Congegni
/
libretime
mirror of https://github.com/libretime/libretime.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed incorrect authorization for ShowImage API

This commit is contained in:
Albert Santoni 2015-02-18 18:34:52 -05:00
parent 0535626df1
commit 08c53a9292
2 changed files with 2 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
airtime_mvc/application/configs/ACL.php
View File

@ -54,7 +54,8 @@ $ccAcl->allow('G', 'index')
->allow('G', 'upgrade') ->allow('G', 'upgrade')
->allow('G', 'provisioning') ->allow('G', 'provisioning')
->allow('G', 'downgrade') ->allow('G', 'downgrade')
->allow('G', 'rest:show-image') ->allow('G', 'rest:show-image', 'get')
->allow('H', 'rest:show-image')
->allow('G', 'rest:media', 'get') ->allow('G', 'rest:media', 'get')
->allow('H', 'rest:media') ->allow('H', 'rest:media')
->allow('H', 'preference', 'is-import-in-progress') ->allow('H', 'preference', 'is-import-in-progress')

12
airtime_mvc/application/modules/rest/controllers/ShowImageController.php
View File

@ -40,12 +40,6 @@ class Rest_ShowImageController extends Zend_Rest_Controller {
* RESTful POST endpoint; used when uploading show images * RESTful POST endpoint; used when uploading show images
*/ */
public function postAction() { public function postAction() {
if (!RestAuth::verifyAuth(true, true)) {
$this->getResponse()
->setHttpResponseCode(401)
->appendBody("Authentication failed");
return;
}
$showId = $this->getShowId(); $showId = $this->getShowId();
@ -89,12 +83,6 @@ class Rest_ShowImageController extends Zend_Rest_Controller {
* RESTful DELETE endpoint; used when deleting show images * RESTful DELETE endpoint; used when deleting show images
*/ */
public function deleteAction() { public function deleteAction() {
if (!RestAuth::verifyAuth(true, true)) {
$this->getResponse()
->setHttpResponseCode(401)
->appendBody("Authentication failed");
return;
}
$showId = $this->getShowId(); $showId = $this->getShowId();