summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--chef-server-api/app/controllers/clients.rb14
1 files changed, 7 insertions, 7 deletions
diff --git a/chef-server-api/app/controllers/clients.rb b/chef-server-api/app/controllers/clients.rb
index 81ca0c9baa..efa2b4a3d4 100644
--- a/chef-server-api/app/controllers/clients.rb
+++ b/chef-server-api/app/controllers/clients.rb
@@ -49,13 +49,13 @@ class Clients < Application
exists = true
if params.has_key?(:inflated_object)
params[:name] ||= params[:inflated_object].name
- # We can only get here if we're admin or the validator. Only
- # allow creating admin clients if we're already an admin.
- if @auth_user.admin
- params[:admin] ||= params[:inflated_object].admin
- else
- params[:admin] = false
- end
+ params[:admin] ||= params[:inflated_object].admin
+ end
+
+ # We can only create clients if we're the admin or the validator.
+ # But only allow creating admin clients if we're already an admin.
+ if params[:admin] == true && @auth_user.admin != true
+ raise Forbidden, "You are not allowed to take this action."
end
begin
View Lorry Controller Status