security-and-privacy/ldapcherry
security-and-privacy/ldapcherry
1
0
Fork 0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-22 09:24:21 +01:00
Code Releases Activity

it's more logical to do the auth check before anything...

Browse Source
This commit is contained in:
kakwa 2015-11-02 23:17:49 +01:00
parent fdba64f9da
commit 451c59e875
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ldapcherry/__init__.py
View File

@ -904,12 +904,12 @@ class LdapCherry(object):
@exception_decorator @exception_decorator
def checkppolicy(self, **params): def checkppolicy(self, **params):
""" search user page """ """ search user page """
self._check_auth(must_admin=False)
keys = params.keys() keys = params.keys()
if len(keys) != 1: if len(keys) != 1:
cherrypy.response.status = 400 cherrypy.response.status = 400
return "bad argument" return "bad argument"
password = params[keys[0]] password = params[keys[0]]
self._check_auth(must_admin=False)
is_admin = self._check_admin() is_admin = self._check_admin()
ret = self._checkppolicy(password) ret = self._checkppolicy(password)
if ret['match']: if ret['match']: