diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2016-07-06 18:07:22 +0100 |
|---|---|---|
| committer | Dave Arter <davea@mysociety.org> | 2016-07-19 17:56:22 +0100 |
| commit | 6afbfe45183412e35e8e846fd0d4a9d846c8644b (patch) | |
| tree | 3f5cb6173c08a571811f0a31508b45acf31d69f7 /perllib/FixMyStreet/Cobrand | |
| parent | 65545553b5171f1ef1d611ea93c38f138451fb31 (diff) | |
Use normal user authentication to control access to /admin
- Adds is_superuser flag to User
- Logged-in user must be a superuser or have from_body set in order to access
anything within /admin
- has_permission_to on a superuser will always return true
- Only superusers can create/grant superusers
- New `createsuperuser` command for creating superusers
Diffstat (limited to 'perllib/FixMyStreet/Cobrand')
| -rw-r--r-- | perllib/FixMyStreet/Cobrand/Default.pm | 16 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Cobrand/SeeSomething.pm | 5 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Cobrand/Zurich.pm | 6 |
3 files changed, 25 insertions, 2 deletions
diff --git a/perllib/FixMyStreet/Cobrand/Default.pm b/perllib/FixMyStreet/Cobrand/Default.pm index 36313cf63..e5ec0c13a 100644 --- a/perllib/FixMyStreet/Cobrand/Default.pm +++ b/perllib/FixMyStreet/Cobrand/Default.pm @@ -369,8 +369,8 @@ sub uri { { no warnings 'once'; - (my $map_class = $FixMyStreet::Map::map_class) =~ s/^FixMyStreet::Map:://; - return $uri unless $map_class =~ /OSM|FMS/; + my $map_class = $FixMyStreet::Map::map_class; + return $uri unless $map_class && $map_class =~ /FixMyStreet::Map::(OSM|FMS)/; } $uri->query_param( zoom => 3 ) @@ -622,6 +622,18 @@ Show the problem creation graph in the admin interface sub admin_show_creation_graph { 1 } +=head2 admin_allow_user + +Perform checks on whether this user can access admin. By default only superusers +are allowed. + +=cut + +sub admin_allow_user { + my ( $self, $user ) = @_; + return 1 if $user->is_superuser; +} + =head2 area_types The MaPit types this site handles diff --git a/perllib/FixMyStreet/Cobrand/SeeSomething.pm b/perllib/FixMyStreet/Cobrand/SeeSomething.pm index 22750aafa..4d4dd000e 100644 --- a/perllib/FixMyStreet/Cobrand/SeeSomething.pm +++ b/perllib/FixMyStreet/Cobrand/SeeSomething.pm @@ -60,6 +60,11 @@ sub allow_anonymous_reports { 1; } sub anonymous_account { return { name => 'Anonymous Submission', email => FixMyStreet->config('DO_NOT_REPLY_EMAIL') }; } +sub admin_allow_user { + my ( $self, $user ) = @_; + return 1 if ( $user->from_body || $user->is_superuser ); +} + sub admin_pages { my $self = shift; diff --git a/perllib/FixMyStreet/Cobrand/Zurich.pm b/perllib/FixMyStreet/Cobrand/Zurich.pm index d13408321..1bf9cb9a5 100644 --- a/perllib/FixMyStreet/Cobrand/Zurich.pm +++ b/perllib/FixMyStreet/Cobrand/Zurich.pm @@ -371,6 +371,12 @@ sub update_admin_log { $c->forward( 'log_edit', [ $problem->id, 'problem', $text, $time_spent ] ); } +# Any user with from_body set can view admin +sub admin_allow_user { + my ( $self, $user ) = @_; + return 1 if $user->from_body; +} + # Specific administrative displays sub admin_pages { |