moduleapi: may: Fail early if a local session has no role assigned

We expect every session to explicitly have a role assigned. Falling back to
any kind of "default" role (even the user's default role) in the absence of
an explicit role could open up the possibility of accidental privilege
escalation.

0 files changed, 0 insertions, 0 deletions