Commit Graph
4 Commits
Author SHA1 Message Date
b361710148 Device group based access (#10568)
* Device group based access

* Use Permissions class to resolve permissions

Also give port access based on device access

* Convert more pages to use Permissions class

* shorten config setting name
use Eloquent relationships in several places
alphabetize config_definitions.json

* Change Models and Permissions

* Clean up ajax_search LIMIT sql

* Convert more pages to use Permissions class

Co-authored-by: Tony Murray <[email protected]>
2019-12-30 12:11:26 +01:00
SourceDoctorandJellyfrog 52f1bc9e8c geographical map sql query fix for normal user (#10590) 2019-09-09 12:26:44 +02:00
Tony MurrayandGitHub 36a5da00ca Fix missed alert function renames (#10452) 2019-07-18 11:05:43 -05:00
Tony MurrayandGitHub 36431dd296 Security fix: unauthorized access (#10091)
* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)

Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input

* git mv html/includes/ includes/html
git mv html/pages/ includes/html/
2019-04-11 23:26:42 -05:00