Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/zabbix/zabbix.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/ui/app/controllers
diff options
context:
space:
mode:
authorMārtiņš Tālbergs <martins.talbergs@zabbix.com>2021-01-13 12:42:34 +0300
committerMārtiņš Tālbergs <martins.talbergs@zabbix.com>2021-01-13 12:42:34 +0300
commita550ce9c9cd42842742bf302eeca54e7fc192647 (patch)
tree68c57656f79af2b1f6c8d5fe62a480dade1a02a7 /ui/app/controllers
parent5abd5f5904ca05b1faf65063ac699f0b0e157f60 (diff)
..F....... [ZBXNEXT-6207] fixed guest user access to tokens
Diffstat (limited to 'ui/app/controllers')
-rw-r--r--ui/app/controllers/CControllerTokenCreate.php4
-rw-r--r--ui/app/controllers/CControllerTokenDelete.php4
-rw-r--r--ui/app/controllers/CControllerTokenDisable.php4
-rw-r--r--ui/app/controllers/CControllerTokenEdit.php4
-rw-r--r--ui/app/controllers/CControllerTokenEnable.php4
-rw-r--r--ui/app/controllers/CControllerTokenList.php4
-rw-r--r--ui/app/controllers/CControllerTokenUpdate.php4
-rw-r--r--ui/app/controllers/CControllerTokenView.php4
-rw-r--r--ui/app/controllers/CControllerUserTokenEdit.php4
-rw-r--r--ui/app/controllers/CControllerUserTokenList.php4
-rw-r--r--ui/app/controllers/CControllerUserTokenView.php4
11 files changed, 44 insertions, 0 deletions
diff --git a/ui/app/controllers/CControllerTokenCreate.php b/ui/app/controllers/CControllerTokenCreate.php
index ef9bc75d565..b63b3bfccf7 100644
--- a/ui/app/controllers/CControllerTokenCreate.php
+++ b/ui/app/controllers/CControllerTokenCreate.php
@@ -54,6 +54,10 @@ class CControllerTokenCreate extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
}
diff --git a/ui/app/controllers/CControllerTokenDelete.php b/ui/app/controllers/CControllerTokenDelete.php
index 0dda296b337..5763f0ceaa8 100644
--- a/ui/app/controllers/CControllerTokenDelete.php
+++ b/ui/app/controllers/CControllerTokenDelete.php
@@ -37,6 +37,10 @@ class CControllerTokenDelete extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
}
diff --git a/ui/app/controllers/CControllerTokenDisable.php b/ui/app/controllers/CControllerTokenDisable.php
index 537a71989ee..dc68bd3ec8a 100644
--- a/ui/app/controllers/CControllerTokenDisable.php
+++ b/ui/app/controllers/CControllerTokenDisable.php
@@ -37,6 +37,10 @@ class CControllerTokenDisable extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
}
diff --git a/ui/app/controllers/CControllerTokenEdit.php b/ui/app/controllers/CControllerTokenEdit.php
index a52de261ece..8eef0185a3e 100644
--- a/ui/app/controllers/CControllerTokenEdit.php
+++ b/ui/app/controllers/CControllerTokenEdit.php
@@ -46,6 +46,10 @@ class CControllerTokenEdit extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return ($this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS)
&& $this->checkAccess(CRoleHelper::UI_ADMINISTRATION_GENERAL)
);
diff --git a/ui/app/controllers/CControllerTokenEnable.php b/ui/app/controllers/CControllerTokenEnable.php
index 596826d6d2d..1f6381b2ba6 100644
--- a/ui/app/controllers/CControllerTokenEnable.php
+++ b/ui/app/controllers/CControllerTokenEnable.php
@@ -37,6 +37,10 @@ class CControllerTokenEnable extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
}
diff --git a/ui/app/controllers/CControllerTokenList.php b/ui/app/controllers/CControllerTokenList.php
index 4a73c89b2e1..40ebae99564 100644
--- a/ui/app/controllers/CControllerTokenList.php
+++ b/ui/app/controllers/CControllerTokenList.php
@@ -51,6 +51,10 @@ class CControllerTokenList extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return ($this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS)
&& $this->checkAccess(CRoleHelper::UI_ADMINISTRATION_GENERAL)
);
diff --git a/ui/app/controllers/CControllerTokenUpdate.php b/ui/app/controllers/CControllerTokenUpdate.php
index 7d6e313e9be..a4b6d234317 100644
--- a/ui/app/controllers/CControllerTokenUpdate.php
+++ b/ui/app/controllers/CControllerTokenUpdate.php
@@ -57,6 +57,10 @@ class CControllerTokenUpdate extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
}
diff --git a/ui/app/controllers/CControllerTokenView.php b/ui/app/controllers/CControllerTokenView.php
index d5621b83da5..031fe34e772 100644
--- a/ui/app/controllers/CControllerTokenView.php
+++ b/ui/app/controllers/CControllerTokenView.php
@@ -41,6 +41,10 @@ class CControllerTokenView extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return ($this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS)
&& $this->checkAccess(CRoleHelper::UI_ADMINISTRATION_GENERAL)
);
diff --git a/ui/app/controllers/CControllerUserTokenEdit.php b/ui/app/controllers/CControllerUserTokenEdit.php
index 9cad22cafc8..24963382ddc 100644
--- a/ui/app/controllers/CControllerUserTokenEdit.php
+++ b/ui/app/controllers/CControllerUserTokenEdit.php
@@ -45,6 +45,10 @@ class CControllerUserTokenEdit extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
}
diff --git a/ui/app/controllers/CControllerUserTokenList.php b/ui/app/controllers/CControllerUserTokenList.php
index 984fc327a1c..6f7e7b1be94 100644
--- a/ui/app/controllers/CControllerUserTokenList.php
+++ b/ui/app/controllers/CControllerUserTokenList.php
@@ -49,6 +49,10 @@ class CControllerUserTokenList extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
}
diff --git a/ui/app/controllers/CControllerUserTokenView.php b/ui/app/controllers/CControllerUserTokenView.php
index 089c30d81c4..d49d03f4419 100644
--- a/ui/app/controllers/CControllerUserTokenView.php
+++ b/ui/app/controllers/CControllerUserTokenView.php
@@ -40,6 +40,10 @@ class CControllerUserTokenView extends CController {
}
protected function checkPermissions() {
+ if (CWebUser::isGuest()) {
+ return false;
+ }
+
return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-22 04:27:09 +0300