From cb4d6f013a10be29b695d0c308ececc42f690a9c Mon Sep 17 00:00:00 2001 From: Johannes Meyer Date: Fri, 29 May 2015 12:57:39 +0200 Subject: [PATCH] GroupController: Properly handle 404's when handling group members refs #8826 --- application/controllers/GroupController.php | 26 +++++++++++-------- .../forms/Config/UserGroup/AddMemberForm.php | 3 +++ 2 files changed, 18 insertions(+), 11 deletions(-) diff --git a/application/controllers/GroupController.php b/application/controllers/GroupController.php index 8a13bfd6f..0c2a4a45d 100644 --- a/application/controllers/GroupController.php +++ b/application/controllers/GroupController.php @@ -232,10 +232,6 @@ class GroupController extends AuthBackendController $groupName = $this->params->getRequired('group'); $backend = $this->getUserGroupBackend($this->params->getRequired('backend'), 'Icinga\Data\Extensible'); - if ($backend->select()->where('group_name', $groupName)->count() === 0) { - $this->httpNotFound(sprintf($this->translate('Group "%s" not found'), $groupName)); - } - $form = new AddMemberForm(); $form->setDataSource($this->fetchUsers()) ->setBackend($backend) @@ -243,8 +239,13 @@ class GroupController extends AuthBackendController ->setRedirectUrl( Url::fromPath('group/show', array('backend' => $backend->getName(), 'group' => $groupName)) ) - ->setUidDisabled() - ->handleRequest(); + ->setUidDisabled(); + + try { + $form->handleRequest(); + } catch (NotFoundError $_) { + $this->httpNotFound(sprintf($this->translate('Group "%s" not found'), $groupName)); + } $this->view->form = $form; $this->render('form'); @@ -260,10 +261,6 @@ class GroupController extends AuthBackendController $groupName = $this->params->getRequired('group'); $backend = $this->getUserGroupBackend($this->params->getRequired('backend'), 'Icinga\Data\Reducible'); - if ($backend->select()->where('group_name', $groupName)->count() === 0) { - $this->httpNotFound(sprintf($this->translate('Group "%s" not found'), $groupName)); - } - $form = new Form(array( 'onSuccess' => function ($form) use ($groupName, $backend) { foreach ($form->getValue('user_name') as $userName) { @@ -280,6 +277,8 @@ class GroupController extends AuthBackendController $userName, $groupName )); + } catch (NotFoundError $e) { + throw $e; } catch (Exception $e) { Notification::error($e->getMessage()); } @@ -297,7 +296,12 @@ class GroupController extends AuthBackendController $form->setSubmitLabel('btn_submit'); // Required to ensure that isSubmitted() is called $form->addElement('hidden', 'user_name', array('required' => true, 'isArray' => true)); $form->addElement('hidden', 'redirect'); - $form->handleRequest(); + + try { + $form->handleRequest(); + } catch (NotFoundError $_) { + $this->httpNotFound(sprintf($this->translate('Group "%s" not found'), $groupName)); + } } /** diff --git a/application/forms/Config/UserGroup/AddMemberForm.php b/application/forms/Config/UserGroup/AddMemberForm.php index 6a57df3b4..88064dcdd 100644 --- a/application/forms/Config/UserGroup/AddMemberForm.php +++ b/application/forms/Config/UserGroup/AddMemberForm.php @@ -7,6 +7,7 @@ use Exception; use Icinga\Data\Extensible; use Icinga\Data\Filter\Filter; use Icinga\Data\Selectable; +use Icinga\Exception\NotFoundError; use Icinga\Web\Form; use Icinga\Web\Notification; @@ -155,6 +156,8 @@ class AddMemberForm extends Form 'user_name' => $userName ) ); + } catch (NotFoundError $e) { + throw $e; // Trigger 404, the group name is initially accessed as GET parameter } catch (Exception $e) { Notification::error(sprintf( $this->translate('Failed to add "%s" as group member for "%s"'),