You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by mi...@apache.org on 2017/03/14 20:22:17 UTC
[2/4] incubator-trafficcontrol git commit: move security check to
beginning of function
move security check to beginning of function
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/800eb5b1
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/800eb5b1
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/800eb5b1
Branch: refs/heads/master
Commit: 800eb5b1086abecaa26abfa5300b5e9e0d8ff66e
Parents: 3fd65ec
Author: Derek Gelinas <de...@cable.comcast.com>
Authored: Tue Mar 14 12:30:18 2017 -0400
Committer: Jeremy Mitchell <mi...@gmail.com>
Committed: Tue Mar 14 14:21:45 2017 -0600
----------------------------------------------------------------------
traffic_ops/app/lib/UI/GenDbDump.pm | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/800eb5b1/traffic_ops/app/lib/UI/GenDbDump.pm
----------------------------------------------------------------------
diff --git a/traffic_ops/app/lib/UI/GenDbDump.pm b/traffic_ops/app/lib/UI/GenDbDump.pm
index 80ce1bd..f6b14d4 100644
--- a/traffic_ops/app/lib/UI/GenDbDump.pm
+++ b/traffic_ops/app/lib/UI/GenDbDump.pm
@@ -23,6 +23,11 @@ sub dbdump {
my $self = shift;
my $filename = $self->param('filename');
+ if ( !&is_oper($self) ) {
+ $self->internal_server_error( { Error => "Insufficient permissions for DB Dump. Admin access is required." } );
+ return;
+ }
+
my ($db_name, $host, $port) = $Schema::dsn =~ /:database=([^;]*);host=([^;]+);port=(\d+)/;
my $db_user = $Schema::user;
my $db_pass = $Schema::pass;
@@ -33,10 +38,6 @@ sub dbdump {
$self->internal_server_error( { Error => "Error dumping database" } );
return;
}
- if ( !&is_oper($self) ) {
- $self->internal_server_error( { Error => "Insufficient permissions for DB Dump. Admin access is required." } );
- return;
- }
# slurp it in..
undef $/;