WiP on permissions

Doesn't run. This commit is just to backup the changes.
2017-07-26 22:42:05 +03:00 · 2017-07-26 22:42:05 +03:00 · 89c9615592
commit 89c9615592
parent 5df444f641
37 changed files with 913 additions and 366 deletions
--- a/client/src/namespaces/CUD.js
+++ b/client/src/namespaces/CUD.js
@ -35,7 +35,7 @@ export default class CUD extends Component {
    }

    isEditGlobal() {
-        return this.state.entityId === 1;
+        return this.state.entityId === 1; /* Global namespace id */
    }

    isDelete() {
--- a/client/src/reports/CUD.js
+++ b/client/src/reports/CUD.js
@ -245,6 +245,8 @@ export default class CUD extends Component {
            }
        }

+        // FIXME - filter namespaces by permission
+
        return (
            <div>
                {edit &&
--- a/client/src/reports/List.js
+++ b/client/src/reports/List.js
@ -2,7 +2,7 @@

 import React, { Component } from 'react';
 import { translate } from 'react-i18next';
-import { withPageHelpers, Title, Toolbar, NavButton } from '../lib/page';
+import { requiresAuthenticatedUser, withPageHelpers, Title, Toolbar, NavButton } from '../lib/page';
 import { Table } from '../lib/table';
 import { withErrorHandling, withAsyncErrorHandler } from '../lib/error-handling';
 import moment from 'moment';
@ -12,7 +12,42 @@ import { ReportState } from '../../../shared/reports';
@translate()
@withErrorHandling
@withPageHelpers
+@requiresAuthenticatedUser
 export default class List extends Component {
+    constructor(props) {
+        super(props);
+
+        this.state = {};
+    }
+
+    @withAsyncErrorHandler
+    async fetchPermissions() {
+        const request = {
+            createReport: {
+                entityTypeId: 'namespace',
+                requiredOperations: ['createReport']
+            },
+            executeReportTemplate: {
+                entityTypeId: 'reportTemplate',
+                requiredOperations: ['execute']
+            },
+            viewReportTemplate: {
+                entityTypeId: 'reportTemplate',
+                requiredOperations: ['view']
+            },
+        };
+
+        const result = await axios.post('/rest/permissions-check', request);
+
+        this.setState({
+            createPermitted: result.data.createReport && result.data.executeReportTemplate,
+            templatesPermitted: result.data.viewReportTemplate
+        });
+    }
+
+    componentDidMount() {
+        this.fetchPermissions();
+    }

    @withAsyncErrorHandler
    async stop(table, id) {
@ -30,14 +65,18 @@ export default class List extends Component {
        const t = this.props.t;

        const actions = data => {
-            let view, startStop, refreshTimeout;
+            const actions = [];
+            const perms = data[8];
+            const permsReportTemplate = data[9];
+
+            let viewContent, startStop, refreshTimeout;

            const state = data[6];
            const id = data[0];
            const mimeType = data[7];
            
            if (state === ReportState.PROCESSING || state === ReportState.SCHEDULED) {
-                view = {
+                viewContent = {
                    label: <span className="glyphicon glyphicon-hourglass" aria-hidden="true" title="Processing"></span>,
                };

@ -49,12 +88,12 @@ export default class List extends Component {
                refreshTimeout = 1000;
            } else if (state === ReportState.FINISHED) {
                if (mimeType === 'text/html') {
-                    view = {
+                    viewContent = {
                        label: <span className="glyphicon glyphicon-eye-open" aria-hidden="true" title="View"></span>,
                        link: `reports/view/${id}`
                    };
                } else if (mimeType === 'text/csv') {
-                    view = {
+                    viewContent = {
                        label: <span className="glyphicon glyphicon-download-alt" aria-hidden="true" title="Download"></span>,
                        href: `reports/download/${id}`
                    };
@ -66,7 +105,7 @@ export default class List extends Component {
                };

            } else if (state === ReportState.FAILED) {
-                view = {
+                viewContent = {
                    label: <span className="glyphicon glyphicon-thumbs-down" aria-hidden="true" title="Report generation failed"></span>,
                };

