Fix permissions not being checked correctly for admins

2022-05-29 21:48:49 -04:00 · 2022-05-29 21:48:49 -04:00 · 7fa7cc313f
commit 7fa7cc313f
parent f390784973
2 changed files with 7 additions and 7 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,9 @@
 # Changelog

+## v1.6.3
+### Fixed
+* Fixes SFTP authentication failing for administrative users due to a permissions adjustment on the Panel.
+
 ## v1.6.2
 ### Fixed
 * Fixes file upload size not being properly enforced.
--- a/sftp/handler.go
+++ b/sftp/handler.go
@ -288,14 +288,10 @@ func (h *Handler) can(permission string) bool {
 		return false
 	}

-	// SFTPServer owners and super admins have their permissions returned as '[*]' via the Panel
-	// API, so for the sake of speed do an initial check for that before iterating over the
-	// entire array of permissions.
-	if len(h.permissions) == 1 && h.permissions[0] == "*" {
-		return true
-	}
 	for _, p := range h.permissions {
-		if p == permission {
+		// If we match the permission specifically, or the user has been granted the "*"
+		// permission because they're an admin, let them through.
+		if p == permission || p == "*" {
 			return true
 		}
 	}