role/audit: Add input to choose a user
This commit is contained in:
Johannes Meyer
parent
42bdbe38b1
commit
05fdd98ba8
|
|
@ -3,11 +3,17 @@
|
||||||
|
|
||||||
namespace Icinga\Controllers;
|
namespace Icinga\Controllers;
|
||||||
|
|
||||||
|
use Exception;
|
||||||
|
use GuzzleHttp\Psr7\ServerRequest;
|
||||||
use Icinga\Authentication\RolesConfig;
|
use Icinga\Authentication\RolesConfig;
|
||||||
|
use Icinga\Data\Selectable;
|
||||||
use Icinga\Exception\NotFoundError;
|
use Icinga\Exception\NotFoundError;
|
||||||
use Icinga\Forms\Security\RoleForm;
|
use Icinga\Forms\Security\RoleForm;
|
||||||
|
use Icinga\Repository\Repository;
|
||||||
use Icinga\Security\SecurityException;
|
use Icinga\Security\SecurityException;
|
||||||
use Icinga\Web\Controller\AuthBackendController;
|
use Icinga\Web\Controller\AuthBackendController;
|
||||||
|
use Icinga\Web\Widget\SingleValueSearchControl;
|
||||||
|
use ipl\Web\Url;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Manage user permissions and restrictions based on roles
|
* Manage user permissions and restrictions based on roles
|
||||||
|
|
@ -127,6 +133,59 @@ class RoleController extends AuthBackendController
|
||||||
$this->renderForm($role, $this->translate('Remove Role'));
|
$this->renderForm($role, $this->translate('Remove Role'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function auditAction()
|
||||||
|
{
|
||||||
|
$this->assertPermission('config/access-control/roles');
|
||||||
|
$this->createListTabs()->activate('role/audit');
|
||||||
|
$username = $this->params->get('user');
|
||||||
|
|
||||||
|
$form = new SingleValueSearchControl();
|
||||||
|
$form->populate(['q' => $username]);
|
||||||
|
$form->setInputLabel(t('Enter username'));
|
||||||
|
$form->setSubmitLabel(t('Inspect'));
|
||||||
|
$form->setSuggestionUrl(Url::fromPath(
|
||||||
|
'role/suggest-role-member',
|
||||||
|
['_disableLayout' => true, 'showCompact' => true]
|
||||||
|
));
|
||||||
|
|
||||||
|
$form->on(SingleValueSearchControl::ON_SUCCESS, function ($form) {
|
||||||
|
$this->redirectNow(Url::fromPath('role/audit', ['user' => $form->getValue('q')]));
|
||||||
|
})->handleRequest(ServerRequest::fromGlobals());
|
||||||
|
|
||||||
|
$this->content->add($form);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function suggestRoleMemberAction()
|
||||||
|
{
|
||||||
|
$this->assertHttpMethod('POST');
|
||||||
|
$requestData = $this->getRequest()->getPost();
|
||||||
|
$limit = $this->params->get('limit', 50);
|
||||||
|
|
||||||
|
$searchTerm = $requestData['term']['label'];
|
||||||
|
$backends = $this->loadUserBackends(Selectable::class);
|
||||||
|
|
||||||
|
$users = [];
|
||||||
|
while ($limit > 0 && ! empty($backends)) {
|
||||||
|
/** @var Repository $backend */
|
||||||
|
$backend = array_shift($backends);
|
||||||
|
$query = $backend->select()
|
||||||
|
->from('user', ['user_name'])
|
||||||
|
->where('user_name', $searchTerm)
|
||||||
|
->limit($limit);
|
||||||
|
|
||||||
|
try {
|
||||||
|
$names = $query->fetchColumn();
|
||||||
|
} catch (Exception $e) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
array_push($users, ...$names);
|
||||||
|
$limit -= count($names);
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->document->add(SingleValueSearchControl::createSuggestions($users));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create the tabs to display when listing roles
|
* Create the tabs to display when listing roles
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue