Raise ValidationError on perm change for readonly paths (#15452)

This commit introduces additional validation to check whether the path on which user is trying to change permissions is set to readonly. This appears to be a fairly common occurance with our SCALE userbase and so we need to cleanly explain why they can't do this.
truenas · Jan 21, 2025 · 4f404a5 · 4f404a5
1 parent 912a663
commit 4f404a5
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/src/middlewared/middlewared/plugins/filesystem_/acl.py b/src/middlewared/middlewared/plugins/filesystem_/acl.py
@@ -84,6 +84,13 @@ def _common_perm_path_validate(self, schema, data, verrors, pool_mp_ok=False):
                 f'{schema}.path',
                 'Path component for is currently encrypted and locked'
             )
+        else:
+            statfs_flags = self.middleware.call_sync('filesystem.statfs', path)['flags']
+            if 'RO' in statfs_flags:
+                verrors.add(
+                    f'{schema}.path',
+                    f'{path}: dataset underlying path has the readonly property enabled.'
+                )
 
         return loc