safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-11 23:47:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge 1.0.0 changes back to master.

Browse Source
This commit is contained in:
Nick Couchman
2018-08-14 19:38:16 -04:00
parent a34bbcf637 402ddb577f
commit 7d822df5a3
45 changed files with 2816 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
guacamole/src/main/webapp/app/rest/services/cacheService.js
View File

@@ -60,7 +60,8 @@ angular.module('rest').factory('cacheService', ['$injector',
service.schema = $cacheFactory('API-SCHEMA');
/**
* Shared cache used by both userService and permissionService.
* Shared cache used by userService, userGroupService, permissionService,
* and membershipService.
*
* @type $cacheFactory.Cache
*/

385
guacamole/src/main/webapp/app/rest/services/membershipService.js Normal file
View File

@@ -0,0 +1,385 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
/**
* Service for operating on user group memberships via the REST API.
*/
angular.module('rest').factory('membershipService', ['$injector',
function membershipService($injector) {
// Required services
var requestService = $injector.get('requestService');
var authenticationService = $injector.get('authenticationService');
var cacheService = $injector.get('cacheService');
// Required types
var RelatedObjectPatch = $injector.get('RelatedObjectPatch');
var service = {};
/**
* Creates a new array of patches which represents the given changes to an
* arbitrary set of objects sharing some common relation.
*
* @param {String[]} [identifiersToAdd]
* The identifiers of all objects which should be added to the
* relation, if any.
*
* @param {String[]} [identifiersToRemove]
* The identifiers of all objects which should be removed from the
* relation, if any.
*
* @returns {RelatedObjectPatch[]}
* A new array of patches which represents the given changes.
*/
var getRelatedObjectPatch = function getRelatedObjectPatch(identifiersToAdd, identifiersToRemove) {
var patch = [];
angular.forEach(identifiersToAdd, function addIdentifier(identifier) {
patch.push(new RelatedObjectPatch({
op : RelatedObjectPatch.Operation.ADD,
value : identifier
}));
});
angular.forEach(identifiersToRemove, function removeIdentifier(identifier) {
patch.push(new RelatedObjectPatch({
op : RelatedObjectPatch.Operation.REMOVE,
value : identifier
}));
});
return patch;
};
/**
* Returns the URL for the REST resource most appropriate for accessing
* the parent user groups of the user or group having the given identifier.
*
* It is important to note that a particular data source can authenticate
* and provide user groups for a user, even if that user does not exist
* within that data source (and thus cannot be found beneath
* "api/session/data/{dataSource}/users")
*
* @param {String} dataSource
* The unique identifier of the data source containing the user or
* group whose parent user groups should be retrieved. This identifier
* corresponds to an AuthenticationProvider within the Guacamole web
* application.
*
* @param {String} identifier
* The identifier of the user or group for which the URL of the proper
* REST resource should be derived.
*
* @param {Boolean} [group]
* Whether the provided identifier refers to a user group. If false or
* omitted, the identifier given is assumed to refer to a user.
*
* @returns {String}
* The URL for the REST resource representing the parent user groups of
* the user or group having the given identifier.
*/
var getUserGroupsResourceURL = function getUserGroupsResourceURL(dataSource, identifier, group) {
// Create base URL for data source
var base = 'api/session/data/' + encodeURIComponent(dataSource);
// Access parent groups directly (there is no "self" for user groups
// as there is for users)
if (group)
return base + '/userGroups/' + encodeURIComponent(identifier) + '/userGroups';
// If the username is that of the current user, do not rely on the
// user actually existing (they may not). Access their parent groups via
// "self" rather than the collection of defined users.
if (identifier === authenticationService.getCurrentUsername())
return base + '/self/userGroups';
// Otherwise, the user must exist for their parent groups to be
// accessible. Use the collection of defined users.
return base + '/users/' + encodeURIComponent(identifier) + '/userGroups';
};
/**
* Makes a request to the REST API to retrieve the identifiers of all
* parent user groups of which a given user or group is a member, returning
* a promise that can be used for processing the results of the call.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user or
* group whose parent user groups should be retrieved. This identifier
* corresponds to an AuthenticationProvider within the Guacamole web
* application.
*
* @param {String} identifier
* The identifier of the user or group to retrieve the parent user
* groups of.
*
* @param {Boolean} [group]
* Whether the provided identifier refers to a user group. If false or
* omitted, the identifier given is assumed to refer to a user.
*
* @returns {Promise.<String[]>}
* A promise for the HTTP call which will resolve with an array
* containing the requested identifiers upon success.
*/
service.getUserGroups = function getUserGroups(dataSource, identifier, group) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Retrieve parent groups
return requestService({
cache : cacheService.users,
method : 'GET',
url : getUserGroupsResourceURL(dataSource, identifier, group),
params : httpParameters
});
};
/**
* Makes a request to the REST API to modify the parent user groups of
* which a given user or group is a member, returning a promise that can be
* used for processing the results of the call.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user or
* group whose parent user groups should be modified. This identifier
* corresponds to an AuthenticationProvider within the Guacamole web
* application.
*
* @param {String} identifier
* The identifier of the user or group to modify the parent user
* groups of.
*
