my $privs = [ 'Sys.UserMod', 'Sys.UserAdd' ];
if (!$rpcenv->check_any($authuser, "/access", $privs, 1)) {
- my $groups = $rpcenv->filter_groups($authuser, sub { return "/access/groups/" . shift; }, $privs, 1);
+ my $groups = $rpcenv->filter_groups($authuser, $privs, 1);
my $allowed_users = $rpcenv->group_member_join([keys %$groups]);
raise_perm_exc() if !$allowed_users->{$userid};
}
my $privs = [ 'Sys.UserMod', 'Sys.UserAdd' ];
my $canUserMod = $rpcenv->check_any($authuser, "/access", $privs, 1);
- my $groups = $rpcenv->filter_groups($authuser, sub { return "/access/groups/" . shift; }, $privs, 1);
+ my $groups = $rpcenv->filter_groups($authuser, $privs, 1);
my $allowed_users = $rpcenv->group_member_join([keys %$groups]);
foreach my $user (keys %{$usercfg->{users}}) {
}
sub filter_groups {
- my ($self, $user, $getPath, $privs, $any) = @_;
+ my ($self, $user, $privs, $any) = @_;
my $cfg = $self->{user_cfg};
my $groups = {};
foreach my $group (keys %{$cfg->{groups}}) {
+ my $path = "/access/groups/$group";
if ($any) {
- if ($self->check_any($user, &$getPath($group), $privs, 1)) {
+ if ($self->check_any($user, $path, $privs, 1)) {
$groups->{$group} = $cfg->{groups}->{$group};
}
} else {
- if ($self->check($user, &$getPath($group), $privs, 1)) {
+ if ($self->check($user, $path, $privs, 1)) {
$groups->{$group} = $cfg->{groups}->{$group};
}
}
projects / pve-access-control.git / commitdiff