[geeklog-cvs] Geeklog-1.x/system lib-webservices.php,1.31,1.32

Dirk Haun dhaun at qs1489.pair.com
Sun Jan 6 15:44:12 EST 2008 

Update of /cvsroot/geeklog/Geeklog-1.x/system
In directory qs1489.pair.com:/tmp/cvs-serv70631/system

Modified Files:
	lib-webservices.php 
Log Message:
It is now possible to restrict access to the Webservices to users with 'webservices.atompub' rights


Index: lib-webservices.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/system/lib-webservices.php,v
retrieving revision 1.31
retrieving revision 1.32
diff -C2 -d -r1.31 -r1.32
*** lib-webservices.php	6 Jan 2008 08:32:53 -0000	1.31
--- lib-webservices.php	6 Jan 2008 20:44:10 -0000	1.32
***************
*** 763,769 ****
--- 763,793 ----
  
      if ($status == USER_ACCOUNT_ACTIVE) {
+ 
          $_USER = SESS_getUserDataFromId($uid);
          PLG_loginUser($_USER['uid']);
  
+         // Global array of groups current user belongs to
+         $_GROUPS = SEC_getUserGroups($_USER['uid']);
+ 
+         // Global array of current user permissions [read,edit]
+         $_RIGHTS = explode(',', SEC_getUserPermissions());
+ 
+         if ($_CONF['restrict_webservices']) {
+             if (!SEC_hasRights('webservices.atompub')) {
+                 COM_updateSpeedlimit('wsauth');
+ 
+                 if ($WS_VERBOSE) {
+                     COM_errorLog("WS: User '{$_USER['username']}' ({$_USER['uid']}) does not have permission to use the webservices");
+                 }
+ 
+                 // reset user, groups, and rights, just in case ...
+                 $_USER   = array();
+                 $_GROUPS = array();
+                 $_RIGHTS = array();
+ 
+                 WS_error(PLG_RET_AUTH_FAILED);
+             }
+         }
+ 
          if ($WS_VERBOSE) {
              COM_errorLog("WS: User '{$_USER['username']}' ({$_USER['uid']}) successfully logged in");
***************
*** 790,809 ****
          WS_error(PLG_RET_AUTH_FAILED);
      }
- 
-     /**
-     * Global array of groups current user belongs to
-     */
- 
-     if (!COM_isAnonUser()) {
-         $_GROUPS = SEC_getUserGroups($_USER['uid']);
-     } else {
-         $_GROUPS = SEC_getUserGroups(1);
-     }
- 
-     /**
-     * Global array of current user permissions [read,edit]
-     */
- 
-     $_RIGHTS = explode(',', SEC_getUserPermissions());
  }
  
--- 814,817 ----

More information about the geeklog-cvs mailing list