Changeset 154

Timestamp:

10/24/11 17:51:33 (13 years ago)

Author:

Kris Deugau

Message:

/trunk

Move template init further up, so we can set error-message params earlier
Tweak group-scope check in global action segment now that we can
emit error messages to the template(s) here
Delete some long-stale comments around template init
Add scope check to domain status change
Add scope check to record list
Remove local group-scope check in listdomains() in favour of global check
Remove some duplicated boilerplate for scope checks in listgroups()

File:

• trunk/dns.cgi (modified) (7 diffs)

trunk/dns.cgi

@@ -160 +160 @@
 push @viewablegroups, $logingroup;
 
+my $page = HTML::Template->new(filename => "$templatedir/$webvar{page}.tmpl");
+
 # handle login redirect
 if ($webvar{action}) {
@@ -204 +206 @@
     $uri_self =~ s/\&group=[^&]*//g;
 
-# security check - does the user have permission to view this entity?
-  if (!(grep /^$webvar{group}$/, @viewablegroups)) {
-    # hmm.  Reset the current group to the login group?  Yes.  Prevents confusing behaviour elsewhere.
-    $session->param('curgroup',$logingroup);
-##fixme:  need to either carry the errmsg forward, or init the template earlier
-#    $page->param(errmsg => "You are not permitted to view or make changes in the requested group");
-    $curgroup = $logingroup;
-  }
+    # security check - does the user have permission to view this entity?
+    if (!(grep /^$webvar{group}$/, @viewablegroups)) {
+      # hmm.  Reset the current group to the login group?  Yes.  Prevents confusing behaviour elsewhere.
+      $session->param('curgroup',$logingroup);
+      $webvar{group} = $logingroup;
+      $curgroup = $logingroup;
+      $page->param(errmsg => "You are not permitted to view or make changes in the requested group");
+    }
 
     $session->param('curgroup', $webvar{group});
@@ -219 +221 @@
 
 initPermissions($dbh,$session->param('uid'));
-
-## Default page is a login page
-#my $page;      # to be initialized as an HTML::Template entity sooner or later
-
-
-#if (!$webvar{page}) {
-#  $page = HTML::Template->new(filename => "$templatedir/login.tmpl");
-#} else {
-#}
-
-my $page = HTML::Template->new(filename => "$templatedir/$webvar{page}.tmpl");
 
 $page->param(sid => $sid);
@@ -244 +235 @@
 # this currently only handles "domain on", "domain off"
   if (defined($webvar{domstatus})) {
-    my $stat = domStatus($dbh,$webvar{id},$webvar{domstatus});
-    logaction($webvar{id}, $session->param("username"), parentID($webvar{id}, 'dom', 'group'),
+    # security check - does the user have permission to access this entity?
+    my $flag = 0;
+    foreach (@viewablegroups) {
+      $flag = 1 if isParent($dbh, $_, 'group', $webvar{id}, 'domain');
+    }
+    if ($flag && ($permissions{admin} || $permissions{edit_domain})) {
+      my $stat = domStatus($dbh,$webvar{id},$webvar{domstatus});
+      logaction($webvar{id}, $session->param("username"), parentID($webvar{id}, 'dom', 'group'),
         "Changed ".domainName($dbh, $webvar{id})." state to ".($stat ? 'active' : 'inactive'));
+    } else {
+      $page->param(errmsg => "You are not permitted to view or change the requested domain");
+    }
   }
 
@@ -322 +322 @@
 } elsif ($webvar{page} eq 'reclist') {
 
+# security check - does the user have permission to view this entity?
+  my $flag = 0;
+  foreach (@viewablegroups) {
+    $flag = 1 if isParent($dbh, $_, 'group', $webvar{id}, ($webvar{defrec} eq 'y' ? 'group' : 'domain'));
+  }
+  if (!$flag) {
+    $page->param(errmsg => "You are not permitted to view or change the requested ".
+        ($webvar{defrec} eq 'y' ? "group's default records" : "domain's records"));
+    $page->param(perm_err => 1);
+  }
+  
 # hmm.  where do we send them?
   if ($webvar{defrec} eq 'y' && !$permissions{admin}) {
     $page->param(errmsg => "You are not permitted to edit default records");
     $page->param(perm_err => 1);
-  } else {
+  } elsif ($flag) {     # $flag carries the scope check results
 
     $page->param(mayeditsoa => $permissions{admin} || $permissions{domain_edit});
@@ -1569 +1580 @@
 
 sub listdomains {
-
-# security check - does the user have permission to view this entity?
-  my @viewablegroups;
-  getChildren($dbh, $logingroup, \@viewablegroups, 'all');
-  push @viewablegroups, $logingroup;
-  if (!(grep /^$curgroup$/, @viewablegroups)) {
-    # hmm.  Reset the current group to the login group?  Yes.  Prevents confusing behaviour elsewhere.
-    $session->param('curgroup',$logingroup);
-    $page->param(errmsg => "You are not permitted to view domains in the requested group");
-    $curgroup = $logingroup;
-  }
 
 #  $startwith = $session->param($webvar{page}.'startwith');
@@ -1670 +1670 @@
 
 # security check - does the user have permission to view this entity?
-  my @viewablegroups;
-  getChildren($dbh, $logingroup, \@viewablegroups, 'all');
-  push @viewablegroups, $logingroup;
   if (!(grep /^$curgroup$/, @viewablegroups)) {
     # hmm.  Reset the current group to the login group?  Yes.  Prevents confusing behaviour elsewhere.