mirror of
https://github.com/kakwa/ldapcherry
synced 2024-11-25 18:54:29 +01:00
it's more logical to do the auth check before anything...
This commit is contained in:
parent
fdba64f9da
commit
451c59e875
@ -904,12 +904,12 @@ class LdapCherry(object):
|
|||||||
@exception_decorator
|
@exception_decorator
|
||||||
def checkppolicy(self, **params):
|
def checkppolicy(self, **params):
|
||||||
""" search user page """
|
""" search user page """
|
||||||
|
self._check_auth(must_admin=False)
|
||||||
keys = params.keys()
|
keys = params.keys()
|
||||||
if len(keys) != 1:
|
if len(keys) != 1:
|
||||||
cherrypy.response.status = 400
|
cherrypy.response.status = 400
|
||||||
return "bad argument"
|
return "bad argument"
|
||||||
password = params[keys[0]]
|
password = params[keys[0]]
|
||||||
self._check_auth(must_admin=False)
|
|
||||||
is_admin = self._check_admin()
|
is_admin = self._check_admin()
|
||||||
ret = self._checkppolicy(password)
|
ret = self._checkppolicy(password)
|
||||||
if ret['match']:
|
if ret['match']:
|
||||||
|
Loading…
Reference in New Issue
Block a user