This is an automated email from the ASF dual-hosted git repository.
ni3galave pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 8d5659c RANGER-2339: UI changes for User role users should also have
access to Security Zone
8d5659c is described below
commit 8d5659cb2789d971a67380df4d21c5da67ce9425
Author: Nitin Galave <[email protected]>
AuthorDate: Mon Feb 25 12:32:42 2019 +0530
RANGER-2339: UI changes for User role users should also have access to
Security Zone
---
.../main/java/org/apache/ranger/biz/XUserMgr.java | 2 --
.../org/apache/ranger/rest/SecurityZoneREST.java | 2 +-
.../src/main/webapp/scripts/models/RangerZone.js | 3 ++-
.../src/main/webapp/scripts/views/common/TopNav.js | 2 +-
.../scripts/views/policies/RangerPolicyForm.js | 3 ++-
.../views/policies/RangerPolicyTableLayout.js | 3 ++-
.../scripts/views/policymanager/ServiceLayout.js | 2 +-
.../scripts/views/security_zone/SecurityZone.js | 3 +++
security-admin/src/main/webapp/styles/xa.css | 4 +--
.../main/webapp/templates/common/TopNav_tmpl.html | 4 +--
.../templates/security_zone/SecurityZone_tmpl.html | 30 +++++++++++++---------
11 files changed, 34 insertions(+), 24 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index db3d3d6..fc40917 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -271,14 +271,12 @@ public class XUserMgr extends XUserMgrBase {
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_KEY_MANAGER), isCreate);
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
-
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_SECURITY_ZONE), isCreate);
} else if
(role.equals(RangerConstants.ROLE_KEY_ADMIN_AUDITOR)) {
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_AUDIT), isCreate);
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_USER_GROUPS), isCreate);
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_KEY_MANAGER), isCreate);
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
-
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_SECURITY_ZONE), isCreate);
} else if
(role.equals(RangerConstants.ROLE_ADMIN_AUDITOR)) {
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
createOrUpdateUserPermisson(vXPortalUser,
moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
index baded45..b8b8c1b 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
@@ -247,7 +247,7 @@ public class SecurityZoneREST {
private void ensureAdminAccess(){
if(!bizUtil.isAdmin()){
String userName = bizUtil.getCurrentUserLoginId();
- throw
restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "Ranger
Securtiy Zone is not accessible for user '" + userName + "'.", true);
+ throw
restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "Ranger
Security Zone is not accessible for user '" + userName + "'.", true);
}
}
diff --git a/security-admin/src/main/webapp/scripts/models/RangerZone.js
b/security-admin/src/main/webapp/scripts/models/RangerZone.js
index 4b667d5..4f99c83 100644
--- a/security-admin/src/main/webapp/scripts/models/RangerZone.js
+++ b/security-admin/src/main/webapp/scripts/models/RangerZone.js
@@ -163,7 +163,8 @@ define(function(require) {
dataType: 'json',
data: function(term, page) {
return {
- name: term
+ name: term,
+ isVisible :
XAEnums.VisibilityStatus.STATUS_VISIBLE.value,
};
},
results: function(data, page) {
diff --git a/security-admin/src/main/webapp/scripts/views/common/TopNav.js
b/security-admin/src/main/webapp/scripts/views/common/TopNav.js
index e08d4a2..9d4f0a3 100644
--- a/security-admin/src/main/webapp/scripts/views/common/TopNav.js
+++ b/security-admin/src/main/webapp/scripts/views/common/TopNav.js
@@ -37,7 +37,7 @@ define(function(require){
templateHelpers : function(){
return{
showPermissionTab : XAUtil.isAuditorOrSystemAdmin(SessionMgr),
- isZoneAdministration : (SessionMgr.isSystemAdmin()) ? true :
false,
+ hideSecurityZoneTab : (SessionMgr.isKeyAdmin() ||
SessionMgr.isKMSAuditor()) ? true : false,
}
},
diff --git
a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
index 50d2237..22cc7d1 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
@@ -495,7 +495,8 @@ define(function(require){
policyLabel= this.model.get('policyLabels').split(',');
this.model.set('policyLabels', policyLabel);
}
- if(!_.isUndefined(App.vZone) && App.vZone && App.vZone.vZoneName){
+ if(!_.isUndefined(App.vZone) && App.vZone.vZoneName
+ && this.rangerService.get('type') !==
XAEnums.ServiceType.SERVICE_TAG.label){
this.model.set('zoneName', App.vZone.vZoneName);
}
this.model.set('resources',resources);
diff --git
a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
index 2f5b8bb..7369a3b 100644
---
a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
+++
b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
@@ -129,7 +129,8 @@ define(function(require){
if(!_.isUndefined(policyType)){
this.collection.queryParams['policyType'] =
policyType;
}
- if(!_.isUndefined(App.vZone) && App.vZone && App.vZone.vZoneName){
+ if(!_.isUndefined(App.vZone) && App.vZone.vZoneName
+ && this.rangerService.get('type') !==
XAEnums.ServiceType.SERVICE_TAG.label){
this.collection.queryParams['zoneName'] = App.vZone.vZoneName;
}
this.collection.fetch({
diff --git
a/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js
b/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js
index f9818d6..d2d1627 100644
---
a/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js
+++
b/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js
@@ -48,7 +48,7 @@ define(function(require){
serviceDefs :
this.componentCollectionModels(App.vZone.vZoneName),
services :
