Repository: incubator-ranger Updated Branches: refs/heads/master 46895de3a -> b2eb42532
RANGER-799 : Ranger UI fixes - partial search not working on Policy listing page Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/b2eb4253 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/b2eb4253 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/b2eb4253 Branch: refs/heads/master Commit: b2eb42532ddf6c84dd1e1246ceaf08753f3d6044 Parents: 46895de Author: Gautam Borad <[email protected]> Authored: Fri Feb 12 11:40:22 2016 +0530 Committer: Gautam Borad <[email protected]> Committed: Mon Feb 22 10:11:03 2016 +0530 ---------------------------------------------------------------------- .../ranger/service/RangerPolicyService.java | 56 +++- .../ranger/service/RangerServiceService.java | 2 +- .../org/apache/ranger/util/RangerRestUtil.java | 14 +- .../webapp/scripts/controllers/Controller.js | 53 +--- .../src/main/webapp/scripts/mgrs/SessionMgr.js | 3 +- .../main/webapp/scripts/models/VXPortalUser.js | 4 +- .../src/main/webapp/scripts/modules/XALinks.js | 6 +- .../src/main/webapp/scripts/utils/XAUtils.js | 5 +- .../webapp/scripts/views/common/BreadCrumbs.js | 3 +- .../views/permissions/ModulePermissionForm.js | 21 +- .../views/permissions/ModulePermsTableLayout.js | 7 + .../scripts/views/policies/PermissionList.js | 9 +- .../views/policies/RangerPolicyCreate.js | 8 +- .../views/policies/RangerPolicyTableLayout.js | 14 +- .../views/reports/OperationDiffDetail.js | 10 +- .../views/reports/PlugableServiceDiffDetail.js | 113 +++++--- .../scripts/views/reports/UserAccessLayout.js | 2 +- .../scripts/views/service/ServiceCreate.js | 4 +- .../webapp/scripts/views/user/UserProfile.js | 9 +- .../scripts/views/users/UserTableLayout.js | 3 +- .../reports/AssetOperationDiff_tmpl.html | 7 +- .../PlugableServicePolicyDeleteDiff_tmpl.html | 137 ++++++++- .../reports/PlugableServicePolicyDiff_tmpl.html | 129 ++++++++- .../PlugableServicePolicyUpdateDiff_tmpl.html | 284 ++++++++++++++++++- 24 files changed, 774 insertions(+), 129 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java index 4a14ab9..7987057 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java @@ -54,6 +54,10 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range public static final String POLICY_RESOURCE_CLASS_FIELD_NAME = "resources"; public static final String POLICY_ITEM_CLASS_FIELD_NAME = "policyItems"; public static final String POLICY_NAME_CLASS_FIELD_NAME = "name"; + public static final String POLICY_DESCRIPTION_CLASS_FIELD_NAME = "description"; + public static final String DENYPOLICY_ITEM_CLASS_FIELD_NAME = "denyPolicyItems"; + public static final String ALLOW_EXCEPTIONS_CLASS_FIELD_NAME="allowExceptions"; + public static final String DENY_EXCEPTIONS_CLASS_FIELD_NAME="denyExceptions"; static HashMap<String, VTrxLogAttr> trxLogAttrs = new HashMap<String, VTrxLogAttr>(); String actionCreate; @@ -66,6 +70,9 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range trxLogAttrs.put("isEnabled", new VTrxLogAttr("isEnabled", "Policy Status", false)); trxLogAttrs.put("resources", new VTrxLogAttr("resources", "Policy Resources", false)); trxLogAttrs.put("policyItems", new VTrxLogAttr("policyItems", "Policy Items", false)); + trxLogAttrs.put("denyPolicyItems", new VTrxLogAttr("denyPolicyItems", "DenyPolicy Items", false)); + trxLogAttrs.put("allowExceptions", new VTrxLogAttr("allowExceptions", "Allow Exceptions", false)); + trxLogAttrs.put("denyExceptions", new VTrxLogAttr("denyExceptions", "Deny Exceptions", false)); } public RangerPolicyService() { @@ -126,7 +133,6 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range Field nameField = vObj.getClass().getDeclaredField("name"); nameField.setAccessible(true); String objectName = "" + nameField.get(vObj); - for (Field field : fields) { if (!trxLogAttrs.containsKey(field.getName())) { continue; @@ -179,9 +185,16 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range value = processPolicyResourcesForTrxLog(field.get(vObj)); } else if (fieldName.equalsIgnoreCase(POLICY_ITEM_CLASS_FIELD_NAME)) { value = processPolicyItemsForTrxLog(field.get(vObj)); + } else if (fieldName.equalsIgnoreCase(DENYPOLICY_ITEM_CLASS_FIELD_NAME)) { + value = processPolicyItemsForTrxLog(field.get(vObj)); } else if (fieldName.equalsIgnoreCase(POLICY_NAME_CLASS_FIELD_NAME)){ value = processPolicyNameForTrxLog(field.get(vObj)); - } else { + } else if (fieldName.equalsIgnoreCase(ALLOW_EXCEPTIONS_CLASS_FIELD_NAME)){ + value = processPolicyItemsForTrxLog(field.get(vObj)); + } else if (fieldName.equalsIgnoreCase(DENY_EXCEPTIONS_CLASS_FIELD_NAME)){ + value = processPolicyItemsForTrxLog(field.get(vObj)); + } + else { value = "" + field.get(vObj); } @@ -219,10 +232,26 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range if (oldPolicy != null) { oldValue = processPolicyItemsForTrxLog(oldPolicy.getPolicyItems()); } + } else if (fieldName.equalsIgnoreCase(DENYPOLICY_ITEM_CLASS_FIELD_NAME)) { + if (oldPolicy != null) { + oldValue = processPolicyItemsForTrxLog(oldPolicy.getDenyPolicyItems()); + } } else if (fieldName.equalsIgnoreCase(POLICY_NAME_CLASS_FIELD_NAME)){ if (oldPolicy != null) { oldValue = processPolicyNameForTrxLog(oldPolicy.getName()); } + } else if (fieldName.equalsIgnoreCase(POLICY_DESCRIPTION_CLASS_FIELD_NAME)){ + if (oldPolicy != null) { + oldValue = processPolicyNameForTrxLog(oldPolicy.getDescription()); + } + } else if (fieldName.equalsIgnoreCase(ALLOW_EXCEPTIONS_CLASS_FIELD_NAME)) { + if (oldPolicy != null) { + oldValue = processPolicyItemsForTrxLog(oldPolicy.getAllowExceptions()); + } + } else if (fieldName.equalsIgnoreCase(DENY_EXCEPTIONS_CLASS_FIELD_NAME)) { + if (oldPolicy != null) { + oldValue = processPolicyItemsForTrxLog(oldPolicy.getDenyExceptions()); + } } if (oldValue == null || value.equalsIgnoreCase(oldValue)) { return null; @@ -241,6 +270,26 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range if(compareTwoPolicyName(value, oldValue)) { return null; } + } else if (fieldName.equalsIgnoreCase(DENYPOLICY_ITEM_CLASS_FIELD_NAME)) { + //compare old and new denyPolicyItem + if(compareTwoPolicyItemList(value, oldValue)) { + return null; + } + } else if (fieldName.equalsIgnoreCase(ALLOW_EXCEPTIONS_CLASS_FIELD_NAME)) { + //compare old and new allowExceptions + if(compareTwoPolicyItemList(value, oldValue)) { + return null; + } + } else if (fieldName.equalsIgnoreCase(DENY_EXCEPTIONS_CLASS_FIELD_NAME)) { + //compare old and new denyExceptions + if(compareTwoPolicyItemList(value, oldValue)) { + return null; + } + } else if (fieldName.equalsIgnoreCase(POLICY_DESCRIPTION_CLASS_FIELD_NAME)) { + //compare old and new Description + if(org.apache.commons.lang.StringUtils.equals(value, oldValue)) { + return null; + } } xTrxLog.setPreviousValue(oldValue); xTrxLog.setNewValue(value); @@ -360,6 +409,9 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range return ""; } List<RangerPolicyItem> rangerPolicyItems = (List<RangerPolicyItem>) value; + if(rangerPolicyItems==null || rangerPolicyItems.size()==0){ + return ""; + } String ret = jsonUtil.readListToString(rangerPolicyItems); if(ret == null) { return ""; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java index 7cbf599..a8f54f6 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java @@ -210,7 +210,7 @@ public class RangerServiceService extends RangerServiceServiceBase<XXService, Ra } else if (action == OPERATION_UPDATE_CONTEXT) { actionString = actionUpdate; String oldValue = null; - Field[] mFields = mObj.getClass().getDeclaredFields(); + Field[] mFields = mObj.getClass().getSuperclass().getDeclaredFields(); for (Field mField : mFields) { mField.setAccessible(true); String mFieldName = mField.getName(); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/java/org/apache/ranger/util/RangerRestUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/util/RangerRestUtil.java b/security-admin/src/main/java/org/apache/ranger/util/RangerRestUtil.java index eb34b42..9d10d27 100644 --- a/security-admin/src/main/java/org/apache/ranger/util/RangerRestUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/util/RangerRestUtil.java @@ -102,11 +102,7 @@ public class RangerRestUtil { StringUtil.VALIDATION_NAME, "Invalid first name", MessageEnums.INVALID_INPUT_DATA, null, "firstName")); - userProfile.setLastName(restErrorUtil.validateStringForUpdate( - userProfile.getLastName(), gjUser.getLastName(), - StringUtil.VALIDATION_NAME, "Invalid last name", - MessageEnums.INVALID_INPUT_DATA, null, "lastName")); - + // firstName if (!stringUtil.isValidName(userProfile.getFirstName())) { logger.info("Invalid first name." + userProfile); @@ -114,13 +110,7 @@ public class RangerRestUtil { "firstName")); } - // lastName - if (!stringUtil.isValidName(userProfile.getLastName())) { - logger.info("Invalid last name." + userProfile); - messageList.add(MessageEnums.INVALID_INPUT_DATA.getMessage(null, - "lastName")); - } - + // create the public screen name userProfile.setPublicScreenName(userProfile.getFirstName() + " " + userProfile.getLastName()); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/controllers/Controller.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/controllers/Controller.js b/security-admin/src/main/webapp/scripts/controllers/Controller.js index 1ac58cf..54ebcd7 100755 --- a/security-admin/src/main/webapp/scripts/controllers/Controller.js +++ b/security-admin/src/main/webapp/scripts/controllers/Controller.js @@ -59,30 +59,16 @@ define(function(require) { userAccessReportAction : function(){ MAppState.set({ 'currentTab' : XAGlobals.AppTabs.AccessManager.value }); var view = require('views/reports/UserAccessLayout'); - var RangerPolicyList = require('collections/RangerPolicyList'); + var RangerPolicyList = require('collections/RangerPolicyList'); var VXGroupList = require('collections/VXGroupList'); var VXUserList = require('collections/VXUserList'); - var policyList = new RangerPolicyList(); - var that = this; - this.groupList = new VXGroupList(); - this.userList = new VXUserList(); - that.groupList.fetch({ - async:false, - cache:false - }).done(function(){ - that.userList.fetch({ - async:false, - cache:false - }).done(function(){ - if(App.rContent.currentView) - App.rContent.currentView.close(); - App.rContent.show(new view({ - collection : policyList, - groupList :that.groupList, - userList :that.userList - })); - }); - }); + if(App.rContent.currentView) + App.rContent.currentView.close(); + App.rContent.show(new view({ + collection : new RangerPolicyList(), + groupList : new VXGroupList(), + userList : new VXUserList() + })); }, auditReportAction : function(tab){ MAppState.set({ 'currentTab' : XAGlobals.AppTabs.Audit.value }); @@ -289,22 +275,18 @@ define(function(require) { var XAUtil = require('utils/XAUtils'); var view = require('views/policies/RangerPolicyTableLayout'); var RangerService = require('models/RangerService'); - var RangerPolicyList = require('collections/RangerPolicyList'); + var RangerPolicyList = require('collections/RangerPolicyList'); var rangerService = new RangerService({id : serviceId}); - var rangerPolicyList = new RangerPolicyList(); - rangerPolicyList.url = XAUtil.getServicePoliciesURL(serviceId); - + rangerService.fetch({ cache : false, async : false }); - rangerPolicyList.fetch({ - cache : false, - }); App.rContent.show(new view({ - collection : rangerPolicyList, - rangerService : rangerService + rangerService : rangerService, + collection : new RangerPolicyList() + })); }, RangerPolicyCreateAction :function(serviceId){ @@ -350,17 +332,10 @@ define(function(require) { modulePermissionsAction :function(){ MAppState.set({ 'currentTab' : XAGlobals.AppTabs.Settings.value }); var view = require('views/permissions/ModulePermsTableLayout'); - var ModulePermission = require('models/VXModuleDef'); var ModulePermissionList = require('collections/VXModuleDefList'); - var modulePermission = new ModulePermission(); - var modulePermissionList = new ModulePermissionList(); - - modulePermissionList.fetch({ - cache : false, - }); App.rContent.show(new view({ - collection : modulePermissionList + collection : new ModulePermissionList() })); }, http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js b/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js index 6449c50..e7a3856 100644 --- a/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js +++ b/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js @@ -132,8 +132,7 @@ define(function(require){ return this.userInRole('ROLE_KEY_ADMIN') ? true : false; }; SessionMgr.isUser = function(){ - var roles = this.getRoleInUserSchool(); - return $.inArray('ROLE_USER',roles) != -1 ? true : false ; + return this.userInRole('ROLE_USER') ? true : false; }; return SessionMgr; }); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/models/VXPortalUser.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/models/VXPortalUser.js b/security-admin/src/main/webapp/scripts/models/VXPortalUser.js index f9b7055..6d05e8e 100644 --- a/security-admin/src/main/webapp/scripts/models/VXPortalUser.js +++ b/security-admin/src/main/webapp/scripts/models/VXPortalUser.js @@ -56,8 +56,8 @@ define(function(require){ }, lastName : { type : 'Text', - title : localization.tt("lbl.lastName")+' *', - validators : ['required',{type:'regexp',regexp:/^[a-zA-Z][a-zA-Z0-9\s_-]*[a-zA-Z0-9]+$/,message :'Last name should start with alphabets & can have underscore, hyphen, space.'}], + title : localization.tt("lbl.lastName"), + validators : [{type:'regexp',regexp:/^[a-zA-Z][a-zA-Z0-9\s_-]*[a-zA-Z0-9]+$/,message :'Last name should start with alphabets & can have underscore, hyphen, space.'}], editorAttrs : { 'placeholder' : localization.tt("lbl.lastName")} }, emailAddress : { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/modules/XALinks.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/modules/XALinks.js b/security-admin/src/main/webapp/scripts/modules/XALinks.js index 8efd01d..5fec205 100755 --- a/security-admin/src/main/webapp/scripts/modules/XALinks.js +++ b/security-admin/src/main/webapp/scripts/modules/XALinks.js @@ -85,7 +85,7 @@ define(function(require) { title: 'h.keyEdit' }, KmsKeyForService : { - href : 'javascrit:;', + href : 'javascript:void(0);', text : 'KMS_TEST1', title: 'KMS_TEST1' }, @@ -115,12 +115,12 @@ define(function(require) { title: 'h.managePolices' }, PolicyCreate: { - href : 'javascipt:;', + href : 'javascript:void(0);', text: 'h.createPolicy', title: 'h.createPolicy' }, PolicyEdit: { - href : 'javascipt:;', + href : 'javascript:void(0);', text: 'h.editPolicy', title: 'h.editPolicy' }, http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/utils/XAUtils.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/utils/XAUtils.js b/security-admin/src/main/webapp/scripts/utils/XAUtils.js index bba290e..7bf7bdb 100644 --- a/security-admin/src/main/webapp/scripts/utils/XAUtils.js +++ b/security-admin/src/main/webapp/scripts/utils/XAUtils.js @@ -1143,7 +1143,7 @@ define(function(require) { }; XAUtils.showErrorMsg = function(respMsg){ var respArr = respMsg.split(/\([0-9]*\)/); - respArr.shift(); + respArr = respArr.filter(function(str){ return str; }); _.each(respArr, function(str){ var validationMsg = str.split(','), erroCodeMsg = ''; //get code from string @@ -1155,7 +1155,8 @@ define(function(require) { } var reason = str.lastIndexOf("reason") != -1 ? (str.substring(str.lastIndexOf("reason")+7, str.indexOf("field[")-3 )) : str; - var erroMsg = erroCodeMsg +"<br/>"+XAUtils.capitaliseFirstLetter(reason); + erroCodeMsg = erroCodeMsg != "" ? erroCodeMsg +"<br/>" : ""; + var erroMsg = erroCodeMsg +""+ XAUtils.capitaliseFirstLetter(reason); return XAUtils.notifyError('Error', erroMsg); }); }; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/common/BreadCrumbs.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/common/BreadCrumbs.js b/security-admin/src/main/webapp/scripts/views/common/BreadCrumbs.js index 136d9a0..9222589 100644 --- a/security-admin/src/main/webapp/scripts/views/common/BreadCrumbs.js +++ b/security-admin/src/main/webapp/scripts/views/common/BreadCrumbs.js @@ -43,7 +43,8 @@ define(function(require) { } }, onRender : function(){ - this.$el.find('li:last a').on('click',function(){ return false; }); +// this.$el.find('li:last a').on('click',function(){ return false; }); + this.$el.find('li:last a').addClass('_allowNav'); }, reRenderBookmarks : function(){ this.breadcrumb = this.setLast(this.breadcrumb); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js b/security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js index e311f1e..9a97dc1 100644 --- a/security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js +++ b/security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js @@ -120,7 +120,7 @@ define(function(require) { permList.unshift(localization.tt('lbl.allowAccess')); permList.unshift(localization.tt('lbl.selectUser')); permList.unshift(localization.tt('lbl.selectGroup')); - permList.push(""); +// permList.push(""); return permList; }, getPlugginAttr :function(autocomplete, options){ @@ -164,11 +164,17 @@ define(function(require) { }, results: function (data, page) { var results = []; + var results = [], selectedVals = []; + //Get selected values of groups/users dropdown + selectedVals = that.getSelectedValues(options); if(data.resultSize != "0"){ if(!_.isUndefined(data.vXGroups)){ results = data.vXGroups.map(function(m, i){ return {id : m.id+"", text: m.name}; }); } else if(!_.isUndefined(data.vXUsers)){ results = data.vXUsers.map(function(m, i){ return {id : m.id+"", text: m.name}; }); + if(!_.isEmpty(selectedVals)){ + results = XAUtil.filterResultByText(results, selectedVals); + } } } return { results : results}; @@ -189,11 +195,22 @@ define(function(require) { return result.text; }, formatNoMatches : function(term){ - return "No Matches found"; + return options.textKey == 'groupName' ? 'No group found.' : 'No user found.'; } }; } }, + getSelectedValues : function(options){ + var vals = [],selectedVals = []; + var type = options.textKey == 'groupName' ? 'selectGroups' : 'selectUsers'; + var $select = this.$('[name="'+type+'"]'); + if(!_.isEmpty($select.select2('data'))){ + selectedVals = _.map($select.select2('data'),function(obj){ return obj.text; }); + } + vals.push.apply(vals , selectedVals); + vals = $.unique(vals); + return vals; + }, beforeSaveModulePermissions : function(){ if(this.model.get('module') != ''){ var groupValStr = this.fields.selectGroups.getValue(); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js b/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js index 354992a..76dc027 100644 --- a/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js +++ b/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js @@ -88,11 +88,18 @@ define(function(require){ /** all events binding here */ bindEvents : function(){ }, + initializeModulePerms : function(){ + this.collection.fetch({ + cache : false, + }); + + }, /** on render callback */ onRender: function() { //this.initializePlugins(); this.addVisualSearch(); this.renderTable(); + this.initializeModulePerms(); }, /** all post render plugin initialization */ initializePlugins: function(){ http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js b/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js index ff72ced..fb4808e 100644 --- a/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js +++ b/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js @@ -208,7 +208,7 @@ define(function(require) { results: function (data, page) { var results = [] , selectedVals = []; //Get selected values of groups/users dropdown - selectedVals = that.getSelectdValues($select, typeGroup); + selectedVals = that.getSelectedValues($select, typeGroup); if(data.resultSize != "0"){ if(typeGroup){ results = data.vXGroups.map(function(m, i){ return {id : m.id+"", text: m.name}; }); @@ -487,11 +487,12 @@ define(function(require) { } }, - getSelectdValues : function($select, typeGroup){ + getSelectedValues : function($select, typeGroup){ var vals = [],selectedVals = []; var name = typeGroup ? 'group' : 'user'; - if(!_.isEmpty($select.select2('data'))) - selectedVals = _.map($select.select2('data'),function(obj){ return obj.text}); + if(!_.isEmpty($select.select2('data'))){ + selectedVals = _.map($select.select2('data'),function(obj){ return obj.text; }); + } vals.push.apply(vals , selectedVals); vals = $.unique(vals); return vals; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js index a4454bd..ceeac67 100644 --- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js +++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyCreate.js @@ -142,8 +142,12 @@ define(function(require){ if(!this.validatePolicyItem(validateObj3)) return; var validateObj4 = this.form.formValidation(this.form.formInputDenyExceptionList); if(!this.validatePolicyItem(validateObj4)) return; - if((!validateObj1.auditLoggin) && !(validateObj1.groupPermSet || validateObj2.groupPermSet - || validateObj3.groupPermSet || validateObj4.groupPermSet)){ + + var userPerm = (validateObj1.userPerm || validateObj2.userPerm + || validateObj3.userPerm || validateObj4.userPerm); + var groupPerm = (validateObj1.groupPermSet || validateObj2.groupPermSet + || validateObj3.groupPermSet || validateObj4.groupPermSet) + if((!validateObj1.auditLoggin) && !(groupPerm || userPerm)){ XAUtil.alertPopup({ msg :localization.tt('msg.yourAuditLogginIsOff') }); return; } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js index 58fa8a5..baad130 100644 --- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js +++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js @@ -103,6 +103,7 @@ define(function(require){ // resourceType : XAEnums.AssetType.ASSET_HDFS.value, assetId : this.assetModel.id };*/ + this.bindEvents(); this.initializeServiceDef(); // this.isSysAdmin = SessionMgr.isSystemAdmin(); @@ -124,13 +125,18 @@ define(function(require){ async : false }) }, + + initializePolicies : function(){ + this.collection.url = XAUtil.getServicePoliciesURL(this.rangerService.id); + this.collection.fetch({ + cache : false, + }); + }, /** on render callback */ onRender: function() { -// this.initializePlugins(); this.addVisualSearch(); this.renderTable(); - -// XAUtil.highlightDisabledPolicy(this); + this.initializePolicies(); }, /** all post render plugin initialization */ @@ -319,7 +325,7 @@ define(function(require){ var searchOpt = ['Policy Name','Group Name','User Name','Status'];//,'Start Date','End Date','Today']; searchOpt = _.union(searchOpt, resourceSearchOpt) - var serverAttrName = [{text : "Policy Name", label :"policyName"},{text : "Group Name", label :"group"}, + var serverAttrName = [{text : "Policy Name", label :"policyNamePartial"},{text : "Group Name", label :"group"}, {text : "User Name", label :"user"}, {text : "Status", label :"isEnabled",'multiple' : true, 'optionsArr' : PolicyStatusValue}]; // {text : 'Start Date',label :'startDate'},{text : 'End Date',label :'endDate'}, // {text : 'Today',label :'today'}]; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js b/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js index 5f6d156..d8db847 100644 --- a/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js +++ b/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js @@ -55,7 +55,9 @@ define(function(require){ if(this.templateType == XAEnums.ClassTypes.CLASS_TYPE_XA_ASSET.value){ obj = $.extend(obj, { newConnConfig : this.newConnConfig, - previousConnConfig : this.previousConnConfig + previousConnConfig : this.previousConnConfig, + isNewConnConfig : _.isEmpty(this.newConnConfig) ? false : true, + isPreviousConnConfig: _.isEmpty(this.previousConnConfig) ? false : true }); } if(this.templateType == XAEnums.ClassTypes.CLASS_TYPE_XA_RESOURCE.value){ @@ -196,7 +198,13 @@ define(function(require){ if(this.action == 'create' || this.action == 'delete'){ this.newConnConfig = this.removeUnwantedFromObject(this.newConnConfig); this.previousConnConfig = this.removeUnwantedFromObject(this.previousConnConfig); + }else{ + var tmp = this.newConnConfig, tmp1 = {}; + _.each(tmp,function(val, name){ tmp1[name] = ""; }); + _.each(this.previousConnConfig,function(val, name){ tmp1[name]=val; }); + this.previousConnConfig = tmp1; } + }, resourceDiffOperation : function(){ var that = this, modelColl = []; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js b/security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js index c9a0847..800eed7 100644 --- a/security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js +++ b/security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js @@ -48,12 +48,17 @@ define(function(require){ objectId : this.objectId, objectCreatedDate : this.objectCreatedDate, objectCreatedBy : this.objectCreatedBy, - newPolicyItems : this.newPermList, - oldPolicyItems : this.oldPermList, policyName : this.policyName, policyId : this.policyId, repositoryType : this.repositoryType, - + newPolicyItems : this.newPolicyItems, + oldPolicyItems : this.oldPolicyItems, + newAllowExceptionPolicyItems : this.newAllowExceptionPolicyItems, + oldAllowExceptionPolicyItems : this.oldAllowExceptionPolicyItems, + newDenyPolicyItems : this.newDenyPolicyItems, + oldDenyPolicyItems : this.oldDenyPolicyItems, + newDenyExceptionPolicyItems : this.newDenyExceptionPolicyItems, + oldDenyExceptionPolicyItems : this.oldDenyExceptionPolicyItems, }; }, /** ui selector cache */ @@ -183,7 +188,10 @@ define(function(require){ this.template = PolicyDeleteOperationDiff_tmpl; } //prepare data for template - this.newPolicyItems = null, this.oldPolicyItems = null ; + this.newPolicyItems = null, this.oldPolicyItems = null, + this.newAllowExceptionPolicyItems = null, this.oldAllowExceptionPolicyItems = null, + this.newDenyPolicyItems = null, this.oldDenyPolicyItems = null, + this.newDenyExceptionPolicyItems = null, this.oldDenyExceptionPolicyItems = null; var policyStatus = this.collection.findWhere({'attributeName':'Policy Status'}) if(!_.isUndefined(policyStatus)){ if(!_.isEmpty(policyStatus.get('previousValue'))){ @@ -201,7 +209,35 @@ define(function(require){ } var policyItems = this.collection.findWhere({'attributeName':'Policy Items'}); if(!_.isUndefined(policyItems)){ - this.getPolicyItems(); + var perms = this.getPolicyItems('Policy Items'); + if(!_.isEmpty(perms)){ + this.newPolicyItems = perms.newPerms; + this.oldPolicyItems = perms.oldPerms; + } + } + var policyItems = this.collection.findWhere({'attributeName':'Allow Exceptions'}); + if(!_.isUndefined(policyItems)){ + var perms = this.getPolicyItems('Allow Exceptions'); + if(!_.isEmpty(perms)){ + this.newAllowExceptionPolicyItems = perms.newPerms; + this.oldAllowExceptionPolicyItems = perms.oldPerms; + } + } + var policyItems = this.collection.findWhere({'attributeName':'DenyPolicy Items'}); + if(!_.isUndefined(policyItems)){ + var perms = this.getPolicyItems('DenyPolicy Items'); + if(!_.isEmpty(perms)){ + this.newDenyPolicyItems = perms.newPerms; + this.oldDenyPolicyItems = perms.oldPerms; + } + } + var policyItems = this.collection.findWhere({'attributeName':'Deny Exceptions'}); + if(!_.isUndefined(policyItems)){ + var perms = this.getPolicyItems('Deny Exceptions'); + if(!_.isEmpty(perms)){ + this.newDenyExceptionPolicyItems = perms.newPerms; + this.oldDenyExceptionPolicyItems = perms.oldPerms; + } } }, getPolicyResources : function() { @@ -257,14 +293,14 @@ define(function(require){ _.each(oldResources,function(val, key){ this.collection.add({'attributeName':key, 'previousValue':val.toString()}); }, this) } }, - getPolicyItems : function() { + getPolicyItems : function(itemType) { var items = {}; - var policyItems = this.collection.findWhere({'attributeName':'Policy Items'}); + var newPolicyItems=[], oldPolicyItems =[]; + var policyItems = this.collection.findWhere({'attributeName': itemType }); this.collection.remove(policyItems); - if(!_.isUndefined(policyItems.get('newValue')) && !_.isEmpty(policyItems.get('newValue'))){ - this.newPolicyItems = JSON.parse(policyItems.get('newValue')); - _.each(this.newPolicyItems, function(obj){ + newPolicyItems = JSON.parse(policyItems.get('newValue')); + _.each(newPolicyItems, function(obj){ if(!_.isUndefined(obj.accesses)){ var permissions = _.map(_.where(obj.accesses,{'isAllowed':true}), function(t) { return t.type; }); obj['permissions'] = permissions; @@ -273,8 +309,8 @@ define(function(require){ }); } if(!_.isUndefined(policyItems.get('previousValue')) && !_.isEmpty(policyItems.get('previousValue'))){ - this.oldPolicyItems = JSON.parse(policyItems.get('previousValue')); - _.each(this.oldPolicyItems, function(obj){ + oldPolicyItems = JSON.parse(policyItems.get('previousValue')); + _.each(oldPolicyItems, function(obj){ if(!_.isUndefined(obj.accesses)){ var permissions = _.map(_.where(obj.accesses,{'isAllowed':true}), function(t) { return t.type; }); obj['permissions'] = permissions; @@ -282,53 +318,56 @@ define(function(require){ } }); } - this.oldPermList =[], this.newPermList =[] +// this.oldPermList =[], this.newPermList =[] if(this.action == "update"){ - this.setOldeNewPermList(); + return this.setOldeNewPermList(newPolicyItems, oldPolicyItems); } else { - this.oldPermList = this.oldPolicyItems; - this.newPermList = this.newPolicyItems; + + return {'oldPerms' : oldPolicyItems, 'newPerms' : newPolicyItems}; +// this.oldPermList = this.oldPolicyItems; +// this.newPermList = this.newPolicyItems; } }, - setOldeNewPermList : function() { - var found = false; - for(var i=0; i< this.newPolicyItems.length ;i++){ + setOldeNewPermList : function(newPolicyItems, oldPolicyItems) { + var found = false, oldPerms = [], newPerms = []; + for(var i=0; i< newPolicyItems.length ;i++){ found = false; - for(var j=0; j< this.oldPolicyItems.length ;j++){ + for(var j=0; j< oldPolicyItems.length ;j++){ if(!found) - if(_.intersection(this.oldPolicyItems[j].users,this.newPolicyItems[i].users).length > 0 - || _.intersection(this.oldPolicyItems[j].groups,this.newPolicyItems[i].groups).length > 0){ - if(JSON.stringify(this.newPolicyItems[i]) != JSON.stringify(this.oldPolicyItems[j])){ - this.oldPermList.push(this.oldPolicyItems[j]) - this.newPermList.push(this.newPolicyItems[i]) + if(_.intersection(oldPolicyItems[j].users,newPolicyItems[i].users).length > 0 + || _.intersection(oldPolicyItems[j].groups,newPolicyItems[i].groups).length > 0){ + if(JSON.stringify(newPolicyItems[i]) != JSON.stringify(oldPolicyItems[j])){ + oldPerms.push(oldPolicyItems[j]); + newPerms.push(newPolicyItems[i]); } found = true; } } if(!found){ - this.oldPermList.push({}) - this.newPermList.push(this.newPolicyItems[i]) + oldPerms.push({}); + newPerms.push(newPolicyItems[i]); } } - for(var i=0; i< this.oldPolicyItems.length ;i++){ + for(var i=0; i< oldPolicyItems.length ;i++){ found = false; - for(var j=0; j < this.newPolicyItems.length;j++){ - if(!found && _.intersection(this.oldPolicyItems[i].users,this.newPolicyItems[j].users).length > 0 - || _.intersection(this.oldPolicyItems[i].groups,this.newPolicyItems[j].groups).length > 0){ - if(JSON.stringify(this.oldPolicyItems[i]) != JSON.stringify(this.newPolicyItems[j])){ - if($.inArray(this.oldPolicyItems[i], this.oldPermList) < 0){ - this.oldPermList.push(this.oldPolicyItems[i]) - this.newPermList.push(this.newPolicyItems[j]) + for(var j=0; j < newPolicyItems.length;j++){ + if(!found && _.intersection(oldPolicyItems[i].users,newPolicyItems[j].users).length > 0 + || _.intersection(oldPolicyItems[i].groups,newPolicyItems[j].groups).length > 0){ + if(JSON.stringify(oldPolicyItems[i]) != JSON.stringify(newPolicyItems[j])){ + if($.inArray(oldPolicyItems[i], oldPerms) < 0){ + oldPerms.push(oldPolicyItems[i]); + newPerms.push(newPolicyItems[j]); } } found = true; } } if(!found){ - this.oldPermList.push(this.oldPolicyItems[i]) - this.newPermList.push({}) + oldPerms.push(oldPolicyItems[i]); + newPerms.push({}); } } + return {'newPerms' : newPerms, 'oldPerms' : oldPerms }; }, /** all post render plugin initialization */ initializePlugins: function(){ http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js b/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js index 63b5d35..47177f4 100644 --- a/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js +++ b/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js @@ -140,7 +140,7 @@ define(function(require) {'use strict'; coll.fetch({ cache : false, reset: true, - async:false, +// async:false, }).done(function(){ coll.trigger('sync') XAUtil.blockUI('unblock'); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js b/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js index 6f7d5b9..c82f0af 100644 --- a/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js +++ b/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js @@ -50,9 +50,9 @@ define(function(require){ breadCrumbs :function(){ var name = this.rangerServiceDefModel.get('name') != XAEnums.ServiceType.SERVICE_TAG.label ? 'ServiceManager' : 'TagBasedServiceManager'; if(this.model.isNew()){ - return [XALinks.get(name), XALinks.get('ServiceCreate', {model:this.model})]; + return [XALinks.get(name), XALinks.get('ServiceCreate')]; } else { - return [XALinks.get(name), XALinks.get('ServiceEdit',{model:this.model})]; + return [XALinks.get(name), XALinks.get('ServiceEdit')]; } }, http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/user/UserProfile.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/user/UserProfile.js b/security-admin/src/main/webapp/scripts/views/user/UserProfile.js index ca0c893..cac80a8 100644 --- a/security-admin/src/main/webapp/scripts/views/user/UserProfile.js +++ b/security-admin/src/main/webapp/scripts/views/user/UserProfile.js @@ -121,7 +121,7 @@ define(function(require){ wait: true, success: function () { XAUtil.notifySuccess('Success', "User profile updated successfully !!"); - App.appRouter.navigate("#!/policymanager",{trigger: true}); + App.appRouter.navigate("#!/policymanager/resource",{trigger: true}); Communicator.vent.trigger('ProfileBar:rerender'); }, error: function (model, response, options) { @@ -158,16 +158,15 @@ define(function(require){ wait: true, success: function () { XAUtil.notifySuccess('Success', "User profile updated successfully !!"); - App.appRouter.navigate("#!/policymanager",{trigger: true}); + App.appRouter.navigate("#!/policymanager/resource",{trigger: true}); that.clearPasswordFields(); }, error: function (msResponse, options) { - console.log("error occured during updated user profile: ",msResponse.response); - XAUtil.notifyInfo('',localization.tt('msg.myProfileError')); + XAUtil.notifyError('Error', 'Error occured while updating user profile'); if(localization.tt(msResponse.responseJSON.msgDesc) == "Invalid new password"){ that.form.fields.newPassword.setError(localization.tt('validationMessages.newPasswordError')); that.form.fields.reEnterPassword.setError(localization.tt('validationMessages.newPasswordError')); - }else if(localization.tt(msResponse.responseJSON.msgDesc) == " You can not use old password. "){ + }else if((msResponse.responseJSON.msgDesc) == "serverMsg.userMgrOldPassword"){ that.form.fields.oldPassword.setError(localization.tt('validationMessages.oldPasswordRepeatError')); } else { that.form.fields.oldPassword.setError(localization.tt('validationMessages.oldPasswordError')); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js b/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js index d9d6e8a..e2b2f85 100644 --- a/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js +++ b/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js @@ -504,7 +504,8 @@ define(function(require){ switch (facet) { case 'Role': var roles = XAUtil.hackForVSLabelValuePairs(XAEnums.UserRoles); - var label = SessionMgr.isSystemAdmin() ? XAEnums.UserRoles.ROLE_KEY_ADMIN.label : XAEnums.UserRoles.ROLE_SYS_ADMIN.label; + var label = SessionMgr.isSystemAdmin() || SessionMgr.isUser() ? XAEnums.UserRoles.ROLE_KEY_ADMIN.label + : XAEnums.UserRoles.ROLE_SYS_ADMIN.label; callback(_.filter(roles, function(o) { return o.label !== label; })); break; case 'User Source': http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/templates/reports/AssetOperationDiff_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/reports/AssetOperationDiff_tmpl.html b/security-admin/src/main/webapp/templates/reports/AssetOperationDiff_tmpl.html index 7f0cef6..e6bd359 100644 --- a/security-admin/src/main/webapp/templates/reports/AssetOperationDiff_tmpl.html +++ b/security-admin/src/main/webapp/templates/reports/AssetOperationDiff_tmpl.html @@ -47,7 +47,7 @@ </div> </div> - + {{#if isNewConnConfig}} <h5>Connection Configurations :</h5> <div class="diff"> <div class="diff-left"> @@ -71,7 +71,7 @@ </ol> </div> </div> - + {{/if}} {{else}} <label class="no-margin label-size13-weightbold" > Deleted By : {{userName}}</label> <h4>Service Details</h4> @@ -104,7 +104,7 @@ </div> - + {{#if isPreviousConnConfig}} <h4>Connection Configurations :</h4> <div class="diff"> <div class="diff-left"> @@ -128,6 +128,7 @@ </ol> </div> </div> + {{/if}} {{/compare}} </div> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html b/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html index bf37324..0325c42 100644 --- a/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html +++ b/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html @@ -43,7 +43,7 @@ {{/if}} {{#if oldPolicyItems}} - <h5>Users/Groups Permissions :</h5> + <h5>Allow PolicyItems :</h5> <div class="diff diff-perms"> <div class="diff-right" data-id="diff"> <h3>Old Value</h3> @@ -87,4 +87,139 @@ </div> {{/if}} +{{#if oldAllowExceptionPolicyItems}} + <h5>Allow Exception PolicyItems :</h5> + <div class="diff diff-perms"> + <div class="diff-right" data-id="diff"> + <h3>Old Value</h3> + {{#each oldAllowExceptionPolicyItems}} + <ol class="unstyled data"> + <li class="change-row"><i>Groups</i>: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{#each this.groups}} + <span class="groupname">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Users</i>: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{#each this.users}} + <span class="username">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Permissions</i>: + {{#each this.permissions}} + <span class="perm">{{this}}</span> <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + <i>Conditions</i>: + {{#each this.conditions}} + <span class="condition">{{this.type}} : [{{this.values}}]</span><span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row"><i>Delegate Admin</i>: {{this.delegateAdmin}}</li> + </ol><br/> + {{/each}} + </div> + </div> +{{/if}} + +{{#if oldDenyPolicyItems}} + <h5>Deny PolicyItems :</h5> + <div class="diff diff-perms"> + <div class="diff-right" data-id="diff"> + <h3>Old Value</h3> + {{#each oldDenyPolicyItems}} + <ol class="unstyled data"> + <li class="change-row"><i>Groups</i>: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{#each this.groups}} + <span class="groupname">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Users</i>: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{#each this.users}} + <span class="username">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Permissions</i>: + {{#each this.permissions}} + <span class="perm">{{this}}</span> <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + <i>Conditions</i>: + {{#each this.conditions}} + <span class="condition">{{this.type}} : [{{this.values}}]</span><span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row"><i>Delegate Admin</i>: {{this.delegateAdmin}}</li> + </ol><br/> + {{/each}} + </div> + </div> +{{/if}} + +{{#if oldDenyExceptionPolicyItems}} + <h5>Deny Exception PolicyItems :</h5> + <div class="diff diff-perms"> + <div class="diff-right" data-id="diff"> + <h3>Old Value</h3> + {{#each oldDenyExceptionPolicyItems}} + <ol class="unstyled data"> + <li class="change-row"><i>Groups</i>: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{#each this.groups}} + <span class="groupname">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Users</i>: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{#each this.users}} + <span class="username">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Permissions</i>: + {{#each this.permissions}} + <span class="perm">{{this}}</span> <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + <i>Conditions</i>: + {{#each this.conditions}} + <span class="condition">{{this.type}} : [{{this.values}}]</span><span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row"><i>Delegate Admin</i>: {{this.delegateAdmin}}</li> + </ol><br/> + {{/each}} + </div> + </div> +{{/if}} + </div> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html b/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html index 353baa9..5ed8d00 100644 --- a/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html +++ b/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html @@ -44,7 +44,7 @@ {{/if}} {{#if newPolicyItems}} - <h5>Users/Groups Permissions :</h5> + <h5>Allow PolicyItems :</h5> <div class="diff diff-perms" > <div class="diff-right" data-id="diff"> <h3>New Value</h3> @@ -82,6 +82,133 @@ {{/each}} </div> </div> +{{/if}} + +<!-- Allow Exceptions --> + +{{#if newAllowExceptionPolicyItems}} + <h5>Allow Exceptions :</h5> + <div class="diff diff-perms" > + <div class="diff-right" data-id="diff"> + <h3>New Value</h3> + {{#each newAllowExceptionPolicyItems}} + <ol class="unstyled data"> + <li class="change-row">Groups: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{this.groups}} + {{/if_eq}} + </li> + <li class="change-row">Users: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{this.users}} + {{/if_eq}} + </li> + <li class="change-row">Permissions: + {{#each this.permissions}} + {{this}} <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + Conditions: + {{#each this.conditions}} + {{this.type}} : [{{this.values}}]<span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row">Delegate Admin:{{this.delegateAdmin}}</li> + </ol><br/> + {{/each}} + </div> + </div> +{{/if}} + +<!-- Deny PolicyItems --> + +{{#if newDenyPolicyItems}} + <h5>Deny PolicyItems :</h5> + <div class="diff diff-perms" > + <div class="diff-right" data-id="diff"> + <h3>New Value</h3> + {{#each newDenyPolicyItems}} + <ol class="unstyled data"> + <li class="change-row">Groups: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{this.groups}} + {{/if_eq}} + </li> + <li class="change-row">Users: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{this.users}} + {{/if_eq}} + </li> + <li class="change-row">Permissions: + {{#each this.permissions}} + {{this}} <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + Conditions: + {{#each this.conditions}} + {{this.type}} : [{{this.values}}]<span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row">Delegate Admin:{{this.delegateAdmin}}</li> + </ol><br/> + {{/each}} + </div> + </div> +{{/if}} +<!-- Deny Exception PolicyItems --> +{{#if oldDenyExceptionPolicyItems}} + <h5>Deny Exception PolicyItems:</h5> + <div class="diff diff-perms" > + <div class="diff-right" data-id="diff"> + <h3>New Value</h3> + {{#each oldDenyExceptionPolicyItems}} + <ol class="unstyled data"> + <li class="change-row">Groups: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{this.groups}} + {{/if_eq}} + </li> + <li class="change-row">Users: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{this.users}} + {{/if_eq}} + </li> + <li class="change-row">Permissions: + {{#each this.permissions}} + {{this}} <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + Conditions: + {{#each this.conditions}} + {{this.type}} : [{{this.values}}]<span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row">Delegate Admin:{{this.delegateAdmin}}</li> + </ol><br/> + {{/each}} + </div> + </div> {{/if}} </div> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b2eb4253/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html b/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html index 727c998..d2a4f80 100644 --- a/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html +++ b/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyUpdateDiff_tmpl.html @@ -66,8 +66,9 @@ </div> </div> {{/if}} + {{#if oldPolicyItems}} - <h5>Users/Groups Permissions :</h5> + <h5>Allow PolicyItems :</h5> <div class="diff diff-perms"> <div class="diff-left" data-id="diff"> <h3>old Value</h3> @@ -157,4 +158,285 @@ </div> </div> {{/if}} + +{{#if oldAllowExceptionPolicyItems}} + <h5>Allow Exception PolicyItems :</h5> + <div class="diff diff-perms"> + <div class="diff-left" data-id="diff"> + <h3>old Value</h3> + {{#each oldAllowExceptionPolicyItems}} + <ol class="unstyled data"> + {{#if this.permissions}} + <li class="change-row"><i>Groups</i>: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{#each this.groups}} + <span class="groupname">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Users</i>: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{#each this.users}} + <span class="username">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Permissions</i>: + {{#each this.permissions}} + <span class="perm">{{this}}</span> <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + <i>Conditions</i>: + {{#each this.conditions}} + <span class="condition">{{this.type}} : [{{this.values}}]</span><span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row"><i>Delegate Admin</i>: {{this.delegateAdmin}}</li> + {{else}} + <li style=" min-height: 99px; line-height: 102px; text-align: center; font-weight: bold; font-style: italic;"><empty></li> + {{/if}} + </ol><br/> + {{/each}} + </div> + <div class="diff-right" data-id="diff"> + <h3>New Value</h3> + {{#each newAllowExceptionPolicyItems}} + <ol class="unstyled data"> + {{#if this.permissions}} + <li class="change-row"><i>Groups</i>: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{#each this.groups}} + <span class="groupname">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Users</i>: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{#each this.users}} + <span class="username">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Permissions</i>: + {{#each this.permissions}} + <span class="perm">{{this}}</span> <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + <i>Conditions</i>: + {{#each this.conditions}} + <span class="condition">{{this.type}} : [{{this.values}}]</span><span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row"><i>Delegate Admin</i>: {{this.delegateAdmin}}</li> + {{else}} + <li style=" min-height: 99px; line-height: 102px; text-align: center; font-weight: bold; font-style: italic;"><empty></li> + {{/if}} + </ol><br/> + {{/each}} + </div> + </div> + {{/if}} + + +{{#if oldDenyPolicyItems}} + <h5>Deny PolicyItems :</h5> + <div class="diff diff-perms"> + <div class="diff-left" data-id="diff"> + <h3>old Value</h3> + {{#each oldDenyPolicyItems}} + <ol class="unstyled data"> + {{#if this.permissions}} + <li class="change-row"><i>Groups</i>: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{#each this.groups}} + <span class="groupname">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Users</i>: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{#each this.users}} + <span class="username">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Permissions</i>: + {{#each this.permissions}} + <span class="perm">{{this}}</span> <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + <i>Conditions</i>: + {{#each this.conditions}} + <span class="condition">{{this.type}} : [{{this.values}}]</span><span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row"><i>Delegate Admin</i>: {{this.delegateAdmin}}</li> + {{else}} + <li style=" min-height: 99px; line-height: 102px; text-align: center; font-weight: bold; font-style: italic;"><empty></li> + {{/if}} + </ol><br/> + {{/each}} + </div> + <div class="diff-right" data-id="diff"> + <h3>New Value</h3> + {{#each newDenyPolicyItems}} + <ol class="unstyled data"> + {{#if this.permissions}} + <li class="change-row"><i>Groups</i>: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{#each this.groups}} + <span class="groupname">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Users</i>: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{#each this.users}} + <span class="username">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Permissions</i>: + {{#each this.permissions}} + <span class="perm">{{this}}</span> <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + <i>Conditions</i>: + {{#each this.conditions}} + <span class="condition">{{this.type}} : [{{this.values}}]</span><span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row"><i>Delegate Admin</i>: {{this.delegateAdmin}}</li> + {{else}} + <li style=" min-height: 99px; line-height: 102px; text-align: center; font-weight: bold; font-style: italic;"><empty></li> + {{/if}} + </ol><br/> + {{/each}} + </div> + </div> + {{/if}} + + + +{{#if oldDenyExceptionPolicyItems}} + <h5>Deny Exception PolicyItems :</h5> + <div class="diff diff-perms"> + <div class="diff-left" data-id="diff"> + <h3>old Value</h3> + {{#each oldDenyExceptionPolicyItems}} + <ol class="unstyled data"> + {{#if this.permissions}} + <li class="change-row"><i>Groups</i>: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{#each this.groups}} + <span class="groupname">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Users</i>: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{#each this.users}} + <span class="username">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Permissions</i>: + {{#each this.permissions}} + <span class="perm">{{this}}</span> <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + <i>Conditions</i>: + {{#each this.conditions}} + <span class="condition">{{this.type}} : [{{this.values}}]</span><span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row"><i>Delegate Admin</i>: {{this.delegateAdmin}}</li> + {{else}} + <li style=" min-height: 99px; line-height: 102px; text-align: center; font-weight: bold; font-style: italic;"><empty></li> + {{/if}} + </ol><br/> + {{/each}} + </div> + <div class="diff-right" data-id="diff"> + <h3>New Value</h3> + {{#each newDenyExceptionPolicyItems}} + <ol class="unstyled data"> + {{#if this.permissions}} + <li class="change-row"><i>Groups</i>: + {{#if_eq this.groups compare=0}} + <empty> + {{else}} + {{#each this.groups}} + <span class="groupname">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Users</i>: + {{#if_eq this.users compare=0}} + <empty> + {{else}} + {{#each this.users}} + <span class="username">{{this}}</span><span>,</span> + {{/each}} + {{/if_eq}} + </li> + <li class="change-row"><i>Permissions</i>: + {{#each this.permissions}} + <span class="perm">{{this}}</span> <span>,</span> + {{/each}} + </li> + {{#if this.conditions}} + <li class="change-row"> + <i>Conditions</i>: + {{#each this.conditions}} + <span class="condition">{{this.type}} : [{{this.values}}]</span><span>,</span> + {{/each}} + </li> + {{/if}} + <li class="change-row"><i>Delegate Admin</i>: {{this.delegateAdmin}}</li> + {{else}} + <li style=" min-height: 99px; line-height: 102px; text-align: center; font-weight: bold; font-style: italic;"><empty></li> + {{/if}} + </ol><br/> + {{/each}} + </div> + </div> + {{/if}} + + </div>
