mirror of https://github.com/MISP/MISP
Further changes to the authorisation
parent
c23c130e85
commit
0eec208b45
|
@ -50,7 +50,6 @@ class AppController extends Controller {
|
|||
}
|
||||
|
||||
public $components = array(
|
||||
'Acl', // TODO ACL, components
|
||||
'Session',
|
||||
'Auth' => array(
|
||||
'className' => 'SecureAuth',
|
||||
|
|
|
@ -12,11 +12,6 @@ class BlacklistsController extends AppController {
|
|||
public $XXXcomponents = array('Security', 'RequestHandler');
|
||||
|
||||
public $components = array(
|
||||
'Auth' => array(
|
||||
'authorize' => array(
|
||||
'Actions' => array('actionPath' => 'controllers/Blacklists')
|
||||
)
|
||||
),
|
||||
'Security',
|
||||
'AdminCrud'
|
||||
);
|
||||
|
|
|
@ -13,7 +13,6 @@ class AdminCrudComponent extends AuthComponent {
|
|||
*/
|
||||
public function adminAdd() {
|
||||
if ($this->controller->request->is('post')) {
|
||||
if (!$this->_isAdmin()) throw new Exception('Administrators only.');
|
||||
$this->controller->{$this->controller->defaultModel}->create();
|
||||
if ($this->controller->{$this->controller->defaultModel}->save($this->controller->request->data)) {
|
||||
$this->controller->Session->setFlash(__(sprintf('The %s has been saved.', strtolower($this->controller->defaultModel))));
|
||||
|
@ -32,7 +31,6 @@ class AdminCrudComponent extends AuthComponent {
|
|||
* @return void
|
||||
*/
|
||||
public function adminIndex() {
|
||||
if (!$this->_isAdmin()) throw new Exception('Administrators only.');
|
||||
$this->controller->recursive = 0;
|
||||
$this->controller->set('list', $this->controller->paginate());
|
||||
}
|
||||
|
@ -45,7 +43,6 @@ class AdminCrudComponent extends AuthComponent {
|
|||
* @throws NotFoundException
|
||||
*/
|
||||
public function adminEdit($id = null) {
|
||||
if (!$this->_isAdmin()) throw new Exception('Administrators only.');
|
||||
$this->controller->{$this->controller->defaultModel}->id = $id;
|
||||
if (!$this->controller->{$this->controller->defaultModel}->exists()) {
|
||||
throw new NotFoundException(__(sprintf('Invalid %s', strtolower($this->controller->defaultModel))));
|
||||
|
@ -75,7 +72,6 @@ class AdminCrudComponent extends AuthComponent {
|
|||
* @throws NotFoundException
|
||||
*/
|
||||
public function adminDelete($id = null) {
|
||||
if (!$this->_isAdmin()) throw new Exception('Administrators only.');
|
||||
if (!$this->controller->request->is('post')) {
|
||||
throw new MethodNotAllowedException();
|
||||
}
|
||||
|
|
|
@ -28,6 +28,7 @@ class RegexpController extends AppController {
|
|||
* @return void
|
||||
*/
|
||||
public function admin_add() {
|
||||
if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
|
||||
$this->AdminCrud->adminAdd();
|
||||
}
|
||||
|
||||
|
|
|
@ -12,12 +12,6 @@ class RolesController extends AppController {
|
|||
public $options = array('0' => 'Read Only', '1' => 'Manage My Own Events', '2' => 'Manage Organization Events', '3' => 'Manage & Publish Organization Events'); // FIXME move this to Role Model
|
||||
|
||||
public $components = array(
|
||||
'Acl',
|
||||
'Auth' => array(
|
||||
'authorize' => array(
|
||||
'Actions' => array('actionPath' => 'controllers')
|
||||
)
|
||||
),
|
||||
'Security',
|
||||
'Session', 'AdminCrud' // => array('fields' => array('name'))
|
||||
);
|
||||
|
|
|
@ -11,7 +11,7 @@ App::uses('Xml', 'Utility');
|
|||
*/
|
||||
class ServersController extends AppController {
|
||||
|
||||
public $components = array('Acl' ,'Security' ,'RequestHandler'); // XXX ACL component
|
||||
public $components = array('Security' ,'RequestHandler'); // XXX ACL component
|
||||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
|
|
|
@ -149,7 +149,6 @@ class ShadowAttributesController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* discard method
|
||||
*
|
||||
|
|
|
@ -12,11 +12,6 @@ class WhitelistsController extends AppController {
|
|||
public $XXXcomponents = array('Security', 'RequestHandler');
|
||||
|
||||
public $components = array(
|
||||
'Auth' => array(
|
||||
'authorize' => array(
|
||||
'Actions' => array('actionPath' => 'controllers/Whitelists')
|
||||
)
|
||||
),
|
||||
'Security',
|
||||
'AdminCrud'
|
||||
);
|
||||
|
@ -38,6 +33,7 @@ class WhitelistsController extends AppController {
|
|||
* @return void
|
||||
*/
|
||||
public function admin_add() {
|
||||
if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
|
||||
$this->AdminCrud->adminAdd();
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue