method => 'GET',
description => "Get Access Control List (ACLs).",
permissions => {
+ description => "The returned list is restricted to objects where you have rights to modify permissions.",
user => 'all',
},
parameters => {
my $usercfg = $rpcenv->{user_cfg};
if (!$usercfg || !$usercfg->{acl}) {
- return {};
+ return $res;
}
my $audit = $rpcenv->check($authuser, '/access', ['Sys.Audit'], 1);
description => "Allow to propagate (inherit) permissions.",
type => 'boolean',
optional => 1,
+ default => 1,
},
delete => {
description => "Remove permissions (instead of adding it).",
my $cfg = cfs_read_file("user.cfg");
- my $propagate = $param->{propagate} ? 1 : 0;
+ my $propagate = 1;
+
+ if (defined($param->{propagate})) {
+ $propagate = $param->{propagate} ? 1 : 0;
+ }
foreach my $role (split_list($param->{roles})) {
die "role '$role' does not exist\n"