composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-26 03:58:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/support/2.7' into support/3.0

Browse Source 
# Conflicts:
#	lib/composer/installed.php
#	setup/licenses/community-licenses.xml
#	setup/setuputils.class.inc.php
#	sources/application/TwigBase/Controller/Controller.php
This commit is contained in:
Pierre Goiffon
2022-02-14 08:41:33 +01:00
parent a65c55fc48 4a67819f87
commit 6a5840ed82
416 changed files with 6638 additions and 2444 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
datamodels/2.x/itop-portal-base/portal/src/Controller/ObjectController.php
View File

@@ -390,14 +390,18 @@ class ObjectController extends BrickController
}
// Checking security layers
if (!$oSecurityHelper->IsActionAllowed(UR_ACTION_MODIFY, $sObjectClass, $sObjectId))
{
IssueLog::Warning(__METHOD__.' at line '.__LINE__.' : User #'.UserRights::GetUserId().' not allowed to modify '.$sObjectClass.'::'.$sObjectId.' object.');
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
}
if (!$oSecurityHelper->IsStimulusAllowed($sStimulusCode, $sObjectClass))
{
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
}
// Retrieving object
$oObject = MetaModel::GetObject($sObjectClass, $sObjectId, false /* MustBeFound */,
$oScopeValidator->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
$oObject = MetaModel::GetObject($sObjectClass, $sObjectId, false /* MustBeFound */, $oScopeValidator->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
if ($oObject === null)
{
// We should never be there as the secuirty helper makes sure that the object exists, but just in case.