Repository: ranger Updated Branches: refs/heads/ranger-1.0 024a3e392 -> 3ddd087a7
RANGER-1948: Support for Read-only Ranger Admin users. Signed-off-by: pradeep <prad...@apache.org> Project: http://git-wip-us.apache.org/repos/asf/ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/72ed7d39 Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/72ed7d39 Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/72ed7d39 Branch: refs/heads/ranger-1.0 Commit: 72ed7d398fa3cdb93f8868e553323c27801b2e83 Parents: 024a3e3 Author: ni3galave <nitin.gal...@gmail.com> Authored: Thu Mar 1 18:23:25 2018 +0530 Committer: pradeep <prad...@apache.org> Committed: Wed Mar 7 11:30:01 2018 +0530 ---------------------------------------------------------------------- .../webapp/scripts/controllers/Controller.js | 2 +- .../src/main/webapp/scripts/mgrs/SessionMgr.js | 6 + .../scripts/modules/globalize/message/en.js | 11 +- .../src/main/webapp/scripts/utils/XAEnums.js | 13 +- .../src/main/webapp/scripts/utils/XAUtils.js | 23 +++- .../main/webapp/scripts/views/common/TopNav.js | 8 +- .../webapp/scripts/views/kms/KMSTableLayout.js | 7 ++ .../views/permissions/ModulePermissionForm.js | 14 ++- .../views/permissions/ModulePermsTableLayout.js | 7 +- .../views/policies/RangerPolicyTableLayout.js | 19 ++- .../views/policymanager/ServiceLayout.js | 27 ++++- .../views/reports/OperationDiffDetail.js | 8 ++ .../scripts/views/reports/UserAccessLayout.js | 7 +- .../views/service/RangerServiceViewDetail.js | 84 +++++++++++++ .../scripts/views/user/UserProfileForm.js | 8 ++ .../webapp/scripts/views/users/GroupCreate.js | 4 +- .../webapp/scripts/views/users/UserCreate.js | 6 +- .../main/webapp/scripts/views/users/UserForm.js | 30 +++-- .../scripts/views/users/UserTableLayout.js | 26 +++- security-admin/src/main/webapp/styles/xa.css | 5 +- .../webapp/templates/common/TopNav_tmpl.html | 4 +- .../main/webapp/templates/helpers/XAHelpers.js | 14 ++- .../templates/kms/KmsTableLayout_tmpl.html | 17 +-- .../ModulePermsTableLayout_tmpl.html | 2 +- .../policies/RangerPolicyTableLayout_tmpl.html | 26 ++-- .../reports/UserAccessLayout_tmpl.html | 2 + .../service/RangerServiceViewDetail_tmpl.html | 120 +++++++++++++++++++ .../templates/users/UserTableLayout_tmpl.html | 4 +- 28 files changed, 430 insertions(+), 74 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/controllers/Controller.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/controllers/Controller.js b/security-admin/src/main/webapp/scripts/controllers/Controller.js index 2be915f..92dac6a 100755 --- a/security-admin/src/main/webapp/scripts/controllers/Controller.js +++ b/security-admin/src/main/webapp/scripts/controllers/Controller.js @@ -102,7 +102,7 @@ define(function(require) { var view = require('views/user/UserProfile'); App.rContent.show(new view({ - model : App.userProfile + model : App.userProfile.clone() })); }, http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js b/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js index e7a3856..529a589 100644 --- a/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js +++ b/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js @@ -134,5 +134,11 @@ define(function(require){ SessionMgr.isUser = function(){ return this.userInRole('ROLE_USER') ? true : false; }; + SessionMgr.isAuditor = function(){ + return this.userInRole('ROLE_ADMIN_AUDITOR') ? true : false; + }; + SessionMgr.isKMSAuditor = function(){ + return this.userInRole('ROLE_KEY_ADMIN_AUDITOR') ? true : false; + }; return SessionMgr; }); http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js index ef75e36..8aaf705 100644 --- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js +++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js @@ -241,8 +241,11 @@ define(function(require) { download : 'Download', lastUpdate : 'Last Update', modules : 'Modules', - clusterName : 'Cluster Name', - policyLabels : 'Policy Labels' + clusterName : 'Cluster Name', + policyLabels : 'Policy Labels', + activeStatus : 'Active Status', + selectTagService : 'Tag Service' + }, btn : { add : 'Add', @@ -350,7 +353,9 @@ define(function(require) { custom :'CUSTOM', mask :'Mask', rowFilter : 'Row Filter', - policyLabelsinfo : 'Label of policy' + policyLabelsinfo : 'Label of policy', + serviceDetails :'Service Details', + configProperties : 'Config Properties' }, msg : { deletePolicyValidationMsg : 'Policy does not have any settings for the specific resource. Policy will be deleted. Press [Ok] to continue. Press [Cancel] to edit the policy.', http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/utils/XAEnums.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/utils/XAEnums.js b/security-admin/src/main/webapp/scripts/utils/XAEnums.js index 0e0958d..4aa21c1 100644 --- a/security-admin/src/main/webapp/scripts/utils/XAEnums.js +++ b/security-admin/src/main/webapp/scripts/utils/XAEnums.js @@ -57,6 +57,8 @@ define(function(require) { ROLE_SYS_ADMIN:{value:0, label:'Admin', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_ALLOWED', tt: 'lbl.AccessResult_ACCESS_RESULT_ALLOWED'}, ROLE_USER:{value:1, label:'User', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_DENIED', tt: 'lbl.AccessResult_ACCESS_RESULT_DENIED'}, ROLE_KEY_ADMIN:{value:2, label:'KeyAdmin', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_ALLOWED', tt: 'lbl.AccessResult_ACCESS_RESULT_ALLOWED'}, + ROLE_ADMIN_AUDITOR:{value:3, label:'Auditor', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_ALLOWED', tt: 'lbl.AccessResult_ACCESS_RESULT_ALLOWED'}, + ROLE_KEY_ADMIN_AUDITOR:{value:4, label:'KMSAuditor', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_ALLOWED', tt: 