]> git.proxmox.com Git - pve-access-control.git/commitdiff
projects / pve-access-control.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 588927f)
special roles: code-style improvements for generation of special roles
authorThomas Lamprecht <t.lamprecht@proxmox.com>
Mon, 19 Feb 2024 13:40:10 +0000 (14:40 +0100)
committerThomas Lamprecht <t.lamprecht@proxmox.com>
Mon, 19 Feb 2024 13:40:12 +0000 (14:40 +0100)
no semantic change intended

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
src/PVE/AccessControl.pm patch | blob | blame | history

diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index 461a64e54c203808d1e94d5728bef7c55f2ed141..25fc0d94c9d706b5dbdf6df983e4854d8a794f6d 100644 (file)
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1150,24 +1150,25 @@ my $special_roles = {
 
 sub create_roles {
 
-    foreach my $cat (keys %$privgroups) {
+    for my $cat (keys %$privgroups) {
        my $cd = $privgroups->{$cat};
-       foreach my $p (@{$cd->{root}}, @{$cd->{admin}},
-                      @{$cd->{user}}, @{$cd->{audit}}) {
-           $valid_privs->{$p} = 1;
+       # create map to easily check if a privilege is valid
+       for my $priv (@{$cd->{root}}, @{$cd->{admin}}, @{$cd->{user}}, @{$cd->{audit}}) {
+           $valid_privs->{$priv} = 1;
        }
-       foreach my $p (@{$cd->{admin}}, @{$cd->{user}}, @{$cd->{audit}}) {
-
-           $special_roles->{"PVE${cat}Admin"}->{$p} = 1;
-           $special_roles->{"PVEAdmin"}->{$p} = 1;
+       # create grouped admin roles and PVEAdmin
+       for my $priv (@{$cd->{admin}}, @{$cd->{user}}, @{$cd->{audit}}) {
+           $special_roles->{"PVE${cat}Admin"}->{$priv} = 1;
+           $special_roles->{"PVEAdmin"}->{$priv} = 1;
        }
+       # create grouped user and audit roles
        if (scalar(@{$cd->{user}})) {
-           foreach my $p (@{$cd->{user}}, @{$cd->{audit}}) {
-               $special_roles->{"PVE${cat}User"}->{$p} = 1;
+           for my $priv (@{$cd->{user}}, @{$cd->{audit}}) {
+               $special_roles->{"PVE${cat}User"}->{$priv} = 1;
            }
        }
-       foreach my $p (@{$cd->{audit}}) {
-           $special_roles->{"PVEAuditor"}->{$p} = 1;
+       for my $priv (@{$cd->{audit}}) {
+           $special_roles->{"PVEAuditor"}->{$priv} = 1;
        }
     }
 
Access control framework