tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-23 22:04:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Throw SecurityException in ActionController::assertPermission()

Browse Source
This commit is contained in:
Eric Lippmann 2015-01-30 09:34:19 +01:00
parent d42017018f
commit 2faf5f0ca1
1 changed files with 16 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
library/Icinga/Web/Controller/ActionController.php
View File

@ -1,23 +1,22 @@
<?php <?php
// {{{ICINGA_LICENSE_HEADER}}}
// {{{ICINGA_LICENSE_HEADER}}}
namespace Icinga\Web\Controller; namespace Icinga\Web\Controller;
use Exception; use Exception;
use Icinga\Authentication\Manager;
use Icinga\Application\Benchmark; use Icinga\Application\Benchmark;
use Icinga\Application\Config; use Icinga\Application\Config;
use Icinga\Authentication\Manager;
use Icinga\Exception\IcingaException; use Icinga\Exception\IcingaException;
use Icinga\Exception\ProgrammingError;
use Icinga\File\Pdf;
use Icinga\Security\SecurityException;
use Icinga\Util\Translator; use Icinga\Util\Translator;
use Icinga\Web\Notification;
use Icinga\Web\Session;
use Icinga\Web\Url;
use Icinga\Web\UrlParams;
use Icinga\Web\Widget\Tabs; use Icinga\Web\Widget\Tabs;
use Icinga\Web\Window; use Icinga\Web\Window;
use Icinga\Web\Url;
use Icinga\Web\Notification;
use Icinga\File\Pdf;
use Icinga\Exception\ProgrammingError;
use Icinga\Web\Session;
use Icinga\Web\UrlParams;
use Zend_Controller_Action; use Zend_Controller_Action;
use Zend_Controller_Action_HelperBroker as ActionHelperBroker; use Zend_Controller_Action_HelperBroker as ActionHelperBroker;
use Zend_Controller_Request_Abstract as Request; use Zend_Controller_Request_Abstract as Request;
@ -50,7 +49,7 @@ class ActionController extends Zend_Controller_Action
/** /**
* Authentication manager * Authentication manager
* *
* @type \Icinga\Authentication\Manager|null * @type Manager|null
*/ */
private $auth; private $auth;
@ -106,7 +105,6 @@ class ActionController extends Zend_Controller_Action
{ {
} }
/** /**
* Get the authentication manager * Get the authentication manager
* *
@ -133,19 +131,16 @@ class ActionController extends Zend_Controller_Action
} }
/** /**
* Throw an exception if user lacks the given permission * Assert that the current user has the given permission
* *
* @param string $name Permission name * @param string $permission Name of the permission
* @throws Exception *
* @throws SecurityException If the current user lacks the given permission
*/ */
public function assertPermission($name) public function assertPermission($permission)
{ {
if (! $this->Auth()->hasPermission($name)) { if (! $this->Auth()->hasPermission($permission)) {
// TODO: Shall this be an Auth Exception? Or a 404? throw new SecurityException('No permission for %s', $permission);
throw new IcingaException(
'Auth error, no permission for "%s"',
$name
);
} }
} }