Changeset 182


Ignore:
Timestamp:
12/02/11 17:39:24 (13 years ago)
Author:
Kris Deugau
Message:

/trunk

Scope checks (See #30)

  • user delete
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/dns.cgi

    r181 r182  
    617617  changepage(page => "reclist", errmsg => "You are not permitted to delete records", id => $webvar{parentid})
    618618        unless ($permissions{admin} || $permissions{record_delete});
     619
     620  if (!check_scope(id => $webvar{id}, type => ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
     621    changepage(page => 'domlist', errmsg => "You do not have permission to delete records in the requested ".
     622        ($webvar{defrec} eq 'y' ? 'group' : 'domain'));
     623  }
    619624
    620625  $page->param(id => $webvar{id});
Note: See TracChangeset for help on using the changeset viewer.