proxmox-selfservice/CHANGELOG.md

# Changelog

## 0.7.0 - 2026-04-24

- Added template typing so approved templates can represent either QEMU VMs or LXC containers.
- Added LXC template discovery from Proxmox storage `vztmpl` content in the admin template manager.
- Added live LXC container provisioning through the Proxmox API with configurable rootfs storage and optional DHCP bridge.
- Routed start, stop, delete, expiration, status, and IP refresh operations through typed Proxmox VM/LXC API paths.
- Added Proxmox tags to newly created VMs and containers, including a sanitized per-user tag for easier PVE administration.
- Updated the admin and portal UI to show VM versus LXC template/deployment types and generic Proxmox resource IDs.
- Added schema upgrades for template provisioning type, LXC template references, and deployment resource type.
- Hardened admin template/settings saves against array-shaped POST values.
- Kept QEMU template management usable if the Proxmox token cannot list LXC-capable storages.
- Documented LXC setup, storage permissions, and the new Proxmox settings.

## 0.6.0 - 2026-04-24

- Added deployment sharing with a dedicated `wp_spp_deployment_shares` table.
- Restricted regular deployment listing and detail access to owned or explicitly shared deployments.
- Added a `View and manage all deployments` plugin right for support/admin users who need global deployment access.
- Restricted delete actions to deployment owners or users with global deployment management.
- Added owner-only/global sharing controls to the deployment detail UI.
- Validated managed template VMIDs against the configured Proxmox QEMU template list before saving.
- Stopped rendering the saved Proxmox token secret back into the settings form.
- Enforced HTTPS for saved Proxmox base URLs in HTTP mode settings.

## 0.5.0 - 2026-04-24

- Added Proxmox QEMU template discovery through the configured Proxmox node.
- Added admin-panel template management for importing, editing, manually adding, and removing approved plugin templates.
- Added a dedicated `Manage templates` plugin right.
- Preserved historical deployment records by deactivating removed templates instead of deleting their rows.
- Stopped upgrade seeding from overwriting existing template rows, so admin-managed template policy stays intact.
- Documented how approved plugin templates relate to Proxmox QEMU templates.

## 0.4.0 - 2026-04-24

- Added plugin-owned per-user rights stored in user metadata.
- Added admin-panel user rights management with grant controls for portal access, lifecycle actions, settings, and user-rights management.
- Added RAM quota overrides to the same admin rights table so per-user access and contingents can be managed together.
- Replaced REST API `read` and `edit_posts` checks with plugin permission checks.
- Updated the portal UI to show create, lifecycle, refresh, delete, and prolong controls only when the current user has the matching plugin right.
- Switched Proxmox and quota settings saves to a plugin-permission protected admin handler.
- Added bootstrap access for WordPress administrators until the first plugin rights manager is assigned.
- Documented SSO identity-provider users and the new permission model in the README.