25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-28 16:34:13 +01:00

Hardcode ACL rules used by ejabberd_web_admin

This commit is contained in:
Evgeniy Khramtsov 2018-03-19 12:29:07 +03:00
parent 7ba6fae67c
commit e1e7986918

View File

@ -74,21 +74,15 @@ get_acl_rule([<<"vhosts">>], _) ->
%% The pages of a vhost are only accesible if the user is admin of that vhost: %% The pages of a vhost are only accesible if the user is admin of that vhost:
get_acl_rule([<<"server">>, VHost | _RPath], Method) get_acl_rule([<<"server">>, VHost | _RPath], Method)
when Method =:= 'GET' orelse Method =:= 'HEAD' -> when Method =:= 'GET' orelse Method =:= 'HEAD' ->
AC = ejabberd_config:get_option({access, VHost}, configure), {VHost, [configure, webadmin_view]};
ACR = ejabberd_config:get_option({access_readonly, VHost}, webadmin_view),
{VHost, [AC, ACR]};
get_acl_rule([<<"server">>, VHost | _RPath], 'POST') -> get_acl_rule([<<"server">>, VHost | _RPath], 'POST') ->
AC = ejabberd_config:get_option({access, VHost}, configure), {VHost, [configure]};
{VHost, [AC]};
%% Default rule: only global admins can access any other random page %% Default rule: only global admins can access any other random page
get_acl_rule(_RPath, Method) get_acl_rule(_RPath, Method)
when Method =:= 'GET' orelse Method =:= 'HEAD' -> when Method =:= 'GET' orelse Method =:= 'HEAD' ->
AC = ejabberd_config:get_option(access, configure), {global, [configure, webadmin_view]};
ACR = ejabberd_config:get_option(access_readonly, webadmin_view),
{global, [AC, ACR]};
get_acl_rule(_RPath, 'POST') -> get_acl_rule(_RPath, 'POST') ->
AC = ejabberd_config:get_option(access, configure), {global, [configure]}.
{global, [AC]}.
%%%================================== %%%==================================
%%%% Menu Items Access %%%% Menu Items Access