From df34b87460213547d34e310d4f5af41ba15d2116 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 3 Sep 2015 15:44:03 -0700 Subject: [PATCH] GUAC-586: Simplify and fix connection permission checks in management UI. --- .../directives/guacSettingsConnections.js | 80 ++++++------------- .../templates/settingsConnections.html | 4 +- 2 files changed, 28 insertions(+), 56 deletions(-) diff --git a/guacamole/src/main/webapp/app/settings/directives/guacSettingsConnections.js b/guacamole/src/main/webapp/app/settings/directives/guacSettingsConnections.js index 701b52808..d088cbc31 100644 --- a/guacamole/src/main/webapp/app/settings/directives/guacSettingsConnections.js +++ b/guacamole/src/main/webapp/app/settings/directives/guacSettingsConnections.js @@ -86,7 +86,7 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe * All permissions associated with the current user, or null if the * user's permissions have not yet been loaded. * - * @type Object. + * @type PermissionSet */ $scope.permissions = null; @@ -106,11 +106,11 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe /** * Returns whether the current user can create new connections - * within at least one data source. + * within the current data source. * * @return {Boolean} * true if the current user can create new connections within - * at least one data source, false otherwise. + * the current data source, false otherwise. */ $scope.canCreateConnections = function canCreateConnections() { @@ -118,18 +118,10 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe if (!$scope.permissions) return false; - // For each data source - for (var dataSource in $scope.permissions) { - - // Retrieve corresponding permission set - var permissionSet = $scope.permissions[dataSource]; - - // Can create connections if adminstrator or have explicit permission - if (PermissionSet.hasSystemPermission(permissionSet, PermissionSet.SystemPermissionType.ADMINISTER) - || PermissionSet.hasSystemPermission(permissionSet, PermissionSet.SystemPermissionType.CREATE_CONNECTION)) - return true; - - } + // Can create connections if adminstrator or have explicit permission + if (PermissionSet.hasSystemPermission($scope.permissions, PermissionSet.SystemPermissionType.ADMINISTER) + || PermissionSet.hasSystemPermission($scope.permissions, PermissionSet.SystemPermissionType.CREATE_CONNECTION)) + return true; // No data sources allow connection creation return false; @@ -138,11 +130,11 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe /** * Returns whether the current user can create new connection - * groups within at least one data source. + * groups within the current data source. * * @return {Boolean} * true if the current user can create new connection groups - * within at least one data source, false otherwise. + * within the current data source, false otherwise. */ $scope.canCreateConnectionGroups = function canCreateConnectionGroups() { @@ -150,18 +142,10 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe if (!$scope.permissions) return false; - // For each data source - for (var dataSource in $scope.permissions) { - - // Retrieve corresponding permission set - var permissionSet = $scope.permissions[dataSource]; - - // Can create connections groups if adminstrator or have explicit permission - if (PermissionSet.hasSystemPermission(permissionSet, PermissionSet.SystemPermissionType.ADMINISTER) - || PermissionSet.hasSystemPermission(permissionSet, PermissionSet.SystemPermissionType.CREATE_CONNECTION_GROUP)) - return true; - - } + // Can create connections groups if adminstrator or have explicit permission + if (PermissionSet.hasSystemPermission($scope.permissions, PermissionSet.SystemPermissionType.ADMINISTER) + || PermissionSet.hasSystemPermission($scope.permissions, PermissionSet.SystemPermissionType.CREATE_CONNECTION_GROUP)) + return true; // No data sources allow connection group creation return false; @@ -171,14 +155,14 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe /** * Returns whether the current user can create new connections or * connection groups or make changes to existing connections or - * connection groups within at least one data source. The + * connection groups within the current data source. The * connection management interface as a whole is useless if this * function returns false. * * @return {Boolean} * true if the current user can create new connections/groups - * or make changes to existing connections/groups within at - * least one data source, false otherwise. + * or make changes to existing connections/groups within the + * current data source, false otherwise. */ $scope.canManageConnections = function canManageConnections() { @@ -190,23 +174,15 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe if ($scope.canCreateConnections() || $scope.canCreateConnectionGroups()) return true; - // For each data source - for (var dataSource in $scope.permissions) { + // Can manage connections if granted explicit update or delete + if (PermissionSet.hasConnectionPermission($scope.permissions, PermissionSet.ObjectPermissionType.UPDATE) + || PermissionSet.hasConnectionPermission($scope.permissions, PermissionSet.ObjectPermissionType.DELETE)) + return true; - // Retrieve corresponding permission set - var permissionSet = $scope.permissions[dataSource]; - - // Can manage connections if granted explicit update or delete - if (PermissionSet.hasConnectionPermission(permissionSet, PermissionSet.ObjectPermissionType.UPDATE) - || PermissionSet.hasConnectionPermission(permissionSet, PermissionSet.ObjectPermissionType.DELETE)) - return true; - - // Can manage connections groups if granted explicit update or delete - if (PermissionSet.hasConnectionGroupPermission(permissionSet, PermissionSet.ObjectPermissionType.UPDATE) - || PermissionSet.hasConnectionGroupPermission(permissionSet, PermissionSet.ObjectPermissionType.DELETE)) - return true; - - } + // Can manage connections groups if granted explicit update or delete + if (PermissionSet.hasConnectionGroupPermission($scope.permissions, PermissionSet.ObjectPermissionType.UPDATE) + || PermissionSet.hasConnectionGroupPermission($scope.permissions, PermissionSet.ObjectPermissionType.DELETE)) + return true; // No data sources allow management of connections or groups return false; @@ -214,12 +190,8 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe }; // Retrieve current permissions - dataSourceService.apply( - permissionService.getPermissions, - [$scope.dataSource], - currentUsername - ) - .then(function permissionsRetrieved(permissions) { + permissionService.getPermissions($scope.dataSource, currentUsername) + .success(function permissionsRetrieved(permissions) { // Store retrieved permissions $scope.permissions = permissions; diff --git a/guacamole/src/main/webapp/app/settings/templates/settingsConnections.html b/guacamole/src/main/webapp/app/settings/templates/settingsConnections.html index 0f9b618df..efecf6f8a 100644 --- a/guacamole/src/main/webapp/app/settings/templates/settingsConnections.html +++ b/guacamole/src/main/webapp/app/settings/templates/settingsConnections.html @@ -28,11 +28,11 @@
{{'SETTINGS_CONNECTIONS.ACTION_NEW_CONNECTION' | translate}} {{'SETTINGS_CONNECTIONS.ACTION_NEW_CONNECTION_GROUP' | translate}}