diff --git a/application/controllers/GroupController.php b/application/controllers/GroupController.php index 9b16c9880..2ae15c967 100644 --- a/application/controllers/GroupController.php +++ b/application/controllers/GroupController.php @@ -130,7 +130,7 @@ class GroupController extends AuthBackendController $this->view->members = $members; $this->createShowTabs($backend->getName(), $groupName)->activate('group/show'); - if ($this->hasPermission('config/application/groups/remove') && $backend instanceof Reducible) { + if ($this->hasPermission('config/application/groups/member/remove') && $backend instanceof Reducible) { $removeForm = new Form(); $removeForm->setUidDisabled(); $removeForm->setAction( @@ -255,6 +255,7 @@ class GroupController extends AuthBackendController */ public function removememberAction() { + $this->assertPermission('config/application/groups/member/remove'); $this->assertHttpMethod('POST'); $groupName = $this->params->getRequired('group'); $backend = $this->getUserGroupBackend($this->params->getRequired('backend'), 'Icinga\Data\Reducible'); diff --git a/application/controllers/UserController.php b/application/controllers/UserController.php index 8b926a44f..db60d4e96 100644 --- a/application/controllers/UserController.php +++ b/application/controllers/UserController.php @@ -132,30 +132,32 @@ class UserController extends AuthBackendController $this->view->memberships = $memberships; $this->createShowTabs($backend->getName(), $userName)->activate('user/show'); - $removeForm = new Form(); - $removeForm->setUidDisabled(); - $removeForm->addElement('hidden', 'user_name', array( - 'isArray' => true, - 'value' => $userName, - 'decorators' => array('ViewHelper') - )); - $removeForm->addElement('hidden', 'redirect', array( - 'value' => Url::fromPath('user/show', array( - 'backend' => $backend->getName(), - 'user' => $userName - )), - 'decorators' => array('ViewHelper') - )); - $removeForm->addElement('button', 'btn_submit', array( - 'escape' => false, - 'type' => 'submit', - 'class' => 'link-like', - 'value' => 'btn_submit', - 'decorators' => array('ViewHelper'), - 'label' => $this->view->icon('trash'), - 'title' => $this->translate('Cancel this membership') - )); - $this->view->removeForm = $removeForm; + if ($this->hasPermission('config/application/groups/member/remove')) { + $removeForm = new Form(); + $removeForm->setUidDisabled(); + $removeForm->addElement('hidden', 'user_name', array( + 'isArray' => true, + 'value' => $userName, + 'decorators' => array('ViewHelper') + )); + $removeForm->addElement('hidden', 'redirect', array( + 'value' => Url::fromPath('user/show', array( + 'backend' => $backend->getName(), + 'user' => $userName + )), + 'decorators' => array('ViewHelper') + )); + $removeForm->addElement('button', 'btn_submit', array( + 'escape' => false, + 'type' => 'submit', + 'class' => 'link-like', + 'value' => 'btn_submit', + 'decorators' => array('ViewHelper'), + 'label' => $this->view->icon('trash'), + 'title' => $this->translate('Cancel this membership') + )); + $this->view->removeForm = $removeForm; + } } /** diff --git a/application/views/scripts/user/show.phtml b/application/views/scripts/user/show.phtml index 1c8c41c8b..96af9224c 100644 --- a/application/views/scripts/user/show.phtml +++ b/application/views/scripts/user/show.phtml @@ -66,7 +66,7 @@ if ($this->hasPermission('config/application/users/edit') && $backend instanceof - backend instanceof Reducible): ?> + backend instanceof Reducible): ?> setAction($this->url('group/removemember', array( 'backend' => $membership->backend->getName(), 'group' => $membership->group_name