From ced097c3740176ae3e5114936118ab7ef4626b57 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 8 Apr 2015 14:03:19 -0700 Subject: [PATCH 1/4] GUAC-800: Fix documentation for system permission manipulation within user management controller. --- .../webapp/app/manage/controllers/manageUserController.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js b/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js index a4beffedb..cdc55acf1 100644 --- a/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js +++ b/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js @@ -205,7 +205,7 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto * reflect the addition of the given system permission. * * @param {String} type - * The system permission to remove, as defined by + * The system permission to add, as defined by * PermissionSet.SystemPermissionType. */ var addSystemPermission = function addSystemPermission(type) { @@ -225,7 +225,7 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto * reflect the removal of the given system permission. * * @param {String} type - * The system permission to add, as defined by + * The system permission to remove, as defined by * PermissionSet.SystemPermissionType. */ var removeSystemPermission = function removeSystemPermission(type) { From 85c122a8f34b1fe37cefefaa11e47bff039d595b Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 8 Apr 2015 14:44:18 -0700 Subject: [PATCH 2/4] GUAC-800: Add checkbox for granting/revoking permission to a user to change their own password. --- .../controllers/manageUserController.js | 70 +++++++++++++++++++ .../app/manage/templates/manageUser.html | 5 ++ .../src/main/webapp/translations/en_US.json | 1 + 3 files changed, 76 insertions(+) diff --git a/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js b/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js index cdc55acf1..51afe1505 100644 --- a/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js +++ b/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js @@ -261,6 +261,76 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto }; + /** + * Updates the permissionsAdded and permissionsRemoved permission sets to + * reflect the addition of the given user permission. + * + * @param {String} type + * The user permission to add, as defined by + * PermissionSet.ObjectPermissionType. + * + * @param {String} identifier + * The identifier of the user affected by the permission being added. + */ + var addUserPermission = function addUserPermission(type, identifier) { + + // If permission was previously removed, simply un-remove it + if (PermissionSet.hasUserPermission(permissionsRemoved, type, identifier)) + PermissionSet.removeUserPermission(permissionsRemoved, type, identifier); + + // Otherwise, explicitly add the permission + else + PermissionSet.addUserPermission(permissionsAdded, type, identifier); + + }; + + /** + * Updates the permissionsAdded and permissionsRemoved permission sets to + * reflect the removal of the given user permission. + * + * @param {String} type + * The user permission to remove, as defined by + * PermissionSet.ObjectPermissionType. + * + * @param {String} identifier + * The identifier of the user affected by the permission being removed. + */ + var removeUserPermission = function removeUserPermission(type, identifier) { + + // If permission was previously added, simply un-add it + if (PermissionSet.hasUserPermission(permissionsAdded, type, identifier)) + PermissionSet.removeUserPermission(permissionsAdded, type, identifier); + + // Otherwise, explicitly remove the permission + else + PermissionSet.addUserPermission(permissionsRemoved, type, identifier); + + }; + + /** + * Notifies of a change to the selected user permissions for the user + * being edited. + * + * @param {String} type + * The user permission that was changed, as defined by + * PermissionSet.ObjectPermissionType. + * + * @param {String} identifier + * The identifier of the user affected by the changed permission. + */ + $scope.userPermissionChanged = function userPermissionChanged(type, identifier) { + + // Determine current permission setting + var value = $scope.permissionFlags.userPermissions[type][identifier]; + + // Add/remove permission depending on flag state + if (value) + addUserPermission(type, identifier); + else + removeUserPermission(type, identifier); + + }; + /** * Updates the permissionsAdded and permissionsRemoved permission sets to * reflect the addition of the given connection permission. diff --git a/guacamole/src/main/webapp/app/manage/templates/manageUser.html b/guacamole/src/main/webapp/app/manage/templates/manageUser.html index 188656253..e3a143af3 100644 --- a/guacamole/src/main/webapp/app/manage/templates/manageUser.html +++ b/guacamole/src/main/webapp/app/manage/templates/manageUser.html @@ -56,6 +56,11 @@ THE SOFTWARE. + + {{'MANAGE_USER.FIELD_HEADER_CHANGE_OWN_PASSWORD' | translate}} + + diff --git a/guacamole/src/main/webapp/translations/en_US.json b/guacamole/src/main/webapp/translations/en_US.json index 0b7fa7249..c5569f692 100644 --- a/guacamole/src/main/webapp/translations/en_US.json +++ b/guacamole/src/main/webapp/translations/en_US.json @@ -220,6 +220,7 @@ "ERROR_PASSWORD_MISMATCH" : "@:APP.ERROR_PASSWORD_MISMATCH", "FIELD_HEADER_ADMINISTER_SYSTEM" : "Administer system:", + "FIELD_HEADER_CHANGE_OWN_PASSWORD" : "Change own password:", "FIELD_HEADER_CREATE_NEW_USERS" : "Create new users:", "FIELD_HEADER_CREATE_NEW_CONNECTIONS" : "Create new connections:", "FIELD_HEADER_CREATE_NEW_CONNECTION_GROUPS" : "Create new connection groups:", From 41b71d4d086a8c73b3f3e3756810be0707b81c21 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 8 Apr 2015 14:46:05 -0700 Subject: [PATCH 3/4] GUAC-800: Fix deletion of user permissions through PostgreSQL. --- .../guacamole/auth/jdbc/permission/UserPermissionMapper.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/glyptodon/guacamole/auth/jdbc/permission/UserPermissionMapper.xml b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/glyptodon/guacamole/auth/jdbc/permission/UserPermissionMapper.xml index e16f02291..ce529d0d0 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/glyptodon/guacamole/auth/jdbc/permission/UserPermissionMapper.xml +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/glyptodon/guacamole/auth/jdbc/permission/UserPermissionMapper.xml @@ -93,10 +93,10 @@ DELETE FROM guacamole_user_permission - USING guacamole_user_permission - JOIN guacamole_user affected ON guacamole_user_permission.affected_user_id = affected.user_id + USING guacamole_user affected WHERE - (guacamole_user_permission.user_id, permission, affected.username) IN + guacamole_user_permission.affected_user_id = affected.user_id + AND (guacamole_user_permission.user_id, permission, affected.username) IN (#{permission.userID,jdbcType=INTEGER}, From 075d82f66ae1322a8516e799e472136c0519df68 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 8 Apr 2015 20:12:12 -0700 Subject: [PATCH 4/4] GUAC-800: Clarify permission change handler docs. --- .../manage/controllers/manageUserController.js | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js b/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js index 51afe1505..1a43744be 100644 --- a/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js +++ b/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js @@ -241,8 +241,8 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto }; /** - * Notifies of a change to the selected system permissions for the user - * being edited. + * Notifies the controller that a change has been made to the given + * system permission for the user being edited. * * @param {String} type * The system permission that was changed, as defined by @@ -308,8 +308,8 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto }; /** - * Notifies of a change to the selected user permissions for the user - * being edited. + * Notifies the controller that a change has been made to the given user + * permission for the user being edited. * * @param {String} type * The user permission that was changed, as defined by @@ -423,8 +423,9 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto }, /** - * Notifies of a change to the selected connection permission for the - * user being edited. This only applies to READ permissions. + * Notifies the controller that a change has been made to the given + * connection permission for the user being edited. This only applies + * to READ permissions. * * @param {String} identifier * The identifier of the connection affected by the changed @@ -444,8 +445,9 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto }, /** - * Notifies of a change to the selected connection group permission for - * the user being edited. This only applies to READ permissions. + * Notifies the controller that a change has been made to the given + * connection group permission for the user being edited. This only + * applies to READ permissions. * * @param {String} identifier * The identifier of the connection group affected by the changed