luci-compat: apply permission constraints from dispatcher
Since template scopes aren't shared we cannot pass the writable state from
the map templates to the page footer.
Fixes: #3937
Fixes: ffd627f2a ("luci-compat: disable legacy cbi forms on insufficient ACLs")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This commit is contained in:
Jo-Philipp Wich
parent
c48a8d5813
commit
fd24221d9e
2 changed files with 5 additions and 23 deletions
|
|
@ -19,15 +19,15 @@
|
|||
end
|
||||
|
||||
if display_apply then
|
||||
%><input class="btn cbi-button cbi-button-apply" type="button" value="<%:Save & Apply%>" onclick="cbi_submit(this, 'cbi.apply')"<%=ifattr(not has_writeable_map, "disabled")%> /> <%
|
||||
%><input class="btn cbi-button cbi-button-apply" type="button" value="<%:Save & Apply%>" onclick="cbi_submit(this, 'cbi.apply')"<%=ifattr(not writable, "disabled")%> /> <%
|
||||
end
|
||||
|
||||
if display_save then
|
||||
%><input class="btn cbi-button cbi-button-save" type="submit" value="<%:Save%>"<%=ifattr(not has_writeable_map, "disabled")%> /> <%
|
||||
%><input class="btn cbi-button cbi-button-save" type="submit" value="<%:Save%>"<%=ifattr(not writable, "disabled")%> /> <%
|
||||
end
|
||||
|
||||
if display_reset then
|
||||
%><input class="btn cbi-button cbi-button-reset" type="button" value="<%:Reset%>" onclick="location.href='<%=REQUEST_URI%>'"<%=ifattr(not has_writeable_map, "disabled")%> /> <%
|
||||
%><input class="btn cbi-button cbi-button-reset" type="button" value="<%:Reset%>" onclick="location.href='<%=REQUEST_URI%>'"<%=ifattr(not writable, "disabled")%> /> <%
|
||||
end
|
||||
|
||||
%></div><%
|
||||
|
|
|
|||
|
|
@ -2,26 +2,8 @@
|
|||
<div class="alert-message warning"><%=pcdata(msg)%></div>
|
||||
<%- end end -%>
|
||||
|
||||
<%
|
||||
local function has_access(config, level)
|
||||
local rv = luci.util.ubus("session", "access", {
|
||||
ubus_rpc_session = luci.dispatcher.context.authsession,
|
||||
scope = "uci",
|
||||
object = config,
|
||||
["function"] = level
|
||||
})
|
||||
|
||||
return (type(rv) == "table" and rv.access == true) or false
|
||||
end
|
||||
|
||||
local is_readable = has_access(self.config, "read")
|
||||
local is_writable = has_access(self.config, "write")
|
||||
|
||||
has_writeable_map = has_writeable_map or is_writable
|
||||
%>
|
||||
|
||||
<% if is_readable then %>
|
||||
<div class="cbi-map" id="cbi-<%=self.config%>"<%=ifattr(not is_writable, "style", "opacity:.6; pointer-events:none")%>>
|
||||
<% if readable then %>
|
||||
<div class="cbi-map" id="cbi-<%=self.config%>"<%=ifattr(not writable, "style", "opacity:.6; pointer-events:none")%>>
|
||||
<% if self.title and #self.title > 0 then %>
|
||||
<h2 name="content"><%=self.title%></h2>
|
||||
<% end %>
|
||||
|
|
|
|||
Loading…
Reference in a new issue