MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [API] Add object request has been black-holed. #3271 

- blanket disabling the security component for API requests clashes with explicit disabling of certain security component features in the objects controller causing exceptions
pull/3301/head
iglocska 2018-05-23 10:33:40 +02:00
parent 37b856d60a
commit 9ffd05e57d
1 changed files with 0 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/AppController.php
View File

@ -112,7 +112,6 @@ class AppController extends Controller {
$this->set('queryVersion', $this->__queryVersion);
$this->loadModel('User');
$auth_user_fields = $this->User->describeAuthFields();
//if fresh installation (salt empty) generate a new salt
if (!Configure::read('Security.salt')) {
$this->loadModel('Server');
@ -339,7 +338,6 @@ class AppController extends Controller {
}
}
unset($base_dir);
// We don't want to run these role checks before the user is logged in, but we want them available for every view once the user is logged on
// instead of using checkAction(), like we normally do from controllers when trying to find out about a permission flag, we can use getActions()
// getActions returns all the flags in a single SQL query