Revision 0659115f src/rm/RequestManagerImagePoolInfo.cc
| src/rm/RequestManagerImagePoolInfo.cc | ||
|---|---|---|
| 46 | 46 |
filter_flag = xmlrpc_c::value_int(paramList.getInt(1)); |
| 47 | 47 |
|
| 48 | 48 |
// Check if it is a valid user |
| 49 |
rc = ImagePoolInfo::upool->authenticate(session);
|
|
| 49 |
uid = ImagePoolInfo::upool->authenticate(session);
|
|
| 50 | 50 |
|
| 51 |
if ( rc == -1 )
|
|
| 51 |
if ( uid == -1 )
|
|
| 52 | 52 |
{
|
| 53 | 53 |
goto error_authenticate; |
| 54 | 54 |
} |
| 55 |
|
|
| 56 |
uid = rc; |
|
| 57 | 55 |
|
| 58 | 56 |
where_string.str("");
|
| 59 | 57 |
|
| ... | ... | |
| 70 | 68 |
switch(filter_flag) |
| 71 | 69 |
{
|
| 72 | 70 |
case -2: |
| 73 |
if ( uid != 0 ) |
|
| 74 |
{
|
|
| 75 |
goto error_authorization; |
|
| 76 |
} |
|
| 71 |
// TODO define authentication bug #278 |
|
| 77 | 72 |
// where remains empty. |
| 78 | 73 |
break; |
| 79 | 74 |
case -1: |
| 80 | 75 |
where_string << "UID=" << uid << " OR public = 'YES'"; |
| 81 | 76 |
break; |
| 82 | 77 |
default: |
| 83 |
// Only oneadmin or the user can list a specific user's images. |
|
| 84 |
if ( uid != 0 && uid != filter_flag ) |
|
| 85 |
{
|
|
| 86 |
goto error_authorization; |
|
| 87 |
} |
|
| 88 | 78 |
where_string << "UID=" << filter_flag; |
| 89 | 79 |
} |
| 90 | 80 |
|
| ... | ... | |
| 114 | 104 |
oss.str(authenticate_error(method_name)); |
| 115 | 105 |
goto error_common; |
| 116 | 106 |
|
| 117 |
error_authorization: |
|
| 118 |
oss.str(authorization_error(method_name, "USE", "IMAGE", uid, NULL)); |
|
| 119 |
goto error_common; |
|
| 120 |
|
|
| 121 | 107 |
error_filter_flag: |
| 122 | 108 |
oss << "Incorrect filter_flag, must be >= -2."; |
| 123 | 109 |
goto error_common; |
Also available in: Unified diff