'lbl.AccessResult_ACCESS_RESULT_ALLOWED'} }); XAEnums.UserTypes = mergeParams(XAEnums.UserTypes, { @@ -365,11 +367,12 @@ define(function(require) { }); XAEnums.MenuPermissions = mergeParams(XAEnums.MenuPermissions, { - XA_RESOURCE_BASED_POLICIES:{value:0, label:'Resource Based Policies', rbkey:'xa.enum.MenuPermissions.XA_RESOURCE_BASED_POLICIES', tt: 'lbl.XAPermForType_XA_PERM_FOR_UNKNOWN'}, - XA_USER_GROUPS:{value:1, label:'Users/Groups', rbkey:'xa.enum.MenuPermissions.XA_USER_GROUP', tt: 'lbl.XAPermForType_XA_PERM_FOR_USER'}, - XA_REPORTS:{value:2, label:'Reports', rbkey:'xa.enum.MenuPermissions.XA_REPORTS', tt: 'lbl.XAPermForType_XA_PERM_FOR_GROUP'}, - XA_AUDITS:{value:3, label:'Audit', rbkey:'xa.enum.MenuPermissions.XA_AUDITS', tt: 'lbl.XAPermForType_XA_PERM_FOR_GROUP'}, - XA_KEY_MANAGER:{value:4, label:'Key Manager', rbkey:'xa.enum.MenuPermissions.XA_KEY_MANAGER', tt: 'lbl.XAPermForType_XA_PERM_FOR_GROUP'} + XA_RESOURCE_BASED_POLICIES:{value:1, label:'Resource Based Policies', rbkey:'xa.enum.MenuPermissions.XA_RESOURCE_BASED_POLICIES', tt: 'lbl.XAPermForType_XA_RESOURCE_BASED_POLICIES'}, + XA_USER_GROUPS:{value:2, label:'Users/Groups', rbkey:'xa.enum.MenuPermissions.XA_USER_GROUP', tt: 'lbl.XAPermForType_XA_USER_GROUPS'}, + XA_REPORTS:{value:3, label:'Reports', rbkey:'xa.enum.MenuPermissions.XA_REPORTS', tt: 'lbl.XAPermForType_XA_REPORTS'}, + XA_AUDITS:{value:4, label:'Audit', rbkey:'xa.enum.MenuPermissions.XA_AUDITS', tt: 'lbl.XAPermForType_XA_AUDITS'}, + XA_KEY_MANAGER:{value:5, label:'Key Manager', rbkey:'xa.enum.MenuPermissions.XA_KEY_MANAGER', tt: 'lbl.XAPermForType_XA_KEY_MANAGER'}, + XA_TAG_BASED_POLICIES:{value:6, label:'Tag Based Policies', rbkey:'xa.enum.MenuPermissions.XA_TAG_BASED_POLICIES', tt: 'lbl.XAPermForType_XA_TAG_BASED_POLICIES'} }); return XAEnums; http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/utils/XAUtils.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/utils/XAUtils.js b/security-admin/src/main/webapp/scripts/utils/XAUtils.js index 4fe7263..c1e6ef5 100644 --- a/security-admin/src/main/webapp/scripts/utils/XAUtils.js +++ b/security-admin/src/main/webapp/scripts/utils/XAUtils.js @@ -1148,7 +1148,7 @@ define(function(require) { var denyControllerActions = [], denyModulesObj = []; var userModuleNames = _.pluck(vXPortalUser.get('userPermList'),'moduleName'); //add by default permission module to admin user - if (SessionMgr.isSystemAdmin()){ + if (XAUtils.isAuditorOrSystemAdmin(SessionMgr)){ userModuleNames.push('Permissions') } var groupModuleNames = _.pluck(vXPortalUser.get('groupPermissions'), 'moduleName'), @@ -1216,16 +1216,23 @@ define(function(require) { var SessionMgr = require('mgrs/SessionMgr'); var userRoleList = [] _.each(XAEnums.UserRoles,function(val, key){ - if(SessionMgr.isKeyAdmin() && XAEnums.UserRoles.ROLE_SYS_ADMIN.value != val.value){ + if(SessionMgr.isKeyAdmin() && XAEnums.UserRoles.ROLE_SYS_ADMIN.value != val.value + && XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value != val.value){ userRoleList.push(key) - }else if(SessionMgr.isSystemAdmin() && XAEnums.UserRoles.ROLE_KEY_ADMIN.value != val.value){ + }else if(SessionMgr.isSystemAdmin() && XAEnums.UserRoles.ROLE_KEY_ADMIN.value != val.value + && XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value != val.value){ userRoleList.push(key) }else if(SessionMgr.isUser() && XAEnums.UserRoles.ROLE_USER.value == val.value){ userRoleList.push(key) + }else if(SessionMgr.isAuditor() && XAEnums.UserRoles.ROLE_KEY_ADMIN.value != val.value + && XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value != val.value){ + userRoleList.push(key) + }else if(SessionMgr.isKMSAuditor() && XAEnums.UserRoles.ROLE_SYS_ADMIN.value != val.value + && XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value != val.value){ + userRoleList.push(key) } }) - return {'userRoleList' : userRoleList }; - }; + return {'userRoleList' : userRoleList }; }; XAUtils.showErrorMsg = function(respMsg){ var respArr = respMsg.split(/\([0-9]*\)/); respArr = respArr.filter(function(str){ return str; }); @@ -1376,5 +1383,11 @@ define(function(require) { newLabelArr.push('</div>'); return newLabelArr.length ? newLabelArr.join(' ') : '--'; }; + XAUtils.isAuditorOrSystemAdmin = function(SessionMgr){ + return (SessionMgr.isAuditor() || SessionMgr.isSystemAdmin()) ? true : false ; + }; + XAUtils.isAuditorOrKMSAuditor = function(SessionMgr){ + return (SessionMgr.isAuditor() || SessionMgr.isKMSAuditor()) ? true : false ; + } return XAUtils; }); \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/common/TopNav.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/common/TopNav.js b/security-admin/src/main/webapp/scripts/views/common/TopNav.js index aba71ef..0f4a708 100644 --- a/security-admin/src/main/webapp/scripts/views/common/TopNav.js +++ b/security-admin/src/main/webapp/scripts/views/common/TopNav.js @@ -23,7 +23,9 @@ define(function(require){ var Backbone = require('backbone'); - var TopNav_tmpl = require('hbs!tmpl/common/TopNav_tmpl'); + var TopNav_tmpl = require('hbs!tmpl/common/TopNav_tmpl'); + var SessionMgr = require('mgrs/SessionMgr'); + var XAUtil = require('utils/XAUtils'); require('jquery.cookie'); var TopNav = Backbone.Marionette.ItemView.extend( /** @lends TopNav */ @@ -32,7 +34,9 @@ define(function(require){ template: TopNav_tmpl, templateHelpers : function(){ - + return{ + showPermissionTab : XAUtil.isAuditorOrSystemAdmin(SessionMgr) + } }, /** ui selector cache */ http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js b/security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js index 2749cea..38c0177 100755 --- a/security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js +++ b/security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js @@ -32,6 +32,7 @@ define(function(require){ var KmsKey = require('models/VXKmsKey'); var XATableLayout = require('views/common/XATableLayout'); var KmsTablelayoutTmpl = require('hbs!tmpl/kms/KmsTableLayout_tmpl'); + var SessionMgr = require('mgrs/SessionMgr'); var KmsTableLayout = Backbone.Marionette.Layout.extend( /** @lends KmsTableLayout */ @@ -40,6 +41,9 @@ define(function(require){ template: KmsTablelayoutTmpl, templateHelpers : function(){ + return { + isKeyadmin : SessionMgr.isKeyAdmin() ? true :false + } }, breadCrumbs :[XALinks.get('KmsManage')], /** Layout sub regions */ @@ -231,6 +235,9 @@ define(function(require){ } }; + if(!SessionMgr.isKeyAdmin()){ + delete cols.operation; + } return this.collection.constructor.getTableCols(cols, this.collection); }, http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js b/security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js index d9c522c..47c69de 100644 --- a/security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js +++ b/security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js @@ -161,15 +161,23 @@ define(function(require) { return { name : term, isVisible : XAEnums.VisibilityStatus.STATUS_VISIBLE.value }; }, results: function (data, page) { - var results = []; var results = [], selectedVals = []; //Get selected values of groups/users dropdown selectedVals = that.getSelectedValues(options); if(data.resultSize != "0"){ if(!_.isUndefined(data.vXGroups)){ - results = data.vXGroups.map(function(m, i){ return {id : m.id, text: _.escape(m.name) }; }); + results = data.vXGroups.map(function(m, i){ return {id : m.id, text: _.escape(m.name) }; }); } else if(!_.isUndefined(data.vXUsers)){ - results = data.vXUsers.map(function(m, i){ return {id : m.id, text: _.escape(m.name) }; }); +// tag base policy tab hide from KeyAdmin and KMSAuditor users + if(that.model.get('module') === XAEnums.MenuPermissions.XA_TAG_BASED_POLICIES.label){ + _.map(data.vXUsers ,function(m, i){ + if(XAEnums.UserRoles[m.userRoleList[0]].label != 'KeyAdmin' && XAEnums.UserRoles[m.userRoleList[0]].label != 'KMSAuditor'){ + results.push({id : m.id, text: _.escape(m.name) }); + } + }); + }else{ + results = data.vXUsers.map(function(m, i){ return {id : m.id, text: _.escape(m.name) }; }); + } } if(!_.isEmpty(selectedVals)){ results = XAUtil.filterResultByText(results, selectedVals); http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js b/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js index b46d526..9db72a7 100644 --- a/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js +++ b/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js @@ -124,7 +124,7 @@ define(function(require){ cell : "uri", reName : 'module', href: function(model){ - return '#!/permissions/'+model.id+'/edit'; + return '#!/permissions/'+model.id+'/edit'; }, label : localization.tt("lbl.modules"), editable: false, @@ -162,6 +162,7 @@ define(function(require){ sortable : false }, }; + if(SessionMgr.isSystemAdmin()){ cols['permissions'] = { cell : "html", label : localization.tt("lbl.action"), @@ -174,6 +175,10 @@ define(function(require){ sortable : false }; + } + if(SessionMgr.isAuditor()){ + cols.module.cell = "string"; + } return this.collection.constructor.getTableCols(cols, this.collection); }, onShowMore : function(e){ http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js index 618207d..b4006ce 100644 --- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js +++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js @@ -55,7 +55,8 @@ define(function(require){ rangerServiceDef : this.rangerServiceDefModel, rangerPolicyType : this.collection.queryParams['policyType'], isRenderAccessTab : XAUtil.isRenderMasking(this.rangerServiceDefModel.get('dataMaskDef')) ? true - : XAUtil.isRenderRowFilter(this.rangerServiceDefModel.get('rowFilterDef')) ? true : false + : XAUtil.isRenderRowFilter(this.rangerServiceDefModel.get('rowFilterDef')) ? true : false, + isNotAuditorAdminOrKmsAuditor : !(XAUtil.isAuditorOrKMSAuditor(SessionMgr)) }; }, @@ -205,7 +206,7 @@ define(function(require){ id : { cell : "uri", href: function(model){ - return '#!/service/'+that.rangerService.id+'/policies/'+model.id+'/edit'; + return '#!/service/'+that.rangerService.id+'/policies/'+model.id+'/edit'; }, label : localization.tt("lbl.policyId"), editable: false, @@ -287,22 +288,28 @@ define(function(require){ sortable : false }, }; - cols['permissions'] = { cell : "html", label : localization.tt("lbl.action"), formatter: _.extend({}, Backgrid.CellFormatter.prototype, { fromRaw: function (rawValue,model) { - return '<a href="javascript:void(0);" data-name ="viewPolicy" data-id="'+model.id+'" class="btn btn-mini" title="View"><i class="icon-eye-open icon-large" /></a>\ - <a href="#!/service/'+that.rangerService.id+'/policies/'+model.id+'/edit" class="btn btn-mini" title="Edit"><i class="icon-edit icon-large" /></a>\ - <a href="javascript:void(0);" data-name ="deletePolicy" data-id="'+model.id+'" class="btn btn-mini btn-danger" title="Delete"><i class="icon-trash icon-large" /></a>'; + if(XAUtil.isAuditorOrKMSAuditor(SessionMgr)){ + return '<a href="javascript:void(0);" data-name ="viewPolicy" data-id="'+model.id+'" class="btn btn-mini" title="View"><i class="icon-eye-open icon-large" /></a>'; + }else{ + return '<a href="javascript:void(0);" data-name ="viewPolicy" data-id="'+model.id+'" class="btn btn-mini" title="View"><i class="icon-eye-open icon-large" /></a>\ + <a href="#!/service/'+that.rangerService.id+'/policies/'+model.id+'/edit" class="btn btn-mini" title="Edit"><i class="icon-edit icon-large" /></a>\ + <a href="javascript:void(0);" data-name ="deletePolicy" data-id="'+model.id+'" class="btn btn-mini btn-danger" title="Delete"><i class="icon-trash icon-large" /></a>'; //You can use rawValue to custom your html, you can change this value using the name parameter. + } } }), editable: false, sortable : false }; + if(XAUtil.isAuditorOrKMSAuditor(SessionMgr)){ + cols.id.cell = 'string'; + } return this.collection.constructor.getTableCols(cols, this.collection); }, onDelete :function(e){ http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js b/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js index 7aab1e2..118abf0 100644 --- a/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js +++ b/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js @@ -32,6 +32,7 @@ define(function(require){ var ServicemanagerlayoutTmpl = require('hbs!tmpl/common/ServiceManagerLayout_tmpl'); var vUploadServicePolicy = require('views/UploadServicePolicy'); var vDownloadServicePolicy = require('views/DownloadServicePolicy'); + var RangerServiceViewDetail = require('views/service/RangerServiceViewDetail'); require('Backbone.BootstrapModal'); return Backbone.Marionette.Layout.extend( /** @lends Servicemanagerlayout */ @@ -45,7 +46,7 @@ define(function(require){ operation : SessionMgr.isSystemAdmin() || SessionMgr.isKeyAdmin(), serviceDefs : this.collection.models, services : this.services.groupBy("type"), - showImportExportBtn : SessionMgr.isUser() ? false : true + showImportExportBtn : (SessionMgr.isUser() || XAUtil.isAuditorOrKMSAuditor(SessionMgr)) ? false : true }; }, @@ -65,7 +66,8 @@ define(function(require){ 'downloadReport' : '[data-id="downloadBtnOnService"]', 'uploadServiceReport' :'[data-id="uploadBtnOnServices"]', 'exportReport' : '[data-id="exportBtn"]', - 'importServiceReport' :'[data-id="importBtn"]' + 'importServiceReport' :'[data-id="importBtn"]', + 'viewServices' : '[data-name="viewService"]' }, /** ui events hash */ @@ -76,6 +78,7 @@ define(function(require){ events['click ' + this.ui.uploadServiceReport] = 'uploadServiceReport'; events['click ' + this.ui.exportReport] = 'downloadReport'; events['click ' + this.ui.importServiceReport] = 'uploadServiceReport'; + events['click ' + this.ui.viewServices] = 'viewServices'; return events; }, /** @@ -240,6 +243,26 @@ define(function(require){ }); } }, + viewServices : function(e){ + var that =this; + var serviceId = $(e.currentTarget).data('id'); + var rangerService = that.services.find(function(m){return m.id == serviceId}); + var serviceDef = that.collection.find(function(m){return m.get('name') == rangerService.get('type')}); + var view = new RangerServiceViewDetail({ + serviceDef : serviceDef, + rangerService : rangerService, + + }); + var modal = new Backbone.BootstrapModal({ + animate : true, + content : view, + title: localization.tt("h.serviceDetails"), + okText :localization.tt("lbl.ok"), + allowCancel : true, + escape : true + }).open(); + modal.$el.find('.cancel').hide(); + }, /** on close */ onClose: function(){ } http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js b/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js index c8fc050..5d929c1 100644 --- a/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js +++ b/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js @@ -370,12 +370,20 @@ define(function(require){ m.set('newValue',XAEnums.UserRoles.ROLE_SYS_ADMIN.label) else if(newRole == "ROLE_KEY_ADMIN") m.set('newValue',XAEnums.UserRoles.ROLE_KEY_ADMIN.label) + else if(newRole == "ROLE_KEY_ADMIN_AUDITOR") + m.set('newValue',XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.label) + else if(newRole == "ROLE_ADMIN_AUDITOR") + m.set('newValue',XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.label) if(prevRole == "ROLE_USER") m.set('previousValue',XAEnums.UserRoles.ROLE_USER.label) else if(prevRole == "ROLE_SYS_ADMIN") m.set('previousValue',XAEnums.UserRoles.ROLE_SYS_ADMIN.label) else if(prevRole == "ROLE_KEY_ADMIN") m.set('previousValue',XAEnums.UserRoles.ROLE_KEY_ADMIN.label) + else if(prevRole == "ROLE_KEY_ADMIN_AUDITOR") + m.set('previousValue',XAEnums.UserRoles.ROLE_KEY_ADMIN_AUIDTOR.label) + else if(prevRole == "ROLE_ADMIN_AUDITOR") + m.set('previousValue',XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.label) } else { if(!m.has('attributeName')) modelArr.push(m); http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js b/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js index e0470cf..db64ee6 100644 --- a/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js +++ b/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js @@ -34,6 +34,7 @@ define(function(require) {'use strict'; var RangerServiceDefList= require('collections/RangerServiceDefList'); var RangerPolicyList = require('collections/RangerPolicyList'); var UseraccesslayoutTmpl= require('hbs!tmpl/reports/UserAccessLayout_tmpl'); + var SessionMgr = require('mgrs/SessionMgr'); var UserAccessLayout = Backbone.Marionette.Layout.extend( /** @lends UserAccessLayout */ @@ -45,7 +46,8 @@ define(function(require) {'use strict'; templateHelpers :function(){ return { groupList : this.groupList, - policyHeaderList : this.policyCollList + policyHeaderList : this.policyCollList, + showImportExportBtn : (XAUtil.isAuditorOrKMSAuditor(SessionMgr)) ? false : true }; }, @@ -465,6 +467,9 @@ define(function(require) {'use strict'; }; var permissions = this.getPermissionColumns(this[collName],collName,serviceDefName,subcolumns); _.extend(columns,permissions); + if(XAUtil.isAuditorOrKMSAuditor(SessionMgr)){ + columns.id.cell = 'string'; + } return coll.constructor.getTableCols(columns, coll); }, getPermissionColumns: function (coll,collName,serviceDefName,subcolumns){ http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js b/security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js new file mode 100644 index 0000000..3b2f67c --- /dev/null +++ b/security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js @@ -0,0 +1,84 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + +define(function(require) { + 'use strict'; + + var Backbone = require('backbone'); + var XAEnums = require('utils/XAEnums'); + var XAGlobals = require('utils/XAGlobals'); + var XAUtils = require('utils/XAUtils'); + var localization = require('utils/XALangSupport'); + + var RangerServiceViewDetailTmpl = require('hbs!tmpl/service/RangerServiceViewDetail_tmpl'); + var RangerService = require('models/RangerService'); + + var RangerServiceView = Backbone.Marionette.Layout.extend({ + _viewName: 'RangerServiceView', + + template: RangerServiceViewDetailTmpl, + templateHelpers: function() { + var that = this; + + return { + configsList : this.conf, + customConfigs : this.customConfigs, + serviceName : this.options.rangerService.get('name'), + description : this.options.rangerService.get('description'), + isEnabled : this.options.rangerService.get('isEnabled'), + tagService : (this.options.rangerService.get('tagService')) ? this.options.rangerService.get('tagService') : false, + } + }, + breadCrumbs: [], + + /** + * intialize a new RangerServiceDiffDetaile Layout + * @constructs + */ + initialize: function(options) { + console.log("initialized a Ranger Service View Diff"); + var that = this; + that.getTemplateForservice(this.options); + }, + getTemplateForservice : function(options){ + var configList = options.serviceDef.get('configs'); + var serviceConfigs = options.rangerService.get('configs'); + var configs = {} , customConfigs = serviceConfigs; + _.each(configList , function(m){ + if(m.label){ + configs[m.label] = serviceConfigs[m.name] + }else{ + configs[m.name] = serviceConfigs[m.name] + } + customConfigs = _.omit(customConfigs , m.name); + }) + this.conf = configs; + if(_.isEmpty(customConfigs)){ + this.customConfigs = false + }else{ + this.customConfigs = customConfigs; + } + }, + /** on close */ + onClose: function() {} + }); + + return RangerServiceView; +}); http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js b/security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js index d545a05..5ebd290 100644 --- a/security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js +++ b/security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js @@ -77,6 +77,10 @@ define(function(require){ this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_USER.value); } else if(XAEnums.UserRoles[roleList[0]].value == XAEnums.UserRoles.ROLE_KEY_ADMIN.value){ this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_KEY_ADMIN.value); + } else if(XAEnums.UserRoles[roleList[0]].value == XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value){ + this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value); + } else if(XAEnums.UserRoles[roleList[0]].value == XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value){ + this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value); } else { this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_SYS_ADMIN.value); } @@ -118,6 +122,10 @@ define(function(require){ this.model.set('userRoleList',["ROLE_USER"]); } else if(this.model.get('userRoleList') == XAEnums.UserRoles.ROLE_KEY_ADMIN.value){ this.model.set('userRoleList',["ROLE_KEY_ADMIN"]); + } else if(this.model.get('userRoleList') == XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value){ + this.model.set('userRoleList',["ROLE_KEY_ADMIN_AUDITOR"]); + } else if(this.model.get('userRoleList') == XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value){ + this.model.set('userRoleList',["ROLE_ADMIN_AUDITOR"]); } }, /** all post render plugin initialization */ http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/users/GroupCreate.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/users/GroupCreate.js b/security-admin/src/main/webapp/scripts/views/users/GroupCreate.js index b73f755..a764387 100644 --- a/security-admin/src/main/webapp/scripts/views/users/GroupCreate.js +++ b/security-admin/src/main/webapp/scripts/views/users/GroupCreate.js @@ -32,6 +32,7 @@ define(function(require){ var VXGroupList = require('collections/VXGroupList'); var GroupForm = require('views/users/GroupForm'); var GroupcreateTmpl = require('hbs!tmpl/users/GroupCreate_tmpl'); + var SessionMgr = require('mgrs/SessionMgr'); var GroupCreate = Backbone.Marionette.Layout.extend( /** @lends GroupCreate */ @@ -93,7 +94,8 @@ define(function(require){ this.rForm.show(this.form); this.rForm.$el.dirtyFields(); XAUtil.preventNavigation(localization.tt('dialogMsg.preventNavGroupForm'),this.rForm.$el); - if(!_.isUndefined(this.model.get('groupSource')) && this.model.get('groupSource') == XAEnums.GroupSource.XA_GROUP.value){ + if((!_.isUndefined(this.model.get('groupSource')) && this.model.get('groupSource') == XAEnums.GroupSource.XA_GROUP.value) + || XAUtil.isAuditorOrKMSAuditor(SessionMgr)){ this.ui.btnSave.prop( "disabled", true ); } }, http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/users/UserCreate.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/users/UserCreate.js b/security-admin/src/main/webapp/scripts/views/users/UserCreate.js index b8c5894..e1afff1 100644 --- a/security-admin/src/main/webapp/scripts/views/users/UserCreate.js +++ b/security-admin/src/main/webapp/scripts/views/users/UserCreate.js @@ -32,6 +32,7 @@ define(function(require){ var UserTableLayout = require('views/users/UserTableLayout'); var VXUserList = require('collections/VXUserList'); var UserCreateTmpl = require('hbs!tmpl/users/UserCreate_tmpl'); + var SessionMgr = require('mgrs/SessionMgr'); var UserCreate = Backbone.Marionette.Layout.extend( /** @lends UserCreate */ @@ -100,7 +101,10 @@ define(function(require){ this.renderForm(); this.rForm.$el.dirtyFields(); XAUtil.preventNavigation(localization.tt('dialogMsg.preventNavUserForm'),this.rForm.$el); - }, + if(XAUtil.isAuditorOrKMSAuditor(SessionMgr)){ + this.ui.btnSave.attr("disabled", true); + } + }, /** all post render plugin initialization */ initializePlugins: function(){ }, http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/users/UserForm.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/users/UserForm.js b/security-admin/src/main/webapp/scripts/views/users/UserForm.js index bd3730b..ee0d256 100644 --- a/security-admin/src/main/webapp/scripts/views/users/UserForm.js +++ b/security-admin/src/main/webapp/scripts/views/users/UserForm.js @@ -113,13 +113,13 @@ define(function(require){ type : 'Select', options : function(callback, editor){ - var userTypes = _.filter(XAEnums.UserRoles,function(m){ - if(!SessionMgr.isKeyAdmin()){ - return m.label != 'Unknown' && m.label != 'KeyAdmin'; - } else { - return m.label != 'Unknown' && m.label != 'Admin'; - } - }); + var userTypes = _.filter(XAEnums.UserRoles,function(m){ + if(!SessionMgr.isKeyAdmin()){ + return m.label != 'Unknown' && m.label != 'KeyAdmin' && m.label != 'KMSAuditor'; + } else { + return m.label != 'Unknown' && m.label != 'Admin' && m.label != 'Auditor'; + } + }); var nvPairs = XAUtils.enumToSelectPairs(userTypes); callback(nvPairs); editor.$el.val("0"); @@ -144,6 +144,10 @@ define(function(require){ this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_USER.value); } else if(XAEnums.UserRoles[roleList[0]].value == XAEnums.UserRoles.ROLE_KEY_ADMIN.value){ this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_KEY_ADMIN.value); + } else if(XAEnums.UserRoles[roleList[0]].value == XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value){ + this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value); + } else if(XAEnums.UserRoles[roleList[0]].value == XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value){ + this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value); } else { this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_SYS_ADMIN.value); } @@ -241,7 +245,11 @@ define(function(require){ this.model.set('userRoleList',["ROLE_USER"]); }else if(this.fields.userRoleList.getValue() == XAEnums.UserRoles.ROLE_KEY_ADMIN.value){ this.model.set('userRoleList',["ROLE_KEY_ADMIN"]); - }else{ + } else if(this.fields.userRoleList.getValue() == XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value){ + this.model.set('userRoleList',["ROLE_KEY_ADMIN_AUDITOR"]); + } else if(this.fields.userRoleList.getValue() == XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value){ + this.model.set('userRoleList',["ROLE_ADMIN_AUDITOR"]); + } else{ this.model.set('userRoleList',["ROLE_SYS_ADMIN"]); } return true; @@ -253,7 +261,11 @@ define(function(require){ this.model.set('userRoleList',["ROLE_USER"]); }else if(this.fields.userRoleList.getValue() == XAEnums.UserRoles.ROLE_KEY_ADMIN.value){ this.model.set('userRoleList',["ROLE_KEY_ADMIN"]); - }else{ + } else if(this.fields.userRoleList.getValue() == XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value){ + this.model.set('userRoleList',["ROLE_KEY_ADMIN_AUDITOR"]); + } else if(this.fields.userRoleList.getValue() == XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value){ + this.model.set('userRoleList',["ROLE_ADMIN_AUDITOR"]); + } else{ this.model.set('userRoleList',["ROLE_SYS_ADMIN"]); } }, http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js b/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js index 9febd99..410a8ad 100644 --- a/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js +++ b/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js @@ -290,7 +290,7 @@ define(function(require){ name : { label : localization.tt("lbl.userName"), href: function(model){ - return '#!/user/'+ model.id; + return '#!/user/'+ model.id; }, editable:false, sortable:false, @@ -372,6 +372,12 @@ define(function(require){ sortable:false } }; + if(!SessionMgr.isSystemAdmin()){ + delete cols.select; + } + if(XAUtil.isAuditorOrKMSAuditor(SessionMgr)){ + cols.name.cell = 'string'; + } return this.collection.constructor.getTableCols(cols, this.collection); }, @@ -416,7 +422,7 @@ define(function(require){ name : { label : localization.tt("lbl.groupName"), href: function(model){ - return '#!/group/'+ model.id; + return '#!/group/'+ model.id; }, editable:false, sortable:false, @@ -464,6 +470,12 @@ define(function(require){ sortable:false } }; + if(!SessionMgr.isSystemAdmin()){ + delete cols.select; + } + if(XAUtil.isAuditorOrKMSAuditor(SessionMgr)){ + cols.name.cell = 'string'; + } return this.groupList.constructor.getTableCols(cols, this.groupList); }, @@ -614,10 +626,12 @@ define(function(require){ valueMatches :function(facet, searchTerm, callback) { switch (facet) { case 'Role': - var roles = XAUtil.hackForVSLabelValuePairs(XAEnums.UserRoles); - var label = SessionMgr.isSystemAdmin() || SessionMgr.isUser() ? XAEnums.UserRoles.ROLE_KEY_ADMIN.label - : XAEnums.UserRoles.ROLE_SYS_ADMIN.label; - callback(_.filter(roles, function(o) { return o.label !== label; })); + var userRoles ={}; + _.map(XAUtil.getUserDataParams().userRoleList, function(obj){ + userRoles[obj] = XAEnums.UserRoles[obj]; + }) + var roles = XAUtil.hackForVSLabelValuePairs(userRoles); + callback(roles); break; case 'User Source': callback(XAUtil.hackForVSLabelValuePairs(XAEnums.UserTypes)); http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/styles/xa.css ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/styles/xa.css b/security-admin/src/main/webapp/styles/xa.css index 919e825..5ccbbc2 100644 --- a/security-admin/src/main/webapp/styles/xa.css +++ b/security-admin/src/main/webapp/styles/xa.css @@ -386,7 +386,6 @@ body { } /* Seach Info btn*/ .searchInfo{ - margin-left:12px; color:#4c504b; font-size:larger; } @@ -2233,7 +2232,9 @@ textarea:read-only{ .label-margin{ margin-left: 10px; } -.shorten-label { +.margin-left-min-30{ + margin-left: -30px; +}.shorten-label { max-width: 180px; text-overflow: ellipsis; overflow: hidden; http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html b/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html index d2ff968..31a9c26 100644 --- a/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html +++ b/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html @@ -50,9 +50,9 @@ {{#hasAccessToTab 'Users/Groups'}} <li><a href="#!/users/usertab"><i class="icon-group"></i>{{tt 'h.usersOrGroups'}}</a></li> {{/hasAccessToTab}} - {{#isSystemAdmin .}} + {{#if showPermissionTab}} <li><a href="#!/permissions"><i class="icon-file-alt"></i> {{tt 'h.permissions'}}</a></li> - {{/isSystemAdmin}} + {{/if}} </ul> </li> http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/templates/helpers/XAHelpers.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/helpers/XAHelpers.js b/security-admin/src/main/webapp/templates/helpers/XAHelpers.js index f8479e4..946b6a3 100644 --- a/security-admin/src/main/webapp/templates/helpers/XAHelpers.js +++ b/security-admin/src/main/webapp/templates/helpers/XAHelpers.js @@ -510,10 +510,16 @@ serviceName = serv.get('name'); if(SessionMgr.isSystemAdmin() || SessionMgr.isKeyAdmin()){ serviceOperationDiv = '<div class="pull-right">\ - <a data-id="'+serv.id+'" class="btn btn-mini" href="#!/service/'+serviceDef.id+'/edit/'+serv.id+'" title="Edit"><i class="icon-edit"></i></a>\ - <a data-id="'+serv.id+'" class="deleteRepo btn btn-mini btn-danger" href="javascript:void(0);" title="Delete">\ - <i class="icon-trash"></i></a>\ - </div>' + <a href="javascript:void(0);" data-name="viewService" data-id="'+serv.id+'" class="btn btn-mini" title="View"><i class="icon-eye-open "></i></a>\ + <a data-id="'+serv.id+'" class="btn btn-mini" href="#!/service/'+serviceDef.id+'/edit/'+serv.id+'" title="Edit"><i class="icon-edit"></i></a>\ + <a data-id="'+serv.id+'" class="deleteRepo btn btn-mini btn-danger" href="javascript:void(0);" title="Delete">\ + <i class="icon-trash"></i></a>\ + </div>' + } + if(XAUtil.isAuditorOrKMSAuditor(SessionMgr)){ + serviceOperationDiv = '<div class="pull-right">\ + <a href="javascript:void(0);" data-name="viewService" data-id="'+serv.id+'" class="btn btn-mini" title="View"><i class="icon-eye-open "></i></a>\ + </div>' } tr += '<tr><td><div>\ <a data-id="'+serv.id+'" href="#!/service/'+serv.id+'/policies/'+policyType+'">'+_.escape(serv.attributes.name)+'</a>'+serviceOperationDiv+'\ http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/templates/kms/KmsTableLayout_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/kms/KmsTableLayout_tmpl.html b/security-admin/src/main/webapp/templates/kms/KmsTableLayout_tmpl.html index 8107148..2f42791 100644 --- a/security-admin/src/main/webapp/templates/kms/KmsTableLayout_tmpl.html +++ b/security-admin/src/main/webapp/templates/kms/KmsTableLayout_tmpl.html @@ -22,13 +22,16 @@ Select Service : <input type="text" name="serviceName" data-js="serviceName" style="margin-left: 17px;font-weight: normal;font-size: 13px;" > </p> </fieldset> - <div style=" margin-top: 14px; "> - <div class="span9"> - <div class="visual_search"></div> - </div> - <div class="clearfix"> - <a href="javascript:;" class="btn btn-primary btn-right" type="button" data-id="addNewKey"> {{tt 'lbl.addNewKey'}} </a> - <a href="#!/group/create" class="btn btn-primary btn-right" type="button" data-id="addNewGroup" style="display:none;"> {{tt 'lbl.addNewZone'}} </a> + <div> + <div class="row-fluid margin-bottom-11"> + <div class="span10"> + <div class="visual_search"></div> + </div> + {{#isKeyadmin}} + <div class="span2"> + <a href="javascript:;" class="btn btn-primary btn-right" type="button" data-id="addNewKey"> {{tt 'lbl.addNewKey'}} </a> + </div> + {{/isKeyadmin}} </div> <div data-id="r_tableList" class="clickable"> <b class="_prevNav"></b> http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/templates/permissions/ModulePermsTableLayout_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/permissions/ModulePermsTableLayout_tmpl.html b/security-admin/src/main/webapp/templates/permissions/ModulePermsTableLayout_tmpl.html index 52b36a1..4b35587 100644 --- a/security-admin/src/main/webapp/templates/permissions/ModulePermsTableLayout_tmpl.html +++ b/security-admin/src/main/webapp/templates/permissions/ModulePermsTableLayout_tmpl.html @@ -22,6 +22,6 @@ </div> <div class="clearfix"></div> - <div data-id="r_table" class="clickable"></div> + <div data-id="r_table"></div> </div> </div> http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html b/security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html index c49dc32..bcd495c 100644 --- a/security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html +++ b/security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html @@ -36,18 +36,22 @@ <h3 class="wrap-header bold"> {{tt 'lbl.listOfPolicies'}} : {{rangerService.attributes.name}} </h3> <div class="wrap non-collapsible m-height "> <div> - <div> - <div class="span9"> - <div class="visual_search"></div> - </div> - - <i class="icon-info-sign searchInfo" title="Search Filter Hints" data-id="searchInfo"> </i> - - <div class="clearfix"> - <a data-js="addNewPolicy" href="#!