1
0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-25 18:54:29 +01:00

it's more logical to do the auth check before anything...

This commit is contained in:
kakwa 2015-11-02 23:17:49 +01:00
parent fdba64f9da
commit 451c59e875

View File

@ -904,12 +904,12 @@ class LdapCherry(object):
@exception_decorator @exception_decorator
def checkppolicy(self, **params): def checkppolicy(self, **params):
""" search user page """ """ search user page """
self._check_auth(must_admin=False)
keys = params.keys() keys = params.keys()
if len(keys) != 1: if len(keys) != 1:
cherrypy.response.status = 400 cherrypy.response.status = 400
return "bad argument" return "bad argument"
password = params[keys[0]] password = params[keys[0]]
self._check_auth(must_admin=False)
is_admin = self._check_admin() is_admin = self._check_admin()
ret = self._checkppolicy(password) ret = self._checkppolicy(password)
if ret['match']: if ret['match']: