Skip to content
Permalink
Browse files

Validate authentication before user name.

Signed-off-by: Volker Theile <votdev@gmx.de>
  • Loading branch information...
votdev committed Jul 11, 2019
1 parent 7a80446 commit dd4aa0faefd64bf9e423408937f4b4e01aa7b321
@@ -77,10 +77,10 @@ class Json {
$rpcServiceMngr = &\OMV\Rpc\ServiceManager::getInstance();
if (FALSE === ($rpcService = $rpcServiceMngr->getService(
$this->params['service']))) {
// Ensure user exists.
$session->validateUser();
// Session MUST be authenticated at this point.
$session->validateAuthentication();
// Ensure user exists.
$session->validateUser();
// If service is not available locally, then we can commit
// the session due the fact that the RPC is redirected to
// the omv-engined daemon which does not have access to this
@@ -50,13 +50,13 @@
header("Content-Type: application/json");
http_response_code(($e instanceof \OMV\BaseException) ?
$e->getHttpStatusCode() : 500);
print json_encode_safe(array(
print json_encode_safe([
"response" => null,
"error" => array(
"error" => [
"code" => $e->getCode(),
"message" => $e->getMessage(),
"trace" => $e->__toString()
)
));
]
]);
}
?>
@@ -49,13 +49,13 @@ function exception_error_handler($errno, $errstr, $errfile, $errline) {
header("Content-Type: text/html");
http_response_code(($e instanceof \OMV\BaseException) ?
$e->getHttpStatusCode() : 500);
print json_encode_safe(array(
print json_encode_safe([
"success" => false, // required by ExtJS
"responseText" => $e->getMessage(), // required by ExtJS
"errors" => null, // required by ExtJS
"code" => $e->getCode(),
"message" => $e->getMessage(),
"trace" => $e->__toString()
));
]);
}
?>

0 comments on commit dd4aa0f

Please sign in to comment.
You can’t perform that action at this time.