tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

UsergroupbackendController: Do only assert that the user has one permission 

The configuration of a backend itself should not be that granular.

refs #8826
This commit is contained in:
Johannes Meyer 2015-06-02 08:58:21 +02:00
parent 7b9983de38
commit 46e2393074
4 changed files with 10 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
application/controllers/UsergroupbackendController.php
View File

@ -15,6 +15,14 @@ use Icinga\Web\Url;
*/
class UsergroupbackendController extends Controller
{
/**
* Initialize this controller
*/
public function init()
{
$this->assertPermission('config/application/usergroupbackend');
}
/**
* Redirect to this controller's list action
*/
@ -28,7 +36,6 @@ class UsergroupbackendController extends Controller
*/
public function listAction()
{
$this->assertPermission('config/application/usergroupbackend/*');
$this->view->backendNames = Config::app('groups')->keys();
$this->getTabs()->add(
'usergroupbackend/list',
@ -45,8 +52,6 @@ class UsergroupbackendController extends Controller
*/
public function createAction()
{
$this->assertPermission('config/application/usergroupbackend/create');
$form = new UserGroupBackendForm();
$form->setRedirectUrl('usergroupbackend/list');
$form->setTitle($this->translate('Create New User Group Backend'));
@ -78,7 +83,6 @@ class UsergroupbackendController extends Controller
*/
public function editAction()
{
$this->assertPermission('config/application/usergroupbackend/edit');
$backendName = $this->params->getRequired('backend');
$form = new UserGroupBackendForm();
@ -118,7 +122,6 @@ class UsergroupbackendController extends Controller
*/
public function removeAction()
{
$this->assertPermission('config/application/usergroupbackend/remove');
$backendName = $this->params->getRequired('backend');
$backendForm = new UserGroupBackendForm();

5
application/forms/Security/RoleForm.php
View File

@ -27,6 +27,7 @@ class RoleForm extends ConfigForm
'config/application/general' => 'config/application/general',
'config/application/authentication' => 'config/application/authentication',
'config/application/resources' => 'config/application/resources',
'config/application/usergroupbackend' => 'config/application/usergroupbackend',
'config/application/roles' => 'config/application/roles',
'config/application/users/*' => 'config/application/users/*',
'config/application/users/show' => 'config/application/users/show',
@ -40,10 +41,6 @@ class RoleForm extends ConfigForm
'config/application/groups/remove' => 'config/application/groups/remove',
'config/application/groups/member/add' => 'config/application/groups/member/add',
'config/application/groups/member/remove' => 'config/application/groups/member/remove',
'config/application/usergroupbackend/*' => 'config/application/usergroupbackend/*',
'config/application/usergroupbackend/create' => 'config/application/usergroupbackend/create',
'config/application/usergroupbackend/edit' => 'config/application/usergroupbackend/edit',
'config/application/usergroupbackend/remove' => 'config/application/usergroupbackend/remove',
'config/modules' => 'config/modules'
);

17
application/views/scripts/usergroupbackend/list.phtml
View File

@ -1,15 +1,7 @@
<?php
$createPermitted = $this->hasPermission('config/application/usergroupbackend/create');
$editPermitted = $this->hasPermission('config/application/usergroupbackend/edit');
$removePermitted = $this->hasPermission('config/application/usergroupbackend/remove');
?>
<div class="controls">
<?= $tabs; ?>
</div>
<div class="content" data-base-target="_next">
<?php if ($createPermitted): ?>
<?= $this->qlink(
$this->translate('Create A New User Group Backend'),
'usergroupbackend/create',
@ -18,33 +10,25 @@ $removePermitted = $this->hasPermission('config/application/usergroupbackend/rem
'icon' => 'plus'
)
); ?>
<?php endif ?>
<?php if (count($backendNames) > 0): ?>
<table class="action usergroupbackend-list">
<thead>
<tr>
<th class="backend-name"><?= $this->translate('Backend'); ?></th>
<?php if ($removePermitted): ?>
<th class="backend-remove"><?= $this->translate('Remove'); ?></th>
<?php endif ?>
<tr>
</thead>
<tbody>
<?php foreach ($backendNames as $backendName): ?>
<tr>
<td class="backend-name">
<?php if ($editPermitted): ?>
<?= $this->qlink(
$backendName,
'usergroupbackend/edit',
array('backend' => $backendName),
array('title' => sprintf($this->translate('Edit user group backend %s'), $backendName))
); ?>
<?php else: ?>
<?= $this->escape($backendName); ?>
<?php endif ?>
</td>
<?php if ($removePermitted): ?>
<td class="backend-remove"><?= $this->qlink(
null,
'usergroupbackend/remove',
@ -54,7 +38,6 @@ $removePermitted = $this->hasPermission('config/application/usergroupbackend/rem
'icon' => 'trash'
)
); ?></td>
<?php endif ?>
</tr>
<?php endforeach ?>
</tbody>

2
library/Icinga/Web/Menu.php
View File

@ -261,7 +261,7 @@ class Menu implements RecursiveIterator
));
$section->add(t('UserGroupBackends'), array(
'url' => 'usergroupbackend/list',
'permission' => 'config/application/usergroupbackend/*',
'permission' => 'config/application/usergroupbackend',
'priority' => 830
));
$section->add(t('Modules'), array(