From d6abec0eea0c88ab7aa66822f63e7d6402024187 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Zden=C4=9Bk=20=C5=A0ustr?= <sustr4@cesnet.cz>
Date: Thu, 3 May 2012 10:26:07 +0000
Subject: [PATCH] READ_ANONYMIZED is a permission in its own right. Must return
 1.

---
 org.glite.lb.server/src/lb_authz.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/org.glite.lb.server/src/lb_authz.c b/org.glite.lb.server/src/lb_authz.c
index dd85425..3822c39 100644
--- a/org.glite.lb.server/src/lb_authz.c
+++ b/org.glite.lb.server/src/lb_authz.c
@@ -1232,9 +1232,6 @@ check_jobstat_authz(edg_wll_Context ctx,
     if (stat->payload_owner && edg_wll_gss_equal_subj(peer->name, stat->payload_owner))
 	return 1;
 
-    if ((!(*authz_flags & READ_ANONYMIZED)) && (check_authz_policy(&ctx->authz_policy, peer, READ_ANONYMIZED)))
-	*authz_flags |= READ_ANONYMIZED;
-
     if (edg_wll_amIroot(peer->name, peer->fqans, &ctx->authz_policy))
 	return 1;
     if (acl && edg_wll_CheckACL_princ(ctx, acl, EDG_WLL_CHANGEACL_READ, peer) == 0)
@@ -1243,9 +1240,12 @@ check_jobstat_authz(edg_wll_Context ctx,
 
     if (check_authz_policy(&ctx->authz_policy, peer, READ_ALL))
 	return 1;
+    if ((!(*authz_flags & READ_ANONYMIZED)) && (check_authz_policy(&ctx->authz_policy, peer, READ_ANONYMIZED))) {
+	*authz_flags |= READ_ANONYMIZED;
+	return 1;
+    }
     if (check_authz_policy(&ctx->authz_policy, peer, STATUS_FOR_MONITORING)) {
 	*authz_flags |= STATUS_FOR_MONITORING;
-	return 1;
     }
 
     return 0;
-- 
1.8.2.3