bug fix: pre-auth

usmannasir · Oct 23, 2024 · 5b08cd6 · 5b08cd6 · todb-cisa · Nov 1, 2024
1 parent fd05ec4
commit 5b08cd6
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/databases/views.py b/databases/views.py
@@ -503,6 +503,16 @@ def upgrademysqlnow(request):
 
 def upgrademysqlstatus(request):
     try:
+
+        userID = request.session['userID']
+
+        currentACL = ACLManager.loadedACL(userID)
+
+        if currentACL['admin'] == 1:
+            pass
+        else:
+            return ACLManager.loadErrorJson('FilemanagerAdmin', 0)
+
         data = json.loads(request.body)
         statusfile = data['statusfile']
         installStatus = ProcessUtilities.outputExecutioner("sudo cat " + statusfile)