Merged revisions 316663 via svnmerge from
[asterisk/asterisk.git] / main / manager.c
index d3c3074..9b8c965 100644 (file)
@@ -4497,18 +4497,25 @@ static int process_message(struct mansession *s, const struct message *m)
                }
                if (s->session->writeperm & tmp->authority || tmp->authority == 0) {
                        call_func = tmp->func;
-               } else {
-                       astman_send_error(s, m, "Permission denied");
-                       report_req_not_allowed(s, action);
                }
                break;
        }
        AST_RWLIST_UNLOCK(&actions);
 
-       if (tmp && call_func) {
-               /* call AMI function after actions list are unlocked */
-               ast_debug(1, "Running action '%s'\n", tmp->action);
-               ret = call_func(s, m);
+       if (tmp) {
+               if (call_func) {
+                       /* Call our AMI function after we unlock our actions lists */
+                       ast_debug(1, "Running action '%s'\n", tmp->action);
+                       ret = call_func(s, m);
+               } else {
+                       /* If we found our action but don't have a function pointer, access
+                        * was denied, so bail out.
+                        */
+                       report_req_not_allowed(s, action);
+                       mansession_lock(s);
+                       astman_send_error(s, m, "Permission denied");
+                       mansession_unlock(s);
+               }
        } else {
                char buf[512];
                if (!tmp) {