From 93f7bfeeb93842e9340947acbc1822f49196843d Mon Sep 17 00:00:00 2001
From: Johannes Meyer <johannes.meyer@netways.de>
Date: Mon, 24 Aug 2015 14:47:37 +0200
Subject: [PATCH] Allow to dis-/enable stacktraces in a user's preferences

refs #9113
---
 application/forms/PreferenceForm.php    | 24 ++++++++++
 application/forms/Security/RoleForm.php | 64 ++++++++++++++-----------
 library/Icinga/Application/Web.php      |  7 +++
 3 files changed, 66 insertions(+), 29 deletions(-)

diff --git a/application/forms/PreferenceForm.php b/application/forms/PreferenceForm.php
index 84a0f40bd..e9aca1d26 100644
--- a/application/forms/PreferenceForm.php
+++ b/application/forms/PreferenceForm.php
@@ -5,6 +5,7 @@ namespace Icinga\Forms;
 
 use Exception;
 use DateTimeZone;
+use Icinga\Application\Config;
 use Icinga\Application\Logger;
 use Icinga\Authentication\Auth;
 use Icinga\User\Preferences;
@@ -178,6 +179,19 @@ class PreferenceForm extends Form
             )
         );
 
+        if (Auth::getInstance()->hasPermission('application/stacktraces')) {
+            $this->addElement(
+                'checkbox',
+                'show_stacktraces',
+                array(
+                    'required'      => true,
+                    'value'         => $this->getDefaultShowStacktraces(),
+                    'label'         => $this->translate('Show Stacktraces'),
+                    'description'   => $this->translate('Set whether to show an exception\'s stacktrace.')
+                )
+            );
+        }
+
         $this->addElement(
             'checkbox',
             'show_benchmark',
@@ -269,4 +283,14 @@ class PreferenceForm extends Form
         $locale = Translator::getPreferredLocaleCode($_SERVER['HTTP_ACCEPT_LANGUAGE']);
         return $locale;
     }
+
+    /**
+     * Return the default global setting for show_stacktraces
+     *
+     * @return  bool
+     */
+    protected function getDefaultShowStacktraces()
+    {
+        return Config::app()->get('global', 'show_stacktraces', true);
+    }
 }
diff --git a/application/forms/Security/RoleForm.php b/application/forms/Security/RoleForm.php
index dba7ebe9f..212776bac 100644
--- a/application/forms/Security/RoleForm.php
+++ b/application/forms/Security/RoleForm.php
@@ -20,35 +20,7 @@ class RoleForm extends ConfigForm
      *
      * @var array
      */
-    protected $providedPermissions = array(
-        '*'                                             => 'Allow everything (*)',
-        'config/*'                                      => 'Allow config access (config/*)',
-/*
-        // [tg] seems excessive for me, hidden for rc1, tbd
-        'config/application/*'                          => 'config/application/*',
-        'config/application/general'                    => 'config/application/general',
-        'config/application/resources'                  => 'config/application/resources',
-        'config/application/userbackend'                => 'config/application/userbackend',
-        'config/application/usergroupbackend'           => 'config/application/usergroupbackend',
-        'config/authentication/*'                       => 'config/authentication/*',
-        'config/authentication/users/*'                 => 'config/authentication/users/*',
-        'config/authentication/users/show'              => 'config/authentication/users/show',
-        'config/authentication/users/add'               => 'config/authentication/users/add',
-        'config/authentication/users/edit'              => 'config/authentication/users/edit',
-        'config/authentication/users/remove'            => 'config/authentication/users/remove',
-        'config/authentication/groups/*'                => 'config/authentication/groups/*',
-        'config/authentication/groups/show'             => 'config/authentication/groups/show',
-        'config/authentication/groups/add'              => 'config/authentication/groups/add',
-        'config/authentication/groups/edit'             => 'config/authentication/groups/edit',
-        'config/authentication/groups/remove'           => 'config/authentication/groups/remove',
-        'config/authentication/roles/*'                 => 'config/authentication/roles/*',
-        'config/authentication/roles/show'              => 'config/authentication/roles/show',
-        'config/authentication/roles/add'               => 'config/authentication/roles/add',
-        'config/authentication/roles/edit'              => 'config/authentication/roles/edit',
-        'config/authentication/roles/remove'            => 'config/authentication/roles/remove',
-        'config/modules'                                => 'config/modules'
-*/
-    );
+    protected $providedPermissions;
 
     /**
      * Provided restrictions by currently loaded modules
@@ -62,6 +34,40 @@ class RoleForm extends ConfigForm
      */
     public function init()
     {
+        $this->providedPermissions = array(
+            '*'                                             => $this->translate('Allow everything') . ' (*)',
+            'application/stacktraces'                       => $this->translate(
+                'Allow to adjust in the preferences whether to show stacktraces'
+            ) . ' (application/stacktraces)',
+            'config/*'                                      => $this->translate('Allow config access') . ' (config/*)',
+/*
+            // [tg] seems excessive for me, hidden for rc1, tbd
+            'config/application/*'                          => 'config/application/*',
+            'config/application/general'                    => 'config/application/general',
+            'config/application/resources'                  => 'config/application/resources',
+            'config/application/userbackend'                => 'config/application/userbackend',
+            'config/application/usergroupbackend'           => 'config/application/usergroupbackend',
+            'config/authentication/*'                       => 'config/authentication/*',
+            'config/authentication/users/*'                 => 'config/authentication/users/*',
+            'config/authentication/users/show'              => 'config/authentication/users/show',
+            'config/authentication/users/add'               => 'config/authentication/users/add',
+            'config/authentication/users/edit'              => 'config/authentication/users/edit',
+            'config/authentication/users/remove'            => 'config/authentication/users/remove',
+            'config/authentication/groups/*'                => 'config/authentication/groups/*',
+            'config/authentication/groups/show'             => 'config/authentication/groups/show',
+            'config/authentication/groups/add'              => 'config/authentication/groups/add',
+            'config/authentication/groups/edit'             => 'config/authentication/groups/edit',
+            'config/authentication/groups/remove'           => 'config/authentication/groups/remove',
+            'config/authentication/roles/*'                 => 'config/authentication/roles/*',
+            'config/authentication/roles/show'              => 'config/authentication/roles/show',
+            'config/authentication/roles/add'               => 'config/authentication/roles/add',
+            'config/authentication/roles/edit'              => 'config/authentication/roles/edit',
+            'config/authentication/roles/remove'            => 'config/authentication/roles/remove',
+            'config/modules'                                => 'config/modules'
+*/
+        );
+        
+        
         $helper = new Zend_Form_Element('bogus');
         $mm = Icinga::app()->getModuleManager();
         foreach ($mm->listInstalledModules() as $moduleName) {
diff --git a/library/Icinga/Application/Web.php b/library/Icinga/Application/Web.php
index 538442818..3ee5af39e 100644
--- a/library/Icinga/Application/Web.php
+++ b/library/Icinga/Application/Web.php
@@ -214,6 +214,13 @@ class Web extends EmbeddedWeb
         $this->frontController->setControllerDirectory($this->getApplicationDir('/controllers'));
 
         $displayExceptions = $this->config->get('global', 'show_stacktraces', true);
+        if ($this->user !== null && $this->user->can('application/stacktraces')) {
+            $displayExceptions = $this->user->getPreferences()->getValue(
+                'icingaweb',
+                'show_stacktraces',
+                $displayExceptions
+            );
+        }
 
         $this->frontController->setParams(
             array(