Merge pull request #111 from Tsu-ba-me/issues/7-protect-endpoints

Web UI: add login cookie guard to all endpoints included in release
main
Digimer 4 years ago committed by GitHub
commit 5874c40901
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 9
      cgi-bin/get_anvils
  2. 9
      cgi-bin/get_cpu
  3. 9
      cgi-bin/get_memory
  4. 9
      cgi-bin/get_networks
  5. 9
      cgi-bin/get_replicated_storage
  6. 9
      cgi-bin/get_servers
  7. 9
      cgi-bin/get_shared_storage
  8. 9
      cgi-bin/get_status
  9. 9
      cgi-bin/set_membership
  10. 9
      cgi-bin/set_power
  11. 1
      share/words.xml

@ -31,6 +31,15 @@ if (not $anvil->data->{sys}{database}{connections})
$anvil->nice_exit({exit_code => 1}); $anvil->nice_exit({exit_code => 1});
} }
my $cookie_problem = $anvil->Account->read_cookies();
# Don't do anything data-related if the user is not logged in.
if ($cookie_problem)
{
$anvil->Log->entry({ source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0307" });
$anvil->nice_exit({ exit_code => 1 });
}
# Read in any CGI variables, if needed. # Read in any CGI variables, if needed.
$anvil->Get->cgi(); $anvil->Get->cgi();

@ -31,6 +31,15 @@ if (not $anvil->data->{sys}{database}{connections})
$anvil->nice_exit({exit_code => 1}); $anvil->nice_exit({exit_code => 1});
} }
my $cookie_problem = $anvil->Account->read_cookies();
# Don't do anything data-related if the user is not logged in.
if ($cookie_problem)
{
$anvil->Log->entry({ source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0307" });
$anvil->nice_exit({ exit_code => 1 });
}
# Read in any CGI variables, if needed. # Read in any CGI variables, if needed.
$anvil->Get->cgi(); $anvil->Get->cgi();

@ -31,6 +31,15 @@ if (not $anvil->data->{sys}{database}{connections})
$anvil->nice_exit({exit_code => 1}); $anvil->nice_exit({exit_code => 1});
} }
my $cookie_problem = $anvil->Account->read_cookies();
# Don't do anything data-related if the user is not logged in.
if ($cookie_problem)
{
$anvil->Log->entry({ source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0307" });
$anvil->nice_exit({ exit_code => 1 });
}
# Read in any CGI variables, if needed. # Read in any CGI variables, if needed.
$anvil->Get->cgi(); $anvil->Get->cgi();

@ -202,6 +202,15 @@ if (not $anvil->data->{sys}{database}{connections})
$anvil->nice_exit({exit_code => 1}); $anvil->nice_exit({exit_code => 1});
} }
my $cookie_problem = $anvil->Account->read_cookies();
# Don't do anything data-related if the user is not logged in.
if ($cookie_problem)
{
$anvil->Log->entry({ source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0307" });
$anvil->nice_exit({ exit_code => 1 });
}
# Read in any CGI variables, if needed. # Read in any CGI variables, if needed.
$anvil->Get->cgi(); $anvil->Get->cgi();

@ -31,6 +31,15 @@ if (not $anvil->data->{sys}{database}{connections})
$anvil->nice_exit({exit_code => 1}); $anvil->nice_exit({exit_code => 1});
} }
my $cookie_problem = $anvil->Account->read_cookies();
# Don't do anything data-related if the user is not logged in.
if ($cookie_problem)
{
$anvil->Log->entry({ source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0307" });
$anvil->nice_exit({ exit_code => 1 });
}
# Read in any CGI variables, if needed. # Read in any CGI variables, if needed.
$anvil->Get->cgi(); $anvil->Get->cgi();

