1616use Icinga \Security \Csp \Reason \NavigationCspReason ;
1717use Icinga \Security \Csp \Reason \StaticCspReason ;
1818use Icinga \Util \Csp ;
19+ use Icinga \Web \Form \ConfigForm ;
1920use Icinga \Web \Session ;
2021use ipl \Html \Attributes ;
2122use ipl \Html \BaseHtmlElement ;
2728use ipl \Web \Common \Csp as CspInstance ;
2829use ipl \Web \Common \CsrfCounterMeasure ;
2930use ipl \Web \Common \FormUid ;
30- use ipl \Web \Compat \CompatForm ;
3131use ipl \Web \Compat \DisplayFormElement ;
3232use ipl \Web \Widget \Callout ;
3333use ipl \Web \Widget \Icon ;
4040 * disable CSP, configure the allowed sources for automatic generation or to
4141 * specify a custom CSP-Header.
4242 */
43- class CspConfigForm extends CompatForm
43+ class CspConfigForm extends ConfigForm
4444{
4545 use FormUid;
4646 use CsrfCounterMeasure;
@@ -118,8 +118,9 @@ class CspConfigForm extends CompatForm
118118 /**
119119 * @param Config $config The config object
120120 */
121- public function __construct (protected Config $ config )
121+ public function __construct (Config $ config )
122122 {
123+ parent ::__construct ($ config );
123124 $ this ->setAttribute ('name ' , 'csp_config ' );
124125 $ this ->getAttributes ()->add ('class ' , 'csp-config-form ' );
125126 $ this ->applyDefaultElementDecorators ();
@@ -135,7 +136,7 @@ protected function assemble(): void
135136
136137 $ this ->addElement (
137138 'checkbox ' ,
138- 'use_strict_csp ' ,
139+ 'security__use_strict_csp ' ,
139140 [
140141 'label ' => $ this ->translate ('Send CSP header ' ),
141142 'description ' => $ this ->translate (
@@ -148,7 +149,10 @@ protected function assemble(): void
148149 ],
149150 );
150151
151- $ useCustomCsp = $ this ->getPopulatedValue ('use_custom_csp ' ) === '1 ' ;
152+ $ useCustomCsp = $ this ->getPopulatedValue (
153+ 'security__use_custom_csp ' ,
154+ $ this ->getConfigValue ('security__use_custom_csp ' )
155+ ) === '1 ' ;
152156
153157 $ formHintClassList = ['csp-form-hint ' ];
154158 if ($ useCustomCsp ) {
@@ -164,11 +168,11 @@ protected function assemble(): void
164168 )))->addAttributes (Attributes::create (['class ' => 'csp-control-group ' ])));
165169
166170 if (! $ this ->isCspEnabled ()) {
167- $ this ->addElement ('hidden ' , 'use_custom_csp ' );
168- $ this ->addElement ('hidden ' , 'custom_csp ' );
169- $ this ->addElement ('hidden ' , 'csp_enable_modules ' );
170- $ this ->addElement ('hidden ' , 'csp_enable_dashboards ' );
171- $ this ->addElement ('hidden ' , 'csp_enable_navigation ' );
171+ $ this ->addElement ('hidden ' , 'security__use_custom_csp ' );
172+ $ this ->addElement ('hidden ' , 'security__custom_csp ' );
173+ $ this ->addElement ('hidden ' , 'security__csp_enable_modules ' );
174+ $ this ->addElement ('hidden ' , 'security__csp_enable_dashboards ' );
175+ $ this ->addElement ('hidden ' , 'security__csp_enable_navigation ' );
172176 } else {
173177 $ this ->addHtml ((new DisplayFormElement (
174178 HtmlElement::create (
@@ -215,7 +219,7 @@ function (StaticCspReason $reason, string $directive, string $expression) {
215219 'Should module defined CSP directives be enabled? '
216220 . ' Modules can define or change csp directives at any point. '
217221 ),
218- 'csp_enable_modules ' ,
222+ 'security__csp_enable_modules ' ,
219223 ! $ useCustomCsp ,
220224 );
221225
@@ -229,7 +233,7 @@ function (ModuleCspReason $reason, string $directive, string $expression) {
229233 $ this ->buildExpression ($ directive , $ expression ),
230234 ]);
231235 },
232- $ useCustomCsp === false && $ this ->getValue ('csp_enable_modules ' ) === '1 ' ,
236+ $ useCustomCsp === false && $ this ->getValue ('security__csp_enable_modules ' ) === '1 ' ,
233237 $ this ->translate ('No module policies defined. ' )
234238 );
235239
@@ -240,7 +244,7 @@ function (ModuleCspReason $reason, string $directive, string $expression) {
