Stop granting all perms to 'admin' role
Now in Tailbone a user with 'admin' role can elevate to root, and that will give them all perms. But let the 'admin' role have perms of its own during normal operation.
This commit is contained in:
parent
8010847e23
commit
09279c4198
|
@ -142,11 +142,6 @@ def has_permission(session, principal, permission, include_guest=True, include_a
|
|||
else:
|
||||
roles = []
|
||||
|
||||
# Admin always has permission.
|
||||
admin = administrator_role(session)
|
||||
if admin in roles:
|
||||
return True
|
||||
|
||||
if include_guest:
|
||||
roles.append(guest_role(session))
|
||||
for role in roles:
|
||||
|
|
Loading…
Reference in a new issue