Relintai/rcpp_framework
1
0
Fork 0
mirror of https://github.com/Relintai/rcpp_framework.git synced 2025-02-20 15:14:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Small comments for the future.

Browse Source
This commit is contained in:
Relintai 2021-11-10 20:41:58 +01:00
parent 39f90bae9e
commit 5872d9d74f
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
modules/rbac_users/rbac_user_controller.cpp
View File

@ -30,6 +30,8 @@ void RBACUserController::rbac_user_session_setup_middleware(Object *instance, Re
}
void RBACUserController::rbac_default_user_session_middleware(Object *instance, Request *request) {
//note: add a new file handler middleware func, so basic file handling is easy to set up before this
Ref<RBACRank> rank;
if (request->session) {
@ -68,6 +70,9 @@ void RBACUserController::rbac_default_user_session_middleware(Object *instance,
if (!rank->has_permission(request, RBAC_PERMISSION_READ)) {
if (rank->has_rank_permission(RBAC_RANK_PERMISSION_USE_REDIRECT)) {
//Note this can make the webapp prone to enumerations, if not done correctly
//e.g. redirect from /admin, but sending 404 on a non existing uri, which does not have
//a special rbac entry
request->send_redirect(RBACController::get_singleton()->get_redirect_url());
return;
}