From: Dietmar Maurer <dietmar@proxmox.com>
Date: Mon, 23 Jan 2012 08:58:03 +0000 (+0100)
Subject: simplify filter_groups
X-Git-Url: https://git.proxmox.com/?p=pve-access-control.git;a=commitdiff_plain;h=b9180ed235f8ae6d7517fb232a1ed1986082e88f

simplify filter_groups
---

diff --git a/PVE/API2/AccessControl.pm b/PVE/API2/AccessControl.pm
index 6136ae5..6046a8a 100644
--- a/PVE/API2/AccessControl.pm
+++ b/PVE/API2/AccessControl.pm
@@ -248,7 +248,7 @@ __PACKAGE__->register_method ({
 
 		my $privs = [ 'Sys.UserMod', 'Sys.UserAdd' ];
 		if (!$rpcenv->check_any($authuser, "/access", $privs, 1)) {
-		    my $groups = $rpcenv->filter_groups($authuser, sub { return "/access/groups/" . shift; }, $privs, 1);
+		    my $groups = $rpcenv->filter_groups($authuser, $privs, 1);
 		    my $allowed_users = $rpcenv->group_member_join([keys %$groups]);      
 		    raise_perm_exc() if !$allowed_users->{$userid};
 		}
diff --git a/PVE/API2/User.pm b/PVE/API2/User.pm
index 2d38dd1..5cfb155 100644
--- a/PVE/API2/User.pm
+++ b/PVE/API2/User.pm
@@ -70,7 +70,7 @@ __PACKAGE__->register_method ({
 	my $privs = [ 'Sys.UserMod', 'Sys.UserAdd' ];
 
 	my $canUserMod = $rpcenv->check_any($authuser, "/access", $privs, 1);
-	my $groups = $rpcenv->filter_groups($authuser, sub { return "/access/groups/" . shift; }, $privs, 1);
+	my $groups = $rpcenv->filter_groups($authuser, $privs, 1);
 	my $allowed_users = $rpcenv->group_member_join([keys %$groups]);      
 
 	foreach my $user (keys %{$usercfg->{users}}) {
diff --git a/PVE/RPCEnvironment.pm b/PVE/RPCEnvironment.pm
index 16b8ba8..b5940de 100644
--- a/PVE/RPCEnvironment.pm
+++ b/PVE/RPCEnvironment.pm
@@ -216,18 +216,19 @@ sub is_group_member {
 }
 
 sub filter_groups {
-    my ($self, $user, $getPath, $privs, $any) = @_;
+    my ($self, $user, $privs, $any) = @_;
 
     my $cfg = $self->{user_cfg};
 
     my $groups = {};
     foreach my $group (keys %{$cfg->{groups}}) {
+	my $path = "/access/groups/$group";
 	if ($any) {
-	    if ($self->check_any($user, &$getPath($group), $privs, 1)) {
+	    if ($self->check_any($user, $path, $privs, 1)) {
 		$groups->{$group} = $cfg->{groups}->{$group};
 	    }
 	} else {
-	    if ($self->check($user, &$getPath($group), $privs, 1)) {
+	    if ($self->check($user, $path, $privs, 1)) {
 		$groups->{$group} = $cfg->{groups}->{$group};
 	    }
 	}