+ if track.dependent then
+ local stat, err = pcall(assert, not track.auto)
+ if not stat then
+ error500(err)
+ return
+ end
+ end
+
+ if track.sysauth then
+ require("luci.sauth")
+ local authen = authenticator[track.sysauth_authenticator]
+ local def = (type(track.sysauth) == "string") and track.sysauth
+ local accs = def and {track.sysauth} or track.sysauth
+ local user = luci.sauth.read(luci.http.getcookie("sysauth"))
+
+ if not luci.util.contains(accs, user) then
+ if authen then
+ local user = authen(luci.sys.user.checkpasswd, def)
+ if not user or not luci.util.contains(accs, user) then
+ return
+ else
+ local sid = luci.sys.uniqueid(16)
+ luci.http.header("Set-Cookie", "sysauth=" .. sid.."; path=/")
+ luci.sauth.write(sid, user)
+ end
+ else
+ luci.http.status(403, "Forbidden")
+ return
+ end
+ else
+ luci.http.status(403, "Forbidden")
+ return
+ end
+ end
+
+ if track.setgroup then
+ luci.sys.process.setgroup(track.setgroup)
+ end
+
+ if track.setuser then
+ luci.sys.process.setuser(track.setuser)
+ end