sipwise
/
ngcp-panel
mirror of https://github.com/sipwise/ngcp-panel.git
1
0
Fork 0
Code Issues Releases Wiki Activity

MT#3927 Invalidate session in API for non-API user

Browse Source
agranig/rest
Andreas Granig 12 years ago
parent e5a42d9306
commit a5cbfd298a
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File

8
lib/NGCP/Panel/Controller/Root.pm
Unescape View File

@ -26,6 +26,14 @@ sub auto :Private {
$c->log->debug("*** Root::auto skip authn, grant access to " . $c->request->path);
return 1;
}
if($c->user_exists && $c->user->roles ne "api_admin" &&
0 == index $c->controller->catalyst_component_name, 'NGCP::Panel::Controller::API') {
$c->log->debug("*** Root::auto invalidate authenticated non-api-admin user for api access");
$c->logout;
}
unless($c->user_exists) {
$c->log->debug("*** Root::auto user not authenticated");
if (

Write Preview
Loading…
Cancel
Save