GUACAMOLE-220: Add management interface for user parent groups.
Project: http://git-wip-us.apache.org/repos/asf/guacamole-client/repo Commit: http://git-wip-us.apache.org/repos/asf/guacamole-client/commit/de809574 Tree: http://git-wip-us.apache.org/repos/asf/guacamole-client/tree/de809574 Diff: http://git-wip-us.apache.org/repos/asf/guacamole-client/diff/de809574 Branch: refs/heads/master Commit: de8095740435de7fcfddf263304aa8be2eb553dd Parents: ca1db78 Author: Michael Jumper <mjum...@apache.org> Authored: Tue Aug 7 12:15:46 2018 -0700 Committer: Michael Jumper <mjum...@apache.org> Committed: Wed Aug 8 21:50:26 2018 -0700 ---------------------------------------------------------------------- .../manage/controllers/manageUserController.js | 69 ++++++++++++++++++-- .../webapp/app/manage/templates/manageUser.html | 11 ++++ guacamole/src/main/webapp/translations/en.json | 6 +- 3 files changed, 80 insertions(+), 6 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/de809574/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js ---------------------------------------------------------------------- diff --git a/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js b/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js index e4a91db..7d8397f 100644 --- a/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js +++ b/guacamole/src/main/webapp/app/manage/controllers/manageUserController.js @@ -36,9 +36,11 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto var $q = $injector.get('$q'); var authenticationService = $injector.get('authenticationService'); var dataSourceService = $injector.get('dataSourceService'); + var membershipService = $injector.get('membershipService'); var permissionService = $injector.get('permissionService'); var requestService = $injector.get('requestService'); var schemaService = $injector.get('schemaService'); + var userGroupService = $injector.get('userGroupService'); var userService = $injector.get('userService'); /** @@ -134,6 +136,46 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto $scope.permissionsRemoved = new PermissionSet(); /** + * The identifiers of all user groups which can be manipulated (all groups + * for which the user accessing this interface has UPDATE permission), + * either through adding the current user as a member or removing the + * current user from that group. If this information has not yet been + * retrieved, this will be null. + * + * @type String[] + */ + $scope.availableGroups = null; + + /** + * The identifiers of all user groups of which the user is a member, + * taking into account any user groups which will be added/removed when + * saved. If this information has not yet been retrieved, this will be + * null. + * + * @type String[] + */ + $scope.parentGroups = null; + + /** + * The set of identifiers of all parent user groups to which the user will + * be added when saved. Parent groups will only be present in this set if + * they are manually added, and not later manually removed before saving. + * + * @type String[] + */ + $scope.parentGroupsAdded = []; + + /** + * The set of identifiers of all parent user groups from which the user + * will be removed when saved. Parent groups will only be present in this + * set if they are manually removed, and not later manually added before + * saving. + * + * @type String[] + */ + $scope.parentGroupsRemoved = []; + + /** * For each applicable data source, the management-related actions that the * current user may perform on the user account currently being created * or modified, as a map of data source identifier to the @@ -166,6 +208,8 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto return $scope.users !== null && $scope.permissionFlags !== null && $scope.managementPermissions !== null + && $scope.availableGroups !== null + && $scope.parentGroups !== null && $scope.attributes !== null; }; @@ -204,12 +248,14 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto var loadExistingUser = function loadExistingUser(dataSource, username) { return $q.all({ users : dataSourceService.apply(userService.getUser, dataSources, username), - permissions : permissionService.getPermissions(dataSource, username) + permissions : permissionService.getPermissions(dataSource, username), + parentGroups : membershipService.getUserGroups(dataSource, username) }) .then(function userDataRetrieved(values) { $scope.users = values.users; $scope.user = values.users[dataSource]; + $scope.parentGroups = values.parentGroups; // Create skeleton user if user does not exist if (!$scope.user) @@ -243,12 +289,15 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto var loadClonedUser = function loadClonedUser(dataSource, username) { return $q.all({ users : dataSourceService.apply(userService.getUser, [dataSource], username), - permissions : permissionService.getPermissions(dataSource, username) + permissions : permissionService.getPermissions(dataSource, username), + parentGroups : membershipService.getUserGroups(dataSource, username) }) .then(function userDataRetrieved(values) { $scope.users = {}; $scope.user = values.users[dataSource]; + $scope.parentGroups = values.parentGroups; + $scope.parentGroupsAdded = values.parentGroups; // The current user will be associated with cloneSourceUsername in the // retrieved permission set @@ -274,6 +323,7 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto // Use skeleton user object with no associated permissions $scope.user = new User(); + $scope.parentGroups = []; $scope.permissionFlags = new PermissionFlagSet(); // As no permissions are yet associated with the user, it is safe to @@ -314,6 +364,7 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto $q.all({ userData : loadRequestedUser(), permissions : dataSourceService.apply(permissionService.getEffectivePermissions, dataSources, currentUsername), + userGroups : userGroupService.getUserGroups($scope.dataSource, [ PermissionSet.ObjectPermissionType.UPDATE ]), attributes : schemaService.getUserAttributes($scope.dataSource) }) .then(function dataReceived(values) { @@ -326,6 +377,12 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto // Determine whether data source contains this user var exists = (dataSource in $scope.users); + // Add the identifiers of all modifiable user groups + $scope.availableGroups = []; + angular.forEach(values.userGroups, function addUserGroupIdentifier(userGroup) { + $scope.availableGroups.push(userGroup.identifier); + }); + // Calculate management actions available for this specific account $scope.managementPermissions[dataSource] = ManagementPermissions.fromPermissionSet( values.permissions[dataSource], @@ -415,9 +472,11 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto } - // Upon success, save any changed permissions - return permissionService.patchPermissions($scope.dataSource, $scope.user.username, - $scope.permissionsAdded, $scope.permissionsRemoved); + // Upon success, save any changed permissions/groups + return $q.all([ + permissionService.patchPermissions($scope.dataSource, $scope.user.username, $scope.permissionsAdded, $scope.permissionsRemoved), + membershipService.patchUserGroups($scope.dataSource, $scope.user.username, $scope.parentGroupsAdded, $scope.parentGroupsRemoved) + ]); }); http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/de809574/guacamole/src/main/webapp/app/manage/templates/manageUser.html ---------------------------------------------------------------------- diff --git a/guacamole/src/main/webapp/app/manage/templates/manageUser.html b/guacamole/src/main/webapp/app/manage/templates/manageUser.html index bb5cfb3..571f5c8 100644 --- a/guacamole/src/main/webapp/app/manage/templates/manageUser.html +++ b/guacamole/src/main/webapp/app/manage/templates/manageUser.html @@ -56,6 +56,17 @@ permissions-removed="permissionsRemoved"> </system-permission-editor> + <!-- Parent group section --> + <identifier-set-editor + header="MANAGE_USER.SECTION_HEADER_USER_GROUPS" + empty-placeholder="MANAGE_USER.HELP_NO_USER_GROUPS" + unavailable-placeholder="MANAGE_USER.INFO_NO_USER_GROUPS_AVAILABLE" + identifiers-available="availableGroups" + identifiers="parentGroups" + identifiers-added="parentGroupsAdded" + identifiers-removed="parentGroupsRemoved"> + </identifier-set-editor> + <!-- Connection permissions section --> <connection-permission-editor ng-show="managementPermissions[dataSource].canChangePermissions" data-data-source="dataSource" http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/de809574/guacamole/src/main/webapp/translations/en.json ---------------------------------------------------------------------- diff --git a/guacamole/src/main/webapp/translations/en.json b/guacamole/src/main/webapp/translations/en.json index d55e262..d0eaa9a 100644 --- a/guacamole/src/main/webapp/translations/en.json +++ b/guacamole/src/main/webapp/translations/en.json @@ -301,13 +301,17 @@ "FIELD_PLACEHOLDER_FILTER" : "@:APP.FIELD_PLACEHOLDER_FILTER", - "INFO_READ_ONLY" : "Sorry, but this user account cannot be edited.", + "HELP_NO_USER_GROUPS" : "This user does not currently belong to any groups. Expand this section to add groups.", + + "INFO_READ_ONLY" : "Sorry, but this user account cannot be edited.", + "INFO_NO_USER_GROUPS_AVAILABLE" : "No groups available.", "SECTION_HEADER_ALL_CONNECTIONS" : "All Connections", "SECTION_HEADER_CONNECTIONS" : "Connections", "SECTION_HEADER_CURRENT_CONNECTIONS" : "Current Connections", "SECTION_HEADER_EDIT_USER" : "Edit User", "SECTION_HEADER_PERMISSIONS" : "Permissions", + "SECTION_HEADER_USER_GROUPS" : "Groups", "TEXT_CONFIRM_DELETE" : "Users cannot be restored after they have been deleted. Are you sure you want to delete this user?"