mirror of
https://github.com/gyurix1968/guacamole-client.git
synced 2025-10-31 00:53:21 +00:00
GUAC-586: Simplify and fix connection permission checks in management UI.
This commit is contained in:
Michael Jumper
@@ -86,7 +86,7 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe
|
||||
* All permissions associated with the current user, or null if the
|
||||
* user's permissions have not yet been loaded.
|
||||
*
|
||||
* @type Object.<String, PermissionSet>
|
||||
* @type PermissionSet
|
||||
*/
|
||||
$scope.permissions = null;
|
||||
|
||||
@@ -106,11 +106,11 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe
|
||||
|
||||
/**
|
||||
* Returns whether the current user can create new connections
|
||||
* within at least one data source.
|
||||
* within the current data source.
|
||||
*
|
||||
* @return {Boolean}
|
||||
* true if the current user can create new connections within
|
||||
* at least one data source, false otherwise.
|
||||
* the current data source, false otherwise.
|
||||
*/
|
||||
$scope.canCreateConnections = function canCreateConnections() {
|
||||
|
||||
@@ -118,18 +118,10 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe
|
||||
if (!$scope.permissions)
|
||||
return false;
|
||||
|
||||
// For each data source
|
||||
for (var dataSource in $scope.permissions) {
|
||||
|
||||
// Retrieve corresponding permission set
|
||||
var permissionSet = $scope.permissions[dataSource];
|
||||
|
||||
// Can create connections if adminstrator or have explicit permission
|
||||
if (PermissionSet.hasSystemPermission(permissionSet, PermissionSet.SystemPermissionType.ADMINISTER)
|
||||
|| PermissionSet.hasSystemPermission(permissionSet, PermissionSet.SystemPermissionType.CREATE_CONNECTION))
|
||||
return true;
|
||||
|
||||
}
|
||||
// Can create connections if adminstrator or have explicit permission
|
||||
if (PermissionSet.hasSystemPermission($scope.permissions, PermissionSet.SystemPermissionType.ADMINISTER)
|
||||
|| PermissionSet.hasSystemPermission($scope.permissions, PermissionSet.SystemPermissionType.CREATE_CONNECTION))
|
||||
return true;
|
||||
|
||||
// No data sources allow connection creation
|
||||
return false;
|
||||
@@ -138,11 +130,11 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe
|
||||
|
||||
/**
|
||||
* Returns whether the current user can create new connection
|
||||
* groups within at least one data source.
|
||||
* groups within the current data source.
|
||||
*
|
||||
* @return {Boolean}
|
||||
* true if the current user can create new connection groups
|
||||
* within at least one data source, false otherwise.
|
||||
* within the current data source, false otherwise.
|
||||
*/
|
||||
$scope.canCreateConnectionGroups = function canCreateConnectionGroups() {
|
||||
|
||||
@@ -150,18 +142,10 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe
|
||||
if (!$scope.permissions)
|
||||
return false;
|
||||
|
||||
// For each data source
|
||||
for (var dataSource in $scope.permissions) {
|
||||
|
||||
// Retrieve corresponding permission set
|
||||
var permissionSet = $scope.permissions[dataSource];
|
||||
|
||||
// Can create connections groups if adminstrator or have explicit permission
|
||||
if (PermissionSet.hasSystemPermission(permissionSet, PermissionSet.SystemPermissionType.ADMINISTER)
|
||||
|| PermissionSet.hasSystemPermission(permissionSet, PermissionSet.SystemPermissionType.CREATE_CONNECTION_GROUP))
|
||||
return true;
|
||||
|
||||
}
|
||||
// Can create connections groups if adminstrator or have explicit permission
|
||||
if (PermissionSet.hasSystemPermission($scope.permissions, PermissionSet.SystemPermissionType.ADMINISTER)
|
||||
|| PermissionSet.hasSystemPermission($scope.permissions, PermissionSet.SystemPermissionType.CREATE_CONNECTION_GROUP))
|
||||
return true;
|
||||
|
||||
// No data sources allow connection group creation
|
||||
return false;
|
||||
@@ -171,14 +155,14 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe
|
||||
/**
|
||||
* Returns whether the current user can create new connections or
|
||||
* connection groups or make changes to existing connections or
|
||||
* connection groups within at least one data source. The
|
||||
* connection groups within the current data source. The
|
||||
* connection management interface as a whole is useless if this
|
||||
* function returns false.
|
||||
*
|
||||
* @return {Boolean}
|
||||
* true if the current user can create new connections/groups
|
||||
* or make changes to existing connections/groups within at
|
||||
* least one data source, false otherwise.
|
||||
* or make changes to existing connections/groups within the
|
||||
* current data source, false otherwise.
|
||||
*/
|
||||
$scope.canManageConnections = function canManageConnections() {
|
||||
|
||||
@@ -190,23 +174,15 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe
|
||||
if ($scope.canCreateConnections() || $scope.canCreateConnectionGroups())
|
||||
return true;
|
||||
|
||||
// For each data source
|
||||
for (var dataSource in $scope.permissions) {
|
||||
// Can manage connections if granted explicit update or delete
|
||||
if (PermissionSet.hasConnectionPermission($scope.permissions, PermissionSet.ObjectPermissionType.UPDATE)
|
||||
|| PermissionSet.hasConnectionPermission($scope.permissions, PermissionSet.ObjectPermissionType.DELETE))
|
||||
return true;
|
||||
|
||||
// Retrieve corresponding permission set
|
||||
var permissionSet = $scope.permissions[dataSource];
|
||||
|
||||
// Can manage connections if granted explicit update or delete
|
||||
if (PermissionSet.hasConnectionPermission(permissionSet, PermissionSet.ObjectPermissionType.UPDATE)
|
||||
|| PermissionSet.hasConnectionPermission(permissionSet, PermissionSet.ObjectPermissionType.DELETE))
|
||||
return true;
|
||||
|
||||
// Can manage connections groups if granted explicit update or delete
|
||||
if (PermissionSet.hasConnectionGroupPermission(permissionSet, PermissionSet.ObjectPermissionType.UPDATE)
|
||||
|| PermissionSet.hasConnectionGroupPermission(permissionSet, PermissionSet.ObjectPermissionType.DELETE))
|
||||
return true;
|
||||
|
||||
}
|
||||
// Can manage connections groups if granted explicit update or delete
|
||||
if (PermissionSet.hasConnectionGroupPermission($scope.permissions, PermissionSet.ObjectPermissionType.UPDATE)
|
||||
|| PermissionSet.hasConnectionGroupPermission($scope.permissions, PermissionSet.ObjectPermissionType.DELETE))
|
||||
return true;
|
||||
|
||||
// No data sources allow management of connections or groups
|
||||
return false;
|
||||
@@ -214,12 +190,8 @@ angular.module('settings').directive('guacSettingsConnections', [function guacSe
|
||||
};
|
||||
|
||||
// Retrieve current permissions
|
||||
dataSourceService.apply(
|
||||
permissionService.getPermissions,
|
||||
[$scope.dataSource],
|
||||
currentUsername
|
||||
)
|
||||
.then(function permissionsRetrieved(permissions) {
|
||||
permissionService.getPermissions($scope.dataSource, currentUsername)
|
||||
.success(function permissionsRetrieved(permissions) {
|
||||
|
||||
// Store retrieved permissions
|
||||
$scope.permissions = permissions;
|
||||
|
||||
@@ -28,11 +28,11 @@
|
||||
<div class="action-buttons">
|
||||
|
||||
<a class="add-connection button"
|
||||
ng-show="canCreateConnections"
|
||||
ng-show="canCreateConnections()"
|
||||
href="#/manage/{{dataSource}}/connections/">{{'SETTINGS_CONNECTIONS.ACTION_NEW_CONNECTION' | translate}}</a>
|
||||
|
||||
<a class="add-connection-group button"
|
||||
ng-show="canCreateConnectionGroups"
|
||||
ng-show="canCreateConnectionGroups()"
|
||||
href="#/manage/{{dataSource}}/connectionGroups/">{{'SETTINGS_CONNECTIONS.ACTION_NEW_CONNECTION_GROUP' | translate}}</a>
|
||||
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user