[icinga-checkins] icinga.org: icinga-web/mfriedrich/fixes: * Fix for group provider if user is unprivileged

git at icinga.org git at icinga.org
Mon Feb 20 19:24:46 CET 2012


Module: icinga-web
Branch: mfriedrich/fixes
Commit: 395224231aa941f344d22fe71c61f6c9ed293159
URL:    https://git.icinga.org/?p=icinga-web.git;a=commit;h=395224231aa941f344d22fe71c61f6c9ed293159

Author: Marius Hein <marius.hein at netways.de>
Date:   Fri Dec 16 11:16:44 2011 +0100

* Fix for group provider if user is unprivileged

---

 .../DataProvider/GroupProviderAction.class.php     |   30 ++++++++++++--------
 1 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/app/modules/AppKit/actions/DataProvider/GroupProviderAction.class.php b/app/modules/AppKit/actions/DataProvider/GroupProviderAction.class.php
index 563b892..9658882 100644
--- a/app/modules/AppKit/actions/DataProvider/GroupProviderAction.class.php
+++ b/app/modules/AppKit/actions/DataProvider/GroupProviderAction.class.php
@@ -76,13 +76,15 @@ class AppKit_DataProvider_GroupProviderAction extends AppKitBaseAction {
         $limit = $rd->getParameter('limit',false);
         $sort = $rd->getParameter('sort',false);
         $asc = ($rd->getParameter('dir','ASC') == 'ASC');
-
-        $result = array();
-
+        
         $user = $this->getContext()->getUser();
-
+        $groups = null;
+        
+        // Return roles the user belongs to
         if ($user->hasCredential('appkit.admin') == false && $user->hasCredential('appkit.admin.groups') == false) {
-            $result = $roleadmin->getRoleCollectionInRange($disabled,$start,$limit,$sort,$asc, true);
+            $groups = $roleadmin->getRoleCollectionInRange($disabled,$start,$limit,$sort,$asc, true);
+        
+        // Global access to all rules
         } else {
             // return a single role when an id is provided
             if ($groupId) {
@@ -98,6 +100,8 @@ class AppKit_DataProvider_GroupProviderAction extends AppKitBaseAction {
                 $result = $this->formatRole($group);
 
                 $this->setAttribute("role",$result);
+                
+                return $this->getDefaultViewName();
 
             } else {	//return list of all roles if no id is provided
 
@@ -107,15 +111,17 @@ class AppKit_DataProvider_GroupProviderAction extends AppKitBaseAction {
                 } else {
                     $groups = $roleadmin->getRoleCollectionInRange($disabled,$start,$limit,$sort,$asc);
                 }
-
-            
-                $result = array();
-                foreach($groups as $group) {
-                   $result[] = $this->formatRole($group,true);
-                }
-                $this->setAttribute("roles",$result);
             }
         }
+        
+        if ($groups && $groups instanceof Doctrine_Collection) {
+            $result = array();
+            foreach($groups as $group) {
+                $result[] = $this->formatRole($group,true);
+            }
+            $this->setAttribute("roles",$result);
+        }
+        
         return 'Success';
     }
 





More information about the icinga-checkins mailing list