From 6e0d55a5874e8f78965302c03fc388e7320e084e Mon Sep 17 00:00:00 2001
From: Christoph Heiss <c.heiss@proxmox.com>
Date: Tue, 25 Mar 2025 11:38:32 +0100
Subject: [PATCH] access: lookup: avoid reading user.cfg from cfs unnecessarily

Given that the information is only needed for case-sensitive realms,
move the read into the conditional.

No functional changes.

Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
---
 src/PVE/AccessControl.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index d27c07b..1c79656 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1223,9 +1223,9 @@ sub lookup_username {
     my $realm = $2;
     my $domain_cfg = cfs_read_file("domains.cfg");
     my $casesensitive = $domain_cfg->{ids}->{$realm}->{'case-sensitive'} // 1;
-    my $usercfg = cfs_read_file('user.cfg');
 
     if (!$casesensitive) {
+	my $usercfg = cfs_read_file('user.cfg');
 	my @matches = grep { lc $username eq lc $_ } (keys %{$usercfg->{users}});
 
 	die "ambiguous case insensitive match of username '$username', cannot safely grant access!\n"