composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-03-06 17:44:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

🔊 DisplayBlock add error message on error if user is admin

Browse Source 
Previously only an IssueLog was made, which was confusing
The log is limited to admin users as it contains the exception message, which could expose sensitive info
This commit is contained in:
Pierre Goiffon
2020-11-16 11:21:20 +01:00
parent d4516c214c
commit 48bf954387
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
application/displayblock.class.inc.php
View File

@@ -17,6 +17,7 @@
* You should have received a copy of the GNU Affero General Public License
*/
use Combodo\iTop\Application\UI\Component\Alert\AlertFactory;
use Combodo\iTop\Application\UI\Component\Badge\BadgeFactory;
use Combodo\iTop\Application\UI\Component\Button\ButtonFactory;
use Combodo\iTop\Application\UI\Component\Dashlet\DashletFactory;
@@ -242,6 +243,14 @@ class DisplayBlock
try {
$oHtml->AddSubBlock($this->GetRenderContent($oPage, $aExtraParams, $sId));
} catch (Exception $e) {
if (UserRights::IsAdministrator()) {
$sExceptionContent = <<<HTML
Exception thrown:<br>
<code>{$e->getMessage()}</code>
HTML;
$oExceptionAlert = AlertFactory::MakeForFailure('Cannot display results', $sExceptionContent);
$oHtml->AddSubBlock($oExceptionAlert);
}
IssueLog::Error('Exception during GetDisplay: '.$e->getMessage());
}
$oHtml->AddHtml("</div>\n");