diff --git a/application/forms/Security/RoleForm.php b/application/forms/Security/RoleForm.php
index ff44e820f9..ee44fbef3c 100644
--- a/application/forms/Security/RoleForm.php
+++ b/application/forms/Security/RoleForm.php
@@ -12,6 +12,7 @@
use Icinga\Forms\RepositoryForm;
use Icinga\Util\StringHelper;
use Icinga\Web\Notification;
+use ipl\Web\Widget\Icon;
/**
* Form for managing roles
@@ -119,17 +120,12 @@ public function createInsertElements(array $formData = array())
foreach ($this->providedPermissions as $moduleName => $permissionList) {
$this->sortPermissions($permissionList);
+ $anythingGranted = false;
+ $anythingRefused = false;
+ $anythingRestricted = false;
+
$elements = [$moduleName . '_header'];
- $this->addElement(
- 'note',
- $moduleName . '_header',
- [
- 'decorators' => ['ViewHelper'],
- 'value' => '' . ($moduleName !== 'application'
- ? sprintf('%s %s', $moduleName, $this->translate('Module'))
- : 'Icinga Web 2') . '
'
- ]
- );
+ // The actual element is added last
$elements[] = 'permission_header';
$this->addElement('note', 'permission_header', [
@@ -147,6 +143,11 @@ public function createInsertElements(array $formData = array())
$hasFullPerm = false;
foreach ($permissionList as $name => $spec) {
$elementName = $this->filterName($name);
+
+ if (isset($formData[$elementName]) && $formData[$elementName]) {
+ $anythingGranted = true;
+ }
+
if ($hasFullPerm || $hasAdminPerm) {
$elementName .= '_fake';
}
@@ -160,6 +161,10 @@ public function createInsertElements(array $formData = array())
]);
$this->addElement($denyCheckbox);
$this->removeFromIteration($denyCheckbox->getName());
+
+ if (isset($formData[$denyCheckbox->getName()]) && $formData[$denyCheckbox->getName()]) {
+ $anythingRefused = true;
+ }
}
$elements[] = $elementName;
@@ -223,6 +228,11 @@ public function createInsertElements(array $formData = array())
foreach ($this->providedRestrictions[$moduleName] as $name => $spec) {
$elementName = $this->filterName($name);
+
+ if (isset($formData[$elementName]) && $formData[$elementName]) {
+ $anythingRestricted = true;
+ }
+
$elements[] = $elementName;
$this->addElement(
'text',
@@ -257,6 +267,28 @@ public function createInsertElements(array $formData = array())
}
}
+ $this->addElement(
+ 'note',
+ $moduleName . '_header',
+ [
+ 'decorators' => ['ViewHelper'],
+ 'value' => ''
+ . '' . ($moduleName !== 'application'
+ ? sprintf('%s %s', $moduleName, $this->translate('Module'))
+ : 'Icinga Web 2'
+ ) . ''
+ . ''
+ . ($hasAdminPerm || $anythingGranted ? new Icon('check-circle', ['class' => 'granted']) : '')
+ . ($anythingRefused ? new Icon('times-circle', ['class' => 'refused']) : '')
+ . (! $isUnrestricted && $anythingRestricted
+ ? new Icon('filter', ['class' => 'restricted'])
+ : ''
+ )
+ . ''
+ . '
'
+ ]
+ );
+
$this->addDisplayGroup($elements, $moduleName . '_elements', [
'decorators' => [
'FormElements',
diff --git a/public/css/icinga/widgets.less b/public/css/icinga/widgets.less
index 189e019506..a6dd6a3675 100644
--- a/public/css/icinga/widgets.less
+++ b/public/css/icinga/widgets.less
@@ -230,6 +230,27 @@ form.role-form {
font-style: normal;
}
+ h3 {
+ > :first-child {
+ display: inline-block;
+ width: 20em / 1.167em; // element label width / h3 font-size
+ }
+
+ .privilege-preview .icon {
+ &.granted {
+ color: @color-granted;
+ }
+
+ &.refused {
+ color: @color-refused;
+ }
+
+ &.restricted {
+ color: @color-restricted;
+ }
+ }
+ }
+
fieldset.collapsible {
border: none;
padding: 0;