diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2016-07-06 18:07:22 +0100 |
|---|---|---|
| committer | Dave Arter <davea@mysociety.org> | 2016-07-19 17:56:22 +0100 |
| commit | 6afbfe45183412e35e8e846fd0d4a9d846c8644b (patch) | |
| tree | 3f5cb6173c08a571811f0a31508b45acf31d69f7 /perllib/FixMyStreet/App/Controller/Auth.pm | |
| parent | 65545553b5171f1ef1d611ea93c38f138451fb31 (diff) | |
Use normal user authentication to control access to /admin
- Adds is_superuser flag to User
- Logged-in user must be a superuser or have from_body set in order to access
anything within /admin
- has_permission_to on a superuser will always return true
- Only superusers can create/grant superusers
- New `createsuperuser` command for creating superusers
Diffstat (limited to 'perllib/FixMyStreet/App/Controller/Auth.pm')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth.pm | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm index ca4a2fc80..40cd163cf 100644 --- a/perllib/FixMyStreet/App/Controller/Auth.pm +++ b/perllib/FixMyStreet/App/Controller/Auth.pm @@ -414,8 +414,8 @@ Used after signing in to take the person back to where they were. sub redirect_on_signin : Private { my ( $self, $c, $redirect ) = @_; $redirect = 'my' unless $redirect; + $redirect = 'my' if $redirect =~ /^admin/ && !$c->user->is_superuser; if ( $c->cobrand->moniker eq 'zurich' ) { - $redirect = 'my' if $redirect eq 'admin'; $redirect = 'admin' if $c->user->from_body; } $c->res->redirect( $c->uri_for( "/$redirect" ) ); |