sipwise
/
ngcp-panel
mirror of https://github.com/sipwise/ngcp-panel.git
1
0
Fork 0
Code Issues Releases Wiki Activity

TT#35058 Apply write access checking for subscriberadin on subscribers API

Browse Source 
Change-Id: I0700ea80026bfb959d240b7ed67c88d5a9385ad9
(cherry picked from commit f103d31d8a)
changes/80/20280/1
Irina Peshinskaya 7 years ago
parent ed78b32b12
commit 76a6bdbf5e
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File

11
lib/NGCP/Panel/Role/API/Subscribers.pm
Unescape View File

@ -829,7 +829,12 @@ sub update_item {
sub check_write_access { sub check_write_access {
my($self, $c) = @_; my($self, $c) = @_;
if($c->user->roles eq "admin" || $c->user->roles eq "reseller") { if($c->user->roles eq "admin" || $c->user->roles eq "reseller") {
} elsif($c->user->roles eq "subscriber") { } elsif($c->user->roles eq "subscriber"
|| (
$c->user->roles eq "subscriberadmin"
&& !$self->subscriberadmin_write_access($c)
)
) {
$self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role"); $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
return; return;
} elsif($c->user->roles eq "subscriberadmin") { } elsif($c->user->roles eq "subscriberadmin") {
@ -848,8 +853,8 @@ sub check_write_access {
sub subscriberadmin_write_access { sub subscriberadmin_write_access {
my($self,$c) = @_; my($self,$c) = @_;
if ($c->user->roles eq "subscriberadmin" if ($c->user->roles eq "subscriberadmin"
&& $c->config->{privileges}->{subscriberadmin}->{subscribers} && $c->config->{privileges}->{subscriberadmin}->{subscribers}
&& $c->config->{privileges}->{subscriberadmin}->{subscribers} =~/write/ ) { && $c->config->{privileges}->{subscriberadmin}->{subscribers} =~/write/ ) {
return 1; return 1;
} }

Write Preview
Loading…
Cancel
Save