This is an automated email from the ASF dual-hosted git repository.

ni3galave pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 8d5659c  RANGER-2339: UI changes for User role users should also have 
access to Security Zone
8d5659c is described below

commit 8d5659cb2789d971a67380df4d21c5da67ce9425
Author: Nitin Galave <[email protected]>
AuthorDate: Mon Feb 25 12:32:42 2019 +0530

    RANGER-2339: UI changes for User role users should also have access to 
Security Zone
---
 .../main/java/org/apache/ranger/biz/XUserMgr.java  |  2 --
 .../org/apache/ranger/rest/SecurityZoneREST.java   |  2 +-
 .../src/main/webapp/scripts/models/RangerZone.js   |  3 ++-
 .../src/main/webapp/scripts/views/common/TopNav.js |  2 +-
 .../scripts/views/policies/RangerPolicyForm.js     |  3 ++-
 .../views/policies/RangerPolicyTableLayout.js      |  3 ++-
 .../scripts/views/policymanager/ServiceLayout.js   |  2 +-
 .../scripts/views/security_zone/SecurityZone.js    |  3 +++
 security-admin/src/main/webapp/styles/xa.css       |  4 +--
 .../main/webapp/templates/common/TopNav_tmpl.html  |  4 +--
 .../templates/security_zone/SecurityZone_tmpl.html | 30 +++++++++++++---------
 11 files changed, 34 insertions(+), 24 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 
b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index db3d3d6..fc40917 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -271,14 +271,12 @@ public class XUserMgr extends XUserMgrBase {
                                                
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_KEY_MANAGER), isCreate);
                                                
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
                                                
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
-                                               
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_SECURITY_ZONE), isCreate);
                                        } else if 
(role.equals(RangerConstants.ROLE_KEY_ADMIN_AUDITOR)) {
                                                
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_AUDIT), isCreate);
                                                
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_USER_GROUPS), isCreate);
                                                
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_KEY_MANAGER), isCreate);
                                                
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
                                                
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
-                                               
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_SECURITY_ZONE), isCreate);
                                        } else if 
(role.equals(RangerConstants.ROLE_ADMIN_AUDITOR)) {
                                                
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
                                                
createOrUpdateUserPermisson(vXPortalUser, 
moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
diff --git 
a/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java 
b/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
index baded45..b8b8c1b 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
@@ -247,7 +247,7 @@ public class SecurityZoneREST {
        private void ensureAdminAccess(){
                if(!bizUtil.isAdmin()){
                        String userName = bizUtil.getCurrentUserLoginId();
-                       throw 
restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "Ranger 
Securtiy Zone is not accessible for user '" + userName + "'.", true);
+                       throw 
restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "Ranger 
Security Zone is not accessible for user '" + userName + "'.", true);
                }
        }
 
diff --git a/security-admin/src/main/webapp/scripts/models/RangerZone.js 
b/security-admin/src/main/webapp/scripts/models/RangerZone.js
index 4b667d5..4f99c83 100644
--- a/security-admin/src/main/webapp/scripts/models/RangerZone.js
+++ b/security-admin/src/main/webapp/scripts/models/RangerZone.js
@@ -163,7 +163,8 @@ define(function(require) {
                         dataType: 'json',
                         data: function(term, page) {
                             return {
-                                name: term
+                                name: term,
+                                isVisible : 
XAEnums.VisibilityStatus.STATUS_VISIBLE.value,
                             };
                         },
                         results: function(data, page) {
diff --git a/security-admin/src/main/webapp/scripts/views/common/TopNav.js 
b/security-admin/src/main/webapp/scripts/views/common/TopNav.js
index e08d4a2..9d4f0a3 100644
--- a/security-admin/src/main/webapp/scripts/views/common/TopNav.js
+++ b/security-admin/src/main/webapp/scripts/views/common/TopNav.js
@@ -37,7 +37,7 @@ define(function(require){
        templateHelpers : function(){
         return{
                 showPermissionTab : XAUtil.isAuditorOrSystemAdmin(SessionMgr),
-                isZoneAdministration : (SessionMgr.isSystemAdmin()) ? true : 
false,
+                hideSecurityZoneTab : (SessionMgr.isKeyAdmin() || 
SessionMgr.isKMSAuditor()) ? true : false,
                }
        },
         
