GUACAMOLE-360: Make webapp use permission sets for active connection management.

2025-10-31 00:53:21 +00:00 · 2018-06-12 21:50:12 -04:00
parent 5e16518569
commit bd2d051a19
1 changed files with 21 additions and 10 deletions
--- a/guacamole/src/main/webapp/app/navigation/services/userPageService.js
+++ b/guacamole/src/main/webapp/app/navigation/services/userPageService.js
@@ -71,10 +71,10 @@ angular.module('navigation').factory('userPageService', ['$injector',
        var settingsPages = generateSettingsPages(permissions);

        // If user has access to settings pages, return home page and skip
-        // evaluation for automatic connections.  The Preferences and Session
-        // Management pages are "Settings" pages and are always visible, so
-        // we look for more than two to indicate access to administrative pages.
-        if (settingsPages.length > 2)
+        // evaluation for automatic connections.  The Preferences page is
+        // a Settings page and is always visible, so we look for more than
+        // one to indicate access to administrative pages.
+        if (settingsPages.length > 1)
            return SYSTEM_HOME_PAGE;

        // Determine whether a connection or balancing group should serve as
@@ -265,8 +265,25 @@ angular.module('navigation').factory('userPageService', ['$injector',
                canViewConnectionRecords.push(dataSource);
            }

+            // Determine whether the current user needs access to view session management
+            if (
+                    // Permission to manage active sessions.
+                       PermissionSet.hasSystemPermission(permissions,           PermissionSet.SystemPermissionType.ADMINISTER)
+                    || PermissionSet.hasActiveConnectionPermission(permissions, PermissionSet.ObjectPermissionType.DELETE)
+            ) {
+                canManageSessions.push(dataSource);
+            }
+
        });

+        // If user can manage sessions, add link to sessions management page
+        if (canManageSessions.length) {
+            pages.push(new PageDefinition({
+                name : 'USER_MENU.ACTION_MANAGE_SESSIONS',
+                url  : '/settings/sessions'
+            }));
+        }
+
        // If user can manage connections, add links for connection management pages
        angular.forEach(canViewConnectionRecords, function addConnectionHistoryLink(dataSource) {
            pages.push(new PageDefinition({
@@ -297,12 +314,6 @@ angular.module('navigation').factory('userPageService', ['$injector',
            }));
        });

-        // Add link to session management (always accessible)
-        pages.push(new PageDefinition({
-            name : 'USER_MENU.ACTION_MANAGE_SESSIONS',
-            url  : '/settings/sessions'
-        }));
-
        // Add link to user preferences (always accessible)
        pages.push(new PageDefinition({
            name : 'USER_MENU.ACTION_MANAGE_PREFERENCES',