X-Git-Url: https://ruin.nu/git/?a=blobdiff_plain;f=lib%2FNDWeb.pm;h=d7aec9695d2374bb9310aa1f3c1d38aaff1bb333;hb=48c13dfb589d4f8f83d8fdc2df772c32d4145659;hp=7507a2fd568cc8343a105c36460bca298fad3821;hpb=c63c494456566d34013d9c97993ffcb9dcbd771d;p=ndwebbie.git

diff --git a/lib/NDWeb.pm b/lib/NDWeb.pm
index 7507a2f..d7aec96 100644
--- a/lib/NDWeb.pm
+++ b/lib/NDWeb.pm
@@ -5,10 +5,6 @@ use warnings;
 
 use Catalyst::Runtime '5.70';
 
-#Need to preload, otherwise the first hit is slow
-use CGI qw/:standard/;
-escapeHTML('');
-
 # Set flags and add plugins for the application
 #
 #         -Debug: activates the debug mode for very useful log messages
@@ -35,6 +31,8 @@ __PACKAGE__->config->{'Plugin::Authentication'}{'use_session'} = 1;
 __PACKAGE__->config(session => {
 	storage => "/tmp/ndweb-$>/sesession",
 	directory_umask => 077,
+	expires => 300,
+	verify_address => 1,
 });
 __PACKAGE__->config( cache => {
 	backend => {
@@ -54,6 +52,7 @@ __PACKAGE__->setup(qw/
 	-Debug
 	ConfigLoader
 	Static::Simple
+	Unicode
 
 	Authentication
 	Authentication::Store::NDWeb
@@ -62,19 +61,45 @@ __PACKAGE__->setup(qw/
 	Authorization::Roles
 	Authorization::ACL
 	
+	Session::DynamicExpiry
 	Session
 	Session::Store::File
 	Session::State::Cookie
 
+	Compress::Gzip
+	Compress::Deflate
+
 	Cache
 	PageCache
 	/);
 
 
 __PACKAGE__->deny_access_unless('/users',[qw/admin_users/]);
+__PACKAGE__->deny_access_unless('/alliances',[qw/alliances/]);
 __PACKAGE__->deny_access_unless('/alliances/resources',[qw/alliances_resources/]);
 __PACKAGE__->deny_access_unless('/graphs/alliancevsintel',[qw/graphs_intel/]);
 __PACKAGE__->deny_access_unless('/graphs/avgalliancevsintel',[qw/graphs_intel/]);
+__PACKAGE__->deny_access_unless('/members',[qw/members/]);
+__PACKAGE__->deny_access_unless('/covop',[qw/covop/]);
+__PACKAGE__->deny_access_unless('/calls',[qw/calls_edit/]);
+__PACKAGE__->allow_access_if('/calls/index',[qw/calls_list/]);
+__PACKAGE__->allow_access_if('/calls/list',[qw/calls_list/]);
+__PACKAGE__->allow_access_if('/calls/edit',[qw/members/]);
+__PACKAGE__->deny_access_unless('/raids',[qw/raids_edit/]);
+__PACKAGE__->allow_access_if('/raids/index',[qw//]);
+__PACKAGE__->allow_access_if('/raids/view',[qw//]);
+__PACKAGE__->allow_access_if('/raids/findRaid',[qw//]);
+__PACKAGE__->allow_access_if('/raids/log',[qw//]);
+__PACKAGE__->deny_access_unless('/intel',[qw/intel/]);
+__PACKAGE__->deny_access_unless('/intel/members',[qw/intel_members/]);
+__PACKAGE__->deny_access_unless('/intel/member',[qw/intel_member/]);
+__PACKAGE__->deny_access_unless('/intel/naps',[qw/intel_naps/]);
+__PACKAGE__->deny_access_unless('/jsrpc',[qw//]);
+__PACKAGE__->allow_access_if('/jsrpc/end',1);
+__PACKAGE__->deny_access_unless('/forum/allUnread',[qw//]);
+__PACKAGE__->deny_access_unless('/forum/privmsg',[qw//]);
+__PACKAGE__->deny_access_unless('/settings',[qw//]);
+__PACKAGE__->deny_access_unless('/textexport/alliance',[qw/textexport_alliance/]);
 
 =head1 NAME