projects
/
kivitendo-erp.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Auth: fehlerhafte JSON-Requests mit JSON und richtigem HTTP-Response-Code beantworten
[kivitendo-erp.git]
/
SL
/
Auth.pm
diff --git
a/SL/Auth.pm
b/SL/Auth.pm
index
2898222
..
82513b9
100644
(file)
--- a/
SL/Auth.pm
+++ b/
SL/Auth.pm
@@
-1126,6
+1126,8
@@
sub evaluate_rights_ary {
my $negate = 0;
foreach my $el (@{$ary}) {
my $negate = 0;
foreach my $el (@{$ary}) {
+ next unless defined $el;
+
if (ref $el eq "ARRAY") {
my $val = evaluate_rights_ary($el);
$val = !$val if $negate;
if (ref $el eq "ARRAY") {
my $val = evaluate_rights_ary($el);
$val = !$val if $negate;
@@
-1235,6
+1237,8
@@
sub assert {
}
if (!$dont_abort) {
}
if (!$dont_abort) {
+ $::dispatcher->reply_with_json_error(error => 'access') if $::request->type eq 'json';
+
delete $::form->{title};
$::form->show_generic_error($::locale->text("You do not have the permissions to access this function."));
}
delete $::form->{title};
$::form->show_generic_error($::locale->text("You do not have the permissions to access this function."));
}