Autres/Rivendellaudio
1
0
Fork 0
mirror of https://github.com/ElvishArtisan/rivendell.git synced 2025-05-30 15:42:34 +02:00
Code Issues Projects Releases Wiki Activity

2020-11-16 Fred Gleason <fredg@paravelsystems.com>

Browse Source 
* Modified the Webget service to require the 'Create Carts'
	priviledge in order to upload content.

Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
Fred Gleason 2020-11-16 18:59:54 -05:00
parent 986eb33038
commit 4b76e2e79e
2 changed files with 54 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -20589,3 +20589,6 @@
2020-11-16 Fred Gleason <fredg@paravelsystems.com>
* Modified the 'Encoder Profiles' dialog in rdadmin to left-justify
the 'Name' column.
2020-11-16 Fred Gleason <fredg@paravelsystems.com>
* Modified the Webget service to require the 'Create Carts'
priviledge in order to upload content.

18
web/webget/webget.cpp
View File

@ -341,6 +341,14 @@ void MainObject::GetAudio()
void MainObject::PutAudio()
{
if(!rda->user()->createCarts()) {
rda->syslog(LOG_WARNING,"user \"%s\" lacks CreateCarts permission",
rda->user()->name().toUtf8().constData());
rda->logAuthenticationFailure(webget_post->clientAddress());
ServeLogin(403);
Exit(0);
}
QString group_name;
if(!webget_post->getValue("group",&group_name)) {
rda->syslog(LOG_WARNING,"missing \"group\" in put submission");
@ -348,6 +356,14 @@ void MainObject::PutAudio()
TextExit("missing \"group\"",400,LINE_NUMBER);
Exit(0);
}
if(!rda->user()->groupAuthorized(group_name)) {
rda->syslog(LOG_WARNING,"user \"%s\" lacks permission for group \"%s\"",
rda->user()->name().toUtf8().constData(),
group_name.toUtf8().constData());
rda->logAuthenticationFailure(webget_post->clientAddress());
ServeLogin(403);
Exit(0);
}
QString filename;
if(!webget_post->getValue("filename",&filename)) {
@ -509,6 +525,7 @@ void MainObject::ServeForm()
//
// Put Audio
//
if(rda->user()->createCarts()) {
printf(" <tr>\n");
printf(" <td colspan=\"2\"><strong>Put audio into Rivendell</strong></td>\n");
printf(" </tr>\n");
@ -544,6 +561,7 @@ void MainObject::ServeForm()
printf(" <td style=\"text-align: right\" id=\"put_spinner\">&nbsp;</td>\n");
printf(" <td><input type=\"button\" value=\"OK\" id=\"put_button\" onclick=\"ProcessPut()\" disabled></td>\n");
printf(" </tr>\n");
}
//
// Footer