From 9221b8dedd3fc8f6e1a2a8f67700a336cb4095b2 Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Mon, 13 May 2019 15:46:32 +0200
Subject: [PATCH] global: combine all permissions of the object tree

To get the permissions of an object, combine the permissions
of the object and all the parent nodes up to the root.

This is necessary to enforce that a client can never see and
object id (in this case the parent id) it is not allowed to see.
---
 src/pipewire/global.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/pipewire/global.c b/src/pipewire/global.c
index c79769e4a..afd3b8b16 100644
--- a/src/pipewire/global.c
+++ b/src/pipewire/global.c
@@ -45,11 +45,17 @@ struct impl {
 SPA_EXPORT
 uint32_t pw_global_get_permissions(struct pw_global *global, struct pw_client *client)
 {
-	uint32_t perms = PW_PERM_RWX;
+	uint32_t perms;
 
-	if (client->permission_func != NULL)
+	if (client->permission_func == NULL)
+		return PW_PERM_RWX;
+
+	perms = client->permission_func(global, client, client->permission_data);
+
+	while (global != global->parent) {
+		global = global->parent;
 		perms &= client->permission_func(global, client, client->permission_data);
-
+	}
 	return perms;
 }