tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix default behavior when none of the specified objects pass the user's permission filter 

fixes #11926
This commit is contained in:
Gunnar Beutner 2016-06-13 08:52:03 +02:00
parent a5abe1a972
commit 9e29a3f8a0
1 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/remote/filterutility.cpp
View File

@ -211,10 +211,13 @@ std::vector<Value> FilterUtility::GetFilterTargets(const QueryDescription& qd, c
attr = "name";
if (query->Contains(attr)) {
Object::Ptr target = provider->GetTargetByName(type, HttpUtility::GetLastParameter(query, attr));
String name = HttpUtility::GetLastParameter(query, attr);
Object::Ptr target = provider->GetTargetByName(type, name);
if (FilterUtility::EvaluateFilter(permissionFrame, permissionFilter, target))
result.push_back(target);
if (!FilterUtility::EvaluateFilter(permissionFrame, permissionFilter, target))
BOOST_THROW_EXCEPTION(ScriptError("Access denied to object '" + name + "' of type '" + type + "'"));
result.push_back(target);
}
attr = provider->GetPluralName(type);
@ -227,8 +230,10 @@ std::vector<Value> FilterUtility::GetFilterTargets(const QueryDescription& qd, c
BOOST_FOREACH(const String& name, names) {
Object::Ptr target = provider->GetTargetByName(type, name);
if (FilterUtility::EvaluateFilter(permissionFrame, permissionFilter, target))
result.push_back(target);
if (!FilterUtility::EvaluateFilter(permissionFrame, permissionFilter, target))
BOOST_THROW_EXCEPTION(ScriptError("Access denied to object '" + name + "' of type '" + type + "'"));
result.push_back(target);
}
}
}