diff options
| author | Simon Rettberg | 2018-04-09 16:56:04 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2018-04-09 16:56:04 +0200 |
| commit | 24815e16087b4b1b64e9f380d45d411af32daf42 (patch) | |
| tree | b41206d3cd86ed840d0841826d7c2dc492ed788e /modules-available/locations/page.inc.php | |
| parent | [news] Ask for confirmation when deleting entry (diff) | |
| download | slx-admin-24815e16087b4b1b64e9f380d45d411af32daf42.tar.gz slx-admin-24815e16087b4b1b64e9f380d45d411af32daf42.tar.xz slx-admin-24815e16087b4b1b64e9f380d45d411af32daf42.zip | |
Permissions: Consistency: Make all pages require at least one permission to be accessible
Closes #3340
Diffstat (limited to 'modules-available/locations/page.inc.php')
| -rw-r--r-- | modules-available/locations/page.inc.php | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php index 80a8076b..4d5c6628 100644 --- a/modules-available/locations/page.inc.php +++ b/modules-available/locations/page.inc.php @@ -24,6 +24,9 @@ class Page_Locations extends Page } elseif ($this->action === 'updatesubnets') { $this->updateSubnets(); } + if (Request::isPost()) { + Util::redirect('?do=locations'); + } } private function updateSubnets() @@ -306,10 +309,16 @@ class Page_Locations extends Page protected function doRender() { - $getAction = Request::get('action'); - if (empty($getAction)) { - // Until we have a main landing page? - Util::redirect('?do=Locations&action=showlocations'); + $getAction = Request::get('action', false, 'string'); + if ($getAction === false) { + if (User::hasPermission('location.view')) { + Util::redirect('?do=locations&action=showlocations'); + } elseif (User::hasPermission('subnets.edit')) { + Util::redirect('?do=locations&action=showsubnets'); + } else { + // Trigger permission denied by asserting non-existent permission + User::assertPermission('location.view'); + } } if ($getAction === 'showsubnets') { User::assertPermission('subnets.edit', NULL, '?do=locations'); @@ -324,6 +333,8 @@ class Page_Locations extends Page Render::addTemplate('subnets', array('list' => $rows)); } elseif ($getAction === 'showlocations') { $this->showLocationList(); + } else { + Util::redirect('?do=locations'); } } |