projects
/
srvx.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
0c502b5
)
added access restriction to oset (access to the active fakehost should also be required!)
author
pk910
<philipp@zoelle1.de>
Tue, 8 Jan 2013 02:36:32 +0000
(
03:36
+0100)
committer
pk910
<philipp@zoelle1.de>
Tue, 8 Jan 2013 02:59:05 +0000
(
03:59
+0100)
src/mod-hostserv.c
patch
|
blob
|
history
diff --git
a/src/mod-hostserv.c
b/src/mod-hostserv.c
index 84094d2b76f6ca47d7e9456047eb3f6ca877d176..e4b6124940bb95c416de38935e0458f7a2c86884 100644
(file)
--- a/
src/mod-hostserv.c
+++ b/
src/mod-hostserv.c
@@
-29,7
+29,7
@@
* "manager_can_del_toplevel" "0"; //managers of a toplevel group may delete the whole group
* "manager_can_rename_secondlevel" "0"; //managers of a secondlevel group may rename the whole group
* "manager_can_del_secondlevel" "0"; //managers of a secondlevel group may delete the whole group
* "manager_can_del_toplevel" "0"; //managers of a toplevel group may delete the whole group
* "manager_can_rename_secondlevel" "0"; //managers of a secondlevel group may rename the whole group
* "manager_can_del_secondlevel" "0"; //managers of a secondlevel group may delete the whole group
- *
"manager_toplevel_can_oset" "0"; //managers of a toplevel group can set other user's fakehosts
+ * "manager_toplevel_can_oset" "0"; //managers of a toplevel group can set other user's fakehosts
* "manager_secondlevel_can_oset" "0"; //managers of a secondlevel group can set other user's fakehosts
* };
* };
* "manager_secondlevel_can_oset" "0"; //managers of a secondlevel group can set other user's fakehosts
* };
* };
@@
-1182,11
+1182,17
@@
static MODCMD_FUNC(cmd_oset) {
return 0;
}
struct hs_user *hs_user = hs_get_user(hi, 1);
return 0;
}
struct hs_user *hs_user = hs_get_user(hi, 1);
+ for(assignment = hs_user->assignments; assignment; assignment = assignment->unext) {
+ if(assignment->active)
+ break;
+ }
+ if(assignment && !check_management_access(user->handle_info, (hostserv_conf.manager_toplevel_can_oset ? assignment->secondlevel->toplevel : NULL), (hostserv_conf.manager_secondlevel_can_oset ? assignment->secondlevel : NULL))) {
+ reply("HSMSG_ACCESS_DENIED");
+ return 0;
+ }
if(!strcmp(argv[1], "*")) {
if(!strcmp(argv[1], "*")) {
- if(!check_management_access(user->handle_info, NULL, NULL)) {
- reply("HSMSG_ACCESS_DENIED");
- return 0;
- }
+ if(!assignment)
+ return 0; //simply ignore (there is no assignment in use)
hs_activate_assignment(hs_user, NULL);
return 1;
} else {
hs_activate_assignment(hs_user, NULL);
return 1;
} else {
@@
-1195,8
+1201,8
@@
static MODCMD_FUNC(cmd_oset) {
reply("HSMSG_TOPLEVEL_INVALID", fakehost);
return 0;
} else if(fhinfo.parse_state == HS_FHPARSE_UNKNOWN || !fhinfo.slfh) {
reply("HSMSG_TOPLEVEL_INVALID", fakehost);
return 0;
} else if(fhinfo.parse_state == HS_FHPARSE_UNKNOWN || !fhinfo.slfh) {
- reply("HSMSG_UNKNOWN_FAKEHOST", fhinfo.slfh_name, fhinfo.tlfh_name);
- return 0;
+
reply("HSMSG_UNKNOWN_FAKEHOST", fhinfo.slfh_name, fhinfo.tlfh_name);
+
return 0;
}
if(!check_management_access(user->handle_info, (hostserv_conf.manager_toplevel_can_oset ? fhinfo.tlfh : NULL), (hostserv_conf.manager_secondlevel_can_oset ? fhinfo.slfh : NULL))) {
reply("HSMSG_ACCESS_DENIED");
}
if(!check_management_access(user->handle_info, (hostserv_conf.manager_toplevel_can_oset ? fhinfo.tlfh : NULL), (hostserv_conf.manager_secondlevel_can_oset ? fhinfo.slfh : NULL))) {
reply("HSMSG_ACCESS_DENIED");