composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-18 16:18:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°9361 - Update PHPDoc

Browse Source
This commit is contained in:
Molkobain
2026-03-30 13:49:30 +02:00
parent 91ad01055e
commit 3406ca79de
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pages/exec.php
View File

@@ -102,6 +102,7 @@ if ($sTargetPage === false || $sModule === 'core' || $sModule === 'dictionaries'
// force login if needed
$aModuleDelegatedAuthenticationEndpointsList = GetModuleDelegatedAuthenticationEndpoints($sModule);
// If module doesn't have the delegated authentication endpoints list defined, we rely on the conf. param. to decide if we force login or not.
if (is_null($aModuleDelegatedAuthenticationEndpointsList)) {
$bForceLoginWhenNoDelegatedAuthenticationEndpoints = utils::GetConfig()->Get('security.force_login_when_no_delegated_authentication_endpoints_list');
if ($bForceLoginWhenNoDelegatedAuthenticationEndpoints) {
@@ -109,14 +110,14 @@ if (is_null($aModuleDelegatedAuthenticationEndpointsList)) {
LoginWebPage::DoLoginEx();
}
}
// If module defined a delegated authentication endpoints but not for the current page, we consider that the page is not allowed to be executed without login
if (is_array($aModuleDelegatedAuthenticationEndpointsList) && !in_array($sPage, $aModuleDelegatedAuthenticationEndpointsList)) {
// if module defined a delegated authentication endpoints but not for the current page, we consider that the page is not allowed to be executed without login
require_once(APPROOT.'/application/startup.inc.php');
LoginWebPage::DoLoginEx();
}
// If user is not logged in, log a warning in the log file as the page is executed without login, which is not recommended for security reason
if (is_null($aModuleDelegatedAuthenticationEndpointsList) && !UserRights::IsLoggedIn()) {
require_once(APPROOT.'/application/startup.inc.php');
// check if user is not logged in, if not log a warning in the log file as the page is executed without login, which is not recommended for security reason
IssueLog::Debug("The '$sPage' page is executed without logging in. This call will be blocked in the future and will likely cause unwanted behaviour in the '$sModule' module. Please define a delegated authentication endpoint for the module, as described at https://www.itophub.io/wiki/page?id=latest:customization:new_extension#security.");
}