Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-08 06:16:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

security check for user creation

Browse Source
This commit is contained in:
Usman Nasir
2020-01-21 19:53:58 +05:00
parent ec644f12ee
commit 2756293046
1 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
userManagment/views.py
View File

@@ -91,7 +91,6 @@ def apiAccess(request):
logging.CyberCPLogFileWriter.writeToFile(str(msg)) logging.CyberCPLogFileWriter.writeToFile(str(msg))
return redirect(loadLoginPage) return redirect(loadLoginPage)
def saveChangesAPIAccess(request): def saveChangesAPIAccess(request):
try: try:
userID = request.session['userID'] userID = request.session['userID']
@@ -123,7 +122,6 @@ def saveChangesAPIAccess(request):
json_data = json.dumps(finalResponse) json_data = json.dumps(finalResponse)
return HttpResponse(json_data) return HttpResponse(json_data)
def submitUserCreation(request): def submitUserCreation(request):
try: try:
@@ -200,6 +198,13 @@ def submitUserCreation(request):
newAdmin.save() newAdmin.save()
elif currentACL['createNewUser'] == 1: elif currentACL['createNewUser'] == 1:
if selectedACL != 'user':
data_ret = {'status': 0, 'createStatus': 0,
'error_message': "You are not authorized to access this resource."}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
newAdmin = Administrator(firstName=firstName, newAdmin = Administrator(firstName=firstName,
lastName=lastName, lastName=lastName,
email=email, email=email,