r3870 - in trunk/varnish-tools/webgui: Varnish templates

petter at projects.linpro.no petter at projects.linpro.no
Tue Mar 3 16:25:45 CET 2009 

Author: petter
Date: 2009-03-03 16:25:44 +0100 (Tue, 03 Mar 2009)
New Revision: 3870

Added:
   trunk/varnish-tools/webgui/templates/access_denied.tmpl
Modified:
   trunk/varnish-tools/webgui/Varnish/RequestHandler.pm
Log:
Added real restrictions in the backend as well.


Modified: trunk/varnish-tools/webgui/Varnish/RequestHandler.pm
===================================================================
--- trunk/varnish-tools/webgui/Varnish/RequestHandler.pm	2009-03-03 14:33:57 UTC (rev 3869)
+++ trunk/varnish-tools/webgui/Varnish/RequestHandler.pm	2009-03-03 15:25:44 UTC (rev 3870)
@@ -71,6 +71,11 @@
 		return %parameter;
 	}
 
+	sub _access_denied {
+
+		return ("access_denied.tmpl", undef);
+	}
+
 	sub process {
 		my ($self) = @_;
 
@@ -113,7 +118,12 @@
 			($content_template, $param) = management_console(\%request_parameter);
 		}
 		elsif ($operation eq 'send_management_command') {
-			$response_content = send_management_command(\%request_parameter);
+			if (get_config_value('restricted')) {
+				($content_template, $param) = _access_denied();
+			}
+			else {
+				$response_content = send_management_command(\%request_parameter);
+			}
 		}
 		elsif ($operation eq 'generate_graph') {
 			$response_header_ref_of{$self}->{'Content-Type'} = "image/png";
@@ -127,7 +137,7 @@
 			$response_content = "Ok";
 		}
 		else {
-			return;
+			($content_template, $param) = _access_denied();
 		}
 
 		$response_header_ref_of{$self}->{'Connection'} = "Close";
@@ -196,6 +206,12 @@
 		my $successfull_save = 0;
 		my $editing_new_vcl = 0;
 
+		if (get_config_value('restricted')
+			&& $param{'operation'}
+			&& $param{'operation'} ne 'load') {
+			return _access_denied();
+		}
+
 		if ($param{'operation'} eq "make_active") {
 			my $unit;
 			if ($param{'is_node'}) {
@@ -619,6 +635,10 @@
 		my $nodes_ref = Varnish::NodeManager->get_nodes();
 		my $groups_ref = Varnish::NodeManager->get_groups();
 		if (%changed_parameter) {
+			if (get_config_value('restricted')) {
+				return _access_denied();
+			}
+
 			my $unit_name;
 			my $node = Varnish::NodeManager->get_node($param{'node_id'});
 			if ($node) {
@@ -767,6 +787,11 @@
 		my $error = "";
 		my $status = "";
 
+		if (get_config_value('restricted')
+			&& $param{'operation'} ne '') {
+			return _access_denied();
+		}
+
 		if ($param{'operation'} eq "add_group") {
 			if ($param{'group_name'}) {
 				my $new_group = Varnish::Group->new({name => $param{'group_name'}});

Added: trunk/varnish-tools/webgui/templates/access_denied.tmpl
===================================================================
--- trunk/varnish-tools/webgui/templates/access_denied.tmpl	                        (rev 0)
+++ trunk/varnish-tools/webgui/templates/access_denied.tmpl	2009-03-03 15:25:44 UTC (rev 3870)
@@ -0,0 +1 @@
+Acess denied

More information about the varnish-commit mailing list