From e9cf1ec83ca68e5503a7684edab88cd145022697 Mon Sep 17 00:00:00 2001
From: Micke Nordin <mik@elnord.in>
Date: Fri, 19 Aug 2016 10:11:03 +0200
Subject: [PATCH] Fixing contact groups

---
 lib/Thruk/Controller/api_conf.pm | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/lib/Thruk/Controller/api_conf.pm b/lib/Thruk/Controller/api_conf.pm
index 4ed19c6..2521b0f 100644
--- a/lib/Thruk/Controller/api_conf.pm
+++ b/lib/Thruk/Controller/api_conf.pm
@@ -818,6 +818,12 @@ sub index {
 
 	my ( $c ) = @_;
 
+        # Limit access to authorized personell only
+        return unless Thruk::Action::AddDefaults::add_defaults($c, Thruk::ADD_SAFE_DEFAULTS);
+        if( !$c->check_user_roles("authorized_for_configuration_information") || !$c->check_user_roles("authorized_for_system_commands")) {
+                return $c->detach('/error/index/8');
+        }
+
 	# This is Configuration options used by Thruk
 	$c->stash->{'readonly'}        = 0;
 	$c->stash->{'title'}           = 'Configuration Editor';
@@ -839,14 +845,7 @@ sub index {
 		$confdir = dirname($c->stash->{usercontent_folder});
 	}
 	$c->stash->{'confdir'} = $confdir; 
-
-	# Limit access to authorized personell only
-	if( !$c->check_user_roles("authorized_for_configuration_information")
-        || !$c->check_user_roles("authorized_for_system_commands")) {
-		$c->stash->{body} = "<h1>You are not authorized to access this page!</h1>";
-	} else {
-		$c->stash->{body} = body $c;
-	}
+	$c->stash->{body} = body $c;
 }
 
 =head1 LICENSE