From e8a0cee47bb477162f291e67144ea0c0df47f2ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= Date: Fri, 21 Jan 2022 11:23:36 +0100 Subject: [PATCH] rpcenv: improve user/token intersection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit this could return undef for the propagation flag instead of 1/0, leading to confusing displays of permission trees. all the actual checks using the returned hash check for definedness anyway, so the actual privileges checked and the displayed ones were not identical. fixes: 7e8bcaa754432f084e53d9daf13c653a8777d88b "roles()/permissions(): also return propagate flag" Signed-off-by: Fabian Grünbichler --- src/PVE/RPCEnvironment.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/PVE/RPCEnvironment.pm b/src/PVE/RPCEnvironment.pm index 8ecbbd9..5e0ef04 100644 --- a/src/PVE/RPCEnvironment.pm +++ b/src/PVE/RPCEnvironment.pm @@ -82,7 +82,8 @@ my $compile_acl_path = sub { if ($username && $username ne 'root@pam') { # intersect user and token permissions my $user_privs = $cache->{$username}->{privs}->{$path}; - $privs = { map { $_ => $user_privs->{$_} && $privs->{$_} } keys %$privs }; + my $filtered_privs = [ grep { $user_privs->{$_} } keys %$privs ]; + $privs = { map { $_ => $user_privs->{$_} && $privs->{$_} } @$filtered_privs }; } $data->{privs}->{$path} = $privs;