[pve-devel] [PATCH access-control 2/3] access: lookup: avoid reading user.cfg from cfs unnecessarily

Christoph Heiss c.heiss at proxmox.com
Tue Mar 25 11:38:32 CET 2025


Given that the information is only needed for case-sensitive realms,
move the read into the conditional.

No functional changes.

Signed-off-by: Christoph Heiss <c.heiss at proxmox.com>
---
 src/PVE/AccessControl.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index d1e7d56..2ac4f71 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1223,9 +1223,9 @@ sub lookup_username {
     my $realm = $2;
     my $domain_cfg = cfs_read_file("domains.cfg");
     my $casesensitive = $domain_cfg->{ids}->{$realm}->{'case-sensitive'} // 1;
-    my $usercfg = cfs_read_file('user.cfg');
 
     if (!$casesensitive) {
+	my $usercfg = cfs_read_file('user.cfg');
 	my @matches = grep { lc $username eq lc $_ } (keys %{$usercfg->{users}});
 
 	die "ambiguous case insensitive match of username '$username', cannot safely grant access!\n"
-- 
2.48.1





More information about the pve-devel mailing list