func (lgph *listGroupPermissionsHandler) firewall(req *charonrpc.ListGroupPermissionsRequest, act *session.Actor) error {
    if act.User.IsSuperuser {
        return nil
    }
    if act.Permissions.Contains(charon.GroupPermissionCanRetrieve) {