From 1347b1152d44f560781942afb59032b57bfe59ba Mon Sep 17 00:00:00 2001 From: Dietmar Maurer Date: Mon, 27 Apr 2020 11:21:34 +0200 Subject: [PATCH] src/config/cached_user_info.rs - lookup_privs: correctly handle superuser --- src/config/cached_user_info.rs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/config/cached_user_info.rs b/src/config/cached_user_info.rs index 4422f7bc..1e22afe0 100644 --- a/src/config/cached_user_info.rs +++ b/src/config/cached_user_info.rs @@ -8,7 +8,7 @@ use proxmox::api::section_config::SectionConfigData; use lazy_static::lazy_static; use proxmox::api::UserInformation; -use super::acl::{AclTree, ROLE_NAMES}; +use super::acl::{AclTree, ROLE_NAMES, ROLE_ADMIN}; use super::user::User; /// Cache User/Group/Acl configuration data for fast permission tests @@ -105,6 +105,9 @@ impl UserInformation for CachedUserInfo { } fn lookup_privs(&self, userid: &str, path: &[&str]) -> u64 { + + if self.is_superuser(userid) { return ROLE_ADMIN; } + let roles = self.acl_tree.roles(userid, path); let mut privs: u64 = 0; for role in roles {