URL access vulenrability patch
This commit is contained in:
@@ -13,6 +13,11 @@ use RecursiveIteratorIterator;
|
|||||||
|
|
||||||
class SettingsController extends Controller
|
class SettingsController extends Controller
|
||||||
{
|
{
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
$this->middleware(['auth', 'roles']);
|
||||||
|
}
|
||||||
|
|
||||||
public function settingsIcon()
|
public function settingsIcon()
|
||||||
{
|
{
|
||||||
return ' <div class="col-md-2 col-sm-6">
|
return ' <div class="col-md-2 col-sm-6">
|
||||||
|
@@ -31,7 +31,7 @@ class PriorityController extends Controller
|
|||||||
{
|
{
|
||||||
$this->PhpMailController = $PhpMailController;
|
$this->PhpMailController = $PhpMailController;
|
||||||
$this->NotificationController = $NotificationController;
|
$this->NotificationController = $NotificationController;
|
||||||
$this->middleware('auth');
|
$this->middleware('roles');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@@ -10,7 +10,7 @@ class UrlSettingController extends Controller
|
|||||||
{
|
{
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
$this->middleware('auth');
|
$this->middleware(['auth', 'roles']);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function settings(Request $request)
|
public function settings(Request $request)
|
||||||
|
@@ -9,6 +9,11 @@ use Illuminate\Http\Request;
|
|||||||
|
|
||||||
class MailController extends Controller
|
class MailController extends Controller
|
||||||
{
|
{
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
$this->middleware(['auth', 'roles']);
|
||||||
|
}
|
||||||
|
|
||||||
public function serviceForm(Request $request)
|
public function serviceForm(Request $request)
|
||||||
{
|
{
|
||||||
$serviceid = $request->input('service');
|
$serviceid = $request->input('service');
|
||||||
|
@@ -12,6 +12,11 @@ use Illuminate\Http\Request;
|
|||||||
|
|
||||||
class QueueController extends Controller
|
class QueueController extends Controller
|
||||||
{
|
{
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
$this->middleware(['auth', 'roles']);
|
||||||
|
}
|
||||||
|
|
||||||
public function index()
|
public function index()
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
|
@@ -58,14 +58,11 @@ class="nav-link active"
|
|||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
<div class="card-header">
|
||||||
|
<div class="card-tools" style="color:#fff">
|
||||||
|
<a class="right" title="" data-placement="right" data-toggle="tooltip" href="#" data-original-title="{{Lang::get('lang.active_user_can_select_the_priority_while_creating_ticket')}}">
|
||||||
|
|
||||||
<div class="card-body">
|
<span class="lead" >{!! Lang::get('lang.user_priority_status') !!}</span>
|
||||||
|
|
||||||
<div class="mb-3">
|
|
||||||
|
|
||||||
<a class="right" title="" data-placement="right" data-toggle="tooltip" href="#" data-original-title="{{Lang::get('lang.active_user_can_select_the_priority_while_creating_ticket')}}">
|
|
||||||
|
|
||||||
<span class="lead" >{!! Lang::get('lang.current') !!}{!! Lang::get('lang.user_priority_status') !!}</span> -
|
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
<div class="btn-group" id="toggle_event_editing">
|
<div class="btn-group" id="toggle_event_editing">
|
||||||
@@ -73,7 +70,8 @@ class="nav-link active"
|
|||||||
<button type="button" class="btn {{$user_status->status == '1' ? 'btn-info' : 'btn-default'}} unlocked_inactive">Active</button>
|
<button type="button" class="btn {{$user_status->status == '1' ? 'btn-info' : 'btn-default'}} unlocked_inactive">Active</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="card-body">
|
||||||
{!! Datatable::table()
|
{!! Datatable::table()
|
||||||
->addColumn(
|
->addColumn(
|
||||||
Lang::get('lang.priority'),
|
Lang::get('lang.priority'),
|
||||||
@@ -85,6 +83,8 @@ class="nav-link active"
|
|||||||
->render() !!}
|
->render() !!}
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
@stop
|
||||||
|
@push('scripts')
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
$('a').tooltip()
|
$('a').tooltip()
|
||||||
</script>
|
</script>
|
||||||
@@ -133,5 +133,4 @@ class="nav-link active"
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
</script>
|
</script>
|
||||||
|
@endpush
|
||||||
@stop
|
|
Reference in New Issue
Block a user