From df5c390acd5016f135da1101792d9319e5d06e28 Mon Sep 17 00:00:00 2001
From: Piotr Gawron <piotr.gawron@uni.lu>
Date: Mon, 19 Feb 2018 14:54:36 +0100
Subject: [PATCH] when user has no access to users management, proper tab is
disabled
---
frontend-js/src/main/js/ServerConnector.js | 2 +
frontend-js/src/main/js/gui/Panel.js | 9 +--
.../src/main/js/gui/admin/EditUserDialog.js | 1 -
.../src/main/js/gui/admin/UsersAdminPanel.js | 8 +++
.../src/test/js/ServerConnector-test.js | 17 ++++++
.../test/js/gui/admin/UserAdminPanel-test.js | 58 ++++++++++++++-----
6 files changed, 73 insertions(+), 22 deletions(-)
diff --git a/frontend-js/src/main/js/ServerConnector.js b/frontend-js/src/main/js/ServerConnector.js
index 68766ff382..e7e6662fe6 100644
--- a/frontend-js/src/main/js/ServerConnector.js
+++ b/frontend-js/src/main/js/ServerConnector.js
@@ -1097,6 +1097,8 @@ ServerConnector.getUsers = function (forceRefresh) {
self._users.push(self._usersByLogin[user.getLogin()]);
}
return self._users;
+ }).then(null, function (error) {
+ return self.processNetworkError(error);
});
}
diff --git a/frontend-js/src/main/js/gui/Panel.js b/frontend-js/src/main/js/gui/Panel.js
index 8149894865..ed0594d070 100644
--- a/frontend-js/src/main/js/gui/Panel.js
+++ b/frontend-js/src/main/js/gui/Panel.js
@@ -83,11 +83,8 @@ Panel.prototype.createHelpButton = function () {
Panel.prototype.disablePanel = function (message) {
var self = this;
- var searchQueryElement = self.getControlElement(PanelControlElementType.SEARCH_DIV);
- var searchResultsElement = self.getControlElement(PanelControlElementType.SEARCH_RESULTS_DIV);
-
- searchQueryElement.style.visibility = "hidden";
- searchResultsElement.style.visibility = "hidden";
+ $(self.getElement()).children().css("visibility", "hidden");
+ $("[class='minerva-help-button']",self.getElement()).children().css("visibility", "visible");
var hideReasonDiv = document.createElement("div");
hideReasonDiv.className = "searchPanel";
@@ -97,7 +94,7 @@ Panel.prototype.disablePanel = function (message) {
center.appendChild(messageDiv);
hideReasonDiv.appendChild(center);
- self.getElement().insertBefore(hideReasonDiv, searchQueryElement);
+ $(self.getElement()).prepend(hideReasonDiv);
};
Panel.prototype.isDisabled = function () {
diff --git a/frontend-js/src/main/js/gui/admin/EditUserDialog.js b/frontend-js/src/main/js/gui/admin/EditUserDialog.js
index e4a51806b4..f45581a464 100644
--- a/frontend-js/src/main/js/gui/admin/EditUserDialog.js
+++ b/frontend-js/src/main/js/gui/admin/EditUserDialog.js
@@ -127,7 +127,6 @@ EditUserDialog.prototype.addTab = function (params) {
});
contentDiv.style.overflow = "auto";
-
if (params.content !== undefined) {
contentDiv.appendChild(params.content);
}
diff --git a/frontend-js/src/main/js/gui/admin/UsersAdminPanel.js b/frontend-js/src/main/js/gui/admin/UsersAdminPanel.js
index 5f018fb7fe..83f2ff058d 100644
--- a/frontend-js/src/main/js/gui/admin/UsersAdminPanel.js
+++ b/frontend-js/src/main/js/gui/admin/UsersAdminPanel.js
@@ -4,6 +4,8 @@ var Promise = require('bluebird');
var AbstractAdminPanel = require('./AbstractAdminPanel');
var EditUserDialog = require('./EditUserDialog');
+var SecurityError = require('../../SecurityError');
+
var User = require("../../map/data/User");
var Functions = require('../../Functions');
@@ -165,6 +167,12 @@ UsersAdminPanel.prototype.init = function () {
var self = this;
return ServerConnector.getUsers().then(function (users) {
return self.setUsers(users);
+ }).catch(function (error) {
+ if (error instanceof SecurityError) {
+ self.disablePanel("You have no privilege to manage users");
+ } else {
+ throw error;
+ }
});
};
