From b3ba79a0fdc199588c857fd90927e0326ae49c1d Mon Sep 17 00:00:00 2001 From: shortcutme Date: Mon, 7 Nov 2016 22:55:09 +0100 Subject: [PATCH] Function to check if the user has permission to modife a site --- src/Ui/UiWebsocket.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/Ui/UiWebsocket.py b/src/Ui/UiWebsocket.py index 4a6f1c19..14232ee8 100644 --- a/src/Ui/UiWebsocket.py +++ b/src/Ui/UiWebsocket.py @@ -103,6 +103,12 @@ class UiWebsocket(object): self.log.error("WebSocket handleRequest error: %s" % Debug.formatException(err)) self.cmd("error", "Internal error: %s" % Debug.formatException(err, "html")) + def hasSitePermission(self, address): + if address != self.site.address and "ADMIN" not in self.site.settings["permissions"]: + return False + else: + return True + # Event in a channel def event(self, channel, *params): if channel in self.channels: # We are joined to channel @@ -709,7 +715,7 @@ class UiWebsocket(object): def actionConfigSet(self, to, key, value): if key not in ["tor"]: - self.response(to, "denied") + self.response(to, {"error": "Forbidden"}) return config.saveValue(key, value)