From a82a88a34bb239ebb3191022f802f7d326eef7eb Mon Sep 17 00:00:00 2001
From: Johannes Meyer <johannes.meyer@icinga.com>
Date: Thu, 1 Dec 2022 15:00:30 +0100
Subject: [PATCH] RoleController: Always perform a permission check

(cherry picked from commit 965aac11efc6c0ecd6ce3a080451ae1a100b292c)
---
 application/controllers/RoleController.php | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/application/controllers/RoleController.php b/application/controllers/RoleController.php
index a1b0730df..4223d3397 100644
--- a/application/controllers/RoleController.php
+++ b/application/controllers/RoleController.php
@@ -32,6 +32,7 @@ class RoleController extends AuthBackendController
 {
     public function init()
     {
+        $this->assertPermission('config/access-control/roles');
         $this->view->title = $this->translate('Roles');
 
         parent::init();
@@ -57,7 +58,6 @@ class RoleController extends AuthBackendController
      */
     public function listAction()
     {
-        $this->assertPermission('config/access-control/roles');
         $this->createListTabs()->activate('role/list');
         $this->view->roles = (new RolesConfig())
             ->select();
@@ -82,8 +82,6 @@ class RoleController extends AuthBackendController
      */
     public function addAction()
     {
-        $this->assertPermission('config/access-control/roles');
-
         $role = new RoleForm();
         $role->setRedirectUrl('__CLOSE__');
         $role->setRepository(new RolesConfig());
@@ -100,8 +98,6 @@ class RoleController extends AuthBackendController
      */
     public function editAction()
     {
-        $this->assertPermission('config/access-control/roles');
-
         $name = $this->params->getRequired('role');
         $role = new RoleForm();
         $role->setRedirectUrl('__CLOSE__');
@@ -123,8 +119,6 @@ class RoleController extends AuthBackendController
      */
     public function removeAction()
     {
-        $this->assertPermission('config/access-control/roles');
-
         $name = $this->params->getRequired('role');
         $role = new RoleForm();
         $role->setRedirectUrl('__CLOSE__');
@@ -143,7 +137,6 @@ class RoleController extends AuthBackendController
 
     public function auditAction()
     {
-        $this->assertPermission('config/access-control/roles');
         $this->createListTabs()->activate('role/audit');
         $this->view->title = t('Audit');