From: Thomas Berezansky <tsbere@mvlc.org>
Date: Tue, 24 Mar 2015 15:13:36 +0000 (-0400)
Subject: LP#1435938: Wrap auth check around clearcache URLs
X-Git-Tag: sprint4-merge-nov22~1272
X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=bc44b326c603f0d730275f6f5bbb18459d1c064b;p=working%2FEvergreen.git

LP#1435938: Wrap auth check around clearcache URLs

Only allow staff to clear the cache values.

Signed-off-by: Thomas Berezansky <tsbere@mvlc.org>
Signed-off-by: Ben Shum <bshum@biblio.org>
---

diff --git a/Open-ILS/examples/apache/eg_vhost.conf.in b/Open-ILS/examples/apache/eg_vhost.conf.in
index 771ed62e8e..1144f4c13f 100644
--- a/Open-ILS/examples/apache/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache/eg_vhost.conf.in
@@ -52,6 +52,12 @@ OSRFTranslatorConfig @sysconfdir@/opensrf_core.xml
     allow from all
 </Location>
 
+# Lock clearing cache down to STAFF_LOGIN
+<Location /opac/extras/ac/clearcache/>
+    PerlAccessHandler OpenILS::WWW::AccessHandler
+    PerlSetVar OILSAccessHandlerPermission "STAFF_LOGIN"
+</Location>
+
 # Autosuggest for searches
 <Location /opac/extras/autosuggest>
     SetHandler perl-script
diff --git a/Open-ILS/examples/apache_24/eg_vhost.conf.in b/Open-ILS/examples/apache_24/eg_vhost.conf.in
index c6ce1c7fa3..851db16e0c 100644
--- a/Open-ILS/examples/apache_24/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache_24/eg_vhost.conf.in
@@ -52,6 +52,12 @@ OSRFTranslatorConfig @sysconfdir@/opensrf_core.xml
     Require all granted 
 </Location>
 
+# Lock clearing cache down to STAFF_LOGIN
+<Location /opac/extras/ac/clearcache/>
+    PerlAccessHandler OpenILS::WWW::AccessHandler
+    PerlSetVar OILSAccessHandlerPermission "STAFF_LOGIN"
+</Location>
+
 # Autosuggest for searches
 <Location /opac/extras/autosuggest>
     SetHandler perl-script