Merge 1.0.0 changes back to master.

2025-09-12 07:57:41 +00:00 · 2018-08-14 19:38:16 -04:00
parent a34bbcf637 402ddb577f
commit 7d822df5a3
45 changed files with 2816 additions and 68 deletions
--- a/guacamole/src/main/webapp/app/settings/controllers/settingsController.js
+++ b/guacamole/src/main/webapp/app/settings/controllers/settingsController.js
@@ -36,8 +36,8 @@ angular.module('manage').controller('settingsController', ['$scope', '$injector'
    $scope.settingsPages = null;

    /**
-     * The currently-selected settings tab. This may be 'users', 'connections',
-     * or 'sessions'.
+     * The currently-selected settings tab. This may be 'users', 'userGroups',
+     * 'connections', 'history', 'preferences', or 'sessions'.
     *
     * @type String
     */
--- a/guacamole/src/main/webapp/app/settings/directives/guacSettingsUserGroups.js
+++ b/guacamole/src/main/webapp/app/settings/directives/guacSettingsUserGroups.js
@@ -0,0 +1,272 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * A directive for managing all user groups in the system.
+ */
+angular.module('settings').directive('guacSettingsUserGroups', ['$injector',
+    function guacSettingsUserGroups($injector) {
+
+    // Required types
+    var ManageableUserGroup = $injector.get('ManageableUserGroup');
+    var PermissionSet       = $injector.get('PermissionSet');
+    var SortOrder           = $injector.get('SortOrder');
+
+    // Required services
+    var $location              = $injector.get('$location');
+    var authenticationService  = $injector.get('authenticationService');
+    var dataSourceService      = $injector.get('dataSourceService');
+    var permissionService      = $injector.get('permissionService');
+    var requestService         = $injector.get('requestService');
+    var userGroupService       = $injector.get('userGroupService');
+
+    var directive = {
+        restrict    : 'E',
+        replace     : true,
+        templateUrl : 'app/settings/templates/settingsUserGroups.html',
+        scope       : {}
+    };
+
+    directive.controller = ['$scope', function settingsUserGroupsController($scope) {
+
+        // Identifier of the current user
+        var currentUsername = authenticationService.getCurrentUsername();
+
+        /**
+         * The identifiers of all data sources accessible by the current
+         * user.
+         *
+         * @type String[]
+         */
+        var dataSources = authenticationService.getAvailableDataSources();
+
+        /**
+         * Map of data source identifiers to all permissions associated
+         * with the current user within that data source, or null if the
+         * user's permissions have not yet been loaded.
+         *
+         * @type Object.<String, PermissionSet>
+         */
+        var permissions = null;
+
+        /**
+         * All visible user groups, along with their corresponding data
+         * sources.
+         *
+         * @type ManageableUserGroup[]
+         */
+        $scope.manageableUserGroups = null;
+
+        /**
+         * Array of all user group properties that are filterable.
+         *
+         * @type String[]
+         */
+        $scope.filteredUserGroupProperties = [
+            'userGroup.identifier'
+        ];
+
+        /**
+         * SortOrder instance which stores the sort order of the listed
+         * user groups.
+         *
+         * @type SortOrder
+         */
+        $scope.order = new SortOrder([
+            'userGroup.identifier'
+        ]);
+
+        /**
+         * Returns whether critical data has completed being loaded.
+         *
+         * @returns {Boolean}
+         *     true if enough data has been loaded for the user group
+         *     interface to be useful, false otherwise.
+         */
+        $scope.isLoaded = function isLoaded() {
+            return $scope.manageableUserGroups !== null;
+        };
+
+        /**
+         * Returns the identifier of the data source that should be used by
+         * default when creating a new user group.
+         *
+         * @return {String}
+         *     The identifier of the data source that should be used by
+         *     default when creating a new user group, or null if user group
+         *     creation is not allowed.
+         */
+        $scope.getDefaultDataSource = function getDefaultDataSource() {
+
+            // Abort if permissions have not yet loaded
+            if (!permissions)
+                return null;
+
+            // For each data source
+            var dataSources = _.keys(permissions).sort();
+            for (var i = 0; i < dataSources.length; i++) {
+
+                // Retrieve corresponding permission set
+                var dataSource = dataSources[i];
+                var permissionSet = permissions[dataSource];
+
+                // Can create user groups if adminstrator or have explicit permission
+                if (PermissionSet.hasSystemPermission(permissionSet, PermissionSet.SystemPermissionType.ADMINISTER)
+                 || PermissionSet.hasSystemPermission(permissionSet, PermissionSet.SystemPermissionType.CREATE_USER_GROUP))
+                    return dataSource;
+
+            }
+
+            // No data sources allow user group creation
+            return null;
+
+        };
+
+        /**
+         * Returns whether the current user can create new user groups
+         * within at least one data source.
+         *
+         * @return {Boolean}
+         *     true if the current user can create new user groups within at
+         *     least one data source, false otherwise.
+         */
+        $scope.canCreateUserGroups = function canCreateUserGroups() {
+            return $scope.getDefaultDataSource() !== null;
+        };
+
+        /**
+         * Returns whether the current user can create new user groups or
+         * make changes to existing user groups within at least one data
+         * source. The user group management interface as a whole is useless
+         * if this function returns false.
+         *
+         * @return {Boolean}
+         *     true if the current user can create new user groups or make
+         *     changes to existing user groups within at least one data
+         *     source, false otherwise.
+         */
+        var canManageUserGroups = function canManageUserGroups() {
+
+            // Abort if permissions have not yet loaded
+            if (!permissions)
+                return false;
+
+            // Creating user groups counts as management
+            if ($scope.canCreateUserGroups())
+                return true;
+
+            // For each data source
+            for (var dataSource in permissions) {
+
+                // Retrieve corresponding permission set
+                var permissionSet = permissions[dataSource];
+
+                // Can manage user groups if granted explicit update or delete
+                if (PermissionSet.hasUserGroupPermission(permissionSet, PermissionSet.ObjectPermissionType.UPDATE)
+                 || PermissionSet.hasUserGroupPermission(permissionSet, PermissionSet.ObjectPermissionType.DELETE))
+                    return true;
+
+            }
+
+            // No data sources allow management of user groups
+            return false;
+
+        };
+
+        /**
+         * Sets the displayed list of user groups. If any user groups are
+         * already shown within the interface, those user groups are replaced
+         * with the given user groups.
+         *
+         * @param {Object.<String, PermissionSet>} permissions
+         *     A map of data source identifiers to all permissions associated
+         *     with the current user within that data source.
+         *
+         * @param {Object.<String, Object.<String, UserGroup>>} userGroups
+         *     A map of all user groups which should be displayed, where each
+         *     key is the data source identifier from which the user groups
+         *     were retrieved and each value is a map of user group identifiers
+         *     to their corresponding @link{UserGroup} objects.
+         */
+        var setDisplayedUserGroups = function setDisplayedUserGroups(permissions, userGroups) {
+
+            var addedUserGroups = {};
+            $scope.manageableUserGroups = [];
+
+            // For each user group in each data source
+            angular.forEach(dataSources, function addUserGroupList(dataSource) {
+                angular.forEach(userGroups[dataSource], function addUserGroup(userGroup) {
+
+                    // Do not add the same user group twice
+                    if (addedUserGroups[userGroup.identifier])
+                        return;
+
+                    // Link to default creation data source if we cannot manage this user
+                    if (!PermissionSet.hasSystemPermission(permissions[dataSource], PermissionSet.ObjectPermissionType.ADMINISTER)
+                     && !PermissionSet.hasUserGroupPermission(permissions[dataSource], PermissionSet.ObjectPermissionType.UPDATE, userGroup.identifier)
+                     && !PermissionSet.hasUserGroupPermission(permissions[dataSource], PermissionSet.ObjectPermissionType.DELETE, userGroup.identifier))
+                        dataSource = $scope.getDefaultDataSource();
+
+                    // Add user group to overall list
+                    addedUserGroups[userGroup.identifier] = userGroup;
+                    $scope.manageableUserGroups.push(new ManageableUserGroup ({
+                        'dataSource' : dataSource,
+                        'userGroup'  : userGroup
+                    }));
+
+                });
+            });
+
+        };
+
+        // Retrieve current permissions
+        dataSourceService.apply(
+            permissionService.getEffectivePermissions,
+            dataSources,
+            currentUsername
+        )
+        .then(function permissionsRetrieved(retrievedPermissions) {
+
+            // Store retrieved permissions
+            permissions = retrievedPermissions;
+
+            // Return to home if there's nothing to do here
+            if (!canManageUserGroups())
+                $location.path('/');
+
+            // If user groups can be created, list all readable user groups
+            if ($scope.canCreateUserGroups())
+                return dataSourceService.apply(userGroupService.getUserGroups, dataSources);
+
+            // Otherwise, list only updateable/deletable users
+            return dataSourceService.apply(userGroupService.getUserGroups, dataSources, [
+                PermissionSet.ObjectPermissionType.UPDATE,
+                PermissionSet.ObjectPermissionType.DELETE
+            ]);
+
+        })
+        .then(function userGroupsReceived(userGroups) {
+            setDisplayedUserGroups(permissions, userGroups);
+        }, requestService.WARN);
+
+    }];
+
+    return directive;
+    
+}]);
--- a/guacamole/src/main/webapp/app/settings/directives/guacSettingsUsers.js
+++ b/guacamole/src/main/webapp/app/settings/directives/guacSettingsUsers.js
@@ -150,9 +150,11 @@ angular.module('settings').directive('guacSettingsUsers', [function guacSettings
                    return null;

                // For each data source
-                for (var dataSource in $scope.permissions) {
+                var dataSources = _.keys($scope.permissions).sort();
+                for (var i = 0; i < dataSources.length; i++) {

