diff options
author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2014-03-24 18:29:51 +0200 |
---|---|---|
committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2014-03-25 09:02:58 +0200 |
commit | 110544c9c7ed7af1e4da474b2ed90e75c050ffc0 (patch) | |
tree | 15ed0a79082eac9388ec556909cf1595f323a9c9 /aconf/model/node.lua | |
parent | 791ee0dc06650351e0fd6cf79d6af5056c5c987f (diff) | |
download | aconf-110544c9c7ed7af1e4da474b2ed90e75c050ffc0.tar.bz2 aconf-110544c9c7ed7af1e4da474b2ed90e75c050ffc0.tar.xz |
model: grant superuser all permissions despite custom permission checkers
Diffstat (limited to 'aconf/model/node.lua')
-rw-r--r-- | aconf/model/node.lua | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/aconf/model/node.lua b/aconf/model/node.lua index fe816e8..95d9e79 100644 --- a/aconf/model/node.lua +++ b/aconf/model/node.lua @@ -131,6 +131,7 @@ function M.TreeNode:init(context, params) function mt._has_permission(permission) end + -- TODO audit trail function mt.has_permission(permission) if mt.privileged then return true end @@ -138,11 +139,12 @@ function M.TreeNode:init(context, params) local res = permissions[name] if res ~= nil then return res end - res = mt._has_permission(permission) + local user = mt.txn.user + res = user.superuser or mt._has_permission(permission) if res == nil then if getmetatable(mt.escalate).fetch('/auth/permissions')[name] then - res = mt.txn.user:check_permission(name) + res = user:check_permission(name) else if ({create=true, delete=true})[permission] then permission = 'modify' |