dany/antd-web-apps
1
0
Fork 0
mirror of https://github.com/lxsang/antd-web-apps synced 2024-11-19 18:08:21 +01:00
Code Issues Projects Releases Wiki Activity

disable some modules
All checks were successful
gitea-sync/antd-web-apps/pipeline/head This commit looks good
Details

Browse Source
This commit is contained in:
Dany LE 2022-10-05 21:06:28 +02:00
parent 1f9c93efb4
commit 1c19cc985c
1 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
os/controllers/SystemController.lua
View File

@ -107,11 +107,20 @@ function SystemController:apigateway(...)
--else
-- std.json()
end
-- preload modules
require("vfs")
-- TODO
local exec_with_user_priv = function(data)
local uid = ulib.uid(SESSION.user)
-- disable unused modules
package.loaded["silk.Router"] = nil
package.loaded["silk.BaseController"] = nil
package.loaded["silk.DBHelper"] = nil
package.loaded["silk.Template"] = nil
package.loaded["silk.api"] = nil
package.loaded["silk.Logger"] = nil
package.loaded["silk.BaseModel"] = nil
package.loaded["silk.BaseObject"] = nil
package.loaded["os.controllers.SystemController"] = nil
-- user only allowed to load module in the following paths
package.path = __api__.apiroot.."/?.lua;"..WWW_ROOT .. '/libs/?.lua'
if not ulib.setgid(uid.gid) or not ulib.setuid(uid.id) then
echo("Cannot set permission to execute the code")
return