From: Zdeněk Šustr <sustr4@cesnet.cz>
Date: Thu, 3 May 2012 10:26:07 +0000 (+0000)
Subject: READ_ANONYMIZED is a permission in its own right. Must return 1.
X-Git-Tag: merge_32_head_src~18
X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=d6abec0eea0c88ab7aa66822f63e7d6402024187;p=jra1mw.git

READ_ANONYMIZED is a permission in its own right. Must return 1.
---

diff --git a/org.glite.lb.server/src/lb_authz.c b/org.glite.lb.server/src/lb_authz.c
index dd85425..3822c39 100644
--- a/org.glite.lb.server/src/lb_authz.c
+++ b/org.glite.lb.server/src/lb_authz.c
@@ -1232,9 +1232,6 @@ check_jobstat_authz(edg_wll_Context ctx,
     if (stat->payload_owner && edg_wll_gss_equal_subj(peer->name, stat->payload_owner))
 	return 1;
 
-    if ((!(*authz_flags & READ_ANONYMIZED)) && (check_authz_policy(&ctx->authz_policy, peer, READ_ANONYMIZED)))
-	*authz_flags |= READ_ANONYMIZED;
-
     if (edg_wll_amIroot(peer->name, peer->fqans, &ctx->authz_policy))
 	return 1;
     if (acl && edg_wll_CheckACL_princ(ctx, acl, EDG_WLL_CHANGEACL_READ, peer) == 0)
@@ -1243,9 +1240,12 @@ check_jobstat_authz(edg_wll_Context ctx,
 
     if (check_authz_policy(&ctx->authz_policy, peer, READ_ALL))
 	return 1;
+    if ((!(*authz_flags & READ_ANONYMIZED)) && (check_authz_policy(&ctx->authz_policy, peer, READ_ANONYMIZED))) {
+	*authz_flags |= READ_ANONYMIZED;
+	return 1;
+    }
     if (check_authz_policy(&ctx->authz_policy, peer, STATUS_FOR_MONITORING)) {
 	*authz_flags |= STATUS_FOR_MONITORING;
-	return 1;
     }
 
     return 0;