diff options
author | Renato Botelho <garga@FreeBSD.org> | 2013-02-07 11:09:09 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2013-02-07 11:15:10 -0200 |
commit | a8cb003844c8feda083925415d9cfc96d5f3827f (patch) | |
tree | 14ae704fd9fb090f69ddfa44ec7647413d4f46d5 /usr/local/captiveportal | |
parent | 060bc78b02232484a089349a26ecee4e5bc72429 (diff) | |
download | pfsense-a8cb003844c8feda083925415d9cfc96d5f3827f.zip pfsense-a8cb003844c8feda083925415d9cfc96d5f3827f.tar.gz |
Implement privilege for allowing login through CP
- The feature is optional, on by default for new zones, off for current
ones when upgrading
It should fix #1010
Diffstat (limited to 'usr/local/captiveportal')
-rwxr-xr-x | usr/local/captiveportal/index.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index 98b26e9..63b4280 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -207,6 +207,10 @@ EOD; if ($_POST['auth_user'] && $_POST['auth_pass']) { //check against local user manager $loginok = local_backed($_POST['auth_user'], $_POST['auth_pass']); + + if ($loginok && isset($cpcfg['localauth_priv'])) + $loginok = userHasPrivilege(getUserEntry($_POST['auth_user']), "user-services-captiveportal-login"); + if ($loginok){ captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,"LOGIN"); portal_allow($clientip, $clientmac,$_POST['auth_user']); |