Changeset 503 for branches/htmlform/cgi-bin/main.cgi

Timestamp:

09/26/11 18:05:01 (13 years ago)

Author:

Kris Deugau

Message:

/branches/htmlform

Checkpoint, clearing out references to printError()
All ACL checks that generate error pages should now be converted
to use the new aclerror template. See #15.
Fix a minor bug in CustIDCK.pm - calls to custid_check are being
treated as an object call for some reason.

File:

• branches/htmlform/cgi-bin/main.cgi (modified) (9 diffs)

branches/htmlform/cgi-bin/main.cgi

@@ -82 +82 @@
 
 #main()
+my $aclerr;
 
 if(!defined($webvar{action})) {
@@ -98 +99 @@
 } elsif ($webvar{action} eq 'addmaster') {
   if ($IPDBacl{$authuser} !~ /a/) {
-    printError("You shouldn't have been able to get here.  Access denied.");
+    $aclerr = 'addmaster';
   }
 } elsif ($webvar{action} eq 'newmaster') {
 
   if ($IPDBacl{$authuser} !~ /a/) {
-    printError("You shouldn't have been able to get here.  Access denied.");
+    $aclerr = 'addmaster';
   } else {
     my $cidr = new NetAddr::IP $webvar{cidr};
@@ -191 +192 @@
 
 
+# Switch to a different template if we've tripped on an ACL error.
+# Note that this should only be exercised in development, when
+# deeplinked, or when being attacked;  normal ACL handling should
+# remove the links a user is not allowed to click on.
+if ($aclerr) {
+  $page = HTML::Template->new(filename => "aclerror.tmpl");
+  $page->param(ipdbfunc => $aclmsg{$aclerr});
+}
+
 
 # Clean up IPDB globals, DB handle, etc.
@@ -502 +512 @@
 
   if ($IPDBacl{$authuser} !~ /a/) {
-    printError("You shouldn't have been able to get here.  Access denied.");
+    $aclerr = 'addblock';
     return;
   }
@@ -605 +615 @@
 sub confirmAssign {
   if ($IPDBacl{$authuser} !~ /a/) {
-    printError("You shouldn't have been able to get here.  Access denied.");
+    $aclerr = 'addblock';
     return;
   }
@@ -777 +787 @@
 sub insertAssign {
   if ($IPDBacl{$authuser} !~ /a/) {
-    printError("You shouldn't have been able to get here.  Access denied.");
+    $aclerr = 'addblock';
     return;
   }
@@ -1021 +1031 @@
 sub update {
   if ($IPDBacl{$authuser} !~ /c/) {
-    printError("You shouldn't have been able to get here.  Access denied.");
+    $aclerr = 'updateblock';
     return;
   }
@@ -1125 +1135 @@
 sub remove {
   if ($IPDBacl{$authuser} !~ /d/) {
-    printError("You shouldn't have been able to get here.  Access denied.");
+    $aclerr = 'delblock';
     return;
   }
@@ -1210 +1220 @@
 sub finalDelete {
   if ($IPDBacl{$authuser} !~ /d/) {
-    $page->param(aclerr => 1);
+    $aclerr = 'delblock';
     return;
   }