summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--aconf/model/model.lua4
-rw-r--r--aconf/model/node.lua18
2 files changed, 14 insertions, 8 deletions
diff --git a/aconf/model/model.lua b/aconf/model/model.lua
index 5d4145f..259da09 100644
--- a/aconf/model/model.lua
+++ b/aconf/model/model.lua
@@ -233,8 +233,8 @@ function M.Model:init(context)
end
if self.has_permission then
- function mt.has_permission(permission)
- return mt.privileged or self:has_permission(mt.txn.user, permission)
+ function mt._has_permission(permission)
+ return self:has_permission(mt.txn.user, permission)
end
end
diff --git a/aconf/model/node.lua b/aconf/model/node.lua
index c45196a..fe816e8 100644
--- a/aconf/model/node.lua
+++ b/aconf/model/node.lua
@@ -129,6 +129,8 @@ function M.TreeNode:init(context, params)
local permissions = {}
+ function mt._has_permission(permission) end
+
function mt.has_permission(permission)
if mt.privileged then return true end
@@ -136,13 +138,17 @@ function M.TreeNode:init(context, params)
local res = permissions[name]
if res ~= nil then return res end
- if getmetatable(mt.escalate).fetch('/auth/permissions')[name] then
- res = mt.txn.user:check_permission(name)
- else
- if ({create=true, delete=true})[permission] then
- permission = 'modify'
+ res = mt._has_permission(permission)
+
+ if res == nil then
+ if getmetatable(mt.escalate).fetch('/auth/permissions')[name] then
+ res = mt.txn.user:check_permission(name)
+ else
+ if ({create=true, delete=true})[permission] then
+ permission = 'modify'
+ end
+ res = getmetatable(mt.parent).has_permission(permission)
end
- res = getmetatable(mt.parent).has_permission(permission)
end
permissions[name] = res