mirror of https://github.com/MISP/MISP
chg: [internal] Use ACLComponent for menu item permission
parent
4cf7e2b26a
commit
3be0ab9169
|
@ -37,6 +37,7 @@ App::uses('RequestRearrangeTool', 'Tools');
|
|||
* @link http://book.cakephp.org/2.0/en/controllers.html#the-app-controller
|
||||
*
|
||||
* @throws ForbiddenException // TODO Exception
|
||||
* @property ACLComponent $ACL
|
||||
*/
|
||||
class AppController extends Controller
|
||||
{
|
||||
|
@ -461,6 +462,7 @@ class AppController extends Controller
|
|||
$this->set('isAclZmq', isset($role['perm_publish_zmq']) ? $role['perm_publish_zmq'] : false);
|
||||
$this->set('isAclKafka', isset($role['perm_publish_kafka']) ? $role['perm_publish_kafka'] : false);
|
||||
$this->set('isAclDecaying', isset($role['perm_decaying']) ? $role['perm_decaying'] : false);
|
||||
$this->set('aclComponent', $this->ACL);
|
||||
$this->userRole = $role;
|
||||
|
||||
$this->set('loggedInUserName', $this->__convertEmailToName($this->Auth->user('email')));
|
||||
|
|
|
@ -748,7 +748,9 @@ class ACLComponent extends Component
|
|||
foreach ($aclList as $k => $v) {
|
||||
$aclList[$k] = array_change_key_case($v);
|
||||
}
|
||||
if (!$soft) {
|
||||
$this->__checkLoggedActions($user, $controller, $action);
|
||||
}
|
||||
if ($user && $user['Role']['perm_site_admin']) {
|
||||
return true;
|
||||
}
|
||||
|
@ -804,7 +806,6 @@ class ACLComponent extends Component
|
|||
switch ($code) {
|
||||
case 404:
|
||||
throw new NotFoundException($message);
|
||||
break;
|
||||
case 403:
|
||||
throw new MethodNotAllowedException($message);
|
||||
default:
|
||||
|
|
|
@ -1,5 +1,15 @@
|
|||
<?php
|
||||
if (!empty($me)) {
|
||||
// New approach how to define menu requirements. It takes ACLs from ACLComponent.
|
||||
// TODO: Use for every menu item
|
||||
$canAccess = function ($controller, $action) use ($me, $aclComponent) {
|
||||
$response = $aclComponent->checkAccess($me, $controller, $action, true);
|
||||
if ($response === 404) {
|
||||
throw new Exception("Invalid controller '$controller' specified for menu requirements.");
|
||||
}
|
||||
return $response === true;
|
||||
};
|
||||
|
||||
$menu = array(
|
||||
array(
|
||||
'type' => 'root',
|
||||
|
@ -270,7 +280,7 @@
|
|||
array(
|
||||
'text' => __('List Servers'),
|
||||
'url' => $baseurl . '/servers/index',
|
||||
'requirement' => $isAclSync || $isAdmin
|
||||
'requirement' => $canAccess('servers', 'index'),
|
||||
),
|
||||
array(
|
||||
'text' => __('List Feeds'),
|
||||
|
|
Loading…
Reference in New Issue