#
$User = $1 if ( $User =~ /uid=([^,]+)/i || $User =~ /(.*)/ );
+ # strip Active directory domain in front of user
+ $User = $1 if ( $User =~ /\w+\\(\w+)/ );
+use Data::Dump qw(dump);
+warn "XX User: $User",dump( \%ENV );
+
#
# Clean up %ENV for taint checking
#
$Privileged ||= $User eq $Hosts->{$host}{user};
$Privileged ||= defined($Hosts->{$host}{moreUsers}{$User});
+
+ # XXX check against REMOTE_NTGROUP from mod_ntlm
+ $Privileged ||= $Conf{CgiAdminUserGroup} eq $ENV{REMOTE_NTGROUP};
+
return $Privileged;
}
priv => 1},
{ link => "?action=queue", name => $Lang->{Current_queues},
priv => 1},
+ # XXX additional search extensions
+ { link => "?action=search", name => $Lang->{Search_archive},
+ priv => 0},
+ { link => "?action=burn", name => $Lang->{Burn_media},
+ priv => 1},
@{$Conf{CgiNavBarLinks} || []},
);
my $host = $In{host};