Author: sevein
Date: Fri Aug 5 12:50:06 2011
New Revision: 9439
Log:
Check credentials in plugin admin page using ACL
Deleted:
trunk/apps/qubit/modules/sfPluginAdminPlugin/
trunk/plugins/sfPluginAdminPlugin/modules/sfPluginAdminPlugin/config/security.yml
Modified:
trunk/plugins/sfPluginAdminPlugin/modules/sfPluginAdminPlugin/actions/indexAction.class.php
Modified:
trunk/plugins/sfPluginAdminPlugin/modules/sfPluginAdminPlugin/actions/indexAction.class.php
==============================================================================
---
trunk/plugins/sfPluginAdminPlugin/modules/sfPluginAdminPlugin/actions/indexAction.class.php
Fri Aug 5 12:37:32 2011 (r9438)
+++
trunk/plugins/sfPluginAdminPlugin/modules/sfPluginAdminPlugin/actions/indexAction.class.php
Fri Aug 5 12:50:06 2011 (r9439)
@@ -23,6 +23,11 @@
{
$this->form = new sfForm;
+ if (!$this->context->user->hasCredential('administrator'))
+ {
+ QubitAcl::forwardUnauthorized();
+ }
+
$criteria = new Criteria;
$criteria->add(QubitSetting::NAME, 'plugins');
if (1 == count($query = QubitSetting::get($criteria)))
--
You received this message because you are subscribed to the Google Groups
"Qubit Toolkit Commits" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/qubit-commits?hl=en.
