From d1af851fcd17d6b6c06243175a40a19a3d8a855e Mon Sep 17 00:00:00 2001 From: Eric Date: Fri, 28 Aug 2020 14:48:00 +0200 Subject: [PATCH] =?UTF-8?q?N=C2=B02591=20-=20API=20:=20deprecate=20\CMDBOb?= =?UTF-8?q?ject::CheckUserRights?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/cmdbobject.class.inc.php | 8 +++++++- core/config.class.inc.php | 3 ++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/core/cmdbobject.class.inc.php b/core/cmdbobject.class.inc.php index bee7d7a41..323a0d8ae 100644 --- a/core/cmdbobject.class.inc.php +++ b/core/cmdbobject.class.inc.php @@ -503,7 +503,13 @@ abstract class CMDBObject extends DBObject /** * Helper to ultimately check user rights before writing (Insert, Update or Delete) * The check should never fail, because the UI should prevent from such a usage - * Anyhow, if the user has found a workaround... the security gets enforced here + * Anyhow, if the user has found a workaround... the security gets enforced here + * + * @param $bSkipStrongSecurity + * @param $iActionCode + * + * @throws \SecurityException + * @deprecated in 2.8.0 will be removed in 2.9 */ protected function CheckUserRights($bSkipStrongSecurity, $iActionCode) { diff --git a/core/config.class.inc.php b/core/config.class.inc.php index bcbf9e22c..f19dd20b0 100644 --- a/core/config.class.inc.php +++ b/core/config.class.inc.php @@ -232,6 +232,7 @@ class Config 'source_of_value' => '', 'show_in_conf_sample' => false, ), + // Deprecated in 2.8.0 to be removed in 2.9 'skip_strong_security' => array( 'type' => 'bool', 'description' => 'Disable strong security - TEMPORARY: this flag should be removed when we are more confident in the recent change in security', @@ -2386,4 +2387,4 @@ class ConfigPlaceholdersResolver IssueLog::Error($sErrorMessage, self::class, array($sSourceName, $sKey, $sDefault, $sWholeMask)); throw new ConfigException($sErrorMessage); } -} \ No newline at end of file +}