MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Further changes to the authorisation

pull/64/merge
Andras Iklody 2013-04-26 15:46:39 +02:00
parent c23c130e85
commit 0eec208b45
8 changed files with 3 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Controller/AppController.php
View File

@ -50,7 +50,6 @@ class AppController extends Controller {
}
public $components = array(
'Acl', // TODO ACL, components
'Session',
'Auth' => array(
'className' => 'SecureAuth',

5
app/Controller/BlacklistsController.php
View File

@ -12,11 +12,6 @@ class BlacklistsController extends AppController {
public $XXXcomponents = array('Security', 'RequestHandler');
public $components = array(
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers/Blacklists')
)
),
'Security',
'AdminCrud'
);

4
app/Controller/Component/AdminCrudComponent.php
View File

@ -13,7 +13,6 @@ class AdminCrudComponent extends AuthComponent {
*/
public function adminAdd() {
if ($this->controller->request->is('post')) {
if (!$this->_isAdmin()) throw new Exception('Administrators only.');
$this->controller->{$this->controller->defaultModel}->create();
if ($this->controller->{$this->controller->defaultModel}->save($this->controller->request->data)) {
$this->controller->Session->setFlash(__(sprintf('The %s has been saved.', strtolower($this->controller->defaultModel))));
@ -32,7 +31,6 @@ class AdminCrudComponent extends AuthComponent {
* @return void
*/
public function adminIndex() {
if (!$this->_isAdmin()) throw new Exception('Administrators only.');
$this->controller->recursive = 0;
$this->controller->set('list', $this->controller->paginate());
}
@ -45,7 +43,6 @@ class AdminCrudComponent extends AuthComponent {
* @throws NotFoundException
*/
public function adminEdit($id = null) {
if (!$this->_isAdmin()) throw new Exception('Administrators only.');
$this->controller->{$this->controller->defaultModel}->id = $id;
if (!$this->controller->{$this->controller->defaultModel}->exists()) {
throw new NotFoundException(__(sprintf('Invalid %s', strtolower($this->controller->defaultModel))));
@ -75,7 +72,6 @@ class AdminCrudComponent extends AuthComponent {
* @throws NotFoundException
*/
public function adminDelete($id = null) {
if (!$this->_isAdmin()) throw new Exception('Administrators only.');
if (!$this->controller->request->is('post')) {
throw new MethodNotAllowedException();
}

1
app/Controller/RegexpController.php
View File

@ -28,6 +28,7 @@ class RegexpController extends AppController {
* @return void
*/
public function admin_add() {
if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminAdd();
}

6
app/Controller/RolesController.php
View File

@ -12,12 +12,6 @@ class RolesController extends AppController {
public $options = array('0' => 'Read Only', '1' => 'Manage My Own Events', '2' => 'Manage Organization Events', '3' => 'Manage & Publish Organization Events'); // FIXME move this to Role Model
public $components = array(
'Acl',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
)
),
'Security',
'Session', 'AdminCrud' // => array('fields' => array('name'))
);

2
app/Controller/ServersController.php
View File

@ -11,7 +11,7 @@ App::uses('Xml', 'Utility');
*/
class ServersController extends AppController {
public $components = array('Acl' ,'Security' ,'RequestHandler'); // XXX ACL component
public $components = array('Security' ,'RequestHandler'); // XXX ACL component
public $paginate = array(
'limit' => 60,

1
app/Controller/ShadowAttributesController.php
View File

@ -149,7 +149,6 @@ class ShadowAttributesController extends AppController {
}
}
/**
* discard method
*

6
app/Controller/WhitelistsController.php
View File

@ -12,11 +12,6 @@ class WhitelistsController extends AppController {
public $XXXcomponents = array('Security', 'RequestHandler');
public $components = array(
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers/Whitelists')
)
),
'Security',
'AdminCrud'
);
@ -38,6 +33,7 @@ class WhitelistsController extends AppController {
* @return void
*/
public function admin_add() {
if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminAdd();
}