[icinga-checkins] icinga.org: icingaweb2-module-elasticsearch/master: Add restrictions to search and module config

git at icinga.org git at icinga.org
Thu Jun 30 17:08:10 CEST 2016


Module: icingaweb2-module-elasticsearch
Branch: master
Commit: fc86927371fcdce2db8c40ecba4f13348c40bd22
URL:    https://git.icinga.org/?p=icingaweb2-module-elasticsearch.git;a=commit;h=fc86927371fcdce2db8c40ecba4f13348c40bd22

Author: Markus Frosch <lazyfrosch at icinga.org>
Date:   Fri Jun  3 15:45:19 2016 +0200

Add restrictions to search and module config

refs #11378

---

 application/controllers/ConfigController.php |    3 +++
 application/controllers/EventController.php  |    6 +++++-
 configuration.php                            |    5 +++++
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/application/controllers/ConfigController.php b/application/controllers/ConfigController.php
index 869f205..386d454 100644
--- a/application/controllers/ConfigController.php
+++ b/application/controllers/ConfigController.php
@@ -13,6 +13,7 @@ class ConfigController extends Controller
 {
     public function indexAction()
     {
+        $this->assertPermission('config/modules');
         $this->redirectNow('elasticsearch/config/elasticsearch');
     }
 
@@ -21,6 +22,8 @@ class ConfigController extends Controller
      */
     public function elasticsearchAction()
     {
+        $this->assertPermission('config/modules');
+        
         $form = new ElasticsearchConfigForm();
         $form->setIniConfig($this->Config());
         $form->handleRequest();
diff --git a/application/controllers/EventController.php b/application/controllers/EventController.php
index 2c8e8e0..aa75929 100644
--- a/application/controllers/EventController.php
+++ b/application/controllers/EventController.php
@@ -24,6 +24,8 @@ class EventController extends Controller
 
     public function searchAction()
     {
+        $this->assertPermission('module/elasticsearch/search');
+
         $repository = EventBackend::fromConfig();
 
         if ($type = $this->getParam('type')) {
@@ -72,7 +74,9 @@ class EventController extends Controller
         //$this->view->criticals = $search->getIcingaCriticalCount();
     }
 
-    public function showAction() {
+    public function showAction()
+    {
+        $this->assertPermission('module/elasticsearch/search');
 
         $index = $this->_getParam('index');
         $type = $this->_getParam('type');
diff --git a/configuration.php b/configuration.php
index 067e38a..9a60a9f 100644
--- a/configuration.php
+++ b/configuration.php
@@ -1,5 +1,10 @@
 <?php
 
+use Icinga\Application\Modules\Module;
+/** @var Module $this */
+
+$this->providePermission('module/elasticsearch/search', $this->translate('Allow unrestricted access to query data in Elasticsearch'));
+
 $section = $this->menuSection('Elasticsearch')
     ->setIcon('doc-text');
 



More information about the icinga-checkins mailing list