Commit df5c390a authored by Piotr Gawron's avatar Piotr Gawron
Browse files

when user has no access to users management, proper tab is disabled

parent b2cdb323
Pipeline #3665 passed with stage
in 1 minute
......@@ -1097,6 +1097,8 @@ ServerConnector.getUsers = function (forceRefresh) {
self._users.push(self._usersByLogin[user.getLogin()]);
}
return self._users;
}).then(null, function (error) {
return self.processNetworkError(error);
});
}
......
......@@ -83,11 +83,8 @@ Panel.prototype.createHelpButton = function () {
Panel.prototype.disablePanel = function (message) {
var self = this;
var searchQueryElement = self.getControlElement(PanelControlElementType.SEARCH_DIV);
var searchResultsElement = self.getControlElement(PanelControlElementType.SEARCH_RESULTS_DIV);
searchQueryElement.style.visibility = "hidden";
searchResultsElement.style.visibility = "hidden";
$(self.getElement()).children().css("visibility", "hidden");
$("[class='minerva-help-button']",self.getElement()).children().css("visibility", "visible");
var hideReasonDiv = document.createElement("div");
hideReasonDiv.className = "searchPanel";
......@@ -97,7 +94,7 @@ Panel.prototype.disablePanel = function (message) {
center.appendChild(messageDiv);
hideReasonDiv.appendChild(center);
self.getElement().insertBefore(hideReasonDiv, searchQueryElement);
$(self.getElement()).prepend(hideReasonDiv);
};
Panel.prototype.isDisabled = function () {
......
......@@ -127,7 +127,6 @@ EditUserDialog.prototype.addTab = function (params) {
});
contentDiv.style.overflow = "auto";
if (params.content !== undefined) {
contentDiv.appendChild(params.content);
}
......
......@@ -4,6 +4,8 @@ var Promise = require('bluebird');
var AbstractAdminPanel = require('./AbstractAdminPanel');
var EditUserDialog = require('./EditUserDialog');
var SecurityError = require('../../SecurityError');
var User = require("../../map/data/User");
var Functions = require('../../Functions');
......@@ -165,6 +167,12 @@ UsersAdminPanel.prototype.init = function () {
var self = this;
return ServerConnector.getUsers().then(function (users) {
return self.setUsers(users);
}).catch(function (error) {
if (error instanceof SecurityError) {
self.disablePanel("You have no privilege to manage users");
} else {
throw error;
}
});
};
......
......@@ -15,6 +15,7 @@ var NetworkError = require('../../main/js/NetworkError');
var Project = require('../../main/js/map/data/Project');
var Reaction = require('../../main/js/map/data/Reaction');
var ServerConnector = require('../../main/js/ServerConnector');
var SecurityError = require('../../main/js/SecurityError');
var logger = require('./logger');
var chai = require('chai');
......@@ -355,6 +356,22 @@ describe('ServerConnector', function () {
assert.ok(user.getName() !== modifiedName);
});
});
it('access denied', function () {
var originalFun = ServerConnector._sendRequest;
ServerConnector._sendRequest = function () {
return Promise.reject(new NetworkError("", {
statusCode: HttpStatus.FORBIDDEN
}))
};
return ServerConnector.getUsers().then(function () {
assert.notOk("Security error expected");
}, function (error) {
assert.ok(error instanceof SecurityError);
}
).finally(function () {
ServerConnector._sendRequest = originalFun;
});
});
});
describe('uploadFile', function () {
......
......@@ -3,6 +3,7 @@
require("../../mocha-config");
var UsersAdminPanel = require('../../../../main/js/gui/admin/UsersAdminPanel');
var SecurityError = require('../../../../main/js/SecurityError');
var ServerConnector = require('../../ServerConnector-mock');
var logger = require('../../logger');
......@@ -10,22 +11,49 @@ var assert = require('assert');
describe('UsersAdminPanel', function () {
it('init', function () {
var usersTab;
var project;
return ServerConnector.getProject().then(function (result) {
project = result;
return ServerConnector.getConfiguration();
}).then(function (configuration) {
usersTab = new UsersAdminPanel({
element: testDiv,
project: project,
configuration: configuration
describe('init', function () {
it('default', function () {
var usersTab;
var project;
return ServerConnector.getProject().then(function (result) {
project = result;
return ServerConnector.getConfiguration();
}).then(function (configuration) {
usersTab = new UsersAdminPanel({
element: testDiv,
project: project,
configuration: configuration
});
return usersTab.init();
}).then(function () {
assert.equal(0, logger.getWarnings().length);
return usersTab.destroy();
});
});
it('user without access', function () {
var usersTab;
var project;
var oldFun = ServerConnector.getUsers;
ServerConnector.getUsers = function () {
return Promise.reject(new SecurityError("Access denied."));
};
return ServerConnector.getProject().then(function (result) {
project = result;
return ServerConnector.getConfiguration();
}).then(function (configuration) {
usersTab = new UsersAdminPanel({
element: testDiv,
project: project,
configuration: configuration
});
return usersTab.init();
}).then(function () {
assert.equal(0, logger.getWarnings().length);
assert.ok(usersTab.getElement().innerHTML.indexOf("no privilege") >= 0);
return usersTab.destroy();
}).finally(function () {
ServerConnector.getUsers = oldFun;
});
return usersTab.init();
}).then(function () {
assert.equal(0, logger.getWarnings().length);
return usersTab.destroy();
});
});
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment