maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

allow DnsZone functions only if dns-editor is enabled AND the customer is allowed to use it

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2019-02-13 21:51:24 +01:00
parent fbcba3ef4e
commit 8cebcc8a5d
1 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
lib/Froxlor/Api/Commands/DomainZones.php
View File

@@ -47,7 +47,11 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
public function add() public function add()
{ {
if (Settings::Get('system.dnsenabled') != '1') { if (Settings::Get('system.dnsenabled') != '1') {
throw new \Exception("DNS server not enabled on this system", 405); throw new \Exception("DNS service not enabled on this system", 405);
}
if ($this->isAdmin() == false && $this->getUserDetail('dnsenabled') != '1') {
throw new \Exception("You cannot access this resource", 405);
} }
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
@@ -307,7 +311,11 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
public function get() public function get()
{ {
if (Settings::Get('system.dnsenabled') != '1') { if (Settings::Get('system.dnsenabled') != '1') {
throw new \Exception("DNS server not enabled on this system", 405); throw new \Exception("DNS service not enabled on this system", 405);
}
if ($this->isAdmin() == false && $this->getUserDetail('dnsenabled') != '1') {
throw new \Exception("You cannot access this resource", 405);
} }
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
@@ -370,7 +378,11 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
public function delete() public function delete()
{ {
if (Settings::Get('system.dnsenabled') != '1') { if (Settings::Get('system.dnsenabled') != '1') {
throw new \Exception("DNS server not enabled on this system", 405); throw new \Exception("DNS service not enabled on this system", 405);
}
if ($this->isAdmin() == false && $this->getUserDetail('dnsenabled') != '1') {
throw new \Exception("You cannot access this resource", 405);
} }
$entry_id = $this->getParam('entry_id'); $entry_id = $this->getParam('entry_id');