Commit 15bcc1b6 authored by Sascha Herzinger's avatar Sascha Herzinger
Browse files

Merge remote-tracking branch 'remotes/origin/563-spring-security-frontend' into 563-spring-security

parents 63196ea2 f680679a
......@@ -155,7 +155,6 @@ function executeQuery(query) {
}
}
}
console.log(query);
return getAuthToken(query.login).then(function (token) {
var params = {
method: query.method,
......@@ -201,7 +200,7 @@ function executeQueries(queries) {
// for (var i = 0; i < 3; i++) {
for (var i = 0; i < queries.length; i++) {
var query = queries[i];
if (query.method !== "GET" || query.url.indexOf(":downloadModel") >= 0 || query.url.indexOf("doLogout/?") >= 0) {
if (query.method !== "GET" || query.url.indexOf(":downloadModel") >= 0 || query.url.indexOf("/doLogout") >= 0) {
console.log("Ignoring " + query.method + " query: " + query.url);
} else {
// console.log("Exec " + query.method + " query: " + query.url);
......
......@@ -174,14 +174,18 @@ ServerConnector.sendGetRequest = function (url, description) {
});
};
/**
*
* @return {Promise<boolean>}
*/
ServerConnector.isSessionValid = function () {
var self = this;
return self._sendRequest({url: this.isSessionValidUrl()}).then(function () {
return true;
}).catch(function (e) {
return self._sendRequest({method: "GET", url: this.isSessionValidUrl()}).then(function (content) {
return JSON.parse(content).login === self.getSessionData(null).getLogin();
}).catch(function (error) {
if (error instanceof NetworkError) {
if (error.statusCode === HttpStatus.FORBIDDEN || error.statusCode === HttpStatus.UNAUTHORIZED) {
return false;
return self.getSessionData(null).getLogin() === "anonymous";
}
}
return Promise.reject(error);
......@@ -458,7 +462,7 @@ ServerConnector.getPluginGlobalParamUrl = function (queryParams, filterParams) {
ServerConnector.getPluginUserParamUrl = function (queryParams, filterParams) {
return this.getApiUrl({
url: this.getPluginsUrl(queryParams) + queryParams.hash + "/data/users/" + queryParams.login + "/" + queryParams.key + "/",
url: this.getPluginsUrl(queryParams) + queryParams.hash + "/data/users/" + queryParams.key + "/",
params: filterParams
});
};
......@@ -1386,28 +1390,7 @@ ServerConnector.updateUser = function (user) {
connectedToLdap: user.isConnectedToLdap()
}
};
var canModifyPrivileges = false;
return self.sendPatchRequest(self.getUserUrl(queryParams), filterParams)
.then(function () {
var currentLogin = ServerConnector.getSessionData().getLogin();
return self.sendGetRequest(self.getUserUrl({login: currentLogin}, {}));
})
.then(function (response) {
canModifyPrivileges = JSON.parse(response).privileges.some(function (privilege) {
return (privilege.type === PrivilegeType.USER_MANAGEMENT) && parseInt(privilege.value) === 1;
});
return self.getConfiguration();
})
.then(function (configuration) {
if (!canModifyPrivileges) {
return Promise.resolve(user);
}
return self.updateUserPrivileges({user: user, privileges: user.privilegesToExport(configuration)});
});
return self.sendPatchRequest(self.getUserUrl(queryParams), filterParams);
};
/**
......@@ -1450,7 +1433,7 @@ ServerConnector.addUser = function (user) {
}).then(function () {
return self.getConfiguration();
}).then(function (configuration) {
return self.updateUserPrivileges({user: user, privileges: user.privilegesToExport(configuration)});
return self.grantUserPrivileges({user: user, privileges: user.getPrivileges()});
});
};
......@@ -1471,18 +1454,66 @@ ServerConnector.removeUser = function (login) {
*
* @param {Object} params
* @param {User} params.user
* @param {Object} params.privileges
* @param {Authority[]} params.privileges
*
* @returns {Promise}
*/
ServerConnector.updateUserPrivileges = function (params) {
ServerConnector.grantUserPrivileges = function (params) {
var self = this;
var queryParams = {
login: params.user.getLogin()
};
var privileges = {};
for (var i = 0; i < params.privileges.length; i++) {
var privilege = params.privileges[i];
if (privilege.objectId !== undefined && privilege.objectId !== null) {
privileges[privilege.privilegeType + ":" + privilege.objectId] = true;
} else {
privileges[privilege.privilegeType] = true;
}
}
return self.sendPatchRequest(self.getUpdateUserPrivilegesUrl(queryParams), {
privileges: privileges
}).then(function (content) {
var obj = JSON.parse(content);
var user = new User(obj);
if (self._usersByLogin[user.getLogin()] !== undefined) {
self._usersByLogin[user.getLogin()].update(user);
} else {
self._usersByLogin[user.getLogin()] = user;
}
return self._usersByLogin[user.getLogin()];
}).then(null, function (error) {
return self.processNetworkError(error);
});
};
/**
*
* @param {Object} params
* @param {User} params.user
* @param {Authority[]} params.privileges
*
* @returns {Promise}
*/
ServerConnector.revokeUserPrivileges = function (params) {
var self = this;
var queryParams = {
login: params.user.getLogin()
};
var privileges = {};
for (var i = 0; i < params.privileges.length; i++) {
var privilege = params.privileges[i];
if (privilege.objectId !== undefined && privilege.objectId !== null) {
privileges[privilege.privilegeType + ":" + privilege.objectId] = false;
} else {
privileges[privilege.privilegeType] = false;
}
}
return self.sendPatchRequest(self.getUpdateUserPrivilegesUrl(queryParams), {
privileges: params.privileges
privileges: privileges
}).then(function (content) {
var obj = JSON.parse(content);
var user = new User(obj);
......
......@@ -112,10 +112,11 @@ CommentsAdminPanel.prototype.refreshComments = function () {
comments = result;
return self.getServerConnector().getLoggedUser();
}).then(function (user) {
var type = self.getConfiguration().getPrivilegeType(PrivilegeType.EDIT_COMMENTS_PROJECT);
var disable = false;
if (!user.hasPrivilege(type, self.getProject().getId())) {
disable = true;
var writeAccess = self.getConfiguration().getPrivilegeType(PrivilegeType.WRITE_PROJECT);
var isAdmin = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN);
var disable = true;
if (user.hasPrivilege(writeAccess, self.getProject().getProjectId()) || user.hasPrivilege(isAdmin)) {
disable = false;
}
var dataTable = $($("[name='commentsTable']", self.getElement())[0]).DataTable();
......
......@@ -159,7 +159,7 @@ ConfigurationAdminPanel.prototype.init = function () {
return self.getServerConnector().getLoggedUser();
}).then(function (user) {
var configuration = self.getConfiguration();
var privilege = configuration.getPrivilegeType(PrivilegeType.CONFIGURATION_MANAGE);
var privilege = configuration.getPrivilegeType(PrivilegeType.IS_ADMIN);
if (user.hasPrivilege(privilege)) {
return self.setOptions(configuration.getOptions());
} else {
......
......@@ -593,13 +593,19 @@ EditProjectDialog.prototype.createUsersTabContent = function () {
result.appendChild(usersTable);
$(usersTable).on("change", "[name='privilege']", function () {
var privileges = {};
var type = $(this).attr("data").split(",")[0];
var login = $(this).attr("data").split(",")[1];
var privilege = {};
privilege[self.getProject().getId()] = $(this).prop("checked");
privileges[type] = privilege;
return self.updatePrivileges(self._userByLogin[login], privileges);
if ($(this).prop("checked")) {
return self.grantPrivilege(self._userByLogin[login], {
privilegeType: type,
objectId: self.getProject().getProjectId()
});
} else {
return self.revokePrivilege(self._userByLogin[login], {
privilegeType: type,
objectId: self.getProject().getProjectId()
});
}
});
return result;
......@@ -749,9 +755,10 @@ EditProjectDialog.prototype.initUsersTab = function () {
EditProjectDialog.prototype.refreshOverlays = function () {
var self = this;
return self.getServerConnector().getLoggedUser().then(function (user) {
var privilege = self.getConfiguration().getPrivilegeType(PrivilegeType.USER_MANAGEMENT);
var curatorPrivilege = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_CURATOR);
var adminPrivilege = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN);
//we need to refresh users as well because of privileges
if (user.hasPrivilege(privilege)) {
if (user.hasPrivilege(curatorPrivilege) || user.hasPrivilege(adminPrivilege)) {
return self.getServerConnector().getOverlays({
projectId: self.getProject().getProjectId()
}).then(function (overlays) {
......@@ -781,9 +788,10 @@ EditProjectDialog.prototype.refreshMaps = function () {
EditProjectDialog.prototype.refreshUsers = function () {
var self = this;
return self.getServerConnector().getLoggedUser().then(function (user) {
var privilege = self.getConfiguration().getPrivilegeType(PrivilegeType.USER_MANAGEMENT);
var curatorPrivilege = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_CURATOR);
var adminPrivilege = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN);
//we need to refresh users as well because of privileges
if (user.hasPrivilege(privilege)) {
if (user.hasPrivilege(curatorPrivilege) || user.hasPrivilege(adminPrivilege)) {
return ServerConnector.getUsers(true).then(function (users) {
return self.setUsers(users);
});
......@@ -868,7 +876,7 @@ EditProjectDialog.prototype.userToTableRow = function (user, columns) {
if (column.privilegeType !== undefined) {
if (column.privilegeType.getValueType() === "boolean") {
var checked = '';
if (user.hasPrivilege(column.privilegeType, self.getProject().getId())) {
if (user.hasPrivilege(column.privilegeType, self.getProject().getProjectId())) {
checked = 'checked';
}
row[i] = "<input type='checkbox' name='privilege" + "' data='" + column.privilegeType.getName() + "," + login + "' "
......@@ -899,7 +907,10 @@ EditProjectDialog.prototype.overlayToTableRow = function (overlay, users) {
}
var disabled = " disabled ";
if (loggedUser.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.LAYOUT_MANAGEMENT), self.getProject().getId())) {
var isAdmin = loggedUser.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN));
var isCurator = loggedUser.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.IS_CURATOR)) &&
loggedUser.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.WRITE_PROJECT), self.getProject().getProjectId());
if (isAdmin || isCurator) {
disabled = "";
}
......@@ -1129,15 +1140,30 @@ EditProjectDialog.prototype.updateMap = function (map) {
/**
*
* @param {User} user
* @param {Object} privileges
* @param {Authority} privilege
* @returns {Promise}
*/
EditProjectDialog.prototype.grantPrivilege = function (user, privilege) {
var self = this;
GuiConnector.showProcessing();
return self.getServerConnector().grantUserPrivileges({
user: user,
privileges: [privilege]
}).catch(GuiConnector.alert).finally(GuiConnector.hideProcessing);
};
/**
*
* @param {User} user
* @param {Authority} privilege
* @returns {Promise}
*/
EditProjectDialog.prototype.updatePrivileges = function (user, privileges) {
EditProjectDialog.prototype.revokePrivilege = function (user, privilege) {
var self = this;
GuiConnector.showProcessing();
return self.getServerConnector().updateUserPrivileges({
return self.getServerConnector().revokeUserPrivileges({
user: user,
privileges: privileges
privileges: [privilege]
}).catch(GuiConnector.alert).finally(GuiConnector.hideProcessing);
};
......
......@@ -349,7 +349,6 @@ EditUserDialog.prototype.initProjectsTab = function () {
var projectsTable = $("[name=projectsTable]", self.getElement())[0];
var configuration = self.getConfiguration();
var columns = self.createUserPrivilegeColumns();
$(projectsTable).DataTable({
columns: columns
......@@ -358,31 +357,21 @@ EditUserDialog.prototype.initProjectsTab = function () {
var data = $(this).attr("data").split("-");
var privilegeType = data[0];
var objectId = data[1];
var value = $(this).is(":checked") ? 1 : 0;
for (var i = 0; i < configuration.getPrivilegeTypes().length; i++) {
var privilege = configuration.getPrivilegeTypes()[i];
if (privilege.getName() === privilegeType) {
self.getUser().setPrivilege({type: privilege, value: value, objectId: objectId});
}
}
if (!self.getIsNewUser()) {
return self.updateUser();
if ($(this).is(":checked")) {
return self.grantPrivilege({privilegeType: privilegeType, objectId: objectId});
} else {
return self.revokePrivilege({privilegeType: privilegeType, objectId: objectId});
}
});
$("[name='defaultProjectsRow']", self.getElement()).on("click", "[name='project-privilege-checkbox']", function () {
var data = $(this).attr("data").split("-");
var privilegeType = data[0];
var objectId = data[1];
var value = $(this).is(":checked") ? 1 : 0;
for (var i = 0; i < configuration.getPrivilegeTypes().length; i++) {
var privilege = configuration.getPrivilegeTypes()[i];
if (privilege.getName() === privilegeType) {
self.getUser().setPrivilege({type: privilege, value: value, objectId: objectId});
}
}
if (!self.getIsNewUser()) {
return self.updateUser();
var objectId = "*";
if ($(this).is(":checked")) {
return self.grantPrivilege({privilegeType: privilegeType, objectId: objectId});
} else {
return self.revokePrivilege({privilegeType: privilegeType, objectId: objectId});
}
});
};
......@@ -405,41 +394,54 @@ EditUserDialog.prototype.initPrivilegesTab = function () {
columns: columns
});
var configuration = self.getConfiguration();
$(privilegesTable).on("click", "[name='privilege-checkbox']", function () {
var privilegeType = $(this).attr("data");
for (var i = 0; i < configuration.getPrivilegeTypes().length; i++) {
var privilege = configuration.getPrivilegeTypes()[i];
if (privilege.getName() === privilegeType) {
var value = $(this).is(":checked") ? 1 : 0;
self.getUser().setPrivilege({type: privilege, value: value});
}
}
if (!self.getIsNewUser()) {
return self.updateUser();
}
});
$(privilegesTable).on("change", "[name='privilege-int']", function () {
var privilegeType = $(this).attr("data");
var value = $(this).val();
value = parseInt(value);
if (Functions.isInt(value)) {
for (var i = 0; i < configuration.getPrivilegeTypes().length; i++) {
var privilege = configuration.getPrivilegeTypes()[i];
if (privilege.getName() === privilegeType) {
self.getUser().setPrivilege({type: privilege, value: value});
}
}
$(this).css("background-color", "");
if (!self.getIsNewUser()) {
return self.updateUser();
}
if ($(this).is(":checked")) {
return self.grantPrivilege({privilegeType: privilegeType});
} else {
$(this).css("background-color", "red");
return self.revokePrivilege({privilegeType: privilegeType});
}
});
};
/**
*
* @param {Authority} privilege
* @returns {Promise}
*/
EditUserDialog.prototype.grantPrivilege = function (privilege) {
var self = this;
if (self._isNewUser) {
self.getUser().setPrivilege(privilege);
return Promise.resolve();
} else {
GuiConnector.showProcessing();
return self.getServerConnector().grantUserPrivileges({
user: self.getUser(),
privileges: [privilege]
}).catch(GuiConnector.alert).finally(GuiConnector.hideProcessing);
}
};
/**
*
* @param {Authority} privilege
* @returns {Promise}
*/
EditUserDialog.prototype.revokePrivilege = function (privilege) {
var self = this;
if (self._isNewUser()) {
self.getUser().removePrivilege(privilege);
return Promise.resolve();
} else {
GuiConnector.showProcessing();
return self.getServerConnector().revokeUserPrivileges({
user: self.getUser(),
privileges: [privilege]
}).catch(GuiConnector.alert).finally(GuiConnector.hideProcessing);
}
};
/**
*
*/
......@@ -471,20 +473,8 @@ EditUserDialog.prototype.refreshPrivilegesTab = function () {
"<span>" + privilege.getCommonName() + "</span>",
"<input type='checkbox' name='privilege-checkbox' data='" + privilege.getName() + "' " + checked + " />"
]);
} else if (privilege.getValueType() === "int") {
var value = self.getUser().getPrivilegeValue(privilege);
if (this.getIsNewUser()) {
option = this.getConfiguration().getOption('DEFAULT_' + privilege.getName());
if (option !== null && option !== undefined) {
value = parseInt(option.getValue());
self.getUser().setPrivilege({type: privilege, value: value});
}
}
data.push([
"<span>" + privilege.getCommonName() + "</span>",
"<input name='privilege-int' data='" + privilege.getName() + "' value='" + value + "' />"
]);
} else {
throw new Error("Not implemented");
}
}
}
......@@ -562,14 +552,14 @@ EditUserDialog.prototype.projectToTableRow = function (project, columns) {
for (var i = 1; i < columns.length; i++) {
var privilege = columns[i].privilegeType;
var checked = "";
if (user.hasPrivilege(privilege, id)) {
if (user.hasPrivilege(privilege, projectId)) {
checked = "checked";
} else if (this.getIsNewUser()) {
var option = this.getConfiguration().getOption('DEFAULT_' + privilege.getName());
if (option !== null && option !== undefined) {
if (option.getValue().toLowerCase() === "true") {
user.setPrivilege({type: privilege, objectId: id});
user.setPrivilege({type: privilege, objectId: projectId});
checked = "checked";
}
}
......
......@@ -168,7 +168,7 @@ GenomeAdminPanel.prototype.init = function () {
return AbstractAdminPanel.prototype.init.call(this).then(function () {
return self.getServerConnector().getLoggedUser();
}).then(function (user) {
if (user.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.MANAGE_GENOMES))) {
if (user.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN))) {
return self.onRefreshClicked();
} else {
self.disablePanel("You have no privilege to manage genomes");
......@@ -230,7 +230,7 @@ GenomeAdminPanel.prototype.genomeToTableRow = function (genome, user) {
row[4] = genome.getSourceUrl();
var disabled = " disabled ";
if (user.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.MANAGE_GENOMES))) {
if (user.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN))) {
disabled = "";
}
row[5] = "<button name='editGenome' data='" + genome.getId() + "'" + disabled + "><i class='fa fa-edit' style='font-size:17px'></i></button>";
......
......@@ -193,7 +193,8 @@ MapsAdminPanel.prototype.init = function () {
return self.getServerConnector().getLoggedUser();
}).then(function (user) {
var configuration = self.getConfiguration();
var canAddProject = user.hasPrivilege(configuration.getPrivilegeType(PrivilegeType.ADD_MAP));
var canAddProject = user.hasPrivilege(configuration.getPrivilegeType(PrivilegeType.IS_CURATOR)) ||
user.hasPrivilege(configuration.getPrivilegeType(PrivilegeType.IS_ADMIN));
$("[name='addProject']", self.getElement()).attr("disabled", !canAddProject);
});
};
......@@ -242,7 +243,8 @@ MapsAdminPanel.prototype.projectToTableRow = function (project, row, user) {
row[4] = status;
var disabled = " disabled ";
if (user.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.PROJECT_MANAGEMENT))
if ((user.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN)) ||
user.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.IS_CURATOR)))
&& (status.indexOf("Ok") === 0 || status.indexOf("Failure") === 0)) {
disabled = "";
}
......@@ -332,7 +334,7 @@ MapsAdminPanel.prototype.addUpdateListener = function (project) {
for (var i = 0; i < length; i++) {
var row = dataTable.row(i);
var data = row.data();
if (data[0].indexOf(">" + project.getProjectId() + "<")>=0) {
if (data[0].indexOf(">" + project.getProjectId() + "<") >= 0) {
self.projectToTableRow(project, data, user);
row.data(data).draw();
}
......@@ -414,9 +416,10 @@ MapsAdminPanel.prototype.onRefreshClicked = function () {
}).then(function () {
return ServerConnector.getLoggedUser();
}).then(function (user) {
var privilege = self.getConfiguration().getPrivilegeType(PrivilegeType.USER_MANAGEMENT);
var curatorPrivilege = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_CURATOR);
var adminPrivilege = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN);
//we need to refresh users as well because of privileges
if (user.hasPrivilege(privilege)) {
if (user.hasPrivilege(curatorPrivilege) || user.hasPrivilege(adminPrivilege)) {
return ServerConnector.getUsers(true);
} else {
return Promise.resolve();
......
......@@ -143,7 +143,7 @@ PluginAdminPanel.prototype.init = function () {
return AbstractAdminPanel.prototype.init.call(this).then(function () {
return self.getServerConnector().getLoggedUser();
}).then(function (user) {
if (user.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.MANAGE_PLUGINS))) {
if (user.hasPrivilege(self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN))) {
return self.onRefreshClicked();
} else {
self.disablePanel("You have no privilege to manage plugins");
......
......@@ -252,7 +252,7 @@ UsersAdminPanel.prototype.init = function () {
return AbstractAdminPanel.prototype.init.call(this).then(function () {
return self.getServerConnector().getLoggedUser();
}).then(function (user) {
var privilege = self.getConfiguration().getPrivilegeType(PrivilegeType.USER_MANAGEMENT);
var privilege = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN);
if (user.hasPrivilege(privilege)) {
return self.getServerConnector().getUsers().then(function (users) {
return self.setUsers(users);
......
......@@ -30,14 +30,11 @@ function PrivilegeType(data, name) {
PrivilegeType.prototype = Object.create(ObjectWithListeners.prototype);
PrivilegeType.prototype.constructor = PrivilegeType;
PrivilegeType.CONFIGURATION_MANAGE = 'CONFIGURATION_MANAGE';
PrivilegeType.MANAGE_GENOMES = 'MANAGE_GENOMES';
PrivilegeType.MANAGE_PLUGINS = 'MANAGE_PLUGINS';
PrivilegeType.PROJECT_MANAGEMENT = 'PROJECT_MANAGEMENT';
PrivilegeType.ADD_MAP = 'ADD_MAP';
PrivilegeType.USER_MANAGEMENT = 'USER_MANAGEMENT';
PrivilegeType.LAYOUT_MANAGEMENT = 'LAYOUT_MANAGEMENT';
PrivilegeType.EDIT_COMMENTS_PROJECT = 'EDIT_COMMENTS_PROJECT';
PrivilegeType.READ_PROJECT = 'READ_PROJECT';
PrivilegeType.WRITE_PROJECT = 'WRITE_PROJECT';
PrivilegeType.IS_ADMIN = 'IS_ADMIN';
PrivilegeType.IS_CURATOR = 'IS_CURATOR';
PrivilegeType.CAN_CREATE_OVERLAYS = 'CAN_CREATE_OVERLAYS';
/**
......