From 94f70a6c190c6313d12cb7b9fb50dc44ac57f2b3 Mon Sep 17 00:00:00 2001
From: Johannes Meyer <johannes.meyer@icinga.com>
Date: Thu, 1 Dec 2022 15:00:30 +0100
Subject: [PATCH] RoleController: Always perform a permission check

(cherry picked from commit 965aac11efc6c0ecd6ce3a080451ae1a100b292c)
---
 application/controllers/RoleController.php | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/application/controllers/RoleController.php b/application/controllers/RoleController.php
index c83b20e30..05e62afcd 100644
--- a/application/controllers/RoleController.php
+++ b/application/controllers/RoleController.php
@@ -31,6 +31,7 @@ class RoleController extends AuthBackendController
 {
     public function init()
     {
+        $this->assertPermission('config/access-control/roles');
         $this->view->title = $this->translate('Roles');
 
         parent::init();
@@ -56,7 +57,6 @@ class RoleController extends AuthBackendController
      */
     public function listAction()
     {
-        $this->assertPermission('config/access-control/roles');
         $this->createListTabs()->activate('role/list');
         $this->view->roles = (new RolesConfig())
             ->select();
@@ -81,8 +81,6 @@ class RoleController extends AuthBackendController
      */
     public function addAction()
     {
-        $this->assertPermission('config/access-control/roles');
-
         $role = new RoleForm();
         $role->setRedirectUrl('__CLOSE__');
         $role->setRepository(new RolesConfig());
@@ -99,8 +97,6 @@ class RoleController extends AuthBackendController
      */
     public function editAction()
     {
-        $this->assertPermission('config/access-control/roles');
-
         $name = $this->params->getRequired('role');
         $role = new RoleForm();
         $role->setRedirectUrl('__CLOSE__');
@@ -122,8 +118,6 @@ class RoleController extends AuthBackendController
      */
     public function removeAction()
     {
-        $this->assertPermission('config/access-control/roles');
-
         $name = $this->params->getRequired('role');
         $role = new RoleForm();
         $role->setRedirectUrl('__CLOSE__');
@@ -142,7 +136,6 @@ class RoleController extends AuthBackendController
 
     public function auditAction()
     {
-        $this->assertPermission('config/access-control/roles');
         $this->createListTabs()->activate('role/audit');
         $this->view->title = t('Audit');