diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php index be4ebbac..1dc90e35 100644 --- a/data/web/inc/functions.inc.php +++ b/data/web/inc/functions.inc.php @@ -1899,17 +1899,9 @@ function rspamd_ui($action, $data = null) { break; } } -function identity_provider($_action, $_data = null) { +function identity_provider($_action, $_data = null, $hide_secret = false) { global $pdo; - if ($_SESSION['mailcow_cc_role'] != "admin") { - $_SESSION['return'][] = array( - 'type' => 'danger', - 'log' => array(__FUNCTION__, $_action, $_data), - 'msg' => 'access_denied' - ); - return false; - } switch ($_action) { case 'get': @@ -1920,13 +1912,20 @@ function identity_provider($_action, $_data = null) { foreach($rows as $row){ $settings[$row["key"]] = $row["value"]; } - $_SESSION['return'][] = array( - 'type' => 'success', - 'log' => array(__FUNCTION__, $_action, $settings), - 'msg' => 'admin_api_modified' - ); + if ($hide_secret){ + $settings['client_secret'] = '***********************'; + } return $settings; case 'edit': + if ($_SESSION['mailcow_cc_role'] != "admin") { + $_SESSION['return'][] = array( + 'type' => 'danger', + 'log' => array(__FUNCTION__, $_action, $_data), + 'msg' => 'access_denied' + ); + return false; + } + $required_settings = array('server_url', 'authsource', 'realm', 'client_id', 'client_secret', 'redirect_url', 'version'); foreach($required_settings as $setting){ if (!$_data[$setting]){ diff --git a/data/web/json_api.php b/data/web/json_api.php index d8dcd8f0..6aae8b1a 100644 --- a/data/web/json_api.php +++ b/data/web/json_api.php @@ -1611,8 +1611,6 @@ if (isset($_GET['query'])) { } } break; - case "identity_provider": - process_get_return(identity_provider('get')); break; break; // return no route found if no case is matched