lib/conjur/command/bootstrap.rb in conjur-cli-4.26.0 vs lib/conjur/command/bootstrap.rb in conjur-cli-4.27.0

@@ -47,10 +47,12 @@
   # * Is an owner of the security_admin group resource
   #
   # The admin user will always satisfy these conditions, unless they are revoked for some reason.
   # Other users created by the bootstrap command will (typically) also have these powers.
   def self.security_admin_manager? api
+    return true if elevated?
+    
     username = api.username
     user = if username.index('/')
       nil
     else
       api.user(username)
@@ -114,11 +116,10 @@
         created_user = user = api.create_user(username, password: password)
         Conjur::API.new_from_key(user.login, password).user(user.login).resource.give_to security_admin
         puts "User created"
         puts "Making '#{username}' a member and admin of group 'security_admin'"
         security_admin.add_member user, admin_option: true
-        security_admin.resource.permit "read", user
         puts "Adminship granted"
       end
       
       attic_user_name = "attic"
       if (attic = api.user(attic_user_name)).exists?
@@ -137,6 +138,6 @@
         Conjur::Authn.fetch_credentials(username: created_user.login, password: created_user.api_key)
         puts "Logged in as '#{created_user.login}'"
       end
     end
   end
-end
\ No newline at end of file
+end