* @param {String[]} [addToUserGroups]
* The identifier of all parent user groups to which the given user or
* group should be added as a member, if any.
*
* @param {String[]} [removeFromUserGroups]
* The identifier of all parent user groups from which the given member
* user or group should be removed, if any.
*
* @param {Boolean} [group]
* Whether the provided identifier refers to a user group. If false or
* omitted, the identifier given is assumed to refer to a user.
*
* @returns {Promise}
* A promise for the HTTP call which will succeed if and only if the
* patch operation is successful.
*/
service.patchUserGroups = function patchUserGroups(dataSource, identifier,
addToUserGroups, removeFromUserGroups, group) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Update parent user groups
return requestService({
method : 'PATCH',
url : getUserGroupsResourceURL(dataSource, identifier, group),
params : httpParameters,
data : getRelatedObjectPatch(addToUserGroups, removeFromUserGroups)
})
// Clear the cache
.then(function parentUserGroupsChanged(){
cacheService.users.removeAll();
});
};
/**
* Makes a request to the REST API to retrieve the identifiers of all
* users which are members of the given user group, returning a promise
* that can be used for processing the results of the call.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user group
* whose member users should be retrieved. This identifier corresponds
* to an AuthenticationProvider within the Guacamole web application.
*
* @param {String} identifier
* The identifier of the user group to retrieve the member users of.
*
* @returns {Promise.<String[]>}
* A promise for the HTTP call which will resolve with an array
* containing the requested identifiers upon success.
*/
service.getMemberUsers = function getMemberUsers(dataSource, identifier) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Retrieve member users
return requestService({
cache : cacheService.users,
method : 'GET',
url : 'api/session/data/' + encodeURIComponent(dataSource) + '/userGroups/' + encodeURIComponent(identifier) + '/memberUsers',
params : httpParameters
});
};
/**
* Makes a request to the REST API to modify the member users of a given
* user group, returning a promise that can be used for processing the
* results of the call.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user group
* whose member users should be modified. This identifier corresponds
* to an AuthenticationProvider within the Guacamole web application.
*
* @param {String} identifier
* The identifier of the user group to modify the member users of.
*
* @param {String[]} [usersToAdd]
* The identifier of all users to add as members of the given user
* group, if any.
*
* @param {String[]} [usersToRemove]
* The identifier of all users to remove from the given user group,
* if any.
*
* @returns {Promise}
* A promise for the HTTP call which will succeed if and only if the
* patch operation is successful.
*/
service.patchMemberUsers = function patchMemberUsers(dataSource, identifier,
usersToAdd, usersToRemove) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Update member users
return requestService({
method : 'PATCH',
url : 'api/session/data/' + encodeURIComponent(dataSource) + '/userGroups/' + encodeURIComponent(identifier) + '/memberUsers',
params : httpParameters,
data : getRelatedObjectPatch(usersToAdd, usersToRemove)
})
// Clear the cache
.then(function memberUsersChanged(){
cacheService.users.removeAll();
});
};
/**
* Makes a request to the REST API to retrieve the identifiers of all
* user groups which are members of the given user group, returning a
* promise that can be used for processing the results of the call.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user group
* whose member user groups should be retrieved. This identifier
* corresponds to an AuthenticationProvider within the Guacamole web
* application.
*
* @param {String} identifier
* The identifier of the user group to retrieve the member user
* groups of.
*
* @returns {Promise.<String[]>}
* A promise for the HTTP call which will resolve with an array
* containing the requested identifiers upon success.
*/
service.getMemberUserGroups = function getMemberUserGroups(dataSource, identifier) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Retrieve member user groups
return requestService({
cache : cacheService.users,
method : 'GET',
url : 'api/session/data/' + encodeURIComponent(dataSource) + '/userGroups/' + encodeURIComponent(identifier) + '/memberUserGroups',
params : httpParameters
});
};
/**
* Makes a request to the REST API to modify the member user groups of a
* given user group, returning a promise that can be used for processing
* the results of the call.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user group
* whose member user groups should be modified. This identifier
* corresponds to an AuthenticationProvider within the Guacamole web
* application.
*
* @param {String} identifier
* The identifier of the user group to modify the member user groups of.
*
* @param {String[]} [userGroupsToAdd]
* The identifier of all user groups to add as members of the given
* user group, if any.
*
* @param {String[]} [userGroupsToRemove]
* The identifier of all member user groups to remove from the given
* user group, if any.
*
* @returns {Promise}
* A promise for the HTTP call which will succeed if and only if the
* patch operation is successful.
*/
service.patchMemberUserGroups = function patchMemberUserGroups(dataSource,
identifier, userGroupsToAdd, userGroupsToRemove) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Update member user groups
return requestService({
method : 'PATCH',
url : 'api/session/data/' + encodeURIComponent(dataSource) + '/userGroups/' + encodeURIComponent(identifier) + '/memberUserGroups',
params : httpParameters,
data : getRelatedObjectPatch(userGroupsToAdd, userGroupsToRemove)
})
// Clear the cache
.then(function memberUserGroupsChanged(){
cacheService.users.removeAll();
});
};
return service;
}]);

