mirror/zoneminder
1
0
Fork 0
mirror of https://github.com/ZoneMinder/zoneminder.git synced 2026-05-13 09:04:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

add back the ZM_OPT_USE_AUTH test for being logged in in AppController

Browse Source
This commit is contained in:
Isaac Connor
2018-07-24 12:01:40 -04:00
parent 08d3f98e5e
commit 3255a2829f
1 changed files with 14 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
web/api/app/Controller/AppController.php
View File

@@ -75,18 +75,20 @@ class AppController extends Controller {
global $user;
$user = $this->Session->read('user');
// We need to reject methods that are not authenticated
// besides login and logout
if ( strcasecmp($this->params->action, 'login') &&
strcasecmp($this->params->action, 'logout')) {
if ( !$this->Session->read('user.Username') ) {
throw new UnauthorizedException(__('Not Authenticated'));
return;
} else if ( !$this->Session->read('user.Enabled') ) {
throw new UnauthorizedException(__('User is not enabled'));
return;
}
} # end if ! login or logout
if ( ZM_OPT_USE_AUTH ) {
// We need to reject methods that are not authenticated
// besides login and logout
if ( strcasecmp($this->params->action, 'login') &&
strcasecmp($this->params->action, 'logout')) {
if ( !( $user and $user['Username'] ) ) {
throw new UnauthorizedException(__('Not Authenticated'));
return;
} else if ( !( $user and $user['Enabled'] ) ) {
throw new UnauthorizedException(__('User is not enabled'));
return;
}
} # end if ! login or logout
} # end if ZM_OPT_AUTH
} # end function beforeFilter()
}