self-hosted/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-01-24 05:16:55 +02:00
Code Issues Releases Activity

[Web] limit identity_provider function better

Browse Source
This commit is contained in:
FreddleSpl0it 2023-03-13 08:54:50 +01:00 committed by DerLinkman
parent f6869da3a0
commit 0a77cad2dd
No known key found for this signature in database
GPG Key ID: F109FD97469550A2
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
data/web/inc/functions.inc.php
View File

@ -2068,16 +2068,9 @@ function uuid4() {
return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4)); return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));
} }
function identity_provider($_action, $_data = null) { function identity_provider($_action, $_data = null) {
function identity_provider($_action, $_data = null, $hide_secret = false) {
global $pdo; global $pdo;
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'access_denied'
);
return false;
}
switch ($_action) { switch ($_action) {
case 'get': case 'get':
@ -2088,13 +2081,20 @@ function identity_provider($_action, $_data = null) {
foreach($rows as $row){ foreach($rows as $row){
$settings[$row["key"]] = $row["value"]; $settings[$row["key"]] = $row["value"];
} }
$_SESSION['return'][] = array( if ($hide_secret){
'type' => 'success', $settings['client_secret'] = '***********************';
'log' => array(__FUNCTION__, $_action, $settings), }
'msg' => 'admin_api_modified'
);
return $settings; return $settings;
case 'edit': case 'edit':
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'access_denied'
);
return false;
}
$required_settings = array('server_url', 'authsource', 'realm', 'client_id', 'client_secret', 'redirect_url', 'version'); $required_settings = array('server_url', 'authsource', 'realm', 'client_id', 'client_secret', 'redirect_url', 'version');
foreach($required_settings as $setting){ foreach($required_settings as $setting){
if (!$_data[$setting]){ if (!$_data[$setting]){