From 3c41d86010547f2155700064514069929d665e11 Mon Sep 17 00:00:00 2001
From: Thomas Lamprecht <t.lamprecht@proxmox.com>
Date: Thu, 19 May 2022 12:36:06 +0200
Subject: [PATCH] verify all: adhere to NS privs for non-owned groups

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
 src/backup/verify.rs | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/backup/verify.rs b/src/backup/verify.rs
index 2b36e9fe..e5cc72ff 100644
--- a/src/backup/verify.rs
+++ b/src/backup/verify.rs
@@ -10,7 +10,7 @@ use proxmox_sys::{task_log, WorkerTaskContext};
 
 use pbs_api_types::{
     print_ns_and_snapshot, Authid, BackupNamespace, BackupType, CryptMode, DatastoreWithNamespace,
-    SnapshotVerifyState, VerifyState, UPID,
+    SnapshotVerifyState, VerifyState, PRIV_DATASTORE_BACKUP, PRIV_DATASTORE_VERIFY, UPID,
 };
 use pbs_datastore::backup_info::{BackupDir, BackupGroup, BackupInfo};
 use pbs_datastore::index::IndexFile;
@@ -529,7 +529,14 @@ pub fn verify_all_backups(
     let store = &verify_worker.datastore;
     let max_depth = max_depth.unwrap_or(pbs_api_types::MAX_NAMESPACE_DEPTH);
 
-    let mut list = match ListAccessibleBackupGroups::new(store, ns.clone(), max_depth, owner) {
+    let mut list = match ListAccessibleBackupGroups::new_with_privs(
+        store,
+        ns.clone(),
+        max_depth,
+        Some(PRIV_DATASTORE_VERIFY),
+        Some(PRIV_DATASTORE_BACKUP),
+        owner,
+    ) {
         Ok(list) => list
             .filter_map(|group| match group {
                 Ok(group) => Some(group),