From e31c99be1cc6d88c937b43a2224be0ecdc5dd3c9 Mon Sep 17 00:00:00 2001
From: Johannes Meyer <johannes.meyer@netways.de>
Date: Wed, 27 May 2015 10:30:42 +0200
Subject: [PATCH] GroupController: Apply permission
 config/application/groups/show

refs #8826
---
 application/controllers/GroupController.php |  2 ++
 application/views/scripts/user/show.phtml   | 19 +++++++++++++------
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/application/controllers/GroupController.php b/application/controllers/GroupController.php
index 0df9da8f2..53bfa204c 100644
--- a/application/controllers/GroupController.php
+++ b/application/controllers/GroupController.php
@@ -29,6 +29,7 @@ class GroupController extends AuthBackendController
      */
     public function listAction()
     {
+        $this->assertPermission('config/application/groups/show');
         $backendNames = array_map(
             function ($b) { return $b->getName(); },
             $this->loadUserGroupBackends('Icinga\Data\Selectable')
@@ -86,6 +87,7 @@ class GroupController extends AuthBackendController
      */
     public function showAction()
     {
+        $this->assertPermission('config/application/groups/show');
         $groupName = $this->params->getRequired('group');
         $backend = $this->getUserGroupBackend($this->params->getRequired('backend'));
 
diff --git a/application/views/scripts/user/show.phtml b/application/views/scripts/user/show.phtml
index 4db1b0635..1c8c41c8b 100644
--- a/application/views/scripts/user/show.phtml
+++ b/application/views/scripts/user/show.phtml
@@ -2,6 +2,7 @@
 
 use Icinga\Data\Updatable;
 use Icinga\Data\Reducible;
+use Icinga\Data\Selectable;
 
 $editLink = null;
 if ($this->hasPermission('config/application/users/edit') && $backend instanceof Updatable) {
@@ -52,12 +53,18 @@ if ($this->hasPermission('config/application/users/edit') && $backend instanceof
     <tbody>
     <?php foreach ($memberships as $membership): ?>
       <tr>
-        <td class="membership-group"><?= $this->qlink($membership->group_name, 'group/show', array(
-          'backend' => $membership->backend->getName(),
-          'group'   => $membership->group_name
-        ), array(
-          'title'   => sprintf($this->translate('Show detailed information for group %s'), $membership->group_name)
-        )); ?></td>
+        <td class="membership-group">
+         <?php if ($this->hasPermission('config/application/groups/show') && $membership->backend instanceof Selectable): ?>
+          <?= $this->qlink($membership->group_name, 'group/show', array(
+            'backend' => $membership->backend->getName(),
+            'group'   => $membership->group_name
+          ), array(
+            'title'   => sprintf($this->translate('Show detailed information for group %s'), $membership->group_name)
+          )); ?>
+         <?php else: ?>
+          <?= $this->escape($membership->group_name); ?>
+         <?php endif ?>
+        </td>
         <td class="membership-cancel" data-base-target="_self">
        <?php if ($membership->backend instanceof Reducible): ?>
           <?= $removeForm->setAction($this->url('group/removemember', array(