this.componentServicesModels(App.vZone.vZoneName),
showImportExportBtn : (SessionMgr.isUser() ||
XAUtil.isAuditorOrKMSAuditor(SessionMgr)) ? false : true,
- isZoneAdministration : (SessionMgr.isSystemAdmin() &&
this.type !== XAEnums.ServiceType.SERVICE_TAG.label) ? true : false,
+ isZoneAdministration : ((SessionMgr.isSystemAdmin()||
SessionMgr.isUser() || SessionMgr.isAuditor()) && this.type !==
XAEnums.ServiceType.SERVICE_TAG.label) ? true : false,
};
},
diff --git
a/security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js
b/security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js
index 9630db8..a1e9716 100644
--- a/security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js
+++ b/security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js
@@ -33,6 +33,7 @@ define(function(require) {
var App = require('App');
var RangerZone = require('models/RangerZone');
var vzoneAdministrationDetail =
require('views/security_zone/ZoneAdministration');
+ var SessionMgr = require('mgrs/SessionMgr');
var SecurityZone = Backbone.Marionette.Layout.extend({
template: SecurityZoneTmpl,
@@ -42,10 +43,12 @@ define(function(require) {
var zoneList = this.collection.pluck('name');
this.zoneModel = this.getZoneModel();
var zoneModelName = (this.zoneModel && this.zoneModel.get('name'))
? _.escape(this.zoneModel.get('name')) : '';
+ var isZoneAdministration = (SessionMgr.isSystemAdmin()) ? true :
false;
return {
zoneList: zoneList,
zoneModel: this.zoneModel,
zoneModelName: zoneModelName,
+ isZoneAdministration:isZoneAdministration,
};
},
diff --git a/security-admin/src/main/webapp/styles/xa.css
b/security-admin/src/main/webapp/styles/xa.css
index 1e144d3..a09e3be 100644
--- a/security-admin/src/main/webapp/styles/xa.css
+++ b/security-admin/src/main/webapp/styles/xa.css
@@ -2537,14 +2537,14 @@ textarea:read-only{
margin-bottom: 15px;
margin-top: 10px;
}
-.security-details-defult {
+.security-details-default {
padding: 15px;
width: 70%;
float: left;
min-height: 500px;
border-left: 1px #CCC solid;
}
-.defult-zone {
+.default-zone {
position: absolute;
top: 50%;
left: 60%;
diff --git a/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html
b/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html
index b63ae90..22df5cb 100644
--- a/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html
+++ b/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html
@@ -44,7 +44,7 @@
{{/hasAccessToTab}}
</ul>
</li>
- {{#isZoneAdministration}}
+ {{^hideSecurityZoneTab}}
<li>
<a href="#!/zones/zone/list" id="nav6">
<span class="icon-stack zone-icon">
@@ -53,7 +53,7 @@
</span>{{tt 'h.securityZone'}}
</a>
</li>
- {{/isZoneAdministration}}
+ {{/hideSecurityZoneTab}}
<li class="dropdown">
<a href="javascript:;" id="nav5"><i
class="icon-gear"></i> {{tt 'h.settings'}} </a>
<ul class="dropdown-menu">
diff --git
a/security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html
b/security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html
index 75c0b90..f0b2572 100644
---
a/security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html
+++
b/security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html
@@ -20,7 +20,9 @@
<div class="listData">
<div class="clearfix row-margin-bottom">
<h4 class="pull-left">Security Zones</h4>
- <a href="#!/zones/create" class="btn-add-security pull-right
btn btn-default btn-small" title="Create zone"><i class="icon-plus"></i></a>
+ {{#if isZoneAdministration}}
+ <a href="#!/zones/create" class="btn-add-security
pull-right btn btn-default btn-small" title="Create zone"><i
class="icon-plus"></i></a>
+ {{/if}}
</div>
<div class="clearfix">
<input type="text" class="security-search"
data-id="zoneSearch" placeholder="Search">
@@ -60,13 +62,15 @@
<div class="span7">
<h2 data-id="zoneName">{{{zoneModelName}}}</h2>
</div>
- <div class="span4">
- <div class="btn-group-zone pull-right">
- <!--<button class="btn btn-default"
data-id="zoneAdministrationDetail"><i class="icon-info"></i> Details</button>-->
- <a type="button"
href='#!/zones/edit/{{this.zoneModel.attributes.id}}' class="btn btn-default"
data-id="editZone"><i class="icon-edit"></i>Edit</a>
- <button class="btn btn-danger" data-id="deleteZone"><i
class="icon-trash"></i>Delete</button>
+ {{#if isZoneAdministration}}
+ <div class="span4">
+ <div class="btn-group-zone pull-right">
+ <!--<button class="btn btn-default"
data-id="zoneAdministrationDetail"><i class="icon-info"></i> Details</button>-->
+ <a type="button"
href='#!/zones/edit/{{this.zoneModel.attributes.id}}' class="btn btn-default"
data-id="editZone"><i class="icon-edit"></i>Edit</a>
+ <button class="btn btn-danger"
data-id="deleteZone"><i class="icon-trash"></i>Delete</button>
+ </div>
</div>
- </div>
+ {{/if}}
</div>
<div class="row-fluid">
<div class="span12">
@@ -88,11 +92,13 @@
</div>
</div>
{{else}}
- <div class="security-details-defult">
- <div class="defult-zone">
- <img alt="Avatar" class="zoneImg" src="images/defult_zone.png">
- <a href="#!/zones/create" class="btn-add-security2 btn-large
pull-right" title="Click here to Create new Zone"><i class="icon-plus"></i>
Click here to Create new Zone</a>
+ {{#if isZoneAdministration}}
+ <div class="security-details-default">
+ <div class="default-zone">
+ <img alt="Avatar" class="zoneImg"
src="images/defult_zone.png">
+ <a href="#!/zones/create" class="btn-add-security2
btn-large pull-right" title="Click here to Create new Zone"><i
class="icon-plus"></i> Click here to Create new Zone</a>
+ </div>
</div>
- </div>
+ {{/if}}
{{/if}}
</div>
\ No newline at end of file