@ -31,6 +31,15 @@ if (not $anvil->data->{sys}{database}{connections})
$anvil->nice_exit({exit_code => 1}); $anvil->nice_exit({exit_code => 1});
} }
my $cookie_problem = $anvil->Account->read_cookies();
# Don't do anything data-related if the user is not logged in.
if ($cookie_problem)
{
$anvil->Log->entry({ source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0307" });
$anvil->nice_exit({ exit_code => 1 });
}
# Read in any CGI variables, if needed. # Read in any CGI variables, if needed.
$anvil->Get->cgi(); $anvil->Get->cgi();

@ -113,6 +113,15 @@ if (not $anvil->data->{sys}{database}{connections})
$anvil->nice_exit({exit_code => 1}); $anvil->nice_exit({exit_code => 1});
} }
my $cookie_problem = $anvil->Account->read_cookies();
# Don't do anything data-related if the user is not logged in.
if ($cookie_problem)
{
$anvil->Log->entry({ source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0307" });
$anvil->nice_exit({ exit_code => 1 });
}
# Read in any CGI variables, if needed. # Read in any CGI variables, if needed.
$anvil->Get->cgi(); $anvil->Get->cgi();

@ -31,6 +31,15 @@ if (not $anvil->data->{sys}{database}{connections})
$anvil->nice_exit({exit_code => 1}); $anvil->nice_exit({exit_code => 1});
} }
my $cookie_problem = $anvil->Account->read_cookies();
# Don't do anything data-related if the user is not logged in.
if ($cookie_problem)
{
$anvil->Log->entry({ source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0307" });
$anvil->nice_exit({ exit_code => 1 });
}
# Read in any CGI variables, if needed. # Read in any CGI variables, if needed.
$anvil->Get->cgi(); $anvil->Get->cgi();

@ -166,6 +166,15 @@ if (not $anvil->data->{sys}{database}{connections})
$anvil->nice_exit({exit_code => 1}); $anvil->nice_exit({exit_code => 1});
} }
my $cookie_problem = $anvil->Account->read_cookies();
# Don't do anything data-related if the user is not logged in.
if ($cookie_problem)
{
$anvil->Log->entry({ source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0307" });
$anvil->nice_exit({ exit_code => 1 });
}
# Read in any CGI variables, if needed. # Read in any CGI variables, if needed.
$anvil->Get->cgi(); $anvil->Get->cgi();

@ -125,6 +125,15 @@ if (not $anvil->data->{sys}{database}{connections})
$anvil->nice_exit({exit_code => 1}); $anvil->nice_exit({exit_code => 1});
} }
my $cookie_problem = $anvil->Account->read_cookies();
# Don't do anything data-related if the user is not logged in.
if ($cookie_problem)
{
$anvil->Log->entry({ source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0307" });
$anvil->nice_exit({ exit_code => 1 });
}
# Read in any CGI variables, if needed. # Read in any CGI variables, if needed.
$anvil->Get->cgi(); $anvil->Get->cgi();

@ -418,6 +418,7 @@ The attempt to start the servers appears to have failed. The return code '0' was
<key name="error_0304">Failed to parse the request body: [#!variable!request_body_string!#]. Reason: [#!variable!json_decode_error!#]</key> <key name="error_0304">Failed to parse the request body: [#!variable!request_body_string!#]. Reason: [#!variable!json_decode_error!#]</key>
<key name="error_0305">Unable to connect to the database, unable to manage a server at this time.</key> <key name="error_0305">Unable to connect to the database, unable to manage a server at this time.</key>
<key name="error_0306">Unable to connect to the database, unable to provision a server at this time.</key> <key name="error_0306">Unable to connect to the database, unable to provision a server at this time.</key>
<key name="error_0307">Failed to perform requested task(s) because the requester is not authenticated.</key>
<!-- Files templates --> <!-- Files templates -->
<!-- NOTE: Translating these files requires an understanding of which lines are translatable --> <!-- NOTE: Translating these files requires an understanding of which lines are translatable -->

Loading…
Cancel
Save