91
guacamole/src/main/webapp/app/rest/services/permissionService.js
View File

@@ -45,6 +45,11 @@ angular.module('rest').factory('permissionService', ['$injector',
* within that data source (and thus cannot be found beneath
* "api/session/data/{dataSource}/users")
*
* NOTE: Unlike getPermissionsResourceURL(),
* getEffectivePermissionsResourceURL() CANNOT be applied to user groups.
* Only users have retrievable effective permissions as far as the REST API
* is concerned.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user whose
* permissions should be retrieved. This identifier corresponds to an
@@ -82,6 +87,10 @@ angular.module('rest').factory('permissionService', ['$injector',
* from the permissions returned via getPermissions() in that permissions
* which are not directly granted to the user are included.
*
* NOTE: Unlike getPermissions(), getEffectivePermissions() CANNOT be
* applied to user groups. Only users have retrievable effective
* permissions as far as the REST API is concerned.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user whose
* permissions should be retrieved. This identifier corresponds to an
@@ -113,10 +122,10 @@ angular.module('rest').factory('permissionService', ['$injector',
/**
* Returns the URL for the REST resource most appropriate for accessing
* the permissions of the user having the given identifier. The permissions
* retrieved differ from effective permissions (those returned by
* getEffectivePermissions()) in that only permissions which are directly
* granted to the user are included.
* the permissions of the user or group having the given identifier. The
* permissions retrieved differ from effective permissions (those returned
* by getEffectivePermissions()) in that only permissions which are directly
* granted to the user or group are included.
*
* It is important to note that a particular data source can authenticate
* and provide permissions for a user, even if that user does not exist
@@ -129,18 +138,27 @@ angular.module('rest').factory('permissionService', ['$injector',
* AuthenticationProvider within the Guacamole web application.
*
* @param {String} identifier
* The identifier of the user for which the URL of the proper REST
* resource should be derived.
* The identifier of the user or group for which the URL of the proper
* REST resource should be derived.
*
* @param {Boolean} [group]
* Whether the provided identifier refers to a user group. If false or
* omitted, the identifier given is assumed to refer to a user.
*
* @returns {String}
* The URL for the REST resource representing the user having the given
* identifier.
* The URL for the REST resource representing the user or group having
* the given identifier.
*/
var getPermissionsResourceURL = function getPermissionsResourceURL(dataSource, identifier) {
var getPermissionsResourceURL = function getPermissionsResourceURL(dataSource, identifier, group) {
// Create base URL for data source
var base = 'api/session/data/' + encodeURIComponent(dataSource);
// Access group permissions directly (there is no "self" for user groups
// as there is for users)
if (group)
return base + '/userGroups/' + encodeURIComponent(identifier) + '/permissions';
// If the username is that of the current user, do not rely on the
// user actually existing (they may not). Access their permissions via
// "self" rather than the collection of defined users.
@@ -155,36 +173,41 @@ angular.module('rest').factory('permissionService', ['$injector',
/**
* Makes a request to the REST API to get the list of permissions for a
* given user, returning a promise that provides an array of
* given user or user group, returning a promise that provides an array of
* @link{Permission} objects if successful. The permissions retrieved
* differ from effective permissions (those returned by
* getEffectivePermissions()) in that only permissions which are directly
* granted to the user included.
* getEffectivePermissions()) in that both users and groups may be queried,
* and only permissions which are directly granted to the user or group are
* included.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user whose
* permissions should be retrieved. This identifier corresponds to an
* AuthenticationProvider within the Guacamole web application.
* The unique identifier of the data source containing the user or group
* whose permissions should be retrieved. This identifier corresponds to
* an AuthenticationProvider within the Guacamole web application.
*
* @param {String} identifier
* The identifier of the user to retrieve the permissions for.
* The identifier of the user or group to retrieve the permissions for.
*
* @param {Boolean} [group]
* Whether the provided identifier refers to a user group. If false or
* omitted, the identifier given is assumed to refer to a user.
*
* @returns {Promise.<PermissionSet>}
* A promise which will resolve with a @link{PermissionSet} upon
* success.
*/
service.getPermissions = function getPermissions(dataSource, identifier) {
service.getPermissions = function getPermissions(dataSource, identifier, group) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Retrieve user permissions
// Retrieve user/group permissions
return requestService({
cache : cacheService.users,
method : 'GET',
url : getPermissionsResourceURL(dataSource, identifier),
url : getPermissionsResourceURL(dataSource, identifier, group),
params : httpParameters
});
@@ -261,6 +284,10 @@ angular.module('rest').factory('permissionService', ['$injector',
addObjectPatchOperations(patch, operation, "/userPermissions",
permissions.userPermissions);
// Add user group permission operations to patch
addObjectPatchOperations(patch, operation, "/userGroupPermissions",
permissions.userGroupPermissions);
// Add system operations to patch
permissions.systemPermissions.forEach(function addSystemPatch(type) {
patch.push({
@@ -274,18 +301,18 @@ angular.module('rest').factory('permissionService', ['$injector',
/**
* Makes a request to the REST API to modify the permissions for a given
* user, returning a promise that can be used for processing the results of
* the call. This request affects only the permissions directly granted to
* the user, and may not affect permissions inherited through other means
* (effective permissions).
* user or group, returning a promise that can be used for processing the
* results of the call. This request affects only the permissions directly
* granted to the user or group, and may not affect permissions inherited
* through other means (effective permissions).
*
* @param {String} dataSource
* The unique identifier of the data source containing the user whose
* permissions should be modified. This identifier corresponds to an
* AuthenticationProvider within the Guacamole web application.
* The unique identifier of the data source containing the user or group
* whose permissions should be modified. This identifier corresponds to
* an AuthenticationProvider within the Guacamole web application.
*
* @param {String} identifier
* The identifier of the user to modify the permissions of.
* The identifier of the user or group to modify the permissions of.
*
* @param {PermissionSet} [permissionsToAdd]
* The set of permissions to add, if any.
@@ -293,12 +320,16 @@ angular.module('rest').factory('permissionService', ['$injector',
* @param {PermissionSet} [permissionsToRemove]
* The set of permissions to remove, if any.
*
* @param {Boolean} [group]
* Whether the provided identifier refers to a user group. If false or
* omitted, the identifier given is assumed to refer to a user.
*
* @returns {Promise}
* A promise for the HTTP call which will succeed if and only if the
* patch operation is successful.
*/
service.patchPermissions = function patchPermissions(dataSource, identifier,
permissionsToAdd, permissionsToRemove) {
permissionsToAdd, permissionsToRemove, group) {
var permissionPatch = [];
@@ -313,10 +344,10 @@ angular.module('rest').factory('permissionService', ['$injector',
// Add all the remove operations to the patch
addPatchOperations(permissionPatch, PermissionPatch.Operation.REMOVE, permissionsToRemove);
// Patch user permissions
// Patch user/group permissions
return requestService({
method : 'PATCH',
url : getPermissionsResourceURL(dataSource, identifier),
url : getPermissionsResourceURL(dataSource, identifier, group),
params : httpParameters,
data : permissionPatch
})

34
guacamole/src/main/webapp/app/rest/services/schemaService.js
View File

@@ -64,6 +64,40 @@ angular.module('rest').factory('schemaService', ['$injector',
};
/**
* Makes a request to the REST API to get the list of available attributes
* for user group objects, returning a promise that provides an array of
* @link{Form} objects if successful. Each element of the array describes
* a logical grouping of possible attributes.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user groups
* whose available attributes are to be retrieved. This identifier
* corresponds to an AuthenticationProvider within the Guacamole web
* application.
*
* @returns {Promise.<Form[]>}
* A promise which will resolve with an array of @link{Form}
* objects, where each @link{Form} describes a logical grouping of
* possible attributes.
*/
service.getUserGroupAttributes = function getUserGroupAttributes(dataSource) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Retrieve available user group attributes
return requestService({
cache : cacheService.schema,
method : 'GET',
url : 'api/session/data/' + encodeURIComponent(dataSource) + '/schema/userGroupAttributes',
params : httpParameters
});
};
/**
* Makes a request to the REST API to get the list of available attributes
* for connection objects, returning a promise that provides an array of

223
guacamole/src/main/webapp/app/rest/services/userGroupService.js Normal file
View File

@@ -0,0 +1,223 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
/**
* Service for operating on user groups via the REST API.
*/
angular.module('rest').factory('userGroupService', ['$injector',
function userGroupService($injector) {
// Required services
var requestService = $injector.get('requestService');
var authenticationService = $injector.get('authenticationService');
var cacheService = $injector.get('cacheService');
var service = {};
/**
* Makes a request to the REST API to get the list of user groups,
* returning a promise that provides an array of @link{UserGroup} objects if
* successful.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user groups
* to be retrieved. This identifier corresponds to an
* AuthenticationProvider within the Guacamole web application.
*
* @param {String[]} [permissionTypes]
* The set of permissions to filter with. A user group must have one or
* more of these permissions for a user group to appear in the result.
* If null, no filtering will be performed. Valid values are listed
* within PermissionSet.ObjectType.
*
* @returns {Promise.<Object.<String, UserGroup>>}
* A promise which will resolve with a map of @link{UserGroup} objects
* where each key is the identifier of the corresponding user group.
*/
service.getUserGroups = function getUserGroups(dataSource, permissionTypes) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Add permission filter if specified
if (permissionTypes)
httpParameters.permission = permissionTypes;
// Retrieve user groups
return requestService({
cache : cacheService.users,
method : 'GET',
url : 'api/session/data/' + encodeURIComponent(dataSource) + '/userGroups',
params : httpParameters
});
};
/**
* Makes a request to the REST API to get the user group having the given
* identifier, returning a promise that provides the corresponding
* @link{UserGroup} if successful.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user group to
* be retrieved. This identifier corresponds to an
* AuthenticationProvider within the Guacamole web application.
*
* @param {String} identifier
* The identifier of the user group to retrieve.
*
* @returns {Promise.<UserGroup>}
* A promise which will resolve with a @link{UserGroup} upon success.
