Commit 4dc44200 authored by Ad Schellevis's avatar Ad Schellevis Committed by Franco Fichtner

(xmlrpc) proper acl handling

(cherry picked from commit 803fd5f5)
parent 4ec842fa
......@@ -41,7 +41,10 @@ function http_basic_auth($http_auth_header)
if (count($tags) >= 2) {
$userinfo= explode(":", base64_decode($tags[1])) ;
if (count($userinfo)>=2) {
return authenticate_user($userinfo[0], $userinfo[1]);
if (authenticate_user($userinfo[0], $userinfo[1])) {
$aclObj = new \OPNsense\Core\ACL();
return $aclObj->isPageAccessible($userinfo[0], "/xmlrpc.php");
}
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment