[
https://issues.apache.org/jira/browse/NIFI-2926?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15657091#comment-15657091
]
ASF GitHub Bot commented on NIFI-2926:
--------------------------------------
Github user mcgilman commented on a diff in the pull request:
https://github.com/apache/nifi/pull/1188#discussion_r87585264
--- Diff:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/users/nf-users-table.js
---
@@ -470,6 +470,214 @@ nf.UsersTable = (function () {
};
/**
+ * Initializes the user policies dialog.
+ */
+ var initUserPoliciesDialog = function () {
+ $('#user-policies-dialog').modal({
+ headerText: 'User Policies',
+ buttons: [{
+ buttonText: 'Close',
+ color: {
+ base: '#728E9B',
+ hover: '#004849',
+ text: '#ffffff'
+ },
+ handler: {
+ click: function () {
+ //TODO: some work
+
+ $('#user-policies-dialog').modal('hide');
+ }
+ }
+ }]
+ });
+ };
+
+ /**
+ * Generates a human readable global policy strung.
+ *
+ * @param dataContext
+ * @returns {string}
+ */
+ var globalResourceParser = function (dataContext) {
+ return 'Global policy to ' +
+
nf.Common.getPolicyTypeListing(nf.Common.substringAfterFirst(dataContext.component.resource,
'/')).text;
+ };
+
+ /**
+ * Generates a human readable component policy string.
+ *
+ * @param dataContext
+ * @returns {string}
+ */
+ var componentResourceParser = function (dataContext) {
+ var resource = dataContext.component.resource;
+ var policyLabel = '';
+
+ //determine policy type
+ if (resource.startsWith('/policies')) {
+ resource = nf.Common.substringAfterFirst(resource,
'/policies');
+ policyLabel += 'Admin policy for ';
+ } else if (resource.startsWith('/data-transfer')) {
+ resource = nf.Common.substringAfterFirst(resource,
'/data-transfer');
+ policyLabel += 'Site to site policy for ';
+ } else if (resource.startsWith('/data')) {
+ resource = nf.Common.substringAfterFirst(resource, '/data');
+ policyLabel += 'Data policy for ';
+ } else {
+ policyLabel += 'Component policy for ';
+ }
+
+ if (resource.startsWith('/processors')) {
+ policyLabel += 'processor ';
+ } else if (resource.startsWith('/controller-services')) {
+ policyLabel += 'controller services ';
+ } else if (resource.startsWith('/funnels')) {
+ policyLabel += 'funnel ';
+ } else if (resource.startsWith('/input-ports')) {
+ policyLabel += 'input port ';
+ } else if (resource.startsWith('/labels')) {
+ policyLabel += 'label ';
+ } else if (resource.startsWith('/output-ports')) {
+ policyLabel += 'output port ';
+ } else if (resource.startsWith('/process-groups')) {
+ policyLabel += 'process group ';
+ } else if (resource.startsWith('/remote-process-groups')) {
+ policyLabel += 'remote process group ';
+ } else if (resource.startsWith('/reporting-tasks')) {
+ policyLabel += 'reporting task ';
+ } else if (resource.startsWith('/templates')) {
+ policyLabel += 'template ';
+ }
+
+ if (dataContext.component.componentReference.permissions.canRead
=== true) {
+ policyLabel +=
dataContext.component.componentReference.component.name;
+ } else {
+ policyLabel += '<span class="unset">' +
dataContext.component.componentReference.id + '</span>'
+ }
+
+ return policyLabel;
+ };
+
+ /**
+ * Initializes the user policies table.
+ */
+ var initUserPoliciesTable = function () {
+
+ // function for formatting the human readable name of the policy
+ var policyDisplayNameFormatter = function (row, cell, value,
columnDef, dataContext) {
+ // if the user has permission to the policy
+ if (dataContext.permissions.canRead === true) {
+ // check if Global policy
+ if
(nf.Common.isUndefinedOrNull(dataContext.component.componentReference)) {
+ return globalResourceParser(dataContext);
+ }
+ // not a global policy... check if user has access to the
component reference
+ return componentResourceParser(dataContext);
+ } else {
+ return '<span class="unset">' + dataContext.id + '</span>';
+ }
+ };
+
+ // function for formatting the actions column
+ var actionsFormatter = function (row, cell, value, columnDef,
dataContext) {
+ var markup = '';
+
+ if (dataContext.permissions.canRead === true) {
+ if
(nf.Common.isDefinedAndNotNull(dataContext.component.componentReference)) {
+ markup += '<div title="Go To" class="pointer
go-to-user-policies fa fa-long-arrow-right" style="float: left;"></div>';
+ }
+ }
+
+ return markup;
+ };
+
+ // function for formatting the action column
+ var actionFormatter = function (row, cell, value, columnDef,
dataContext) {
+ var markup = '';
+
+ if (dataContext.permissions.canRead === true) {
+ markup += dataContext.component.action;
+ }
+
+ return markup;
+ };
+
+ var userPoliciesColumns = [
+ {id: 'policy', name: 'Policy', sortable: true, resizable:
true, formatter: policyDisplayNameFormatter, width: 150},
+ {id: 'action', name: 'Action', sortable: true, resizable:
false, formatter: actionFormatter, width: 50}
+ ];
+
+ // add the actions if we're in the shell
+ if ((top !== window) && nf.Common.canAccessPolicies()) {
--- End diff --
Policies will have their own specific permissions. No need to check if the
user can access all policies here.
> Add a user-centric view for authorization policies
> --------------------------------------------------
>
> Key: NIFI-2926
> URL: https://issues.apache.org/jira/browse/NIFI-2926
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core UI
> Affects Versions: 1.0.0
> Reporter: Andrew Lim
> Assignee: Scott Aslan
> Labels: UI, authorization
>
> The UI for managing authorizations in 1.0.0 is policy-centric, meaning in
> order to view which access privileges a specific user has, you need to
> navigate to each individual policy and see if the user has been added to it.
> We should add a view to the UI where you can select a user and then see all
> the access policies that he/she has.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
