Skip to content
Permalink
Browse files

Item11325: Issues with cmd= on edit

git-svn-id: http://svn.foswiki.org/branches/Release01x01@13289 0b4bb1d4-4e5a-0410-9cc4-b2b747904278
  • Loading branch information...
GeorgeClark GeorgeClark
GeorgeClark authored and GeorgeClark committed Dec 3, 2011
1 parent 7d7d7ff commit 4723c7c4ff832a5480b6b45ffc97405f11b78f68
Showing with 20 additions and 0 deletions.
  1. +20 −0 core/lib/Foswiki/UI/Edit.pm
@@ -344,6 +344,26 @@ sub init_edit {

if ($adminCmd) {

unless ($users->isAdmin($user)) {
throw Foswiki::OopsException(
'accessdenied',
def => 'topic_access',
web => $web,
topic => $topic,
params => [ "'cmd=$adminCmd'", 'Administrators only' ]
);
}

unless ($adminCmd =~ m/^(rep|del)Rev$/ ) {
throw Foswiki::OopsException(
'attention',
def => 'unrecognized_action',
web => $web,
topic => $topic,
params => [ "'cmd=$adminCmd'" ]
);
}

# An admin cmd is a command such as 'repRev' or 'delRev'.
# These commands can used by admins to silently remove
# revisions from topics histories from some stores. repRev

0 comments on commit 4723c7c

Please sign in to comment.
You can’t perform that action at this time.