*/
service.getUserGroup = function getUserGroup(dataSource, identifier) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Retrieve user group
return requestService({
cache : cacheService.users,
method : 'GET',
url : 'api/session/data/' + encodeURIComponent(dataSource) + '/userGroups/' + encodeURIComponent(identifier),
params : httpParameters
});
};
/**
* Makes a request to the REST API to delete a user group, returning a
* promise that can be used for processing the results of the call.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user group to
* be deleted. This identifier corresponds to an AuthenticationProvider
* within the Guacamole web application.
*
* @param {UserGroup} userGroup
* The user group to delete.
*
* @returns {Promise}
* A promise for the HTTP call which will succeed if and only if the
* delete operation is successful.
*/
service.deleteUserGroup = function deleteUserGroup(dataSource, userGroup) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Delete user group
return requestService({
method : 'DELETE',
url : 'api/session/data/' + encodeURIComponent(dataSource) + '/userGroups/' + encodeURIComponent(userGroup.identifier),
params : httpParameters
})
// Clear the cache
.then(function userGroupDeleted(){
cacheService.users.removeAll();
});
};
/**
* Makes a request to the REST API to create a user group, returning a promise
* that can be used for processing the results of the call.
*
* @param {String} dataSource
* The unique identifier of the data source in which the user group
* should be created. This identifier corresponds to an
* AuthenticationProvider within the Guacamole web application.
*
* @param {UserGroup} userGroup
* The user group to create.
*
* @returns {Promise}
* A promise for the HTTP call which will succeed if and only if the
* create operation is successful.
*/
service.createUserGroup = function createUserGroup(dataSource, userGroup) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Create user group
return requestService({
method : 'POST',
url : 'api/session/data/' + encodeURIComponent(dataSource) + '/userGroups',
params : httpParameters,
data : userGroup
})
// Clear the cache
.then(function userGroupCreated(){
cacheService.users.removeAll();
});
};
/**
* Makes a request to the REST API to save a user group, returning a
* promise that can be used for processing the results of the call.
*
* @param {String} dataSource
* The unique identifier of the data source containing the user group to
* be updated. This identifier corresponds to an AuthenticationProvider
* within the Guacamole web application.
*
* @param {UserGroup} userGroup
* The user group to update.
*
* @returns {Promise}
* A promise for the HTTP call which will succeed if and only if the
* save operation is successful.
*/
service.saveUserGroup = function saveUserGroup(dataSource, userGroup) {
// Build HTTP parameters set
var httpParameters = {
token : authenticationService.getCurrentToken()
};
// Update user group
return requestService({
method : 'PUT',
url : 'api/session/data/' + encodeURIComponent(dataSource) + '/userGroups/' + encodeURIComponent(userGroup.identifier),
params : httpParameters,
data : userGroup
})
// Clear the cache
.then(function userGroupUpdated(){
cacheService.users.removeAll();
});
};
return service;
}]);

2
guacamole/src/main/webapp/app/rest/types/Connection.js
View File

@@ -84,7 +84,7 @@ angular.module('rest').factory('Connection', [function defineConnection() {
*
* @type Object.<String, String>
*/
this.attributes = {};
this.attributes = template.attributes || {};
/**
* The count of currently active connections using this connection.

