|
|
@@ -27,7 +27,7 @@ class OtBackendUserAuthenticator extends BackendUserAuthenticator
|
|
|
// The routes defined in the ot-admin extension are limited to some ips
|
|
|
if (preg_match('/\/otadmin\/.+/', $route->getPath())) {
|
|
|
if (ApiController::isIpAllowed($_SERVER['REMOTE_ADDR'])) {
|
|
|
- return true;
|
|
|
+ return false;
|
|
|
} else {
|
|
|
throw new \RuntimeException('An unauthorized IP (' . $_SERVER['REMOTE_ADDR'] . ') ' .
|
|
|
'tried to run the following ot-admin command: ' . $_SERVER['QUERY_STRING']);
|
|
|
@@ -37,7 +37,7 @@ class OtBackendUserAuthenticator extends BackendUserAuthenticator
|
|
|
|
|
|
// The routes defined in the ot-core extension are public
|
|
|
if (preg_match('/\/otcore\/.+/', $route->getPath())) {
|
|
|
- return true;
|
|
|
+ return false;
|
|
|
}
|
|
|
|
|
|
return parent::isLoggedInBackendUserRequired($route);
|
Olivier Massot