diff --git 
a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js 
b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
index 50d2237..22cc7d1 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
@@ -495,7 +495,8 @@ define(function(require){
                 policyLabel= this.model.get('policyLabels').split(',');
                 this.model.set('policyLabels', policyLabel);
             }
-            if(!_.isUndefined(App.vZone) && App.vZone && App.vZone.vZoneName){
+            if(!_.isUndefined(App.vZone) && App.vZone.vZoneName
+                    && this.rangerService.get('type') !== 
XAEnums.ServiceType.SERVICE_TAG.label){
                 this.model.set('zoneName', App.vZone.vZoneName);
             }
                        this.model.set('resources',resources);
diff --git 
a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
 
b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
index 2f5b8bb..7369a3b 100644
--- 
a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
+++ 
b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
@@ -129,7 +129,8 @@ define(function(require){
                        if(!_.isUndefined(policyType)){
                                this.collection.queryParams['policyType'] = 
policyType;
                        }
-            if(!_.isUndefined(App.vZone) && App.vZone && App.vZone.vZoneName){
+            if(!_.isUndefined(App.vZone) && App.vZone.vZoneName
+                    && this.rangerService.get('type') !== 
XAEnums.ServiceType.SERVICE_TAG.label){
                 this.collection.queryParams['zoneName'] = App.vZone.vZoneName;
             }
                        this.collection.fetch({
diff --git 
a/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js 
b/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js
index f9818d6..d2d1627 100644
--- 
a/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js
+++ 
b/security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js
@@ -48,7 +48,7 @@ define(function(require){
                 serviceDefs : 
this.componentCollectionModels(App.vZone.vZoneName),
                 services    : 
this.componentServicesModels(App.vZone.vZoneName),
                 showImportExportBtn : (SessionMgr.isUser() || 
XAUtil.isAuditorOrKMSAuditor(SessionMgr)) ? false : true,
-                isZoneAdministration : (SessionMgr.isSystemAdmin() && 
this.type !== XAEnums.ServiceType.SERVICE_TAG.label) ? true : false,
+                isZoneAdministration : ((SessionMgr.isSystemAdmin()|| 
SessionMgr.isUser() || SessionMgr.isAuditor()) && this.type !== 
XAEnums.ServiceType.SERVICE_TAG.label) ? true : false,
                        };
                        
                },
diff --git 
a/security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js 
b/security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js
index 9630db8..a1e9716 100644
--- a/security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js
+++ b/security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js
@@ -33,6 +33,7 @@ define(function(require) {
     var App = require('App');
     var RangerZone = require('models/RangerZone');
     var vzoneAdministrationDetail = 
require('views/security_zone/ZoneAdministration');
+    var SessionMgr = require('mgrs/SessionMgr');
 
     var SecurityZone = Backbone.Marionette.Layout.extend({
         template: SecurityZoneTmpl,
@@ -42,10 +43,12 @@ define(function(require) {
             var zoneList = this.collection.pluck('name');
             this.zoneModel = this.getZoneModel();
             var zoneModelName = (this.zoneModel && this.zoneModel.get('name')) 
? _.escape(this.zoneModel.get('name')) : '';
+            var isZoneAdministration = (SessionMgr.isSystemAdmin()) ? true : 
false;
             return {
                 zoneList: zoneList,
                 zoneModel: this.zoneModel,
                 zoneModelName: zoneModelName,
+                isZoneAdministration:isZoneAdministration,
             };
         },
 
diff --git a/security-admin/src/main/webapp/styles/xa.css 
b/security-admin/src/main/webapp/styles/xa.css
index 1e144d3..a09e3be 100644
--- a/security-admin/src/main/webapp/styles/xa.css
+++ b/security-admin/src/main/webapp/styles/xa.css
@@ -2537,14 +2537,14 @@ textarea:read-only{
   margin-bottom: 15px;
   margin-top: 10px;
 }
-.security-details-defult {
+.security-details-default {
   padding: 15px;
   width: 70%;
   float: left;
   min-height: 500px;
   border-left: 1px #CCC solid;
 }
-.defult-zone {
+.default-zone {
   position: absolute;
   top: 50%;
   left: 60%;
diff --git a/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html 
b/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html
index b63ae90..22df5cb 100644
--- a/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html
+++ b/security-admin/src/main/webapp/templates/common/TopNav_tmpl.html
@@ -44,7 +44,7 @@
                                {{/hasAccessToTab}}
                        </ul>
                </li>
-        {{#isZoneAdministration}}
+        {{^hideSecurityZoneTab}}
             <li>
                                <a href="#!/zones/zone/list" id="nav6">
                                        <span class="icon-stack zone-icon">
@@ -53,7 +53,7 @@
                                        </span>{{tt 'h.securityZone'}}
                                </a>
             </li>
-        {{/isZoneAdministration}}
+        {{/hideSecurityZoneTab}}
                <li class="dropdown">
                        <a href="javascript:;" id="nav5"><i 
class="icon-gear"></i> {{tt 'h.settings'}} </a>
                        <ul class="dropdown-menu">
diff --git 
a/security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html 
b/security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html
index 75c0b90..f0b2572 100644
--- 
a/security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html
+++ 
b/security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html
@@ -20,7 +20,9 @@
         <div class="listData">
             <div class="clearfix row-margin-bottom">
                 <h4 class="pull-left">Security Zones</h4>
-                <a href="#!/zones/create" class="btn-add-security pull-right 
btn btn-default btn-small" title="Create zone"><i class="icon-plus"></i></a>
+                {{#if isZoneAdministration}}
+                    <a href="#!/zones/create" class="btn-add-security 
pull-right btn btn-default btn-small" title="Create zone"><i 
class="icon-plus"></i></a>
+                {{/if}}
             </div>
             <div class="clearfix">
                 <input type="text" class="security-search" 
data-id="zoneSearch" placeholder="Search">
@@ -60,13 +62,15 @@
                 <div class="span7">
                     <h2 data-id="zoneName">{{{zoneModelName}}}</h2>
                 </div>
-                <div class="span4">
-                    <div class="btn-group-zone pull-right">
-                        <!--<button class="btn btn-default" 
data-id="zoneAdministrationDetail"><i class="icon-info"></i> Details</button>-->
-                        <a type="button" 
href='#!/zones/edit/{{this.zoneModel.attributes.id}}' class="btn btn-default" 
data-id="editZone"><i class="icon-edit"></i>Edit</a>
-                        <button class="btn btn-danger" data-id="deleteZone"><i 
class="icon-trash"></i>Delete</button>
+                {{#if isZoneAdministration}}
+                    <div class="span4">
+                        <div class="btn-group-zone pull-right">
+                            <!--<button class="btn btn-default" 
data-id="zoneAdministrationDetail"><i class="icon-info"></i> Details</button>-->
+                            <a type="button" 
href='#!/zones/edit/{{this.zoneModel.attributes.id}}' class="btn btn-default" 
data-id="editZone"><i class="icon-edit"></i>Edit</a>
+                            <button class="btn btn-danger" 
data-id="deleteZone"><i class="icon-trash"></i>Delete</button>
+                        </div>
                     </div>
-                </div>
+                {{/if}}
             </div>
             <div class="row-fluid">
                 <div class="span12">
@@ -88,11 +92,13 @@
             </div>
         </div>
     {{else}}
-        <div class="security-details-defult">
-            <div class="defult-zone">
-                <img alt="Avatar" class="zoneImg" src="images/defult_zone.png">
-                <a href="#!/zones/create" class="btn-add-security2 btn-large 
pull-right" title="Click here to Create new Zone"><i class="icon-plus"></i> 
Click here to Create new Zone</a>
+        {{#if isZoneAdministration}}
+            <div class="security-details-default">
+                <div class="default-zone">
+                    <img alt="Avatar" class="zoneImg" 
src="images/defult_zone.png">
+                    <a href="#!/zones/create" class="btn-add-security2 
btn-large pull-right" title="Click here to Create new Zone"><i 
class="icon-plus"></i> Click here to Create new Zone</a>
+                </div>
             </div>
-        </div>
+        {{/if}}
     {{/if}}
 </div>
\ No newline at end of file

Reply via email to