* Tue Oct 21 2025 Brian Read <brianr@koozali.org> 11.0.0-122.sme

- Correct code to only show user panels when AdminPanels property is empty or non existent [SME: 13082]
This commit is contained in:
2025-10-21 19:28:04 +01:00
parent de2f78a089
commit f03d82ebf7
3 changed files with 21 additions and 14 deletions

View File

@@ -33,11 +33,13 @@ use esmith::I18N;
use esmith::ConfigDB::UTF8; use esmith::ConfigDB::UTF8;
use esmith::NavigationDB; # no UTF8 raw is ok for ASCII only flat file use esmith::NavigationDB; # no UTF8 raw is ok for ASCII only flat file
use Data::Dumper;
# Import the function(s) you need # Import the function(s) you need
use SrvMngr_Auth qw(check_admin_access); use SrvMngr_Auth qw(check_admin_access);
#this is overwrittrn with the "release" by the spec file - release can be "99.el8.sme" #this is overwrittrn with the "release" by the spec file - release can be "99.el8.sme"
our $VERSION = '94.el8.sme'; our $VERSION = '121.el8.sme';
#Extract the release value #Extract the release value
if ($VERSION =~ /^(\d+)/) { if ($VERSION =~ /^(\d+)/) {
$VERSION = $1; # $1 contains the matched numeric digits $VERSION = $1; # $1 contains the matched numeric digits
@@ -607,19 +609,21 @@ sub getNavigation {
# Added: Check if user is non-admin and get their allowed panels # Added: Check if user is non-admin and get their allowed panels
if ($username ne '') { if ($username ne '') {
# Get the AccountsDB to check user permissions # Get the AccountsDB to check user permissions
$is_admin = 0; # User is non-admin with specific panel access
my $accountsdb = esmith::AccountsDB::UTF8->open_ro() or my $accountsdb = esmith::AccountsDB::UTF8->open_ro() or
die "Couldn't open AccountsDB\n"; die "Couldn't open AccountsDB\n";
# Check if user has AdminPanels property # Check if user has AdminPanels property
my $user_rec = $accountsdb->get($username); my $user_rec = $accountsdb->get($username);
if (defined $user_rec && $user_rec->prop('AdminPanels')) { if (defined $user_rec && $user_rec->prop('AdminPanels')) {
$is_admin = 0; # User is non-admin with specific panel access
# Get comma-separated list of allowed admin panels # Get comma-separated list of allowed admin panels
my $admin_panels = $user_rec->prop('AdminPanels'); my $admin_panels = $user_rec->prop('AdminPanels');
@allowed_admin_panels = split(/,/, $admin_panels); @allowed_admin_panels = $admin_panels eq '' ? () : split(/,/, $admin_panels);
#@allowed_admin_panels = split(/,/, $admin_panels);
} }
} }
#----------------------------------------------------- #-----------------------------------------------------
# Determine the directory where the functions are kept # Determine the directory where the functions are kept
#----------------------------------------------------- #-----------------------------------------------------
@@ -720,20 +724,20 @@ sub getNavigation {
# Added: Check if this is an admin menu item and if user has access # Added: Check if this is an admin menu item and if user has access
if ($menucat eq 'A' && !$is_admin) { if ($menucat eq 'A' && !$is_admin) {
# Skip this admin panel if user doesn't have access to it # By default, deny access if no allowed_admin_panels are specified
my $has_access = 0; my $has_access = 0;
my $file_no_ext = $file; if (@allowed_admin_panels) {
$file_no_ext =~ s/\.pm$//; # Remove .pm extension if present my $file_no_ext = $file;
foreach my $allowed_panel (@allowed_admin_panels) { $file_no_ext =~ s/\.pm$//; # Remove .pm extension if present
if ($file_no_ext eq lc($allowed_panel)) { foreach my $allowed_panel (@allowed_admin_panels) {
#die("Here!!$file $file_no_ext $allowed_panel "); if ($file_no_ext eq lc($allowed_panel)) {
$has_access = 1; $has_access = 1;
last; last;
}
} }
} }
next if !$has_access; next if !$has_access;
} }
next if $menu ne $menucat; next if $menu ne $menucat;
#-------------------------------------------------- #--------------------------------------------------
@@ -772,7 +776,7 @@ sub getNavigation {
MENUCAT => $menucat MENUCAT => $menucat
}; };
} }
#die(Dumper(\%nav));
return \%nav; return \%nav;
} }

View File

View File

@@ -2,7 +2,7 @@ Summary: Sme Server Configuration : Manager 2
%define name smeserver-manager %define name smeserver-manager
Name: %{name} Name: %{name}
%define version 11.0.0 %define version 11.0.0
%define release 121 %define release 122
Version: %{version} Version: %{version}
Release: %{release}%{?dist} Release: %{release}%{?dist}
License: GPL License: GPL
@@ -147,6 +147,9 @@ true
%defattr(-,root,root) %defattr(-,root,root)
%changelog %changelog
* Tue Oct 21 2025 Brian Read <brianr@koozali.org> 11.0.0-122.sme
- Correct code to only show user panels when AdminPanels property is empty or non existent [SME: 13082]
* Sat Sep 27 2025 Brian Read <brianr@koozali.org> 11.0.0-121.sme * Sat Sep 27 2025 Brian Read <brianr@koozali.org> 11.0.0-121.sme
- Sort out ftp public setting [SME: 13194] - Sort out ftp public setting [SME: 13194]