Updates for blocking account settings in LDAP auth mode.

2024-09-20 14:25:43 +00:00 · 2016-10-25 16:20:42 +08:00 · 2016-10-25 16:20:42 +08:00 · 45803b53e1
commit 45803b53e1
parent ce7b556e84
5 changed files with 23 additions and 1 deletions
--- a/src/ui/controllers/accountsetting.go
+++ b/src/ui/controllers/accountsetting.go
@ -1,5 +1,9 @@
 package controllers

+import (
+	"net/http"
+)
+
 // AccountSettingController handles request to /account_setting
 type AccountSettingController struct {
 	BaseController
@ -7,5 +11,8 @@ type AccountSettingController struct {

 // Get renders the account settings page
 func (asc *AccountSettingController) Get() {
+	if asc.AuthMode != "db_auth" {
+		asc.CustomAbort(http.StatusForbidden, "")
+	}
 	asc.Forward("page_title_account_setting", "account-settings.htm")
 }
--- a/src/ui/controllers/changepassword.go
+++ b/src/ui/controllers/changepassword.go
@ -1,5 +1,9 @@
 package controllers

+import (
+	"net/http"
+)
+
 // ChangePasswordController handles request to /change_password
 type ChangePasswordController struct {
 	BaseController
@ -7,5 +11,8 @@ type ChangePasswordController struct {

 // Get renders the change password page
 func (asc *ChangePasswordController) Get() {
+	if asc.AuthMode != "db_auth" {
+		asc.CustomAbort(http.StatusForbidden, "")
+	}
 	asc.Forward("page_title_change_password", "change-password.htm")
 }
--- a/src/ui/controllers/optionalmenu.go
+++ b/src/ui/controllers/optionalmenu.go
@ -19,6 +19,7 @@ func (omc *OptionalMenuController) Get() {

 	var hasLoggedIn bool
 	var allowAddNew bool
+	var allowSettingAccount bool

 	if sessionUserID != nil {
 		hasLoggedIn = true
@ -34,6 +35,10 @@ func (omc *OptionalMenuController) Get() {
 		}
 		omc.Data["Username"] = u.Username

+		if omc.AuthMode == "db_auth" {
+			allowSettingAccount = true
+		}
+
 		isAdmin, err := dao.IsAdminRole(sessionUserID.(int))
 		if err != nil {
 			log.Errorf("Error occurred in IsAdminRole: %v", err)
@ -45,6 +50,7 @@ func (omc *OptionalMenuController) Get() {
 		}
 	}
 	omc.Data["AddNew"] = allowAddNew
+	omc.Data["SettingAccount"] = allowSettingAccount
 	omc.Data["HasLoggedIn"] = hasLoggedIn
 	omc.TplName = "optional-menu.htm"
 	omc.Render()
--- a/src/ui/controllers/signup.go
+++ b/src/ui/controllers/signup.go
@ -12,7 +12,7 @@ type SignUpController struct {
 // Get renders sign up page
 func (suc *SignUpController) Get() {
 	if suc.AuthMode != "db_auth" || !suc.SelfRegistration {
-		suc.CustomAbort(http.StatusUnauthorized, "Status unauthorized.")
+		suc.CustomAbort(http.StatusForbidden, "")
 	}
 	suc.Data["AddNew"] = false
 	suc.Forward("page_title_sign_up", "sign-up.htm")
--- a/src/ui/views/optional-menu.htm
+++ b/src/ui/views/optional-menu.htm
@ -21,7 +21,9 @@
    {{ if eq .AddNew true }}
    <li><a href="/add_new"><span class="glyphicon glyphicon-plus"></span>&nbsp;&nbsp;// 'add_new_title' | tr //</a></li>
    {{ end }}
+    {{ if eq .SettingAccount true }}
    <li><a href="/account_setting"><span class="glyphicon glyphicon-pencil"></span>&nbsp;&nbsp;// 'account_setting' | tr //</a></li>
+    {{ end }}
    <li class="dropdown-submenu">
      <a tabindex="-1" href="#"><span class="glyphicon glyphicon-globe"></span>&nbsp;&nbsp;//vm.languageName//</a>
      <ul class="dropdown-menu">