/service/{{rangerService.id}}/policies/create/{{this.rangerPolicyType}}" class="btn btn-primary btn-right" type="button"> {{tt 'lbl.addNewPolicy'}} </a> - </div> + <div class="row-fluid margin-bottom-11"> + <div class="span9"> + <div class="visual_search"></div> + </div> + <div class="span1"> + <i class="icon-info-sign searchInfo margin-left-min-30" title="Search Filter Hints" data-id="searchInfo"> </i> + </div> + <div class="span2"> + <div class="clearfix btn-right"> + {{#if isNotAuditorAdminOrKmsAuditor}} + <a data-js="addNewPolicy" href="#!/service/{{rangerService.id}}/policies/create/{{this.rangerPolicyType}}" class="btn btn-primary " type="button">{{tt 'lbl.addNewPolicy'}} </a> + {{/if}} </div> - <div data-id="r_table" class="clickable"></div> + </div> + </div> + <div data-id="r_table"></div> </div> </div> http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/templates/reports/UserAccessLayout_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/reports/UserAccessLayout_tmpl.html b/security-admin/src/main/webapp/templates/reports/UserAccessLayout_tmpl.html index e185742..3bd098d 100644 --- a/security-admin/src/main/webapp/templates/reports/UserAccessLayout_tmpl.html +++ b/security-admin/src/main/webapp/templates/reports/UserAccessLayout_tmpl.html @@ -107,6 +107,7 @@ </div> </div> + {{#showImportExportBtn}} <div class="row-fluid"> <span> <div class="btn-group btn-right"> @@ -127,6 +128,7 @@ </span> <a href="javascript:void(0)" data-id="downloadReport"></a> </div> + {{/showImportExportBtn}} <div class="row-fluid"> {{#each policyHeaderList}} <h3 class="wrap-header bold reportSearchHeader" data-js="hdfsHeader" data-compHeader="{{this.serviceDefName}}"> http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html b/security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html new file mode 100644 index 0000000..d9fe51f --- /dev/null +++ b/security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html @@ -0,0 +1,120 @@ +{{!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--}} +<div id="serviceDetails" class="row-fluid"> + <p class="formHeader"> + {{tt 'h.serviceDetails'}} : + </p> + <table class="table table-bordered table-condensed"> + <tbody> + <tr> + <td> + {{tt 'lbl.serviceName'}} + </td> + <td> + {{serviceName}} + </td> + </tr> + <tr> + <td> + {{tt 'lbl.description'}} + </td> + {{#if description}} + <td> + {{description}} + </td> + {{else}} + <td> + -- + </td> + {{/if}} + </tr> + <tr> + <td> + {{tt 'lbl.activeStatus'}} + </td> + {{#if isEnabled}} + <td> + <span class="label label-info">Enabled</span> + </td> + {{else}} + <td> + <span class="label label-info">Disabled</span> + </td> + {{/if}} + </tr> + <tr> + <td> + {{tt 'lbl.selectTagService'}} + </td> + <td> + {{#compare tagService "eq" ''}} + <span>--</span> + {{else}} + <span class="label label-info">{{tagService}}</span> + {{/compare}} + </td> + </tr> + </tbody> + </table> +</div> +<div id="configProperties" class="row-fluid"> + <p class="formHeader"> + {{tt 'h.configProperties'}} : + </p> + <table class="table table-bordered table-condensed"> + <tbody> + {{#each configsList}} + <tr> + <td> + {{@key}} + </td> + <td> + {{#if this}} + {{this}} + {{else}} + -- + {{/if}} + </td> + </tr> + {{/each}} + <tr> + <td colspan="2"><b>{{tt 'lbl.addNewConfig'}} :</b></td> + </tr> + {{#if customConfigs}} + {{#each customConfigs}} + <tr> + <td> + {{@key}} + </td> + <td> + {{this}} + </td> + </tr> + {{/each}} + {{else}} + <tr> + <td> + -- + </td> + <td> + -- + </td> + </tr> + {{/if}} + </tbody> + </table> +</div> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ranger/blob/72ed7d39/security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html b/security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html index b7d4967..69d7c3e 100644 --- a/security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html +++ b/security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html @@ -33,6 +33,7 @@ {{#isSystemAdmin .}} <a href="javascript:void(0);" data-id="deleteUserGroup" title="Permanently delete selected users/groups" class="btn btn-primary btn-right btn-danger"><i class="icon-trash icon-large" /></a> {{/isSystemAdmin}} + {{#isSystemAdmin .}} <div class="btn-group btn-right"> <a class="btn btn-primary dropdown-toggle" data-toggle="dropdown" href="#"> {{tt 'btn.setVisibility'}} @@ -45,8 +46,9 @@ </div> <a href="#!/user/create" class="btn btn-primary btn-right" type="button" data-id="addNewUser"> {{tt 'lbl.addNewUser'}} </a> <a href="#!/group/create" class="btn btn-primary btn-right" type="button" data-id="addNewGroup" style="display:none;"> {{tt 'lbl.addNewGroup'}} </a> + {{/isSystemAdmin}} </div> - <div data-id="r_tableList" class="clickable"> + <div data-id="r_tableList"> <b class="_prevNav"></b> </div> </div>