tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-27 15:54:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

UsergroupbackendController: Do only assert that the user has one permission

Browse Source 
The configuration of a backend itself should not be that granular.

refs #8826
This commit is contained in:
Johannes Meyer 2015-06-02 08:58:21 +02:00
parent 7b9983de38
commit 46e2393074
4 changed files with 10 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
application/controllers/UsergroupbackendController.php
View File

@ -15,6 +15,14 @@ use Icinga\Web\Url;
*/ */
class UsergroupbackendController extends Controller class UsergroupbackendController extends Controller
{ {
/**
* Initialize this controller
*/
public function init()
{
$this->assertPermission('config/application/usergroupbackend');
}
/** /**
* Redirect to this controller's list action * Redirect to this controller's list action
*/ */
@ -28,7 +36,6 @@ class UsergroupbackendController extends Controller
*/ */
public function listAction() public function listAction()
{ {
$this->assertPermission('config/application/usergroupbackend/*');
$this->view->backendNames = Config::app('groups')->keys(); $this->view->backendNames = Config::app('groups')->keys();
$this->getTabs()->add( $this->getTabs()->add(
'usergroupbackend/list', 'usergroupbackend/list',
@ -45,8 +52,6 @@ class UsergroupbackendController extends Controller
*/ */
public function createAction() public function createAction()
{ {
$this->assertPermission('config/application/usergroupbackend/create');
$form = new UserGroupBackendForm(); $form = new UserGroupBackendForm();
$form->setRedirectUrl('usergroupbackend/list'); $form->setRedirectUrl('usergroupbackend/list');
$form->setTitle($this->translate('Create New User Group Backend')); $form->setTitle($this->translate('Create New User Group Backend'));
@ -78,7 +83,6 @@ class UsergroupbackendController extends Controller
*/ */
public function editAction() public function editAction()
{ {
$this->assertPermission('config/application/usergroupbackend/edit');
$backendName = $this->params->getRequired('backend'); $backendName = $this->params->getRequired('backend');
$form = new UserGroupBackendForm(); $form = new UserGroupBackendForm();
@ -118,7 +122,6 @@ class UsergroupbackendController extends Controller
*/ */
public function removeAction() public function removeAction()
{ {
$this->assertPermission('config/application/usergroupbackend/remove');
$backendName = $this->params->getRequired('backend'); $backendName = $this->params->getRequired('backend');
$backendForm = new UserGroupBackendForm(); $backendForm = new UserGroupBackendForm();

5
application/forms/Security/RoleForm.php
View File

@ -27,6 +27,7 @@ class RoleForm extends ConfigForm
'config/application/general' => 'config/application/general', 'config/application/general' => 'config/application/general',
'config/application/authentication' => 'config/application/authentication', 'config/application/authentication' => 'config/application/authentication',
'config/application/resources' => 'config/application/resources', 'config/application/resources' => 'config/application/resources',
'config/application/usergroupbackend' => 'config/application/usergroupbackend',
'config/application/roles' => 'config/application/roles', 'config/application/roles' => 'config/application/roles',
'config/application/users/*' => 'config/application/users/*', 'config/application/users/*' => 'config/application/users/*',
'config/application/users/show' => 'config/application/users/show', 'config/application/users/show' => 'config/application/users/show',
@ -40,10 +41,6 @@ class RoleForm extends ConfigForm
'config/application/groups/remove' => 'config/application/groups/remove', 'config/application/groups/remove' => 'config/application/groups/remove',
'config/application/groups/member/add' => 'config/application/groups/member/add', 'config/application/groups/member/add' => 'config/application/groups/member/add',
'config/application/groups/member/remove' => 'config/application/groups/member/remove', 'config/application/groups/member/remove' => 'config/application/groups/member/remove',
'config/application/usergroupbackend/*' => 'config/application/usergroupbackend/*',
'config/application/usergroupbackend/create' => 'config/application/usergroupbackend/create',
'config/application/usergroupbackend/edit' => 'config/application/usergroupbackend/edit',
'config/application/usergroupbackend/remove' => 'config/application/usergroupbackend/remove',
'config/modules' => 'config/modules' 'config/modules' => 'config/modules'
); );

17
application/views/scripts/usergroupbackend/list.phtml
View File

@ -1,15 +1,7 @@
<?php
$createPermitted = $this->hasPermission('config/application/usergroupbackend/create');
$editPermitted = $this->hasPermission('config/application/usergroupbackend/edit');
$removePermitted = $this->hasPermission('config/application/usergroupbackend/remove');
?>
<div class="controls"> <div class="controls">
<?= $tabs; ?> <?= $tabs; ?>
</div> </div>
<div class="content" data-base-target="_next"> <div class="content" data-base-target="_next">
<?php if ($createPermitted): ?>
<?= $this->qlink( <?= $this->qlink(
$this->translate('Create A New User Group Backend'), $this->translate('Create A New User Group Backend'),
'usergroupbackend/create', 'usergroupbackend/create',
@ -18,33 +10,25 @@ $removePermitted = $this->hasPermission('config/application/usergroupbackend/rem
'icon' => 'plus' 'icon' => 'plus'
) )
); ?> ); ?>
<?php endif ?>
<?php if (count($backendNames) > 0): ?> <?php if (count($backendNames) > 0): ?>
<table class="action usergroupbackend-list"> <table class="action usergroupbackend-list">
<thead> <thead>
<tr> <tr>
<th class="backend-name"><?= $this->translate('Backend'); ?></th> <th class="backend-name"><?= $this->translate('Backend'); ?></th>
<?php if ($removePermitted): ?>
<th class="backend-remove"><?= $this->translate('Remove'); ?></th> <th class="backend-remove"><?= $this->translate('Remove'); ?></th>
<?php endif ?>
<tr> <tr>
</thead> </thead>
<tbody> <tbody>
<?php foreach ($backendNames as $backendName): ?> <?php foreach ($backendNames as $backendName): ?>
<tr> <tr>
<td class="backend-name"> <td class="backend-name">
<?php if ($editPermitted): ?>
<?= $this->qlink( <?= $this->qlink(
$backendName, $backendName,
'usergroupbackend/edit', 'usergroupbackend/edit',
array('backend' => $backendName), array('backend' => $backendName),
array('title' => sprintf($this->translate('Edit user group backend %s'), $backendName)) array('title' => sprintf($this->translate('Edit user group backend %s'), $backendName))
); ?> ); ?>
<?php else: ?>
<?= $this->escape($backendName); ?>
<?php endif ?>
</td> </td>
<?php if ($removePermitted): ?>
<td class="backend-remove"><?= $this->qlink( <td class="backend-remove"><?= $this->qlink(
null, null,
'usergroupbackend/remove', 'usergroupbackend/remove',
@ -54,7 +38,6 @@ $removePermitted = $this->hasPermission('config/application/usergroupbackend/rem
'icon' => 'trash' 'icon' => 'trash'
) )
); ?></td> ); ?></td>
<?php endif ?>
</tr> </tr>
<?php endforeach ?> <?php endforeach ?>
</tbody> </tbody>

2
library/Icinga/Web/Menu.php
View File

@ -261,7 +261,7 @@ class Menu implements RecursiveIterator
)); ));
$section->add(t('UserGroupBackends'), array( $section->add(t('UserGroupBackends'), array(
'url' => 'usergroupbackend/list', 'url' => 'usergroupbackend/list',
'permission' => 'config/application/usergroupbackend/*', 'permission' => 'config/application/usergroupbackend',
'priority' => 830 'priority' => 830
)); ));
$section->add(t('Modules'), array( $section->add(t('Modules'), array(