ACL check on reusers requests

author Adam Chlipala <adamc@hcoop.net>

Tue, 17 Feb 2009 16:46:03 +0000 (16:46 +0000)

committer Adam Chlipala <adamc@hcoop.net>

Tue, 17 Feb 2009 16:46:03 +0000 (16:46 +0000)
author Adam Chlipala <adamc@hcoop.net>
Tue, 17 Feb 2009 16:46:03 +0000 (16:46 +0000)
committer Adam Chlipala <adamc@hcoop.net>
Tue, 17 Feb 2009 16:46:03 +0000 (16:46 +0000)
diff --git a/src/main.sml b/src/main.sml

index ac9207d..f19dd8a 100644 (file)
--- a/src/main.sml
+++ b/src/main.sml
@@ -1604,8 +1604,13 @@ fun service () =
                                       (fn () => ())
  
                                | MsgReUsers =>
                                       (fn () => ())
  
                                | MsgReUsers =>
-                                doIt (fn () => (usersChanged ();
-                                                ("Users change callbacks run", NONE)))
+                                doIt (fn () => if Acl.query {user = user, class = "priv", value = "regen"}
+                                                  orelse Acl.query {user = user, class = "priv", value = "all"} then
+                                                   (usersChanged ();
+                                                    ("Users change callbacks run", NONE))
+                                               else
+                                                   ("Unauthorized user asked to reusers!",
+                                                    SOME "You aren't authorized to regenerate files."))
                                       (fn () => ())
  
                                | _ =>
                                       (fn () => ())
  
                                | _ =>
author	Adam Chlipala <adamc@hcoop.net>
	Tue, 17 Feb 2009 16:46:03 +0000 (16:46 +0000)
committer	Adam Chlipala <adamc@hcoop.net>
	Tue, 17 Feb 2009 16:46:03 +0000 (16:46 +0000)