tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-31 01:34:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

/role/*: if global.store_roles_in_db, operate on the database

Browse Source
This commit is contained in:
Alexander A. Klimov 2024-04-12 15:11:01 +02:00
parent 1a2d98607a
commit 32ce8576f4
1 changed files with 87 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
application/controllers/RoleController.php
View File

@ -5,21 +5,28 @@ namespace Icinga\Controllers;
use Exception; use Exception;
use GuzzleHttp\Psr7\ServerRequest; use GuzzleHttp\Psr7\ServerRequest;
use Icinga\Application\Config;
use Icinga\Authentication\AdmissionLoader; use Icinga\Authentication\AdmissionLoader;
use Icinga\Authentication\Auth; use Icinga\Authentication\Auth;
use Icinga\Authentication\RolesConfig; use Icinga\Authentication\RolesConfig;
use Icinga\Authentication\User\DomainAwareInterface; use Icinga\Authentication\User\DomainAwareInterface;
use Icinga\Common\Database;
use Icinga\Data\Selectable; use Icinga\Data\Selectable;
use Icinga\Exception\NotFoundError; use Icinga\Exception\NotFoundError;
use Icinga\Forms\Security\RoleDbForm;
use Icinga\Forms\Security\RoleForm; use Icinga\Forms\Security\RoleForm;
use Icinga\Model\Role;
use Icinga\Repository\Repository; use Icinga\Repository\Repository;
use Icinga\Security\SecurityException; use Icinga\Security\SecurityException;
use Icinga\User; use Icinga\User;
use Icinga\Web\Controller\AuthBackendController; use Icinga\Web\Controller\AuthBackendController;
use Icinga\Web\View\PrivilegeAudit; use Icinga\Web\View\PrivilegeAudit;
use Icinga\Web\Widget\RolesTable;
use Icinga\Web\Widget\SingleValueSearchControl; use Icinga\Web\Widget\SingleValueSearchControl;
use ipl\Html\Html; use ipl\Html\Html;
use ipl\Html\HtmlString; use ipl\Html\HtmlString;
use ipl\Web\Compat\SearchControls;
use ipl\Web\Filter\QueryString;
use ipl\Web\Url; use ipl\Web\Url;
use ipl\Web\Widget\Link; use ipl\Web\Widget\Link;
@ -30,6 +37,9 @@ use ipl\Web\Widget\Link;
*/ */
class RoleController extends AuthBackendController class RoleController extends AuthBackendController
{ {
use Database;
use SearchControls;
public function init() public function init()
{ {
$this->assertPermission('config/access-control/roles'); $this->assertPermission('config/access-control/roles');
@ -59,20 +69,70 @@ class RoleController extends AuthBackendController
public function listAction() public function listAction()
{ {
$this->createListTabs()->activate('role/list'); $this->createListTabs()->activate('role/list');
$this->view->roles = (new RolesConfig())
->select();
$sortAndFilterColumns = [ if (Config::app()->get('global', 'store_roles_in_db')) {
'name' => $this->translate('Name'), $db = $this->getDb();
'users' => $this->translate('Users'), $query = Role::on($db)->with('parent');
'groups' => $this->translate('Groups'),
'permissions' => $this->translate('Permissions')
];
$this->setupFilterControl($this->view->roles, $sortAndFilterColumns, ['name']); $limitControl = $this->createLimitControl();
$this->setupLimitControl(); $sortControl = $this->createSortControl($query, ['name' => $this->translate('Name')]);
$this->setupPaginationControl($this->view->roles); $paginationControl = $this->createPaginationControl($query);
$this->setupSortControl($sortAndFilterColumns, $this->view->roles, ['name']); $searchBar = $this->createSearchBar($query, [$limitControl->getLimitParam(), $sortControl->getSortParam()]);
if ($searchBar->hasBeenSent() && ! $searchBar->isValid()) {
if ($searchBar->hasBeenSubmitted()) {
$filter = QueryString::parse((string) $this->params);
} else {
$this->addControl($searchBar);
$this->sendMultipartUpdate();
return;
}
} else {
$filter = $searchBar->getFilter();
}
$query->filter($filter);
$this->addControl($paginationControl);
$this->addControl($limitControl);
$this->addControl($sortControl);
$this->addControl($searchBar);
$this->addControl(Html::tag(
'a',
[
'href' => Url::fromPath('role/add'),
'data-base-target' => '_next',
'class' => 'button-link icon-plus'
],
$this->translate('Create a New Role')
));
if ($query->count()) {
$this->addContent((new RolesTable())->setRoles($query));
} else {
$this->addContent(Html::tag('p', $this->translate('No roles found.')));
}
if (! $searchBar->hasBeenSubmitted() && $searchBar->hasBeenSent()) {
$this->sendMultipartUpdate();
}
} else {
$this->view->roles = (new RolesConfig())->select();
$sortAndFilterColumns = [
'name' => $this->translate('Name'),
'users' => $this->translate('Users'),
'groups' => $this->translate('Groups'),
'permissions' => $this->translate('Permissions')
];
$this->setupFilterControl($this->view->roles, $sortAndFilterColumns, ['name']);
$this->setupLimitControl();
$this->setupPaginationControl($this->view->roles);
$this->setupSortControl($sortAndFilterColumns, $this->view->roles, ['name']);
}
} }
/** /**
@ -82,9 +142,8 @@ class RoleController extends AuthBackendController
*/ */
public function addAction() public function addAction()
{ {
$role = new RoleForm(); $role = $this->prepareForm();
$role->setRedirectUrl('__CLOSE__'); $role->setRedirectUrl('__CLOSE__');
$role->setRepository(new RolesConfig());
$role->setSubmitLabel($this->translate('Create Role')); $role->setSubmitLabel($this->translate('Create Role'));
$role->add()->handleRequest(); $role->add()->handleRequest();
@ -99,9 +158,8 @@ class RoleController extends AuthBackendController
public function editAction() public function editAction()
{ {
$name = $this->params->getRequired('role'); $name = $this->params->getRequired('role');
$role = new RoleForm(); $role = $this->prepareForm();
$role->setRedirectUrl('__CLOSE__'); $role->setRedirectUrl('__CLOSE__');
$role->setRepository(new RolesConfig());
$role->setSubmitLabel($this->translate('Update Role')); $role->setSubmitLabel($this->translate('Update Role'));
$role->edit($name); $role->edit($name);
@ -120,9 +178,8 @@ class RoleController extends AuthBackendController
public function removeAction() public function removeAction()
{ {
$name = $this->params->getRequired('role'); $name = $this->params->getRequired('role');
$role = new RoleForm(); $role = $this->prepareForm();
$role->setRedirectUrl('__CLOSE__'); $role->setRedirectUrl('__CLOSE__');
$role->setRepository(new RolesConfig());
$role->setSubmitLabel($this->translate('Remove Role')); $role->setSubmitLabel($this->translate('Remove Role'));
$role->remove($name); $role->remove($name);
@ -389,4 +446,16 @@ class RoleController extends AuthBackendController
return $tabs; return $tabs;
} }
/**
* Create a form for role addition/modification/deletion and set the storage
*
* @return RoleForm
*/
private function prepareForm(): RoleForm
{
return Config::app()->get('global', 'store_roles_in_db')
? (new RoleDbForm())->setDb($this->getDb())
: (new RoleForm())->setRepository(new RolesConfig());
}
} }