diff --git a/src/server/router/router.go b/src/server/router/router.go index fc66077aaa84179bd325ad6ed926b023bbddc711..35fce784a4fcbc37ac27189524081243836c4673 100644 --- a/src/server/router/router.go +++ b/src/server/router/router.go @@ -92,7 +92,7 @@ func (router *Router)Start(port int) { vmsGroup.PUT("/:id/start", router.vms.StartVM) vmsGroup.PUT("/:id/startwithcreds", router.vms.StartVMWithCreds) vmsGroup.POST("/:id/spicecreds", router.vms.VMSpiceCreds) - vmsGroup.POST("/spicecreds", router.vms.AnyVMSpiceCreds) + vmsGroup.POST("/spicecreds", router.vms.VMSpiceCredsAny) vmsGroup.PUT("/:id/stop", router.vms.KillVM) vmsGroup.PUT("/:id/shutdown", router.vms.ShutdownVM) vmsGroup.PUT("/:id/reboot", router.vms.RebootVM) diff --git a/src/server/router/routerVMs.go b/src/server/router/routerVMs.go index 29fbd142af7508ec2be0c591bcea8a13f669f179..64148fc22707e1d000f7992347724b9792aa2368 100644 --- a/src/server/router/routerVMs.go +++ b/src/server/router/routerVMs.go @@ -205,14 +205,14 @@ func (r *RouterVMs)VMSpiceCreds(c echo.Context) error { // Returns the Spice credentials for the VM matching the specific VM attach password. // Requires the CAP_VM_ATTACH_ANY user capability: // curl --cacert ca.pem -X POST https://localhost:1077/vms/spicecreds -H 'Content-Type: application/json' -d '{"pwd":"46L8drgZ5Dx"}' -H "Authorization: Bearer <AccessToken>" -func (r *RouterVMs)AnyVMSpiceCreds(c echo.Context) error { +func (r *RouterVMs)VMSpiceCredsAny(c echo.Context) error { // Retrieves logged user from context. user, err := getLoggedUser(r.users, c) if err != nil { return echo.NewHTTPError(http.StatusUnauthorized, err.Error()) } - if user.HasCapability(caps.CAP_VM_ATTACH_ANY) { + if !user.HasCapability(caps.CAP_VM_ATTACH_ANY) { return echo.NewHTTPError(http.StatusUnauthorized, errors.New("Access denied")) }