diff --git a/frontend-js/src/test/js/ServerConnector-test.js b/frontend-js/src/test/js/ServerConnector-test.js
index 22fc81ae7c..3a476c3233 100644
--- a/frontend-js/src/test/js/ServerConnector-test.js
+++ b/frontend-js/src/test/js/ServerConnector-test.js
@@ -15,6 +15,7 @@ var NetworkError = require('../../main/js/NetworkError');
var Project = require('../../main/js/map/data/Project');
var Reaction = require('../../main/js/map/data/Reaction');
var ServerConnector = require('../../main/js/ServerConnector');
+var SecurityError = require('../../main/js/SecurityError');
var logger = require('./logger');
var chai = require('chai');
@@ -355,6 +356,22 @@ describe('ServerConnector', function () {
assert.ok(user.getName() !== modifiedName);
});
});
+ it('access denied', function () {
+ var originalFun = ServerConnector._sendRequest;
+ ServerConnector._sendRequest = function () {
+ return Promise.reject(new NetworkError("", {
+ statusCode: HttpStatus.FORBIDDEN
+ }))
+ };
+ return ServerConnector.getUsers().then(function () {
+ assert.notOk("Security error expected");
+ }, function (error) {
+ assert.ok(error instanceof SecurityError);
+ }
+ ).finally(function () {
+ ServerConnector._sendRequest = originalFun;
+ });
+ });
});
describe('uploadFile', function () {
diff --git a/frontend-js/src/test/js/gui/admin/UserAdminPanel-test.js b/frontend-js/src/test/js/gui/admin/UserAdminPanel-test.js
index 92410c1671..28f5ad6e20 100644
--- a/frontend-js/src/test/js/gui/admin/UserAdminPanel-test.js
+++ b/frontend-js/src/test/js/gui/admin/UserAdminPanel-test.js
@@ -3,6 +3,7 @@
require("../../mocha-config");
var UsersAdminPanel = require('../../../../main/js/gui/admin/UsersAdminPanel');
+var SecurityError = require('../../../../main/js/SecurityError');
var ServerConnector = require('../../ServerConnector-mock');
var logger = require('../../logger');
@@ -10,22 +11,49 @@ var assert = require('assert');
describe('UsersAdminPanel', function () {
- it('init', function () {
- var usersTab;
- var project;
- return ServerConnector.getProject().then(function (result) {
- project = result;
- return ServerConnector.getConfiguration();
- }).then(function (configuration) {
- usersTab = new UsersAdminPanel({
- element: testDiv,
- project: project,
- configuration: configuration
+ describe('init', function () {
+ it('default', function () {
+ var usersTab;
+ var project;
+ return ServerConnector.getProject().then(function (result) {
+ project = result;
+ return ServerConnector.getConfiguration();
+ }).then(function (configuration) {
+ usersTab = new UsersAdminPanel({
+ element: testDiv,
+ project: project,
+ configuration: configuration
+ });
+ return usersTab.init();
+ }).then(function () {
+ assert.equal(0, logger.getWarnings().length);
+ return usersTab.destroy();
+ });
+ });
+ it('user without access', function () {
+ var usersTab;
+ var project;
+ var oldFun = ServerConnector.getUsers;
+ ServerConnector.getUsers = function () {
+ return Promise.reject(new SecurityError("Access denied."));
+ };
+ return ServerConnector.getProject().then(function (result) {
+ project = result;
+ return ServerConnector.getConfiguration();
+ }).then(function (configuration) {
+ usersTab = new UsersAdminPanel({
+ element: testDiv,
+ project: project,
+ configuration: configuration
+ });
+ return usersTab.init();
+ }).then(function () {
+ assert.equal(0, logger.getWarnings().length);
+ assert.ok(usersTab.getElement().innerHTML.indexOf("no privilege") >= 0);
+ return usersTab.destroy();
+ }).finally(function () {
+ ServerConnector.getUsers = oldFun;
});
- return usersTab.init();
- }).then(function () {
- assert.equal(0, logger.getWarnings().length);
- return usersTab.destroy();
});
});
--
GitLab