thezenmonkey
Reputation: 189
Silverstripe Cron Job Admin Actions
I have a controller function whose permission is set to ADMIN that needs to be executed form a cron job, unfortuntly calling it from php or php-cgi says that the actipn is not permitted on the controller. I've temporarily removed the ADMIN check, but it's resource intensive so it's a possible DDOS vector
Upvotes: 0
Views: 145
Answers (1)
TheHacksaw
Reputation: 432
You can use a custom permission check in your controller to check if the call is made from the CLI:
class FooController extends Controller {
private static $allowed_actions = array(
'mySecureAction' => '->MySecurityCheck'
);
public function mySecureAction() {
// do something here
}
/**
* if this method returns true, the action will be executed
* for more information, view the docs at: http://doc.silverstripe.org/framework/en/topics/controller#access-control
*/
public function MySecurityCheck() {
return Director::is_cli() || Permission::check('ADMIN');
}
}
Upvotes: 2
Related Questions
- Silverstripe "Security" permission
- Run silverstripe SS4 tasks as cron jobs in a subdomain of SS3
- SilverStripe running BuildTasks error via CronJob
- How to secure google cron service tasks on GAE flexible env?
- SilverStripe Admin Changes
- Silverstripe custom security check show custom error message
- How to Enable Filter functionality in Security area Silverstripe Admin?
- Silverstripe publish page in the future
- Execute a Function in Silverstripe via Cronjob
- Struts2 Cron Jobs