Move CSP-Form into a newly created Security tab.

This tab requires the new config/security permission

Author: TheSyscall

application/controllers/ConfigController.php

@@ -8,7 +8,6 @@
 use Icinga\Application\Version;
 use Icinga\Forms\Config\General\CspConfigForm;
 use Icinga\Util\Csp;
-use Icinga\Web\Widget\CspConfigurationTable;
 use InvalidArgumentException;
 use Icinga\Application\Config;
 use Icinga\Application\Icinga;
@@ -28,7 +27,6 @@
 use Icinga\Web\Url;
 use Icinga\Web\Widget;
 use ipl\Html\Contract\Form as ContractForm;
-use ipl\Html\Form;
 
 /**
  * Application and module configuration
@@ -49,6 +47,14 @@ public function createApplicationTabs()
                 'baseTarget' => '_main'
             ));
         }
+        if ($this->hasPermission('config/security')) {
+            $tabs->add('security', array(
+                'title' => $this->translate('Adjust the security configuration of Icinga Web 2'),
+                'label' => $this->translate('Security'),
+                'url'   => 'config/security',
+                'baseTarget' => '_main'
+            ));
+        }
         if ($this->hasPermission('config/resources')) {
             $tabs->add('resource', array(
                 'title' => $this->translate('Configure which resources are being utilized by Icinga Web 2'),
@@ -109,6 +115,20 @@ public function generalAction()
 
         $this->view->form = $form;
 
+        $this->createApplicationTabs()->activate('general');
+    }
+
+    /**
+     * Security configuration
+     *
+     * @throws SecurityException If the user lacks the permission for configuring the security configuration
+     */
+    public function securityAction()
+    {
+        $this->assertPermission('config/security');
+
+        $this->view->title = $this->translate('General');
+
         $config = Config::app();
         $cspForm = new CspConfigForm($config);
         $cspForm->populate([
@@ -127,7 +147,7 @@ public function generalAction()
         $cspForm->handleRequest(ServerRequest::fromGlobals());
         $this->view->cspForm = $cspForm;
 
-        $this->createApplicationTabs()->activate('general');
+        $this->createApplicationTabs()->activate('security');
     }
 
     /**

application/forms/Security/RoleForm.php

@@ -546,6 +546,9 @@ public static function collectProvidedPrivileges()
             'config/general' => [
                 'description' => t('Allow to adjust the general configuration')
             ],
+            'config/security' => [
+                'description' => t('Allow to adjust the security configuration')
+            ],
             'config/modules' => [
                 'description' => t('Allow to enable/disable and configure modules')
             ],

application/views/scripts/config/general.phtml

@@ -2,9 +2,5 @@
     <?= $tabs ?>
 </div>
 <div class="content">
-    <h2><?= $this->translate('General') ?></h2>
     <?= $form ?>
-
-    <h2><?= $this->translate('Content Security Policy') ?></h2>
-    <?= $cspForm ?>
 </div>

application/views/scripts/config/security.phtml

@@ -0,0 +1,7 @@
+<div class="controls">
+    <?= $tabs ?>
+</div>
+<div class="content">
+    <h2><?= $this->translate('Content Security Policy') ?></h2>
+    <?= $cspForm ?>
+</div>