diff --git a/guacamole/src/main/webapp/app/rest/services/permissionService.js b/guacamole/src/main/webapp/app/rest/services/permissionService.js index 8a4184526..67fceba7e 100644 --- a/guacamole/src/main/webapp/app/rest/services/permissionService.js +++ b/guacamole/src/main/webapp/app/rest/services/permissionService.js @@ -175,6 +175,10 @@ angular.module('rest').factory('permissionService', ['$injector', addObjectPatchOperations(patch, operation, "/connectionGroupPermissions", permissions.connectionGroupPermissions); + // Add sharing profile permission operations to patch + addObjectPatchOperations(patch, operation, "/sharingProfilePermissions", + permissions.sharingProfilePermissions); + // Add active connection permission operations to patch addObjectPatchOperations(patch, operation, "/activeConnectionPermissions", permissions.activeConnectionPermissions); diff --git a/guacamole/src/main/webapp/app/rest/types/PermissionFlagSet.js b/guacamole/src/main/webapp/app/rest/types/PermissionFlagSet.js index be2771cf4..64b942bea 100644 --- a/guacamole/src/main/webapp/app/rest/types/PermissionFlagSet.js +++ b/guacamole/src/main/webapp/app/rest/types/PermissionFlagSet.js @@ -87,6 +87,25 @@ angular.module('rest').factory('PermissionFlagSet', ['PermissionSet', 'ADMINISTER' : {} }; + /** + * The granted state of each permission for each sharing profile, as a + * map of object permission type string to permission map. The + * permission map is, in turn, a map of sharing profile identifier to + * boolean value. A particular permission is granted if its + * corresponding boolean value is set to true. Valid permission type + * strings are defined within PermissionSet.ObjectPermissionType. + * Permissions which are not granted may be set to false, but this is + * not required. + * + * @type Object.> + */ + this.sharingProfilePermissions = template.sharingProfilePermissions || { + 'READ' : {}, + 'UPDATE' : {}, + 'DELETE' : {}, + 'ADMINISTER' : {} + }; + /** * The granted state of each permission for each active connection, as * a map of object permission type string to permission map. The @@ -188,6 +207,9 @@ angular.module('rest').factory('PermissionFlagSet', ['PermissionSet', // Add all granted connection group permissions addObjectPermissions(permissionSet.connectionGroupPermissions, permissionFlagSet.connectionGroupPermissions); + // Add all granted sharing profile permissions + addObjectPermissions(permissionSet.sharingProfilePermissions, permissionFlagSet.sharingProfilePermissions); + // Add all granted active connection permissions addObjectPermissions(permissionSet.activeConnectionPermissions, permissionFlagSet.activeConnectionPermissions); diff --git a/guacamole/src/main/webapp/app/rest/types/PermissionSet.js b/guacamole/src/main/webapp/app/rest/types/PermissionSet.js index 2ac418e03..8fd1ef684 100644 --- a/guacamole/src/main/webapp/app/rest/types/PermissionSet.js +++ b/guacamole/src/main/webapp/app/rest/types/PermissionSet.js @@ -53,6 +53,15 @@ angular.module('rest').factory('PermissionSet', [function definePermissionSet() * @type Object. */ this.connectionGroupPermissions = template.connectionGroupPermissions || {}; + + /** + * Map of sharing profile identifiers to the corresponding array of + * granted permissions. Each permission is represented by a string + * listed within PermissionSet.ObjectPermissionType. + * + * @type Object. + */ + this.sharingProfilePermissions = template.sharingProfilePermissions || {}; /** * Map of active connection identifiers to the corresponding array of @@ -132,7 +141,12 @@ angular.module('rest').factory('PermissionSet', [function definePermissionSet() /** * Permission to create new connection groups. */ - CREATE_CONNECTION_GROUP : "CREATE_CONNECTION_GROUP" + CREATE_CONNECTION_GROUP : "CREATE_CONNECTION_GROUP", + + /** + * Permission to create new sharing profiles. + */ + CREATE_SHARING_PROFILE : "CREATE_SHARING_PROFILE" }; @@ -247,6 +261,28 @@ angular.module('rest').factory('PermissionSet', [function definePermissionSet() return hasPermission(permSet.connectionGroupPermissions, type, identifier); }; + /** + * Returns whether the given permission is granted for the sharing profile + * having the given ID. + * + * @param {PermissionSet|Object} permSet + * The permission set to check. + * + * @param {String} type + * The permission to search for, as defined by + * PermissionSet.ObjectPermissionType. + * + * @param {String} identifier + * The identifier of the sharing profile to which the permission + * applies. + * + * @returns {Boolean} + * true if the permission is present (granted), false otherwise. + */ + PermissionSet.hasSharingProfilePermission = function hasSharingProfilePermission(permSet, type, identifier) { + return hasPermission(permSet.sharingProfilePermissions, type, identifier); + }; + /** * Returns whether the given permission is granted for the active * connection having the given ID. @@ -548,6 +584,56 @@ angular.module('rest').factory('PermissionSet', [function definePermissionSet() return removeObjectPermission(permSet.connectionGroupPermissions, type, identifier); }; + /** + * Adds the given sharing profile permission applying to the sharing profile + * with the given ID to the given permission set, if not already present. If + * the permission is already present, this function has no effect. + * + * @param {PermissionSet} permSet + * The permission set to modify. + * + * @param {String} type + * The permission to add, as defined by + * PermissionSet.ObjectPermissionType. + * + * @param {String} identifier + * The identifier of the sharing profile to which the permission + * applies. + * + * @returns {Boolean} + * true if the permission was added, false if the permission was + * already present in the given permission set. + */ + PermissionSet.addSharingProfilePermission = function addSharingProfilePermission(permSet, type, identifier) { + permSet.sharingProfilePermissions = permSet.sharingProfilePermissions || {}; + return addObjectPermission(permSet.sharingProfilePermissions, type, identifier); + }; + + /** + * Removes the given sharing profile permission applying to the sharing + * profile with the given ID from the given permission set, if present. If + * the permission is not present, this function has no effect. + * + * @param {PermissionSet} permSet + * The permission set to modify. + * + * @param {String} type + * The permission to remove, as defined by + * PermissionSet.ObjectPermissionType. + * + * @param {String} identifier + * The identifier of the sharing profile to which the permission + * applies. + * + * @returns {Boolean} + * true if the permission was removed, false if the permission was not + * present in the given permission set. + */ + PermissionSet.removeSharingProfilePermission = function removeSharingProfilePermission(permSet, type, identifier) { + permSet.sharingProfilePermissions = permSet.sharingProfilePermissions || {}; + return removeObjectPermission(permSet.sharingProfilePermissions, type, identifier); + }; + /** * Adds the given active connection permission applying to the connection * group with the given ID to the given permission set, if not already