2
guacamole/src/main/webapp/app/rest/types/ConnectionGroup.js
View File

@@ -95,7 +95,7 @@ angular.module('rest').factory('ConnectionGroup', [function defineConnectionGrou
*
* @type Object.<String, String>
*/
this.attributes = {};
this.attributes = template.attributes || {};
/**
* The count of currently active connections using this connection

23
guacamole/src/main/webapp/app/rest/types/PermissionFlagSet.js
View File

@@ -133,7 +133,7 @@ angular.module('rest').factory('PermissionFlagSet', ['PermissionSet',
* true. Valid permission type strings are defined within
* PermissionSet.ObjectPermissionType. Permissions which are not
* granted may be set to false, but this is not required.
*
*
* @type Object.<String, Object.<String, Boolean>>
*/
this.userPermissions = template.userPermissions || {
@@ -143,6 +143,24 @@ angular.module('rest').factory('PermissionFlagSet', ['PermissionSet',
'ADMINISTER' : {}
};
/**
* The granted state of each permission for each user group, as a map of
* object permission type string to permission map. The permission map
* is, in turn, a map of group identifier to boolean value. A particular
* permission is granted if its corresponding boolean value is set to
* true. Valid permission type strings are defined within
* PermissionSet.ObjectPermissionType. Permissions which are not
* granted may be set to false, but this is not required.
*
* @type Object.<String, Object.<String, Boolean>>
*/
this.userGroupPermissions = template.userGroupPermissions || {
'READ' : {},
'UPDATE' : {},
'DELETE' : {},
'ADMINISTER' : {}
};
};
/**
@@ -216,6 +234,9 @@ angular.module('rest').factory('PermissionFlagSet', ['PermissionSet',
// Add all granted user permissions
addObjectPermissions(permissionSet.userPermissions, permissionFlagSet.userPermissions);
// Add all granted user group permissions
addObjectPermissions(permissionSet.userGroupPermissions, permissionFlagSet.userGroupPermissions);
return permissionFlagSet;
};

82
guacamole/src/main/webapp/app/rest/types/PermissionSet.js
View File

@@ -81,6 +81,15 @@ angular.module('rest').factory('PermissionSet', [function definePermissionSet()
*/
this.userPermissions = template.userPermissions || {};
/**
* Map of user group identifiers to the corresponding array of granted
* permissions. Each permission is represented by a string listed
* within PermissionSet.ObjectPermissionType.
*
* @type Object.<String, String[]>
*/
this.userGroupPermissions = template.userGroupPermissions || {};
/**
* Array of granted system permissions. Each permission is represented
* by a string listed within PermissionSet.SystemPermissionType.
@@ -306,7 +315,7 @@ angular.module('rest').factory('PermissionSet', [function definePermissionSet()
};
/**
* Returns whether the given permission is granted for the user having the
* Returns whether the given permission is granted for the user having the
* given ID.
*
* @param {PermissionSet|Object} permSet
@@ -315,7 +324,7 @@ angular.module('rest').factory('PermissionSet', [function definePermissionSet()
* @param {String} type
* The permission to search for, as defined by
* PermissionSet.ObjectPermissionType.
*
*
* @param {String} identifier
* The identifier of the user to which the permission applies.
*
@@ -326,6 +335,27 @@ angular.module('rest').factory('PermissionSet', [function definePermissionSet()
return hasPermission(permSet.userPermissions, type, identifier);
};
/**
* Returns whether the given permission is granted for the user group having
* the given identifier.
*
* @param {PermissionSet|Object} permSet
* The permission set to check.
*
* @param {String} type
* The permission to search for, as defined by
* PermissionSet.ObjectPermissionType.
*
* @param {String} identifier
* The identifier of the user group to which the permission applies.
*
* @returns {Boolean}
* true if the permission is present (granted), false otherwise.
*/
PermissionSet.hasUserGroupPermission = function hasUserGroupPermission(permSet, type, identifier) {
return hasPermission(permSet.userGroupPermissions, type, identifier);
};
/**
* Returns whether the given permission is granted at the system level.
*
@@ -733,6 +763,54 @@ angular.module('rest').factory('PermissionSet', [function definePermissionSet()
return removeObjectPermission(permSet.userPermissions, type, identifier);
};
/**
* Adds the given user group permission applying to the user group with the
* given identifier to the given permission set, if not already present. If
* the permission is already present, this function has no effect.
*
* @param {PermissionSet} permSet
* The permission set to modify.
*
* @param {String} type
* The permission to add, as defined by
* PermissionSet.ObjectPermissionType.
*
* @param {String} identifier
* The identifier of the user group to which the permission applies.
*
* @returns {Boolean}
* true if the permission was added, false if the permission was
* already present in the given permission set.
*/
PermissionSet.addUserGroupPermission = function addUserGroupPermission(permSet, type, identifier) {
permSet.userGroupPermissions = permSet.userGroupPermissions || {};
return addObjectPermission(permSet.userGroupPermissions, type, identifier);
};
/**
* Removes the given user group permission applying to the user group with
* the given identifier from the given permission set, if present. If the
* permission is not present, this function has no effect.
*
* @param {PermissionSet} permSet
* The permission set to modify.
*
* @param {String} type
* The permission to remove, as defined by
* PermissionSet.ObjectPermissionType.
*
* @param {String} identifier
* The identifier of the user group to whom the permission applies.
*
* @returns {Boolean}
* true if the permission was removed, false if the permission was not
* present in the given permission set.
*/
PermissionSet.removeUserGroupPermission = function removeUserGroupPermission(permSet, type, identifier) {
permSet.userGroupPermissions = permSet.userGroupPermissions || {};
return removeObjectPermission(permSet.userGroupPermissions, type, identifier);
};
return PermissionSet;
}]);

