From 69034535f61124dccb556823bbef45bd94ab1109 Mon Sep 17 00:00:00 2001
From: Thomas Berezansky <tsbere@mvlc.org>
Date: Tue, 24 Mar 2015 11:13:36 -0400
Subject: [PATCH] Wrap auth check around clearcache URLs

Only allow staff to clear the cache values.

Signed-off-by: Thomas Berezansky <tsbere@mvlc.org>
---
 Open-ILS/examples/apache/eg_vhost.conf.in    | 6 ++++++
 Open-ILS/examples/apache_24/eg_vhost.conf.in | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/Open-ILS/examples/apache/eg_vhost.conf.in b/Open-ILS/examples/apache/eg_vhost.conf.in
index 87e90543dc..50bb190f74 100644
--- a/Open-ILS/examples/apache/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache/eg_vhost.conf.in
@@ -52,6 +52,12 @@ OSRFTranslatorConfig @sysconfdir@/opensrf_core.xml
     allow from all
 </Location>
 
+# Lock clearing cache down to STAFF_LOGIN
+<Location /opac/extras/ac/clearcache/>
+    PerlAccessHandler OpenILS::WWW::AccessHandler
+    PerlSetVar OILSAccessHandlerPermission "STAFF_LOGIN"
+</Location>
+
 # Autosuggest for searches
 <Location /opac/extras/autosuggest>
     SetHandler perl-script
diff --git a/Open-ILS/examples/apache_24/eg_vhost.conf.in b/Open-ILS/examples/apache_24/eg_vhost.conf.in
index d4bbd785cd..c3aa65f277 100644
--- a/Open-ILS/examples/apache_24/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache_24/eg_vhost.conf.in
@@ -52,6 +52,12 @@ OSRFTranslatorConfig @sysconfdir@/opensrf_core.xml
     Require all granted 
 </Location>
 
+# Lock clearing cache down to STAFF_LOGIN
+<Location /opac/extras/ac/clearcache/>
+    PerlAccessHandler OpenILS::WWW::AccessHandler
+    PerlSetVar OILSAccessHandlerPermission "STAFF_LOGIN"
+</Location>
+
 # Autosuggest for searches
 <Location /opac/extras/autosuggest>
     SetHandler perl-script
-- 
2.11.0