diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/glyptodon/guacamole/auth/jdbc/permission/UserPermissionMapper.xml b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/glyptodon/guacamole/auth/jdbc/permission/UserPermissionMapper.xml index e16f02291..ce529d0d0 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/glyptodon/guacamole/auth/jdbc/permission/UserPermissionMapper.xml +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/glyptodon/guacamole/auth/jdbc/permission/UserPermissionMapper.xml @@ -93,10 +93,10 @@ DELETE FROM guacamole_user_permission - USING guacamole_user_permission - JOIN guacamole_user affected ON guacamole_user_permission.affected_user_id = affected.user_id + USING guacamole_user affected WHERE - (guacamole_user_permission.user_id, permission, affected.username) IN + guacamole_user_permission.affected_user_id = affected.user_id + AND (guacamole_user_permission.user_id, permission, affected.username) IN (#{permission.userID,jdbcType=INTEGER}, diff --git a/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js b/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js index a4beffedb..1a43744be 100644 --- a/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js +++ b/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js @@ -205,7 +205,7 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto * reflect the addition of the given system permission. * * @param {String} type - * The system permission to remove, as defined by + * The system permission to add, as defined by * PermissionSet.SystemPermissionType. */ var addSystemPermission = function addSystemPermission(type) { @@ -225,7 +225,7 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto * reflect the removal of the given system permission. * * @param {String} type - * The system permission to add, as defined by + * The system permission to remove, as defined by * PermissionSet.SystemPermissionType. */ var removeSystemPermission = function removeSystemPermission(type) { @@ -241,8 +241,8 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto }; /** - * Notifies of a change to the selected system permissions for the user - * being edited. + * Notifies the controller that a change has been made to the given + * system permission for the user being edited. * * @param {String} type * The system permission that was changed, as defined by @@ -261,6 +261,76 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto }; + /** + * Updates the permissionsAdded and permissionsRemoved permission sets to + * reflect the addition of the given user permission. + * + * @param {String} type + * The user permission to add, as defined by + * PermissionSet.ObjectPermissionType. + * + * @param {String} identifier + * The identifier of the user affected by the permission being added. + */ + var addUserPermission = function addUserPermission(type, identifier) { + + // If permission was previously removed, simply un-remove it + if (PermissionSet.hasUserPermission(permissionsRemoved, type, identifier)) + PermissionSet.removeUserPermission(permissionsRemoved, type, identifier); + + // Otherwise, explicitly add the permission + else + PermissionSet.addUserPermission(permissionsAdded, type, identifier); + + }; + + /** + * Updates the permissionsAdded and permissionsRemoved permission sets to + * reflect the removal of the given user permission. + * + * @param {String} type + * The user permission to remove, as defined by + * PermissionSet.ObjectPermissionType. + * + * @param {String} identifier + * The identifier of the user affected by the permission being removed. + */ + var removeUserPermission = function removeUserPermission(type, identifier) { + + // If permission was previously added, simply un-add it + if (PermissionSet.hasUserPermission(permissionsAdded, type, identifier)) + PermissionSet.removeUserPermission(permissionsAdded, type, identifier); + + // Otherwise, explicitly remove the permission + else + PermissionSet.addUserPermission(permissionsRemoved, type, identifier); + + }; + + /** + * Notifies the controller that a change has been made to the given user + * permission for the user being edited. + * + * @param {String} type + * The user permission that was changed, as defined by + * PermissionSet.ObjectPermissionType. + * + * @param {String} identifier + * The identifier of the user affected by the changed permission. + */ + $scope.userPermissionChanged = function userPermissionChanged(type, identifier) { + + // Determine current permission setting + var value = $scope.permissionFlags.userPermissions[type][identifier]; + + // Add/remove permission depending on flag state + if (value) + addUserPermission(type, identifier); + else + removeUserPermission(type, identifier); + + }; + /** * Updates the permissionsAdded and permissionsRemoved permission sets to * reflect the addition of the given connection permission. @@ -353,8 +423,9 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto }, /** - * Notifies of a change to the selected connection permission for the - * user being edited. This only applies to READ permissions. + * Notifies the controller that a change has been made to the given + * connection permission for the user being edited. This only applies + * to READ permissions. * * @param {String} identifier * The identifier of the connection affected by the changed @@ -374,8 +445,9 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto }, /** - * Notifies of a change to the selected connection group permission for - * the user being edited. This only applies to READ permissions. + * Notifies the controller that a change has been made to the given + * connection group permission for the user being edited. This only + * applies to READ permissions. * * @param {String} identifier * The identifier of the connection group affected by the changed diff --git a/guacamole/src/main/webapp/app/manage/templates/manageUser.html b/guacamole/src/main/webapp/app/manage/templates/manageUser.html index 188656253..e3a143af3 100644 --- a/guacamole/src/main/webapp/app/manage/templates/manageUser.html +++ b/guacamole/src/main/webapp/app/manage/templates/manageUser.html @@ -56,6 +56,11 @@ THE SOFTWARE. + + {{'MANAGE_USER.FIELD_HEADER_CHANGE_OWN_PASSWORD' | translate}} + + diff --git a/guacamole/src/main/webapp/translations/en_US.json b/guacamole/src/main/webapp/translations/en_US.json index 0b7fa7249..c5569f692 100644 --- a/guacamole/src/main/webapp/translations/en_US.json +++ b/guacamole/src/main/webapp/translations/en_US.json @@ -220,6 +220,7 @@ "ERROR_PASSWORD_MISMATCH" : "@:APP.ERROR_PASSWORD_MISMATCH", "FIELD_HEADER_ADMINISTER_SYSTEM" : "Administer system:", + "FIELD_HEADER_CHANGE_OWN_PASSWORD" : "Change own password:", "FIELD_HEADER_CREATE_NEW_USERS" : "Create new users:", "FIELD_HEADER_CREATE_NEW_CONNECTIONS" : "Create new connections:", "FIELD_HEADER_CREATE_NEW_CONNECTION_GROUPS" : "Create new connection groups:",