From aa17eef42f38837c24eed5a61b5c09f5e6fd4d28 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Jean-Andr=C3=A9=20Santoni?= <jeanandre.santoni@biblibre.com>
Date: Fri, 26 Feb 2010 21:37:44 +0100
Subject: [PATCH] Fixes access permissions to ILS-DI

Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
---
 opac/ilsdi.pl | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/opac/ilsdi.pl b/opac/ilsdi.pl
index ec72d8773a..08ba5bdb4e 100755
--- a/opac/ilsdi.pl
+++ b/opac/ilsdi.pl
@@ -113,12 +113,22 @@ my %optional = (
 );
 
 # If ILS-DI module is disabled in System->Preferences, redirect to 404
-if ( not C4::Context->preference('ILS-DI') ) {
+unless ( C4::Context->preference('ILS-DI') ) {
     print $cgi->redirect("/cgi-bin/koha/errors/404.pl");
+    exit 1;
+}
+
+# If the remote address is not allowed, redirect to 403
+if ( C4::Context->preference('ILS-DI:AuthorizedIPs') # If no filter set, allow access to everybody
+    and $cgi->param('service') and $cgi->param('service') ne 'Describe' # Allow access to online documentation
+    and not any { $ENV{'REMOTE_ADDR'} eq $_ } split(/,/, C4::Context->preference('ILS-DI:AuthorizedIPs')) # IP Check
+    ) {
+    print $cgi->redirect("/cgi-bin/koha/errors/403.pl");
+    exit 1;
 }
 
 # If no service is requested, display the online documentation
-if ( not $cgi->param('service') ) {
+unless ( $cgi->param('service') ) {
     my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
         {   template_name   => "ilsdi.tmpl",
             query           => $cgi,
-- 
2.39.2