240244 . ' header that is sent to the user will only contain the subset of directives that actually '
241245 . ' matters to them. '
242246 ),
243- 'csp_enable_dashboards ' ,
247+ 'security__csp_enable_dashboards ' ,
244248 ! $ useCustomCsp ,
245249 );
246250
@@ -273,7 +277,7 @@ function (DashboardCspReason $reason, string $directive, string $expression) {
273277 . ' all users. The actual header that is sent to the user will only contain the subset of '
274278 . ' directives that actually matters to them. '
275279 ),
276- 'csp_enable_navigation ' ,
280+ 'security__csp_enable_navigation ' ,
277281 ! $ useCustomCsp ,
278282 );
279283
@@ -317,13 +321,13 @@ function (NavigationCspReason $reason, string $directive, string $expression) {
317321 $ this ->buildExpression ($ directive , $ expression ),
318322 ]);
319323 },
320- $ useCustomCsp === false && $ this ->getValue ('csp_enable_navigation ' ) === '1 ' ,
324+ $ useCustomCsp === false && $ this ->getValue ('security__csp_enable_navigation ' ) === '1 ' ,
321325 $ this ->translate ('No navigation policies found. ' ),
322326 );
323327
324328 $ this ->addElement (
325329 'checkbox ' ,
326- 'use_custom_csp ' ,
330+ 'security__use_custom_csp ' ,
327331 [
328332 'label ' => $ this ->translate ('Enable Custom CSP ' ),
329333 'description ' => $ this ->translate (
@@ -347,7 +351,7 @@ function (NavigationCspReason $reason, string $directive, string $expression) {
347351 )));
348352 }
349353
350- $ this ->addElement ('textarea ' , 'custom_csp ' , [
354+ $ this ->addElement ('textarea ' , 'security__custom_csp ' , [
351355 'label ' => '' ,
352356 'description ' => $ this ->translate (
353357 'Set a custom CSP header. This completely overrides the automatically generated one. '
@@ -374,22 +378,14 @@ function (NavigationCspReason $reason, string $directive, string $expression) {
374378 ]
375379 ]);
376380 }
377-
378- $ this ->addElement ('submit ' , 'submit ' , [
379- 'label ' => $ this ->translate ('Save changes ' ),
380- ]);
381381 }
382382
383383 protected function onSuccess (): void
384384 {
385385 $ section = $ this ->config ->getSection ('security ' );
386386 $ beforeSection = clone $ section ;
387- $ section ['use_strict_csp ' ] = $ this ->getValue ('use_strict_csp ' );
388- $ section ['csp_enable_modules ' ] = $ this ->getValue ('csp_enable_modules ' );
389- $ section ['csp_enable_dashboards ' ] = $ this ->getValue ('csp_enable_dashboards ' );
390- $ section ['csp_enable_navigation ' ] = $ this ->getValue ('csp_enable_navigation ' );
391- $ section ['use_custom_csp ' ] = $ this ->getValue ('use_custom_csp ' );
392- $ section ['custom_csp ' ] = $ this ->getValue ('custom_csp ' , '' );
387+
388+ parent ::onSuccess ();
393389
394390 $ a = iterator_to_array ($ section );
395391 $ b = iterator_to_array ($ beforeSection );
@@ -398,10 +394,6 @@ protected function onSuccess(): void
398394 if (! $ this ->changed ) {
399395 return ;
400396 }
401-
402- $ this ->config ->setSection ('security ' , $ section );
403-
404- $ this ->config ->saveIni ();
405397 }
406398
407399 /**
@@ -421,7 +413,7 @@ public function hasConfigChanged(): bool
421413 */
422414 public function isCspEnabled (): bool
423415 {
424- return $ this ->getValue ('use_strict_csp ' ) === '1 ' ;
416+ return $ this ->getValue ('security__use_strict_csp ' , $ this -> getConfigValue ( ' security__use_strict_csp ' ) ) === '1 ' ;
425417 }
426418
427419 /**
@@ -431,7 +423,7 @@ public function isCspEnabled(): bool
431423 */
432424 public function isCustomCspEnabled (): bool
433425 {
434- return $ this ->getValue ('use_custom_csp ' ) === '1 ' ;
426+ return $ this ->getValue ('security__use_custom_csp ' , $ this -> getConfigValue ( ' security__use_custom_csp ' ) ) === '1 ' ;
435427 }
436428
437429 protected function addDirectiveCheckboxElement (
0 commit comments