                    // Retrieve corresponding permission set
+                    var dataSource = dataSources[i];
                    var permissionSet = $scope.permissions[dataSource];

                    // Can create users if adminstrator or have explicit permission
--- a/guacamole/src/main/webapp/app/settings/styles/buttons.css
+++ b/guacamole/src/main/webapp/app/settings/styles/buttons.css
@@ -18,6 +18,7 @@
 */

 a.button.add-user,
+a.button.add-user-group,
 a.button.add-connection,
 a.button.add-connection-group {
    font-size: 0.8em;
@@ -26,6 +27,7 @@ a.button.add-connection-group {
 }

 a.button.add-user::before,
+a.button.add-user-group::before,
 a.button.add-connection::before,
 a.button.add-connection-group::before {

@@ -46,6 +48,10 @@ a.button.add-user::before {
    background-image: url('images/action-icons/guac-user-add.png');
 }

+a.button.add-user-group::before {
+    background-image: url('images/action-icons/guac-user-group-add.png');
+}
+
 a.button.add-connection::before {
    background-image: url('images/action-icons/guac-monitor-add.png');
 }
--- a/guacamole/src/main/webapp/app/settings/styles/user-group-list.css
+++ b/guacamole/src/main/webapp/app/settings/styles/user-group-list.css
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+.settings.user-groups table.user-group-list {
+    width: 100%;
+}
+
+.settings.user-groups table.user-group-list th.user-group-name,
+.settings.user-groups table.user-group-list td.user-group-name {
+    width: 100%;
+}
+
+.settings.user-groups table.user-group-list tr.user td.user-group-name a[href] {
+    display: block;
+    padding: .5em 1em;
+}
+
+.settings.user-groups table.user-group-list tr.user td.user-group-name {
+    padding: 0;
+}
--- a/guacamole/src/main/webapp/app/settings/templates/settings.html
+++ b/guacamole/src/main/webapp/app/settings/templates/settings.html
@@ -13,6 +13,7 @@

    <!-- Selected tab -->
    <guac-settings-users                ng-if="activeTab === 'users'"></guac-settings-users>
+    <guac-settings-user-groups          ng-if="activeTab === 'userGroups'"></guac-settings-user-groups>
    <guac-settings-connections          ng-if="activeTab === 'connections'"></guac-settings-connections>
    <guac-settings-connection-history   ng-if="activeTab === 'history'"></guac-settings-connection-history>
    <guac-settings-sessions             ng-if="activeTab === 'sessions'"></guac-settings-sessions>
--- a/guacamole/src/main/webapp/app/settings/templates/settingsUserGroups.html
+++ b/guacamole/src/main/webapp/app/settings/templates/settingsUserGroups.html
@@ -0,0 +1,48 @@
+<div class="settings section user-groups" ng-class="{loading: !isLoaded()}">
+
+    <!-- User group management -->
+    <p>{{'SETTINGS_USER_GROUPS.HELP_USER_GROUPS' | translate}}</p>
+
+
+    <!-- User management toolbar -->
+    <div class="toolbar">
+
+        <!-- Form action buttons -->
+        <div class="action-buttons">
+            <a class="add-user-group button" ng-show="canCreateUserGroups()"
+               href="#/manage/{{getDefaultDataSource()}}/userGroups/">{{'SETTINGS_USER_GROUPS.ACTION_NEW_USER_GROUP' | translate}}</a>
+        </div>
+
+        <!-- User group filter -->
+        <guac-filter filtered-items="filteredManageableUserGroups" items="manageableUserGroups"
+                     placeholder="'SETTINGS_USER_GROUPS.FIELD_PLACEHOLDER_FILTER' | translate"
+                     properties="filteredUserGroupProperties"></guac-filter>
+
+    </div>
+
+    <!-- List of user groups this user has access to -->
+    <table class="sorted user-group-list">
+        <thead>
+            <tr>
+                <th guac-sort-order="order" guac-sort-property="'userGroup.identifier'" class="user-group-name">
+                    {{'SETTINGS_USER_GROUPS.TABLE_HEADER_USER_GROUP_NAME' | translate}}
+                </th>
+            </tr>
+        </thead>
+        <tbody ng-class="{loading: !isLoaded()}">
+            <tr ng-repeat="manageableUserGroup in manageableUserGroupPage" class="user-group">
+                <td class="user-group-name">
+                    <a ng-href="#/manage/{{manageableUserGroup.dataSource}}/userGroups/{{manageableUserGroup.userGroup.identifier}}">
+                        <div class="icon user-group"></div>
+                        <span class="name">{{manageableUserGroup.userGroup.identifier}}</span>
+                    </a>
+                </td>
+            </tr>
+        </tbody>
+    </table>
+
+    <!-- Pager controls for user group list -->
+    <guac-pager page="manageableUserGroupPage" page-size="25"
+                items="filteredManageableUserGroups | orderBy : order.predicate"></guac-pager>
+
+</div>