Provide module permissions automatically

refs #9644
2015-07-22 15:01:54 +02:00 · 2015-07-22 15:01:54 +02:00 · bf590ed380
parent 5dcc307e87
commit bf590ed380
1 changed files with 28 additions and 18 deletions
--- a/application/forms/Security/RoleForm.php
+++ b/application/forms/Security/RoleForm.php
@ -63,25 +63,35 @@ class RoleForm extends ConfigForm
    public function init()
    {
        $helper = new Zend_Form_Element('bogus');
-        foreach (Icinga::app()->getModuleManager()->getLoadedModules() as $module) {
-            foreach ($module->getProvidedPermissions() as $permission) {
-                /** @var object $permission */
-                $this->providedPermissions[$permission->name] = $permission->description . ' (' . $permission->name . ')';
-            }
-            foreach ($module->getProvidedRestrictions() as $restriction) {
-                /** @var object $restriction */
-                $name = $helper->filterName($restriction->name); // Zend only permits alphanumerics, the underscore,
-                                                                 // the circumflex and any ASCII character in range
-                                                                 // \x7f to \xff (127 to 255)
-                while (isset($this->providedRestrictions[$name])) {
-                    // Because Zend_Form_Element::filterName() replaces any not permitted character with the empty
-                    // string we may have duplicate names, e.g. 're/striction' and 'restriction'
-                    $name .= '_';
+        $mm = Icinga::app()->getModuleManager();
+        foreach ($mm->listInstalledModules() as $moduleName) {
+            $modulePermission = $mm::MODULE_PERMISSION_NS . $moduleName;
+            $this->providedPermissions[$modulePermission] = sprintf(
+                $this->translate('Allow access to module %s') . ' (%s)',
+                $moduleName,
+                $modulePermission
+            );
+            if ($mm->hasEnabled($moduleName)) {
+                $module = $mm->getModule($moduleName);
+                foreach ($module->getProvidedPermissions() as $permission) {
+                    /** @var object $permission */
+                    $this->providedPermissions[$permission->name] = $permission->description . ' (' . $permission->name . ')';
+                }
+                foreach ($module->getProvidedRestrictions() as $restriction) {
+                    /** @var object $restriction */
+                    $name = $helper->filterName($restriction->name); // Zend only permits alphanumerics, the underscore,
+                    // the circumflex and any ASCII character in range
+                    // \x7f to \xff (127 to 255)
+                    while (isset($this->providedRestrictions[$name])) {
+                        // Because Zend_Form_Element::filterName() replaces any not permitted character with the empty
+                        // string we may have duplicate names, e.g. 're/striction' and 'restriction'
+                        $name .= '_';
+                    }
+                    $this->providedRestrictions[$name] = array(
+                        'description' => $restriction->description,
+                        'name'        => $restriction->name
+                    );
                }
-                $this->providedRestrictions[$name] = array(
-                    'description'   => $restriction->description,
-                    'name'          => $restriction->name
-                );
            }
        }
    }