summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--modules-available/backup/page.inc.php1
-rw-r--r--modules-available/exams/page.inc.php9
-rw-r--r--modules-available/locations/page.inc.php19
-rw-r--r--modules-available/news/page.inc.php10
-rw-r--r--modules-available/news/permissions/permissions.json3
-rw-r--r--modules-available/rebootcontrol/page.inc.php9
-rw-r--r--modules-available/serversetup-bwlp/page.inc.php6
-rw-r--r--modules-available/serversetup-bwlp/permissions/permissions.json3
-rw-r--r--modules-available/statistics_reporting/page.inc.php1
-rw-r--r--modules-available/sysconfig/page.inc.php2
-rw-r--r--modules-available/syslog/page.inc.php1
-rw-r--r--modules-available/systemstatus/page.inc.php1
-rw-r--r--modules-available/webinterface/page.inc.php4
-rw-r--r--modules-available/webinterface/permissions/permissions.json3
14 files changed, 48 insertions, 24 deletions
diff --git a/modules-available/backup/page.inc.php b/modules-available/backup/page.inc.php
index 14522734..985f39ee 100644
--- a/modules-available/backup/page.inc.php
+++ b/modules-available/backup/page.inc.php
@@ -23,6 +23,7 @@ class Page_Backup extends Page
User::assertPermission("restore");
$this->restore();
}
+ User::assertPermission('*');
}
protected function doRender()
diff --git a/modules-available/exams/page.inc.php b/modules-available/exams/page.inc.php
index 51975052..15640a73 100644
--- a/modules-available/exams/page.inc.php
+++ b/modules-available/exams/page.inc.php
@@ -441,16 +441,9 @@ class Page_Exams extends Page
protected function doRender()
{
- if (Request::isPost()) {
- $examid = Request::post('examid', 0, 'int');
- } else if (Request::isGet()) {
- $examid = Request::get('examid', 0, 'int');
- } else {
- die('Neither Post nor Get Request send.');
- }
-
if ($this->action === "show") {
+ User::assertPermission('exams.view');
// General title and description
Render::addTemplate('page-main-heading');
// List of defined exam periods
diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index 80a8076b..4d5c6628 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -24,6 +24,9 @@ class Page_Locations extends Page
} elseif ($this->action === 'updatesubnets') {
$this->updateSubnets();
}
+ if (Request::isPost()) {
+ Util::redirect('?do=locations');
+ }
}
private function updateSubnets()
@@ -306,10 +309,16 @@ class Page_Locations extends Page
protected function doRender()
{
- $getAction = Request::get('action');
- if (empty($getAction)) {
- // Until we have a main landing page?
- Util::redirect('?do=Locations&action=showlocations');
+ $getAction = Request::get('action', false, 'string');
+ if ($getAction === false) {
+ if (User::hasPermission('location.view')) {
+ Util::redirect('?do=locations&action=showlocations');
+ } elseif (User::hasPermission('subnets.edit')) {
+ Util::redirect('?do=locations&action=showsubnets');
+ } else {
+ // Trigger permission denied by asserting non-existent permission
+ User::assertPermission('location.view');
+ }
}
if ($getAction === 'showsubnets') {
User::assertPermission('subnets.edit', NULL, '?do=locations');
@@ -324,6 +333,8 @@ class Page_Locations extends Page
Render::addTemplate('subnets', array('list' => $rows));
} elseif ($getAction === 'showlocations') {
$this->showLocationList();
+ } else {
+ Util::redirect('?do=locations');
}
}
diff --git a/modules-available/news/page.inc.php b/modules-available/news/page.inc.php
index e7b70c0f..1e2e3eef 100644
--- a/modules-available/news/page.inc.php
+++ b/modules-available/news/page.inc.php
@@ -46,14 +46,8 @@ class Page_News extends Page
// check which action we need to do
$action = Request::any('action', 'show');
- if ($action === 'clear') {
- // clear news input fields
- // TODO: is this the right way?
- $this->newsId = false;
- $this->newsTitle = false;
- $this->newsContent = false;
- $this->newsDate = false;
- } elseif ($action === 'show') {
+ if ($action === 'show') {
+ User::assertPermission('access-page');
/* load latest things */
$this->loadLatest('help');
$this->loadLatest('news');
diff --git a/modules-available/news/permissions/permissions.json b/modules-available/news/permissions/permissions.json
index 0d9435d7..953599df 100644
--- a/modules-available/news/permissions/permissions.json
+++ b/modules-available/news/permissions/permissions.json
@@ -1,4 +1,7 @@
{
+ "access-page": {
+ "location-aware": false
+ },
"help.delete": {
"location-aware": false
},
diff --git a/modules-available/rebootcontrol/page.inc.php b/modules-available/rebootcontrol/page.inc.php
index abbdb2c3..041ae74f 100644
--- a/modules-available/rebootcontrol/page.inc.php
+++ b/modules-available/rebootcontrol/page.inc.php
@@ -79,11 +79,14 @@ class Page_RebootControl extends Page
//location you want to see, default are "not assigned" clients
$requestedLocation = Request::get('location', false, 'int');
$allowedLocs = User::getAllowedLocations("action.*");
+ if (empty($allowedLocs)) {
+ User::assertPermission('action.*');
+ }
if ($requestedLocation === false) {
if (in_array(0, $allowedLocs)) {
$requestedLocation = 0;
- } elseif (!empty($allowedLocs)) {
+ } else {
$requestedLocation = reset($allowedLocs);
}
}
@@ -105,8 +108,8 @@ class Page_RebootControl extends Page
Render::addTemplate('header', $data);
// only fill table if user has at least one permission for the location
- if ($requestedLocation === false) {
- Message::addError('main.no-permission');
+ if (!in_array($requestedLocation, $allowedLocs)) {
+ Message::addError('locations.no-permission-location', $requestedLocation);
} else {
$data['data'] = RebootQueries::getMachineTable($requestedLocation);
Render::addTemplate('_page', $data);
diff --git a/modules-available/serversetup-bwlp/page.inc.php b/modules-available/serversetup-bwlp/page.inc.php
index ae709da7..78096d7b 100644
--- a/modules-available/serversetup-bwlp/page.inc.php
+++ b/modules-available/serversetup-bwlp/page.inc.php
@@ -43,6 +43,12 @@ class Page_ServerSetup extends Page
// iPXE stuff changes
$this->updatePxeMenu();
}
+
+ if (Request::isPost()) {
+ Util::redirect('?do=serversetup');
+ }
+
+ User::assertPermission('access-page');
}
protected function doRender()
diff --git a/modules-available/serversetup-bwlp/permissions/permissions.json b/modules-available/serversetup-bwlp/permissions/permissions.json
index 6bae5422..44927506 100644
--- a/modules-available/serversetup-bwlp/permissions/permissions.json
+++ b/modules-available/serversetup-bwlp/permissions/permissions.json
@@ -1,4 +1,7 @@
{
+ "access-page": {
+ "location-aware": false
+ },
"download": {
"location-aware": false
},
diff --git a/modules-available/statistics_reporting/page.inc.php b/modules-available/statistics_reporting/page.inc.php
index af4b2b12..cc03e4d8 100644
--- a/modules-available/statistics_reporting/page.inc.php
+++ b/modules-available/statistics_reporting/page.inc.php
@@ -84,6 +84,7 @@ class Page_Statistics_Reporting extends Page
die(json_encode($report));
}
}
+ User::assertPermission('*');
}
/**
diff --git a/modules-available/sysconfig/page.inc.php b/modules-available/sysconfig/page.inc.php
index 7bb3e599..8d1799af 100644
--- a/modules-available/sysconfig/page.inc.php
+++ b/modules-available/sysconfig/page.inc.php
@@ -160,7 +160,7 @@ class Page_SysConfig extends Page
$pMods = User::hasPermission('module.view-list');
$pConfs = User::hasPermission('config.view-list');
if (!($pMods || $pConfs)) {
- Message::addError('main.no-permission');
+ User::assertPermission('config.view-list');
}
Render::openTag('div', array('class' => 'row'));
if ($pConfs) {
diff --git a/modules-available/syslog/page.inc.php b/modules-available/syslog/page.inc.php
index 3a7513b5..00c55a3f 100644
--- a/modules-available/syslog/page.inc.php
+++ b/modules-available/syslog/page.inc.php
@@ -25,6 +25,7 @@ class Page_SysLog extends Page
}
Util::redirect('?do=syslog');
}
+ User::assertPermission('*');
}
protected function doRender()
diff --git a/modules-available/systemstatus/page.inc.php b/modules-available/systemstatus/page.inc.php
index 816caa05..66b30bcf 100644
--- a/modules-available/systemstatus/page.inc.php
+++ b/modules-available/systemstatus/page.inc.php
@@ -18,6 +18,7 @@ class Page_SystemStatus extends Page
User::assertPermission("serverreboot");
$this->rebootTask = Taskmanager::submit('Reboot');
}
+ User::assertPermission('*');
}
protected function doRender()
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php
index 806ffd59..ca52c2ab 100644
--- a/modules-available/webinterface/page.inc.php
+++ b/modules-available/webinterface/page.inc.php
@@ -28,6 +28,10 @@ class Page_WebInterface extends Page
$this->actionCustomization();
break;
}
+ if (Request::isPost()) {
+ Util::redirect('?do=webinterface');
+ }
+ User::assertPermission('access-page');
}
private function actionConfigureHttps()
diff --git a/modules-available/webinterface/permissions/permissions.json b/modules-available/webinterface/permissions/permissions.json
index fa6f493f..ed81602a 100644
--- a/modules-available/webinterface/permissions/permissions.json
+++ b/modules-available/webinterface/permissions/permissions.json
@@ -1,4 +1,7 @@
{
+ "access-page": {
+ "location-aware": false
+ },
"edit.design": {
"location-aware": false
},