From a550ce9c9cd42842742bf302eeca54e7fc192647 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C4=81rti=C5=86=C5=A1=20T=C4=81lbergs?=
 <martins.talbergs@zabbix.com>
Date: Wed, 13 Jan 2021 11:42:34 +0200
Subject: ..F....... [ZBXNEXT-6207] fixed guest user access to tokens

---
 ui/app/controllers/CControllerTokenCreate.php   | 4 ++++
 ui/app/controllers/CControllerTokenDelete.php   | 4 ++++
 ui/app/controllers/CControllerTokenDisable.php  | 4 ++++
 ui/app/controllers/CControllerTokenEdit.php     | 4 ++++
 ui/app/controllers/CControllerTokenEnable.php   | 4 ++++
 ui/app/controllers/CControllerTokenList.php     | 4 ++++
 ui/app/controllers/CControllerTokenUpdate.php   | 4 ++++
 ui/app/controllers/CControllerTokenView.php     | 4 ++++
 ui/app/controllers/CControllerUserTokenEdit.php | 4 ++++
 ui/app/controllers/CControllerUserTokenList.php | 4 ++++
 ui/app/controllers/CControllerUserTokenView.php | 4 ++++
 11 files changed, 44 insertions(+)

(limited to 'ui/app/controllers')

diff --git a/ui/app/controllers/CControllerTokenCreate.php b/ui/app/controllers/CControllerTokenCreate.php
index ef9bc75d565..b63b3bfccf7 100644
--- a/ui/app/controllers/CControllerTokenCreate.php
+++ b/ui/app/controllers/CControllerTokenCreate.php
@@ -54,6 +54,10 @@ class CControllerTokenCreate extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
 	}
 
diff --git a/ui/app/controllers/CControllerTokenDelete.php b/ui/app/controllers/CControllerTokenDelete.php
index 0dda296b337..5763f0ceaa8 100644
--- a/ui/app/controllers/CControllerTokenDelete.php
+++ b/ui/app/controllers/CControllerTokenDelete.php
@@ -37,6 +37,10 @@ class CControllerTokenDelete extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
 	}
 
diff --git a/ui/app/controllers/CControllerTokenDisable.php b/ui/app/controllers/CControllerTokenDisable.php
index 537a71989ee..dc68bd3ec8a 100644
--- a/ui/app/controllers/CControllerTokenDisable.php
+++ b/ui/app/controllers/CControllerTokenDisable.php
@@ -37,6 +37,10 @@ class CControllerTokenDisable extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
 	}
 
diff --git a/ui/app/controllers/CControllerTokenEdit.php b/ui/app/controllers/CControllerTokenEdit.php
index a52de261ece..8eef0185a3e 100644
--- a/ui/app/controllers/CControllerTokenEdit.php
+++ b/ui/app/controllers/CControllerTokenEdit.php
@@ -46,6 +46,10 @@ class CControllerTokenEdit extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return ($this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS)
 			&& $this->checkAccess(CRoleHelper::UI_ADMINISTRATION_GENERAL)
 		);
diff --git a/ui/app/controllers/CControllerTokenEnable.php b/ui/app/controllers/CControllerTokenEnable.php
index 596826d6d2d..1f6381b2ba6 100644
--- a/ui/app/controllers/CControllerTokenEnable.php
+++ b/ui/app/controllers/CControllerTokenEnable.php
@@ -37,6 +37,10 @@ class CControllerTokenEnable extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
 	}
 
diff --git a/ui/app/controllers/CControllerTokenList.php b/ui/app/controllers/CControllerTokenList.php
index 4a73c89b2e1..40ebae99564 100644
--- a/ui/app/controllers/CControllerTokenList.php
+++ b/ui/app/controllers/CControllerTokenList.php
@@ -51,6 +51,10 @@ class CControllerTokenList extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return ($this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS)
 			&& $this->checkAccess(CRoleHelper::UI_ADMINISTRATION_GENERAL)
 		);
diff --git a/ui/app/controllers/CControllerTokenUpdate.php b/ui/app/controllers/CControllerTokenUpdate.php
index 7d6e313e9be..a4b6d234317 100644
--- a/ui/app/controllers/CControllerTokenUpdate.php
+++ b/ui/app/controllers/CControllerTokenUpdate.php
@@ -57,6 +57,10 @@ class CControllerTokenUpdate extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
 	}
 
diff --git a/ui/app/controllers/CControllerTokenView.php b/ui/app/controllers/CControllerTokenView.php
index d5621b83da5..031fe34e772 100644
--- a/ui/app/controllers/CControllerTokenView.php
+++ b/ui/app/controllers/CControllerTokenView.php
@@ -41,6 +41,10 @@ class CControllerTokenView extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return ($this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS)
 			&& $this->checkAccess(CRoleHelper::UI_ADMINISTRATION_GENERAL)
 		);
diff --git a/ui/app/controllers/CControllerUserTokenEdit.php b/ui/app/controllers/CControllerUserTokenEdit.php
index 9cad22cafc8..24963382ddc 100644
--- a/ui/app/controllers/CControllerUserTokenEdit.php
+++ b/ui/app/controllers/CControllerUserTokenEdit.php
@@ -45,6 +45,10 @@ class CControllerUserTokenEdit extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
 	}
 
diff --git a/ui/app/controllers/CControllerUserTokenList.php b/ui/app/controllers/CControllerUserTokenList.php
index 984fc327a1c..6f7e7b1be94 100644
--- a/ui/app/controllers/CControllerUserTokenList.php
+++ b/ui/app/controllers/CControllerUserTokenList.php
@@ -49,6 +49,10 @@ class CControllerUserTokenList extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
 	}
 
diff --git a/ui/app/controllers/CControllerUserTokenView.php b/ui/app/controllers/CControllerUserTokenView.php
index 089c30d81c4..d49d03f4419 100644
--- a/ui/app/controllers/CControllerUserTokenView.php
+++ b/ui/app/controllers/CControllerUserTokenView.php
@@ -40,6 +40,10 @@ class CControllerUserTokenView extends CController {
 	}
 
 	protected function checkPermissions() {
+		if (CWebUser::isGuest()) {
+			return false;
+		}
+
 		return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
 	}
 
-- 
cgit v1.2.3