85
guacamole/src/main/webapp/app/rest/types/RelatedObjectPatch.js Normal file
View File

@@ -0,0 +1,85 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
/**
* Service which defines the RelatedObjectPatch class.
*/
angular.module('rest').factory('RelatedObjectPatch', [function defineRelatedObjectPatch() {
/**
* The object returned by REST API calls when representing changes to an
* arbitrary set of objects which share some common relation.
*
* @constructor
* @param {RelatedObjectPatch|Object} [template={}]
* The object whose properties should be copied within the new
* RelatedObjectPatch.
*/
var RelatedObjectPatch = function RelatedObjectPatch(template) {
// Use empty object by default
template = template || {};
/**
* The operation to apply to the objects indicated by the path. Valid
* operation values are defined within RelatedObjectPatch.Operation.
*
* @type String
*/
this.op = template.op;
/**
* The path of the objects to modify. This will always be "/".
*
* @type String
* @default '/'
*/
this.path = template.path || '/';
/**
* The identifier of the object being added or removed from the
* relation.
*
* @type String
*/
this.value = template.value;
};
/**
* All valid patch operations for objects sharing some common relation.
* Currently, only add and remove are supported.
*/
RelatedObjectPatch.Operation = {
/**
* Adds the specified object to the relation.
*/
ADD : "add",
/**
* Removes the specified object from the relation.
*/
REMOVE : "remove"
};
return RelatedObjectPatch;
}]);

2
guacamole/src/main/webapp/app/rest/types/SharingProfile.js
View File

@@ -76,7 +76,7 @@ angular.module('rest').factory('SharingProfile', [function defineSharingProfile(
*
* @type Object.<String, String>
*/
this.attributes = {};
this.attributes = template.attributes || {};
};

2
guacamole/src/main/webapp/app/rest/types/User.js
View File

@@ -69,7 +69,7 @@ angular.module('rest').factory('User', [function defineUser() {
*
* @type Object.<String, String>
*/
this.attributes = {};
this.attributes = template.attributes || {};
};

59
guacamole/src/main/webapp/app/rest/types/UserGroup.js Normal file
View File

@@ -0,0 +1,59 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
/**
* Service which defines the UserGroup class.
*/
angular.module('rest').factory('UserGroup', [function defineUserGroup() {
/**
* The object returned by REST API calls when representing the data
* associated with a user group.
*
* @constructor
* @param {UserGroup|Object} [template={}]
* The object whose properties should be copied within the new
* UserGroup.
*/
var UserGroup = function UserGroup(template) {
// Use empty object by default
template = template || {};
/**
* The name which uniquely identifies this user group.
*
* @type String
*/
this.identifier = template.identifier;
/**
* Arbitrary name/value pairs which further describe this user group.
* The semantics and validity of these attributes are dictated by the
* extension which defines them.
*
* @type Object.<String, String>
*/
this.attributes = template.attributes || {};
};
return UserGroup;
}]);