Stop granting all perms to 'admin' role

Now in Tailbone a user with 'admin' role can elevate to root, and that will give them all perms. But let the 'admin' role have perms of its own during normal operation.
2016-10-18 16:54:03 -05:00 · 2016-10-18 16:54:03 -05:00 · 09279c4198
parent 8010847e23
commit 09279c4198
1 changed files with 0 additions and 5 deletions
--- a/rattail/db/auth.py
+++ b/rattail/db/auth.py
@ -142,11 +142,6 @@ def has_permission(session, principal, permission, include_guest=True, include_a
    else:
        roles = []

-    # Admin always has permission.
-    admin = administrator_role(session)
-    if admin in roles:
-        return True
-
    if include_guest:
        roles.append(guest_role(session))
    for role in roles: