+my sub assert_param_permission_update {
+ my ($rpcenv, $user, $update, $delete) = @_;
+ return if $user eq 'root@pam'; # always OK
+
+ assert_param_permission_common($rpcenv, $user, $update);
+ assert_param_permission_common($rpcenv, $user, $delete);
+}
+