security: Don't list permissions and restrictions in the roles overview
fixes #8335
This commit is contained in:
parent
d1dd907582
commit
a23752de63
|
@ -11,8 +11,8 @@
|
|||
<thead>
|
||||
<tr>
|
||||
<th><?= $this->translate('Name') ?></th>
|
||||
<th><?= $this->translate('Permissions') ?></th>
|
||||
<th><?= $this->translate('Restrictions') ?></th>
|
||||
<!-- <th>--><?//= $this->translate('Permissions') ?><!--</th>-->
|
||||
<!-- <th>--><?//= $this->translate('Restrictions') ?><!--</th>-->
|
||||
<th><?= $this->translate('Users') ?></th>
|
||||
<th><?= $this->translate('Groups') ?></th>
|
||||
</tr>
|
||||
|
@ -26,28 +26,28 @@
|
|||
<a href="<?= $this->url('roles/update', array('role' => $name)) ?>"></a>
|
||||
</div>
|
||||
</td>
|
||||
<td><?= $this->escape($role->permissions, 0, 50) ?></td>
|
||||
<td>
|
||||
<?php
|
||||
// TODO(el): $role->without(...) or $role->shift(...) would be nice!
|
||||
$restrictions = clone $role;
|
||||
unset($restrictions['users']);
|
||||
unset($restrictions['groups']);
|
||||
unset($restrictions['permissions']);
|
||||
?>
|
||||
<?php if (! empty($restrictions)): ?>
|
||||
<table>
|
||||
<tbody>
|
||||
<?php foreach ($restrictions as $restrictionName => $restriction): ?>
|
||||
<tr>
|
||||
<th><?= $this->escape($restrictionName) ?></th>
|
||||
<td><?= $this->escape($restriction) ?></td>
|
||||
</tr>
|
||||
<?php endforeach ?>
|
||||
</tbody>
|
||||
</table>
|
||||
<?php endif ?>
|
||||
</td>
|
||||
<!-- <td>--><?//= $this->escape($role->permissions, 0, 50) ?><!--</td>-->
|
||||
<!-- <td>-->
|
||||
<!-- --><?php
|
||||
// // TODO(el): $role->without(...) or $role->shift(...) would be nice!
|
||||
// $restrictions = clone $role;
|
||||
// unset($restrictions['users']);
|
||||
// unset($restrictions['groups']);
|
||||
// unset($restrictions['permissions']);
|
||||
// ?>
|
||||
<!-- --><?php //if (! empty($restrictions)): ?>
|
||||
<!-- <table>-->
|
||||
<!-- <tbody>-->
|
||||
<!-- --><?php //foreach ($restrictions as $restrictionName => $restriction): ?>
|
||||
<!-- <tr>-->
|
||||
<!-- <th>--><?//= $this->escape($restrictionName) ?><!--</th>-->
|
||||
<!-- <td>--><?//= $this->escape($restriction) ?><!--</td>-->
|
||||
<!-- </tr>-->
|
||||
<!-- --><?php //endforeach ?>
|
||||
<!-- </tbody>-->
|
||||
<!-- </table>-->
|
||||
<!-- --><?php //endif ?>
|
||||
<!-- </td>-->
|
||||
<td><?= $this->escape($role->users) ?></td>
|
||||
<td><?= $this->escape($role->groups) ?></td>
|
||||
<td>
|
||||
|
|
Loading…
Reference in New Issue