tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Escape restriction names manually in Forms\Security\RoleForm 

fixes #8086
This commit is contained in:
Johannes Meyer 2014-12-22 10:46:29 +01:00
parent f0438d1ea0
commit 706e5504e6
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
application/forms/Security/RoleForm.php
View File

@ -93,7 +93,7 @@ class RoleForm extends ConfigForm
foreach ($this->providedRestrictions as $name => $description) {
$this->addElement(
'text',
$name,
str_replace('/', '_', $name),
array(
'label' => $name,
'description' => $description
@ -129,6 +129,12 @@ class RoleForm extends ConfigForm
? String::trimSplit($role['permissions'])
: null;
$role['name'] = $name;
foreach (array_keys($role) as $key) {
// Slashes are not allowed in a form's element name
$value = $role[$key];
unset($role[$key]);
$role[str_replace('/', '_', $key)] = $value;
}
$this->populate($role);
return $this;
}
@ -230,6 +236,12 @@ class RoleForm extends ConfigForm
if (isset($values['permissions'])) {
$values['permissions'] = implode(', ', $values['permissions']);
}
foreach (array_keys($values) as $key) {
// Slashes are not allowed in a form's element name
$value = $values[$key];
unset($values[$key]);
$values[str_replace('/', '_', $key)] = $value;
}
return $values;
}
}