search

Icinga / icingaweb2-module-x509

Keeps track of certificates as they are deployed in a network environment.
https://icinga.com/docs/x509/latest/
GNU General Public License v2.0
106 stars 24 forks source link

Permission config/x509 is required to edit jobs #234

Open moreamazingnick opened 7 months ago

moreamazingnick commented 7 months ago

Describe the bug

Currently the permission config/x509 is required to create / edit jobs, which can not be given explicitly it is only included in config/*

To Reproduce

https://github.com/Icinga/icingaweb2-module-x509/blob/8425ede0f4892e9c2c7c3ee58116cf474ef84f76/application/controllers/JobController.php#L55

Expected behavior

More granular permissions for

Your Environment

Include as many relevant details about the environment you experienced the problem in

moreamazingnick commented 7 months ago

what if we do it like 

$this->hasPermission('config/x509') || $this->hasPermission('x509/config')

that would't break compatibility for older role settings but provide a configurable permission in the role config?

moreamazingnick commented 7 months ago

It is actually even more easier let's just add:

$this->providePermission("config/x509","something meaningful");

to the configuration.php