Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-23 00:36:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

* [MOD] Improved template rendering

Browse Source 
* [MOD] Improved variable errors on templates
* [MOD] Improved security token behavior
* [MOD] Code refactoring

Signed-off-by: nuxsmin <nuxsmin@syspass.org>
This commit is contained in:
nuxsmin
2018-10-23 00:56:05 +02:00
parent e322563a66
commit e49526e594
147 changed files with 2613 additions and 1751 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
app/modules/web/Controllers/TrackController.php
View File

@@ -56,9 +56,12 @@ final class TrackController extends ControllerBase
* @throws \SP\Core\Exceptions\ConstraintException
* @throws \SP\Core\Exceptions\QueryException
* @throws UnauthorizedActionException
* @throws \SP\Core\Exceptions\SPException
*/
public function searchAction()
{
$this->checkSecurityToken($this->previousSk, $this->request);
if (!$this->acl->checkUserAccess(Acl::TRACK_SEARCH)) {
throw new UnauthorizedActionException(UnauthorizedActionException::ERROR);
}
@@ -98,11 +101,13 @@ final class TrackController extends ControllerBase
*/
public function unlockAction($id)
{
if (!$this->acl->checkUserAccess(Acl::TRACK_UNLOCK)) {
throw new UnauthorizedActionException(UnauthorizedActionException::ERROR);
}
try {
$this->checkSecurityToken($this->previousSk, $this->request);
if (!$this->acl->checkUserAccess(Acl::TRACK_UNLOCK)) {
throw new UnauthorizedActionException(UnauthorizedActionException::ERROR);
}
$this->trackService->unlock($id);
$this->eventDispatcher->notifyEvent('unlock.track', new Event($this));
@@ -123,11 +128,13 @@ final class TrackController extends ControllerBase
*/
public function clearAction()
{
if (!$this->acl->checkUserAccess(Acl::TRACK_CLEAR)) {
throw new UnauthorizedActionException(UnauthorizedActionException::ERROR);
}
try {
$this->checkSecurityToken($this->previousSk, $this->request);
if (!$this->acl->checkUserAccess(Acl::TRACK_CLEAR)) {
throw new UnauthorizedActionException(UnauthorizedActionException::ERROR);
}
$this->trackService->clear();
$this->eventDispatcher->notifyEvent('clear.track', new Event($this));