Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-07 05:45:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

security fix: CP-11: Admin Packages Delete Package

Browse Source
This commit is contained in:
Usman Nasir
2021-08-02 12:21:11 +05:00
parent c0a8aee7d7
commit a84e2c29b2
2 changed files with 18 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
packages/packagesManager.py
View File

@@ -109,6 +109,12 @@ class PackagesManager:
packageName = data['packageName']
delPackage = Package.objects.get(packageName=packageName)
## Check package ownership
admin = Administrator.objects.get(pk=userID)
if ACLManager.CheckPackageOwnership(delPackage, admin, currentACL) == 0:
return ACLManager.loadErrorJson('deleteStatus', 0)
delPackage.delete()
data_ret = {'status': 1, 'deleteStatus': 1, 'error_message': "None"}