mirror of
git://git.proxmox.com/git/proxmox-backup.git
synced 2025-01-24 02:04:14 +03:00
d8ec2a25ba
The previous implementation had one issue with not handling API tokens correctly. In general, AclTree(Node) operates on the role level, not the priv level - the latter is handled by cached_user_info.rs Accordingly, the ACL tree helpers now return a list of paths where *any* role is defined for the given AuthId, and any_priv_below then maps those paths to privs via the regular helpers for priv lookup/checking. this approach should also be robust if groups and group ACLs are ever introduced. Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>