RANGER-646: policy UI update to include policyItems for allow/deny/allowExceptions/denyExceptions
Signed-off-by: Madhan Neethiraj <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/6e7af74f Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/6e7af74f Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/6e7af74f Branch: refs/heads/master Commit: 6e7af74fca6d64bdf0b4d82533c472760ae4c15e Parents: 58c7de6 Author: Gautam Borad <[email protected]> Authored: Mon Sep 14 11:34:41 2015 +0530 Committer: Madhan Neethiraj <[email protected]> Committed: Mon Sep 14 12:18:43 2015 -0700 ---------------------------------------------------------------------- .../scripts/views/policies/RangerPolicyForm.js | 45 ++++++---- .../scripts/views/policies/RangerPolicyRO.js | 24 ++++- .../webapp/scripts/views/reports/AuditLayout.js | 3 + .../policies/RangerPolicyForm_tmpl.html | 25 +++--- .../templates/policies/RangerPolicyRO_tmpl.html | 93 +++++++++++--------- 5 files changed, 118 insertions(+), 72 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6e7af74f/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js index be18c99..cbe35fa 100644 --- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js +++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js @@ -123,20 +123,20 @@ define(function(require){ }, initializePlugins : function() { var that = this; - this.$(".wrap-header").each(function() { + this.$(".wrap-header").each(function(i, ele) { var wrap = $(this).next(); // If next element is a wrap and hasn't .non-collapsible class - if (wrap.hasClass('wrap') && ! wrap.hasClass('non-collapsible')) + if (wrap.hasClass('wrap') && ! wrap.hasClass('non-collapsible')){ $(this).append('<a href="#" class="wrap-expand pull-right">show <i class="icon-caret-down"></i></a>').append('<a href="#" class="wrap-collapse pull-right" style="display: none">hide <i class="icon-caret-up"></i></a>'); + } }); // Collapse wrap - $(document).on("click", "a.wrap-collapse", function() { + this.$el.on("click", "a.wrap-collapse", function() { var self = $(this).hide(100, 'linear'); self.parent('.wrap-header').next('.wrap').slideUp(500, function() { $('.wrap-expand', self.parent('.wrap-header')).show(100, 'linear'); }); return false; - // Expand wrap }).on("click", "a.wrap-expand", function() { var self = $(this).hide(100, 'linear'); @@ -146,9 +146,24 @@ define(function(require){ return false; }); + //Hide show wrap-header based on policyItems + var parentPermsObj = { groupPermsDeny : this.formInputDenyList, }; + var childPermsObj = { groupPermsAllowExclude : this.formInputAllowExceptionList, groupPermsDenyExclude : this.formInputDenyExceptionList} + _.each(childPermsObj, function(val, name){ + if(val.length <= 0) + this.$el.find('[data-customfields="'+name+'"]').parent().hide(); + },this) + + _.each(parentPermsObj, function(val, name, i){ + if(val.length <= 0){ + var tmp = this.$el.find('[data-customfields="'+name+'"]').next() + var childPerm = tmp.find('[data-customfields^="groupPerms"]'); + if(childPerm.parent().css('display') == 'none'){ + this.$el.find('[data-customfields="'+name+'"]').parent().hide(); + } + } + },this) }, - - evAuditChange : function(form, fieldEditor){ XAUtil.checkDirtyFieldForToggle(fieldEditor.$el); }, @@ -203,26 +218,26 @@ define(function(require){ accessTypes: accessType, headerTitle: "", rangerServiceDefModel : that.rangerServiceDefModel - }).render().el); - that.$('[data-customfields="groupPermsDeny"]').html(new PermissionList({ - collection : that.formInputDenyList, + }).render().el); + that.$('[data-customfields="groupPermsAllowExclude"]').html(new PermissionList({ + collection : that.formInputAllowExceptionList, groupList : that.groupList, userList : that.userList, model : that.model, accessTypes: accessType, headerTitle: "", rangerServiceDefModel : that.rangerServiceDefModel - }).render().el); - that.$('[data-customfields="groupPermsAllowException"]').html(new PermissionList({ - collection : that.formInputAllowExceptionList, + }).render().el); + that.$('[data-customfields="groupPermsDeny"]').html(new PermissionList({ + collection : that.formInputDenyList, groupList : that.groupList, userList : that.userList, model : that.model, accessTypes: accessType, headerTitle: "Deny", rangerServiceDefModel : that.rangerServiceDefModel - }).render().el); - that.$('[data-customfields="groupPermsDenyException"]').html(new PermissionList({ + }).render().el); + that.$('[data-customfields="groupPermsDenyExclude"]').html(new PermissionList({ collection : that.formInputDenyExceptionList, groupList : that.groupList, userList : that.userList, @@ -316,7 +331,7 @@ define(function(require){ this.model.set('denyPolicyItems', this.setPermissionsToColl(this.formInputDenyList, new RangerPolicyItem())); this.model.set('allowExceptions', this.setPermissionsToColl(this.formInputAllowExceptionList, new RangerPolicyItem())); this.model.set('denyExceptions', this.setPermissionsToColl(this.formInputDenyExceptionList, new RangerPolicyItem())); - this.model.set('service',this.rangerService.get('name')); + /*//Unset attrs which are not needed _.each(this.model.attributes.resources,function(obj,key){ this.model.unset(key, obj.values.toString()) http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6e7af74f/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js index 6532957..e05d517 100644 --- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js +++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js @@ -104,11 +104,31 @@ define(function(require) { } }, this); var perm = details.permissions = this.getPermHeaders(); - perm.policyItems = this.policy.get('policyItems'); - details.createdBy = this.policy.get('createdBy'); + perm.policyItems = this.policy.get('policyItems'); + perm.allowException = this.policy.get('allowExceptions'); + perm.denyPolicyItems = this.policy.get('denyPolicyItems'); + perm.denyExceptions = this.policy.get('denyExceptions'); + details.createdBy = this.policy.get('createdBy'); details.createTime = Globalize.format(new Date(this.policy.get('createTime')), "MM/dd/yyyy hh:mm tt"); details.updatedBy = this.policy.get('updatedBy'); details.updateTime = Globalize.format(new Date(this.policy.get('updateTime')), "MM/dd/yyyy hh:mm tt"); + //get policyItems + this.createPolicyItems(); + + }, + createPolicyItems : function(){ + this.policyDetails['policyItemsCond'] = []; + var headers = this.getPermHeaders(); + this.policyDetails['policyCondition'] = headers.policyCondition; + var items = [{'itemName': 'policyItems',title : 'Allow Condition'}, + {'itemName': 'allowExceptions',title : 'Allow Exception'}, + {'itemName': 'denyPolicyItems',title : 'Deny Condition'}, + {'itemName': 'denyExceptions',title : 'Deny Exception'},] + _.each(items, function(item){ + if(!_.isUndefined(this.policy.get(item.itemName)) && !_.isEmpty(this.policy.get(item.itemName))){ + this.policyDetails['policyItemsCond'].push({ title : item.title, headers : headers.header, policyItems : this.policy.get(item.itemName)}) + } + }, this) }, /** all events binding here */ http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6e7af74f/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js b/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js index 2af43bc..8491a79 100644 --- a/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js +++ b/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js @@ -734,6 +734,9 @@ define(function(require) { onClick: function (e) { var self = this; var policyId = this.model.get('policyId'); + if(policyId == -1){ + return; + } var serviceDef = that.serviceDefList.findWhere({'id':this.model.get('repoType')}); if(_.isUndefined(serviceDef)){ return ; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6e7af74f/security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html b/security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html index 50a5f45..e4d6086 100644 --- a/security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html +++ b/security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html @@ -28,11 +28,11 @@ <b data-fieldsets class="policy-form"></b> </fieldset> <fieldset> - <p class="formHeader"> - Allow Conditions : - <span class="label label-yellow pull-right" ></span> - </p> - <div class="position-relative"> + <p class="wrap-header bold formHeader"> + Allow Conditions : + <span class="label label-yellow pull-right" ></span> + </p> + <div class=" wrap position-relative"> <div class="" data-customfields="groupPerms"> <div class="control-group"> @@ -44,11 +44,11 @@ </div> <div class="form-indent-right"> <p class="wrap-header reportSearchHeader"> - Exceptions : + Exceptions : </p> - <div class="wrap position-relative" style="display:none;"> + <div class="wrap position-relative" > - <div class="" data-customfields="groupPermsAllowException"> + <div class="" data-customfields="groupPermsAllowExclude"> <div class="control-group" style="margin-left: -100px;"> <label class="control-label">Exclude :</label> <div class="controls"> @@ -63,7 +63,7 @@ <p class="wrap-header bold formHeader"> Deny Conditions : </p> - <div class="wrap position-relative" style="display:none;"> + <div class="wrap position-relative" > <div class="" data-customfields="groupPermsDeny"> <div class="control-group"> <label class="control-label">{{tt 'lbl.permissions'}}</label> @@ -74,10 +74,10 @@ </div> <div class="form-indent-right"> <p class="wrap-header reportSearchHeader"> - Exceptions : + Exceptions : </p> - <div class="wrap position-relative" style="display:none;"> - <div class="" data-customfields="groupPermsDenyException"> + <div class="wrap position-relative" > + <div class="" data-customfields="groupPermsDenyExclude"> <div class="control-group"> <label class="control-label">Exclude :</label> <div class="controls"> @@ -87,7 +87,6 @@ </div> </div> </div> - </div> </fieldset> </form> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6e7af74f/security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html b/security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html index 9627b09..7dc48ad 100644 --- a/security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html +++ b/security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html @@ -81,48 +81,57 @@ </tbody> </table> </div> -<div id="permissionsDetails" class="row-fluid"> - <p class="formHeader"> - {{tt 'h.userGroupPermissions'}} : - </p> - <table class="table-permission table-condensed table-read-only" style="width:100%"> - <thead> - <tr> - {{#each PolicyDetails.permissions.header}} - <th>{{this}}</th> - {{/each}} - </tr> - </thead> - <tbody> - {{#each PolicyDetails.permissions.policyItems}} - <tr> - <td>{{#each this.groups}} - <span class="label label-info">{{this}}</span> - {{/each}}</td> - <td>{{#each this.users}} - <span class="label label-info">{{this}}</span> - {{/each}}</td> - {{#if ../PolicyDetails.permissions.policyCondition}} - <td>{{#each this.conditions}} - <span class="label label-info"> - {{this.type}} : - {{#each this.values}} - {{this}} - {{/each}} - </span> - {{/each}}</td> - {{/if}} - <td>{{#each this.accesses}} - <span class="label label-info">{{#if this.isAllowed}}{{this.type}}{{/if}}</span> - {{/each}}</td> - <td> - <input type="checkbox" {{#if this.delegateAdmin}}checked{{/if}} disabled="disabled"> - </td> - </tr> - {{/each}} - </tbody> - </table> -</div> + +{{#each PolicyDetails.policyItemsCond}} + <div id="policyItems" class="row-fluid"> + <p class="formHeader"> + {{this.title}} : + </p> + <table class="table-permission table-condensed table-read-only" style="width:100%"> + <thead> + <tr> + {{#each this.headers}} + <th>{{this}}</th> + {{/each}} + </tr> + </thead> + <tbody> + {{#each this.policyItems}} + <tr> + <td>{{#each this.groups}} + <span class="label label-info">{{this}}</span> + {{/each}}</td> + <td>{{#each this.users}} + <span class="label label-info">{{this}}</span> + {{/each}}</td> + {{#if ../../PolicyDetails.policyCondition}} + <td> + {{#if this.conditions}} + {{#each this.conditions}} + <span class="label label-info"> + {{this.type}} : + {{#each this.values}} + {{this}} + {{/each}} + </span> + {{/each}} + {{else}} + -- + {{/if}} + </td> + {{/if}} + <td>{{#each this.accesses}} + <span class="label label-info">{{#if this.isAllowed}}{{this.type}}{{/if}}</span> + {{/each}}</td> + <td> + <input type="checkbox" {{#if this.delegateAdmin}}checked{{/if}} disabled="disabled"> + </td> + </tr> + {{/each}} + </tbody> + </table> + </div> +{{/each}} <div class="updateInfo row-fluid"> <div class="pull-left"> <p>
