From bc44b326c603f0d730275f6f5bbb18459d1c064b Mon Sep 17 00:00:00 2001
From: Thomas Berezansky <tsbere@mvlc.org>
Date: Tue, 24 Mar 2015 11:13:36 -0400
Subject: [PATCH] LP#1435938: Wrap auth check around clearcache URLs

Only allow staff to clear the cache values.

Signed-off-by: Thomas Berezansky <tsbere@mvlc.org>
Signed-off-by: Ben Shum <bshum@biblio.org>
---
 Open-ILS/examples/apache/eg_vhost.conf.in    | 6 ++++++
 Open-ILS/examples/apache_24/eg_vhost.conf.in | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/Open-ILS/examples/apache/eg_vhost.conf.in b/Open-ILS/examples/apache/eg_vhost.conf.in
index 771ed62e8e..1144f4c13f 100644
--- a/Open-ILS/examples/apache/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache/eg_vhost.conf.in
@@ -52,6 +52,12 @@ OSRFTranslatorConfig @sysconfdir@/opensrf_core.xml
     allow from all
 </Location>
 
+# Lock clearing cache down to STAFF_LOGIN
+<Location /opac/extras/ac/clearcache/>
+    PerlAccessHandler OpenILS::WWW::AccessHandler
+    PerlSetVar OILSAccessHandlerPermission "STAFF_LOGIN"
+</Location>
+
 # Autosuggest for searches
 <Location /opac/extras/autosuggest>
     SetHandler perl-script
diff --git a/Open-ILS/examples/apache_24/eg_vhost.conf.in b/Open-ILS/examples/apache_24/eg_vhost.conf.in
index c6ce1c7fa3..851db16e0c 100644
--- a/Open-ILS/examples/apache_24/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache_24/eg_vhost.conf.in
@@ -52,6 +52,12 @@ OSRFTranslatorConfig @sysconfdir@/opensrf_core.xml
     Require all granted 
 </Location>
 
+# Lock clearing cache down to STAFF_LOGIN
+<Location /opac/extras/ac/clearcache/>
+    PerlAccessHandler OpenILS::WWW::AccessHandler
+    PerlSetVar OILSAccessHandlerPermission "STAFF_LOGIN"
+</Location>
+
 # Autosuggest for searches
 <Location /opac/extras/autosuggest>
     SetHandler perl-script
-- 
2.43.2