tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-27 15:54:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

NavigationConfigForm: Apply share restrictions for users and groups

Browse Source 
refs #5600
This commit is contained in:
Johannes Meyer 2015-09-16 16:25:17 +02:00
parent 0cff2ca545
commit 4385d74e16
1 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
application/forms/Navigation/NavigationConfigForm.php
View File

@ -5,6 +5,7 @@ namespace Icinga\Forms\Navigation;
use InvalidArgumentException; use InvalidArgumentException;
use Icinga\Application\Config; use Icinga\Application\Config;
use Icinga\Authentication\Auth;
use Icinga\Exception\IcingaException; use Icinga\Exception\IcingaException;
use Icinga\Exception\NotFoundError; use Icinga\Exception\NotFoundError;
use Icinga\Forms\ConfigForm; use Icinga\Forms\ConfigForm;
@ -427,6 +428,63 @@ class NavigationConfigForm extends ConfigForm
} }
} }
/**
* {@inheritdoc}
*/
public function isValid($formData)
{
if (! parent::isValid($formData)) {
return false;
}
$valid = true;
if (isset($formData['users']) && $formData['users']) {
$parsedUserRestrictions = array();
foreach (Auth::getInstance()->getRestrictions('application/share/users') as $userRestriction) {
$parsedUserRestrictions[] = array_map('trim', explode(',', $userRestriction));
}
if (! empty($parsedUserRestrictions)) {
$desiredUsers = array_map('trim', explode(',', $formData['users']));
array_unshift($parsedUserRestrictions, $desiredUsers);
$forbiddenUsers = call_user_func_array('array_diff', $parsedUserRestrictions);
if (! empty($forbiddenUsers)) {
$valid = false;
$this->getElement('users')->addError(
$this->translate(sprintf(
'You are not permitted to share this navigation item with the following users: %s',
implode(', ', $forbiddenUsers)
))
);
}
}
}
if (isset($formData['groups']) && $formData['groups']) {
$parsedGroupRestrictions = array();
foreach (Auth::getInstance()->getRestrictions('application/share/groups') as $groupRestriction) {
$parsedGroupRestrictions[] = array_map('trim', explode(',', $groupRestriction));
}
if (! empty($parsedGroupRestrictions)) {
$desiredGroups = array_map('trim', explode(',', $formData['groups']));
array_unshift($parsedGroupRestrictions, $desiredGroups);
$forbiddenGroups = call_user_func_array('array_diff', $parsedGroupRestrictions);
if (! empty($forbiddenGroups)) {
$valid = false;
$this->getElement('groups')->addError(
$this->translate(sprintf(
'You are not permitted to share this navigation item with the following groups: %s',
implode(', ', $forbiddenGroups)
))
);
}
}
}
return $valid;
}
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */