src/config/cached_user_info.rs: new check_privs helper

2020-04-18 08:09:34 +02:00
parent bb072ba49c
commit a737179eb4
1 changed files with 20 additions and 1 deletions
--- a/src/config/cached_user_info.rs
+++ b/src/config/cached_user_info.rs
@ -2,7 +2,7 @@

 use std::sync::Arc;

-use anyhow::{Error};
+use anyhow::{Error, bail};

 use proxmox::api::section_config::SectionConfigData;
 use proxmox::api::UserInformation;
@ -45,6 +45,25 @@ impl CachedUserInfo {
            return false;
        }
    }
+
+    pub fn check_privs(
+        &self,
+        userid: &str,
+        path: &[&str],
+        required_privs: u64,
+        partial: bool,
+    ) -> Result<(), Error> {
+        let user_privs = self.lookup_privs(userid, path);
+        let allowed = if partial {
+            (user_privs & required_privs) != 0
+        } else {
+            (user_privs & required_privs) == required_privs
+        };
+        if !allowed {
+            bail!("no permissions");
+        }
+        Ok(())
+    }
 }

 impl UserInformation for CachedUserInfo {