diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2015-07-09 22:18:55 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2015-07-09 22:18:55 -0700 |
| commit | 1c538bfabc2cd31f27067505f0c3d1a46cba6ef0 (patch) | |
| tree | 96922ad4459eda1e649327fd391d60c58d454c53 /rt/share/html/Dashboards/Elements/ShowPortlet/component | |
| parent | 4f5619288413a185e9933088d9dd8c5afbc55dfa (diff) | |
RT 4.2.11, ticket#13852
Diffstat (limited to 'rt/share/html/Dashboards/Elements/ShowPortlet/component')
| -rw-r--r-- | rt/share/html/Dashboards/Elements/ShowPortlet/component | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/rt/share/html/Dashboards/Elements/ShowPortlet/component b/rt/share/html/Dashboards/Elements/ShowPortlet/component index 5218843..3b54da2 100644 --- a/rt/share/html/Dashboards/Elements/ShowPortlet/component +++ b/rt/share/html/Dashboards/Elements/ShowPortlet/component @@ -51,4 +51,14 @@ $Portlet $Rows => 20 $Preview => 0 </%args> -% $m->comp($Portlet->{path}); +<%init> +my $full_path = $Portlet->{path}; +(my $path = $full_path) =~ s{^/Elements/}{}; + +my $allowed = grep { $_ eq $path } @{RT->Config->Get('HomepageComponents')}; +</%init> +% if (!$allowed) { +% $m->out( $m->interp->apply_escapes( loc("Invalid portlet [_1]", $path), "h" ) ); +% } else { +% $m->comp($full_path); +% } |