@ -76,25 +115,38 @@ export default class List extends Component {
                };
            }

-            return {
-                refreshTimeout,
-                actions: [
-                    view,
+            if (perms.includes('viewContent')) {
+                actions.push(viewContent);
+            }
+
+            if (perms.includes('viewOutput')) {
+                actions.push(
                    {
                        label: <span className="glyphicon glyphicon-modal-window" aria-hidden="true" title="View console output"></span>,
                        link: `reports/output/${id}`
-                    },
-                    startStop,
-                    {
-                        label: <span className="glyphicon glyphicon-wrench" aria-hidden="true" title="Edit"></span>,
-                        link: `/reports/edit/${id}`
-                    },
-                    {
-                        label: <span className="glyphicon glyphicon-share" aria-hidden="true" title="Share"></span>,
-                        link: `/reports/share/${id}`
                    }
-                ]
-            };
+                );
+            }
+
+            if (perms.includes('execute') && permsReportTemplate.includes('execute')) {
+                actions.push(startStop);
+            }
+
+            if (perms.includes('edit') && permsReportTemplate.includes('execute')) {
+                actions.push({
+                    label: <span className="glyphicon glyphicon-edit" aria-hidden="true" title="Edit"></span>,
+                    link: `/reports/edit/${id}`
+                });
+            }
+
+            if (perms.includes('share')) {
+                actions.push({
+                    label: <span className="glyphicon glyphicon-share-alt" aria-hidden="true" title="Share"></span>,
+                    link: `/reports/share/${id}`
+                });
+            }
+
+            return { refreshTimeout, actions };
        };

        const columns = [
@ -106,11 +158,16 @@ export default class List extends Component {
            { data: 5, title: t('Namespace') }
        ];

+
        return (
            <div>
                <Toolbar>
-                    <NavButton linkTo="/reports/create" className="btn-primary" icon="plus" label={t('Create Report')}/>
-                    <NavButton linkTo="/reports/templates" className="btn-primary" label={t('Report Templates')}/>
+                    {this.state.createPermitted &&
+                        <NavButton linkTo="/reports/create" className="btn-primary" icon="plus" label={t('Create Report')}/>
+                    }
+                    {this.state.templatesPermitted &&
+                        <NavButton linkTo="/reports/templates" className="btn-primary" label={t('Report Templates')}/>
+                    }
                </Toolbar>

                <Title>{t('Reports')}</Title>
--- a/client/src/reports/templates/CUD.js
+++ b/client/src/reports/templates/CUD.js
@ -3,7 +3,7 @@
 import React, { Component } from 'react';
 import PropTypes from 'prop-types';
 import { translate, Trans } from 'react-i18next';
-import { withPageHelpers, Title } from '../../lib/page'
+import { requiresAuthenticatedUser, withPageHelpers, Title } from '../../lib/page'
 import { withForm, Form, FormSendMethod, InputField, TextArea, Dropdown, ACEEditor, ButtonRow, Button } from '../../lib/form';
 import axios from '../../lib/axios';
 import { withErrorHandling, withAsyncErrorHandler } from '../../lib/error-handling';
@ -14,6 +14,7 @@ import { validateNamespace, NamespaceSelect } from '../../lib/namespace';
@withForm
@withPageHelpers
@withErrorHandling
+@requiresAuthenticatedUser
 export default class CUD extends Component {
    constructor(props) {
        super(props);
@ -300,6 +301,8 @@ export default class CUD extends Component {
        const t = this.props.t;
        const edit = this.props.edit;

+        // FIXME - filter namespaces by permission
+
        return (
            <div>
                {edit &&
--- a/client/src/reports/templates/List.js
+++ b/client/src/reports/templates/List.js
@ -4,30 +4,65 @@ import React, { Component } from 'react';
 import { translate } from 'react-i18next';
 import { DropdownMenu } from '../../lib/bootstrap-components';
 import { requiresAuthenticatedUser, withPageHelpers, Title, Toolbar, DropdownLink } from '../../lib/page';
+import { withErrorHandling, withAsyncErrorHandler } from '../../lib/error-handling';
 import { Table } from '../../lib/table';
+import axios from '../../lib/axios';
 import moment from 'moment';

@translate()
@withPageHelpers
+@withErrorHandling
@requiresAuthenticatedUser
 export default class List extends Component {
    constructor(props) {
        super(props);
+
+        this.state = {};
+    }
+
+    @withAsyncErrorHandler
+    async fetchPermissions() {
+        const request = {
+            createReportTemplate: {
+                entityTypeId: 'namespace',
+                requiredOperations: ['createReportTemplate']
+            }
+        };
+
+        const result = await axios.post('/rest/permissions-check', request);
+
+        this.setState({
+            createPermitted: result.data.createReportTemplate
+        });
+    }
+
+    componentDidMount() {
+        this.fetchPermissions();
    }

    render() {
        const t = this.props.t;

-        const actions = data => [
-            {
-                label: 'Edit',
-                link: '/reports/templates/edit/' + data[0]
-            },
-            {
-                label: 'Share',
-                link: '/reports/templates/share/' + data[0]
+        const actions = data => {
+            const actions = [];
+            const perms = data[5];
+
+            if (perms.includes('view')) {
+                actions.push({
+                    label: <span className="glyphicon glyphicon-edit" aria-hidden="true" title="Edit"></span>,
+                    link: '/reports/templates/edit/' + data[0]
+                });
            }
-        ];
+
+            if (perms.includes('share')) {
+                actions.push({
+                    label: <span className="glyphicon glyphicon-share-alt" aria-hidden="true" title="Share"></span>,
+                    link: '/reports/templates/share/' + data[0]
+                });
+            }
+
+            return actions;
+        };

        const columns = [
            { data: 0, title: "#" },
@ -39,14 +74,16 @@ export default class List extends Component {

        return (
            <div>
-                <Toolbar>
-                    <DropdownMenu className="btn-primary" label={t('Create Report Template')}>
-                        <DropdownLink to="/reports/templates/create">{t('Blank')}</DropdownLink>
-                        <DropdownLink to="/reports/templates/create/subscribers-all">{t('All Subscribers')}</DropdownLink>
-                        <DropdownLink to="/reports/templates/create/subscribers-grouped">{t('Grouped Subscribers')}</DropdownLink>
-                        <DropdownLink to="/reports/templates/create/export-list-csv">{t('Export List as CSV')}</DropdownLink>
-                    </DropdownMenu>
-                </Toolbar>
+                {this.state.createPermitted &&
+                    <Toolbar>
+                        <DropdownMenu className="btn-primary" label={t('Create Report Template')}>
+                            <DropdownLink to="/reports/templates/create">{t('Blank')}</DropdownLink>
+                            <DropdownLink to="/reports/templates/create/subscribers-all">{t('All Subscribers')}</DropdownLink>
+                            <DropdownLink to="/reports/templates/create/subscribers-grouped">{t('Grouped Subscribers')}</DropdownLink>
+                            <DropdownLink to="/reports/templates/create/export-list-csv">{t('Export List as CSV')}</DropdownLink>
+                        </DropdownMenu>
+                    </Toolbar>
+                }

                <Title>{t('Report Templates')}</Title>

--- a/client/src/users/CUD.js
+++ b/client/src/users/CUD.js
@ -4,12 +4,11 @@ import React, { Component } from 'react';
 import PropTypes from 'prop-types';
 import { translate } from 'react-i18next';
 import { requiresAuthenticatedUser, withPageHelpers, Title } from '../lib/page';
-import { withForm, Form, FormSendMethod, InputField, ButtonRow, Button, TreeTableSelect } from '../lib/form';
+import { withForm, Form, FormSendMethod, InputField, ButtonRow, Button, TableSelect } from '../lib/form';
 import axios from '../lib/axios';
 import { withErrorHandling, withAsyncErrorHandler } from '../lib/error-handling';
 import interoperableErrors from '../../../shared/interoperable-errors';
 import passwordValidator from '../../../shared/password-validator';
-import validators from '../../../shared/validators';
 import { ModalDialog } from '../lib/bootstrap-components';
 import mailtrainConfig from 'mailtrainConfig';
 import { validateNamespace, NamespaceSelect } from '../lib/namespace';
@ -25,7 +24,9 @@ export default class CUD extends Component {

        this.passwordValidator = passwordValidator(props.t);

-        this.state = {};
+        this.state = {
+            globalRoles: []
+        };

        if (props.edit) {
            this.state.entityId = parseInt(props.match.params.id);
@ -48,6 +49,14 @@ export default class CUD extends Component {
        return this.props.match.params.action === 'delete';
    }

+    @withAsyncErrorHandler
+    async fetchGlobalRoles() {
+        const result = await axios.get('/rest/users-global-roles');
+        this.setState({
+            globalRoles: result.data
+        });
+    }
+
    @withAsyncErrorHandler
    async loadFormValues() {
        await this.getFormValuesFromURL(`/rest/users/${this.state.entityId}`, data => {
@ -80,8 +89,6 @@ export default class CUD extends Component {

        if (!username) {
            state.setIn(['username', 'error'], t('User name must not be empty'));
-        } else if (!validators.usernameValid(username)) {
-            state.setIn(['username', 'error'], t('User name may contain only the following characters: A-Z, a-z, 0-9, "_", "-", "." and may start only with A-Z, a-z, 0-9.'));
        } else if (!usernameServerValidation || usernameServerValidation.exists) {
            state.setIn(['username', 'error'], t('The user name already exists in the system.'));
        } else {
@ -214,6 +221,20 @@ export default class CUD extends Component {
        const userId = this.getFormValue('id');
        const canDelete = userId !== 1 && mailtrainConfig.userId !== userId;

+        const roles = mailtrainConfig.roles.global;
+
+        const rolesColumns = [
+            { data: 1, title: "Name" },
+            { data: 2, title: "Description" },
+        ];
+
+
+        const rolesData = [];
+        for (const key in roles) {
+            const role = roles[key];
+            rolesData.push([ key, role.name, role.description ]);
+        }
+
        return (
            <div>
                {edit && canDelete &&
@ -229,10 +250,15 @@ export default class CUD extends Component {

                <Form stateOwner={this} onSubmitAsync={::this.submitHandler}>
                    <InputField id="username" label={t('User Name')}/>
-                    <InputField id="name" label={t('Full Name')}/>
-                    <InputField id="email" label={t('Email')}/>
-                    <InputField id="password" label={t('Password')} type="password" />
-                    <InputField id="password2" label={t('Repeat Password')} type="password" />
+                    {mailtrainConfig.isAuthMethodLocal &&
+                        <div>
+                            <InputField id="name" label={t('Full Name')}/>
+                            <InputField id="email" label={t('Email')}/>
+                            <InputField id="password" label={t('Password')} type="password"/>
+                            <InputField id="password2" label={t('Repeat Password')} type="password"/>
+                        </div>
+                    }
+                    <TableSelect id="role" label={t('Role')} withHeader dropdown data={rolesData} columns={rolesColumns} selectionLabelIndex={1}/>
                    <NamespaceSelect/>

                    <ButtonRow>
--- a/client/src/users/List.js
+++ b/client/src/users/List.js
@ -17,7 +17,12 @@ export default class List extends Component {
    render() {
        const t = this.props.t;

-        let actions;
+        const actions = data => [
+            {
+                label: 'Edit',
+                link: '/users/edit/' + data[0]
+            }
+        ];

        const columns = [
            { data: 0, title: "#" },
@ -26,13 +31,6 @@ export default class List extends Component {

        if (mailtrainConfig.isAuthMethodLocal) {
            columns.push({ data: 2, title: "Full Name" });
-
-            actions = data => [
-                {
-                    label: 'Edit',
-                    link: '/users/edit/' + data[0]
-                }
-            ];
        }

        columns.push({ data: 3, title: "Namespace" });