- Timestamp:
- 08/03/12 17:54:42 (12 years ago)
- Location:
- trunk
- Files:
-
- 1 added
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/dns.cgi
r371 r374 1344 1344 } elsif ($webvar{page} eq 'loclist') { 1345 1345 1346 #changepage(page => "domlist", errmsg => "You are not allowed access to this function")1347 # unless $permissions{admin} || $permissions{ foo?};1346 changepage(page => "domlist", errmsg => "You are not allowed access to this function") 1347 unless $permissions{admin} || $permissions{location_view}; 1348 1348 1349 1349 # security check - does the user have permission to access this entity? … … 1354 1354 1355 1355 # Permissions! 1356 $page->param(addloc => $permissions{admin} || $permissions{loc _create});1357 $page->param(delloc => $permissions{admin} || $permissions{loc _delete});1356 $page->param(addloc => $permissions{admin} || $permissions{location_create}); 1357 $page->param(delloc => $permissions{admin} || $permissions{location_delete}); 1358 1358 1359 1359 } elsif ($webvar{page} eq 'location') { 1360 1360 1361 changepage(page => "domlist", errmsg => "You are not allowed access to this function") 1362 unless $permissions{admin} || $permissions{location_view}; 1363 1364 # security check - does the user have permission to access this entity? 1365 # if (!check_scope(id => $webvar{id}, type => 'loc')) { 1366 # changepage(page => "loclist", errmsg => "You are not permitted to <foo> the requested location/view"); 1367 # } 1368 1369 if ($webvar{locact} eq 'new') { 1370 1371 } elsif ($webvar{locact} eq 'add') { 1372 changepage(page => "loclist", errmsg => "You are not permitted to add locations/views", id => $webvar{parentid}) 1373 unless ($permissions{admin} || $permissions{location_create}); 1374 1375 ##work 1376 my ($code,$msg) = addLocation($dbh, $webvar{parentid}, $webvar{locname}, $webvar{iplist}); 1377 1378 if ($code eq 'OK' || $code eq 'WARN') { 1379 my %pageparams = (page => "loclist", id => $webvar{parentid}, 1380 defrec => $webvar{defrec}, revrec => $webvar{revrec}); 1381 $pageparams{warnmsg} = $msg."<br><br>\n".$DNSDB::resultstr if $code eq 'WARN'; 1382 $pageparams{resultmsg} = $DNSDB::resultstr if $code eq 'OK'; 1383 changepage(%pageparams); 1384 } else { 1385 $page->param(failed => 1); 1386 $page->param(errmsg => $msg); 1387 $page->param(wastrying => "adding"); 1388 $page->param(todo => "Add location/view"); 1389 $page->param(locact => "add"); 1390 $page->param(parentid => $webvar{parentid}); 1391 $page->param(id => $webvar{id}); 1392 fill_recdata(); # populate the form... er, mostly. 1393 } 1394 1395 } elsif ($webvar{locact} eq 'edit') { 1396 changepage(page => "loclist", errmsg => "You are not permitted to edit locations/views", id => $webvar{parentid}) 1397 unless ($permissions{admin} || $permissions{location_edit}); 1398 } elsif ($webvar{locact} eq 'update') { 1399 changepage(page => "loclist", errmsg => "You are not permitted to edit locations/views", id => $webvar{parentid}) 1400 unless ($permissions{admin} || $permissions{location_edit}); 1401 } else { 1402 changepage(page => "loclist", errmsg => "You are not permitted to add locations/views", id => $webvar{parentid}) 1403 unless ($permissions{admin} || $permissions{location_create}); 1404 1405 $page->param(todo => "Add location/view"); 1406 $page->param(locact => "add"); 1407 $page->param(parentid => $webvar{parentid}); 1408 1409 $page->param(locname => ($webvar{locname} ? $webvar{locname} : '')); 1410 $page->param(iplist => ($webvar{iplist} ? $webvar{iplist} : '')); 1411 } 1361 1412 1362 1413 } elsif ($webvar{page} eq 'dnsq') { … … 1594 1645 1595 1646 ##common bits 1647 # mostly things in the menu 1596 1648 if ($webvar{page} ne 'login' && $webvar{page} ne 'badpage') { 1597 1649 $page->param(username => $session->param("username")); … … 1604 1656 ##fixme 1605 1657 $page->param(mayrdns => 1); 1606 $page->param(mayloc => 1); 1658 1659 $page->param(mayloc => ($permissions{admin} || $permissions{loc_view})); 1607 1660 1608 1661 $page->param(maydefrec => $permissions{admin}); -
trunk/templates/loclist.tmpl
r372 r374 23 23 </tr> 24 24 <TMPL_IF addloc> 25 <tr><td colspan="3" align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&page=loc ">New Location/View</a></td></tr>25 <tr><td colspan="3" align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&page=location">New Location/View</a></td></tr> 26 26 </TMPL_IF> 27 27 </table> … … 36 36 <TMPL_LOOP name=loctable> 37 37 <tr class="row<TMPL_IF __odd__>0<TMPL_ELSE>1</TMPL_IF>"> 38 <td align="left"><TMPL_IF edloc><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&page=location&loc _action=edit&loc=<TMPL_VAR NAME=location>"><TMPL_VAR NAME=description></a><TMPL_ELSE><TMPL_VAR NAME=description></TMPL_IF></td>38 <td align="left"><TMPL_IF edloc><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&page=location&locact=edit&loc=<TMPL_VAR NAME=location>"><TMPL_VAR NAME=description></a><TMPL_ELSE><TMPL_VAR NAME=description></TMPL_IF></td> 39 39 <td><TMPL_VAR name=iplist></td> 40 40 <td><TMPL_VAR name=group_name></td>
Note:
See TracChangeset
for help on using the changeset viewer.