HSAdmin Backend Domains, E-Mail, Datenbanken
Peter Hormanns
2012-07-18 a377ffff3e011e42a4c22dcef0fce9d43f573417
Authorization
1 files modified
7 ■■■■ changed files
hsarback/src/de/hsadmin/mods/dom/DomainModuleImpl.java 7 ●●●● patch | view | raw | blame | history
hsarback/src/de/hsadmin/mods/dom/DomainModuleImpl.java
@@ -151,7 +151,7 @@
            throw new HSAdminException("domain admin required");
        }
        if (!admin.getName().equals(oldDom.getUser().getName())) {
            throw new AuthorisationException(loginUser, "update", existingEntity);
            throw new AuthorisationException(loginUser, "update", existingEntity, "user");
        }
        Query q = em.createQuery("SELECT opt FROM " + 
                DomainOption.class.getAnnotation(javax.persistence.Entity.class).name() +
@@ -208,11 +208,14 @@
            String aLoginUserName = loginUser.getName();
            UnixUser domUser = dom.getUser();
            Pac domPac = domUser.getPac();
            boolean isDomAdmin = aLoginUserName.equals(domUser.getName());
            boolean isPacAdmin = loginUser.hasPacAdminRoleFor(domPac);
            boolean isCustomer = aLoginUserName.equals(domPac.getCustomer().getName());
            boolean isHostmaster = loginUser.hasHostmasterRole();
            if (!isPacAdmin && !isCustomer && !isHostmaster) {
                throw new AuthorisationException(loginUser, method, dom);
                if (!isDomAdmin && !"update".equals(method)) {
                    throw new AuthorisationException(loginUser, method, dom);
                }
            }
            if (dom.isPacDomain() && !dom.getUser().getName().equals(domPac.getName())) {
                throw new AuthorisationException(loginUser, method, dom);