore", "full"],
"dump": ["restore", "full"],
"ls": ["backup", "restore", "restore_only", "full"],
"find": ["backup", "restore", "restore_only", "full"],
"restore": ["restore", "restore_only", "full"],
"dump": ["restore", "retore_only", "full"],
"check": ["restore", "full"],
"recover": ["restore", "full"],
"list": ["full"],

2
npbackup/gui/__main__.py
View file

@ -145,7 +145,7 @@ def viewer_create_repo(viewer_repo_uri: str, viewer_repo_password: str) -> dict:
# Let's set default backup age to 24h
repo_config.s("repo_opts.minimum_backup_age", 1440)
# NPF-SEC-00005 Add restore permission
repo_config.s("permissions", "restore")
repo_config.s("permissions", "restore_only")
return repo_config

1
npbackup/gui/config.py
View file

@ -107,6 +107,7 @@ def config_gui(full_config: dict, config_file: str):
"permissions": {
"backup": _t("config_gui.backup_perms"),
"restore": _t("config_gui.restore_perms"),
"restore_only": _t("config_gui.restore_only_perms"),
"full": _t("config_gui.full_perms"),
},
}

1
npbackup/translations/config_gui.en.yml
View file

@ -145,6 +145,7 @@ en:
permissions: Permissions
backup_perms: Backup only
restore_perms: Backup, verify, recover and restore
restore_only_perms: Restore only
full_perms: Full permissions
setting_permissions_requires_manager_password: Setting permissions requires manager password
manager_password_too_simple: Manager password needs at least 8 uppercase, lowercase and digits characters

1
npbackup/translations/config_gui.fr.yml
View file

@ -146,6 +146,7 @@ fr:
permissions: Permissions
backup_perms: Sauvegardes uniquement
restore_perms: Sauvegarde, vérification, récupération et restauration
restore_only_perms: Restauration uniquement
full_perms: Accès total
setting_permissions_requires_manager_password: Un mot de passe gestionnaire est requis pour définir des permissions
manager_password_too_simple: Le mot de passe gestionnaire nécessite au moins 8 caractères majuscules, minuscules et chiffres