From 47f540947520045b8d72cd8b4d7543a48093cc37 Mon Sep 17 00:00:00 2001 From: Adam Dickmeiss Date: Wed, 23 May 2007 14:24:10 +0000 Subject: [PATCH] Fixed bug #1136: Access rights not enforced. --- NEWS | 2 ++ src/filter_auth_simple.cpp | 9 ++++----- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/NEWS b/NEWS index b415d07..39409e0 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,7 @@ --- 1.0.9 .. +Fixed bug #1136: Access rights not enforced. + Extension for log module. The log category 'access' logs more details. New category 'user-access' added which is simlar to 'access' but adds the Z39.50 user as for all entries in a session. diff --git a/src/filter_auth_simple.cpp b/src/filter_auth_simple.cpp index d974217..f48dd15 100644 --- a/src/filter_auth_simple.cpp +++ b/src/filter_auth_simple.cpp @@ -1,4 +1,4 @@ -/* $Id: filter_auth_simple.cpp,v 1.23 2007-05-09 21:23:09 adam Exp $ +/* $Id: filter_auth_simple.cpp,v 1.24 2007-05-23 14:24:10 adam Exp $ Copyright (c) 2005-2007, Index Data. This file is part of Metaproxy. @@ -357,8 +357,8 @@ void yf::AuthSimple::check_targets(mp::Package & package) const std::list authorisedTargets = m_p->targetsByUser[user]; std::list targets; - Z_OtherInformation *otherInfo = initReq->otherInfo; - mp::util::get_vhost_otherinfo(otherInfo, targets); + Z_OtherInformation **otherInfo = &initReq->otherInfo; + mp::util::remove_vhost_otherinfo(otherInfo, targets); // Check each of the targets specified in the otherInfo package std::list::iterator i; @@ -381,9 +381,8 @@ void yf::AuthSimple::check_targets(mp::Package & package) const YAZ_BIB1_ACCESS_TO_SPECIFIED_DATABASE_DENIED, // ### It would be better to use the Z-db name "all databases"); - mp::odr odr; - mp::util::set_vhost_otherinfo(&otherInfo, odr, targets); + mp::util::set_vhost_otherinfo(otherInfo, odr, targets); package.move(); } -- 1.7.10.4