Commit df5c390a authored by Piotr Gawron's avatar Piotr Gawron
Browse files

when user has no access to users management, proper tab is disabled

parent b2cdb323
Pipeline #3665 passed with stage
in 1 minute
...@@ -1097,6 +1097,8 @@ ServerConnector.getUsers = function (forceRefresh) { ...@@ -1097,6 +1097,8 @@ ServerConnector.getUsers = function (forceRefresh) {
self._users.push(self._usersByLogin[user.getLogin()]); self._users.push(self._usersByLogin[user.getLogin()]);
} }
return self._users; return self._users;
}).then(null, function (error) {
return self.processNetworkError(error);
}); });
} }
......
...@@ -83,11 +83,8 @@ Panel.prototype.createHelpButton = function () { ...@@ -83,11 +83,8 @@ Panel.prototype.createHelpButton = function () {
Panel.prototype.disablePanel = function (message) { Panel.prototype.disablePanel = function (message) {
var self = this; var self = this;
var searchQueryElement = self.getControlElement(PanelControlElementType.SEARCH_DIV); $(self.getElement()).children().css("visibility", "hidden");
var searchResultsElement = self.getControlElement(PanelControlElementType.SEARCH_RESULTS_DIV); $("[class='minerva-help-button']",self.getElement()).children().css("visibility", "visible");
searchQueryElement.style.visibility = "hidden";
searchResultsElement.style.visibility = "hidden";
var hideReasonDiv = document.createElement("div"); var hideReasonDiv = document.createElement("div");
hideReasonDiv.className = "searchPanel"; hideReasonDiv.className = "searchPanel";
...@@ -97,7 +94,7 @@ Panel.prototype.disablePanel = function (message) { ...@@ -97,7 +94,7 @@ Panel.prototype.disablePanel = function (message) {
center.appendChild(messageDiv); center.appendChild(messageDiv);
hideReasonDiv.appendChild(center); hideReasonDiv.appendChild(center);
self.getElement().insertBefore(hideReasonDiv, searchQueryElement); $(self.getElement()).prepend(hideReasonDiv);
}; };
Panel.prototype.isDisabled = function () { Panel.prototype.isDisabled = function () {
......
...@@ -127,7 +127,6 @@ EditUserDialog.prototype.addTab = function (params) { ...@@ -127,7 +127,6 @@ EditUserDialog.prototype.addTab = function (params) {
}); });
contentDiv.style.overflow = "auto"; contentDiv.style.overflow = "auto";
if (params.content !== undefined) { if (params.content !== undefined) {
contentDiv.appendChild(params.content); contentDiv.appendChild(params.content);
} }
......
...@@ -4,6 +4,8 @@ var Promise = require('bluebird'); ...@@ -4,6 +4,8 @@ var Promise = require('bluebird');
var AbstractAdminPanel = require('./AbstractAdminPanel'); var AbstractAdminPanel = require('./AbstractAdminPanel');
var EditUserDialog = require('./EditUserDialog'); var EditUserDialog = require('./EditUserDialog');
var SecurityError = require('../../SecurityError');
var User = require("../../map/data/User"); var User = require("../../map/data/User");
var Functions = require('../../Functions'); var Functions = require('../../Functions');
...@@ -165,6 +167,12 @@ UsersAdminPanel.prototype.init = function () { ...@@ -165,6 +167,12 @@ UsersAdminPanel.prototype.init = function () {
var self = this; var self = this;
return ServerConnector.getUsers().then(function (users) { return ServerConnector.getUsers().then(function (users) {
return self.setUsers(users); return self.setUsers(users);
}).catch(function (error) {
if (error instanceof SecurityError) {
self.disablePanel("You have no privilege to manage users");
} else {
throw error;
}
}); });
}; };
......
...@@ -15,6 +15,7 @@ var NetworkError = require('../../main/js/NetworkError'); ...@@ -15,6 +15,7 @@ var NetworkError = require('../../main/js/NetworkError');
var Project = require('../../main/js/map/data/Project'); var Project = require('../../main/js/map/data/Project');
var Reaction = require('../../main/js/map/data/Reaction'); var Reaction = require('../../main/js/map/data/Reaction');
var ServerConnector = require('../../main/js/ServerConnector'); var ServerConnector = require('../../main/js/ServerConnector');
var SecurityError = require('../../main/js/SecurityError');
var logger = require('./logger'); var logger = require('./logger');
var chai = require('chai'); var chai = require('chai');
...@@ -355,6 +356,22 @@ describe('ServerConnector', function () { ...@@ -355,6 +356,22 @@ describe('ServerConnector', function () {
assert.ok(user.getName() !== modifiedName); assert.ok(user.getName() !== modifiedName);
}); });
}); });
it('access denied', function () {
var originalFun = ServerConnector._sendRequest;
ServerConnector._sendRequest = function () {
return Promise.reject(new NetworkError("", {
statusCode: HttpStatus.FORBIDDEN
}))
};
return ServerConnector.getUsers().then(function () {
assert.notOk("Security error expected");
}, function (error) {
assert.ok(error instanceof SecurityError);
}
).finally(function () {
ServerConnector._sendRequest = originalFun;
});
});
}); });
describe('uploadFile', function () { describe('uploadFile', function () {
......
...@@ -3,6 +3,7 @@ ...@@ -3,6 +3,7 @@
require("../../mocha-config"); require("../../mocha-config");
var UsersAdminPanel = require('../../../../main/js/gui/admin/UsersAdminPanel'); var UsersAdminPanel = require('../../../../main/js/gui/admin/UsersAdminPanel');
var SecurityError = require('../../../../main/js/SecurityError');
var ServerConnector = require('../../ServerConnector-mock'); var ServerConnector = require('../../ServerConnector-mock');
var logger = require('../../logger'); var logger = require('../../logger');
...@@ -10,22 +11,49 @@ var assert = require('assert'); ...@@ -10,22 +11,49 @@ var assert = require('assert');
describe('UsersAdminPanel', function () { describe('UsersAdminPanel', function () {
it('init', function () { describe('init', function () {
var usersTab; it('default', function () {
var project; var usersTab;
return ServerConnector.getProject().then(function (result) { var project;
project = result; return ServerConnector.getProject().then(function (result) {
return ServerConnector.getConfiguration(); project = result;
}).then(function (configuration) { return ServerConnector.getConfiguration();
usersTab = new UsersAdminPanel({ }).then(function (configuration) {
element: testDiv, usersTab = new UsersAdminPanel({
project: project, element: testDiv,
configuration: configuration project: project,
configuration: configuration
});
return usersTab.init();
}).then(function () {
assert.equal(0, logger.getWarnings().length);
return usersTab.destroy();
});
});
it('user without access', function () {
var usersTab;
var project;
var oldFun = ServerConnector.getUsers;
ServerConnector.getUsers = function () {
return Promise.reject(new SecurityError("Access denied."));
};
return ServerConnector.getProject().then(function (result) {
project = result;
return ServerConnector.getConfiguration();
}).then(function (configuration) {
usersTab = new UsersAdminPanel({
element: testDiv,
project: project,
configuration: configuration
});
return usersTab.init();
}).then(function () {
assert.equal(0, logger.getWarnings().length);
assert.ok(usersTab.getElement().innerHTML.indexOf("no privilege") >= 0);
return usersTab.destroy();
}).finally(function () {
ServerConnector.getUsers = oldFun;
}); });
return usersTab.init();
}).then(function () {
assert.equal(0, logger.getWarnings().length);
return usersTab.destroy();
}); });
}); });
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment