Commit c3ae8b9e authored by Piotr Gawron's avatar Piotr Gawron
Browse files

password is not send over API

parent fcc9b05e
Pipeline #9204 passed with stage
in 10 minutes and 45 seconds
......@@ -18,6 +18,8 @@ minerva (12.3.0~alpha.0) unstable; urgency=low
whitespace, "_" used as separator (#596)
* Small improvement: list of references in drug panel contains PUBMED prefix
(#666)
* Small improvement: passwords to email account and ldap are not sent over
API (#732)
* Bug fix: progress bar of gene genome mapping upload is refreshing properly
(#728)
......
......@@ -191,6 +191,9 @@ ConfigurationAdminPanel.prototype.setOptions = function (options) {
*/
ConfigurationAdminPanel.prototype.optionToTableRow = function (option) {
var value = option.getValue();
if (value === undefined) {
value = "";
}
var row = [];
var editOption;
......@@ -201,7 +204,7 @@ ConfigurationAdminPanel.prototype.optionToTableRow = function (option) {
option.getValueType() === "URL") {
editOption = "<input name='edit-" + option.getType() + "' value='" + value + "'/>";
} else if (option.getValueType() === "PASSWORD") {
editOption = "<input type='password' name='edit-" + option.getType() + "' value='" + value + "'/>";
editOption = "<input type='password' name='edit-" + option.getType() + "' autocomplete='new-password' value='" + value + "'/>";
} else if (option.getValueType() === "TEXT") {
editOption = "<textarea name='edit-" + option.getType() + "'>" + xss(value) + "</textarea>";
} else if (option.getValueType() === "BOOLEAN") {
......@@ -232,8 +235,9 @@ ConfigurationAdminPanel.prototype.optionToTableRow = function (option) {
*/
ConfigurationAdminPanel.prototype.saveOption = function (type) {
var self = this;
var option;
return self.getServerConnector().getConfiguration().then(function (configuration) {
var option = configuration.getOption(type);
option = configuration.getOption(type);
var element = $("[name='edit-" + type + "']", self.getElement());
var value;
if (element.is(':checkbox')) {
......@@ -245,8 +249,47 @@ ConfigurationAdminPanel.prototype.saveOption = function (type) {
} else {
value = element.val();
}
option.setValue(value);
return self.getServerConnector().updateConfigurationOption(option);
if (option.getValueType() === 'PASSWORD' && value === '') {
return new Promise(function (resolve) {
var html = '<form><span>Do you want to reset this password?</span><br></form>';
$(html).dialog({
modal: true,
title: 'Reset password',
close: function () {
$(this).dialog('destroy').remove();
resolve(false);
},
buttons: {
'YES': function () {
$(this).dialog('destroy').remove();
resolve(true);
},
'NO': function () {
$(this).dialog('destroy').remove();
resolve(false);
}
}
});
});
} else {
return true;
}
}).then(function (performUpdate) {
if (performUpdate) {
var element = $("[name='edit-" + type + "']", self.getElement());
var value;
if (element.is(':checkbox')) {
if (element.is(':checked')) {
value = "true";
} else {
value = "false";
}
} else {
value = element.val();
}
option.setValue(value);
return self.getServerConnector().updateConfigurationOption(option);
}
}).then(function () {
if (type === ConfigurationType.TERMS_OF_USE) {
return new Promise(function (resolve) {
......
......@@ -31,6 +31,7 @@ import lcsb.mapviewer.model.map.model.SubmodelType;
import lcsb.mapviewer.model.map.reaction.Reaction;
import lcsb.mapviewer.model.map.species.Element;
import lcsb.mapviewer.model.map.species.field.ModificationState;
import lcsb.mapviewer.model.user.ConfigurationElementEditType;
import lcsb.mapviewer.model.user.ConfigurationElementType;
import lcsb.mapviewer.model.user.ConfigurationOption;
import lcsb.mapviewer.model.user.PrivilegeType;
......@@ -74,7 +75,10 @@ public class ConfigurationRestImpl extends BaseRestImpl {
result.put("type", option.getType());
result.put("valueType", option.getType().getEditType());
result.put("commonName", option.getType().getCommonName());
result.put("value", option.getValue());
// don't send password over API
if (!option.getType().getEditType().equals(ConfigurationElementEditType.PASSWORD)) {
result.put("value", option.getValue());
}
if (option.getType().getGroup() != null) {
result.put("group", option.getType().getGroup().getCommonName());
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment