Commit 980a6400 authored by Denis Chenu's avatar Denis Chenu
Browse files

[fix] Better protection of public method

parent d6a6c5ee
......@@ -107,6 +107,9 @@ class extendRemoteControl extends PluginBase {
public function getPluginSettings($getValues=true)
if(!Permission::model()->hasGlobalPermission('settings','read')) {
throw new CHttpException(403);
/* test if plugins/unsecure is in noCsrfValidationRoutes : in internal for compatible LimeSurvey version */
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment