ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'fix_2279_delete_camera_through_api' into storageareas

This commit is contained in:
Isaac Connor 2018-10-29 12:52:27 -04:00
parent 461ce3c1f8 9a2d58adce
commit bc4fada34c
2 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
web/api/app/Controller/MonitorsController.php
View File

@ -207,8 +207,10 @@ class MonitorsController extends AppController {
if ( !$this->Monitor->exists() ) { if ( !$this->Monitor->exists() ) {
throw new NotFoundException(__('Invalid monitor')); throw new NotFoundException(__('Invalid monitor'));
} }
if ( $this->Session->Read('systemPermission') != 'Edit' ) { global $user;
throw new UnauthorizedException(__('Insufficient privileges')); $canEdit = (!$user) || ($user['System'] == 'Edit');
if ( !$canEdit ) {
throw new UnauthorizedException(__('Insufficient privileges'));
return; return;
} }
$this->request->allowMethod('post', 'delete'); $this->request->allowMethod('post', 'delete');

5
web/api/app/Controller/StatesController.php
View File

@ -59,8 +59,9 @@ public function add() {
if ($this->request->is('post')) { if ($this->request->is('post')) {
if ($this->Session->Read('systemPermission') != 'Edit') global $user;
{ $canEdit = (!$user) || ($user['System'] == 'Edit');
if ( !$canEdit ) {
throw new UnauthorizedException(__('Insufficient privileges')); throw new UnauthorizedException(__('Insufficient privileges'));
return; return;
} }