X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=bacula%2Fsrc%2Fdird%2Fua_restore.c;h=1ae783b8ee9e3830a12706266799d2d7c0974246;hb=44566f589dd96e4414e38ec4bf7d76b22fbcd9aa;hp=24d0aba7b7a258c31ef2d994669879cbc88bad57;hpb=892f06cfa5f01fa76b0733ac90d9ef6956b3d636;p=bacula%2Fbacula

diff --git a/bacula/src/dird/ua_restore.c b/bacula/src/dird/ua_restore.c
index 24d0aba7b7..1ae783b8ee 100644
--- a/bacula/src/dird/ua_restore.c
+++ b/bacula/src/dird/ua_restore.c
@@ -35,17 +35,6 @@
 /* Imported functions */
 extern void print_bsr(UAContext *ua, RBSR *bsr);
 
-/* Imported variables */
-extern const char *uar_list_jobs,      *uar_file,        *uar_sel_files;
-extern const char *uar_del_temp,       *uar_del_temp1,   *uar_create_temp;
-extern const char *uar_create_temp1,   *uar_last_full,   *uar_full;
-extern const char *uar_inc,            *uar_list_temp,   *uar_sel_jobid_temp;
-extern const char *uar_sel_all_temp1,  *uar_sel_fileset, *uar_mediatype;
-extern const char *uar_jobid_fileindex, *uar_dif,        *uar_sel_all_temp;
-extern const char *uar_count_files,     *uar_jobids_fileindex;
-extern const char *uar_jobid_fileindex_from_dir;
-extern const char *uar_jobid_fileindex_from_table;
-
 
 
 /* Forward referenced functions */
@@ -90,6 +79,10 @@ int restore_cmd(UAContext *ua, const char *cmd)
    i = find_arg_with_value(ua, "where");
    if (i >= 0) {
       rx.where = ua->argv[i];
+      if (!acl_access_ok(ua, Where_ACL, rx.where)) {
+         bsendmsg(ua, _("Forbidden \"where\" specified.\n"));
+         goto bail_out;
+      }
    }
 
    if (!open_db(ua)) {
@@ -175,6 +168,10 @@ int restore_cmd(UAContext *ua, const char *cmd)
 
    /* Build run command */
    if (rx.where) {
+      if (!acl_access_ok(ua, Where_ACL, rx.where)) {
+         bsendmsg(ua, _("Forbidden \"where\" specified.\n"));
+         goto bail_out;
+      }
       Mmsg(ua->cmd,
           "run job=\"%s\" client=\"%s\" storage=\"%s\" bootstrap=\"%s\""
           " where=\"%s\" files=%d catalog=\"%s\"",
@@ -425,6 +422,10 @@ static int user_select_jobids_or_files(UAContext *ua, RESTORE_CTX *rx)
       case -1:                        /* error or cancel */
          return 0;
       case 0:                         /* list last 20 Jobs run */
+         if (!acl_access_ok(ua, Command_ACL, NT_("sqlquery"), 8)) {
+            bsendmsg(ua, _("SQL query not authorized.\n"));
+            return 0;
+         }
          gui_save = ua->jcr->gui;
          ua->jcr->gui = true;
          db_list_sql_query(ua->jcr, ua->db, uar_list_jobs, prtit, ua, 1, HORZ_LIST);
@@ -456,6 +457,10 @@ static int user_select_jobids_or_files(UAContext *ua, RESTORE_CTX *rx)
          pm_strcpy(rx->JobIds, ua->cmd);
          break;
       case 3:                         /* Enter an SQL list command */
+         if (!acl_access_ok(ua, Command_ACL, NT_("sqlquery"), 8)) {
+            bsendmsg(ua, _("SQL query not authorized.\n"));
+            return 0;
+         }
          if (!get_cmd(ua, _("Enter SQL list command: "))) {
             return 0;
          }
@@ -814,7 +819,7 @@ static void split_path_and_filename(RESTORE_CTX *rx, char *name)
       rx->pnl = 0;
    }
 
-   Dmsg2(100, "sllit path=%s file=%s\n", rx->path, rx->fname);
+   Dmsg2(100, "split path=%s file=%s\n", rx->path, rx->fname);
 }
 
 static bool build_directory_tree(UAContext *ua, RESTORE_CTX *rx)