From 433c636c517dec77789209c7d9a03f40310202fd Mon Sep 17 00:00:00 2001 From: hkernbach Date: Sun, 19 Jun 2016 19:17:00 +0200 Subject: [PATCH] fixed user permission bug in ui --- .../APP/frontend/js/views/loginView.js | 115 +++++++++++------- .../APP/frontend/js/views/userPermissions.js | 30 +++-- .../APP/frontend/scss/_abstracts.scss | 2 +- .../aardvark/APP/frontend/scss/_login.scss | 7 ++ 4 files changed, 101 insertions(+), 53 deletions(-) diff --git a/js/apps/system/_admin/aardvark/APP/frontend/js/views/loginView.js b/js/apps/system/_admin/aardvark/APP/frontend/js/views/loginView.js index 1f2c1de4c1..ba5267373c 100644 --- a/js/apps/system/_admin/aardvark/APP/frontend/js/views/loginView.js +++ b/js/apps/system/_admin/aardvark/APP/frontend/js/views/loginView.js @@ -9,6 +9,7 @@ el2: '.header', el3: '.footer', loggedIn: false, + loginCounter: 0, events: { "keyPress #loginForm input" : "keyPress", @@ -43,18 +44,19 @@ $('#loginForm').hide(); $('.login-window #databases').show(); - $.ajax(url).success(function(data) { + $.ajax(url).success(function(permissions) { //enable db select and login button $('#loginDatabase').html(''); //fill select with allowed dbs - _.each(data.result, function(db) { + + _.each(permissions.result, function(db) { $('#loginDatabase').append( '' ); }); self.renderDBS(); - }).error(function(data) { + }).error(function() { console.log("could not fetch user db data"); }); } @@ -92,57 +94,82 @@ return; } - var callback = function(error) { - var self = this; - if (error) { - $('.wrong-credentials').show(); - $('#loginDatabase').html(''); - $('#loginDatabase').append( - '' - ); + this.collection.login(username, password, this.loginCallback.bind(this, username, password)); + }, + + loginCallback: function(username, password, error) { + + var self = this; + + if (error) { + if (self.loginCounter === 0) { + self.loginCounter++; + self.collection.login(username, password, this.loginCallback.bind(this, username)); + return; } - else { - // TODO - //var url = arangoHelper.databaseUrl("/_api/database/user", '_system'); - var url = arangoHelper.databaseUrl("/_api/user/" + encodeURIComponent(username) + "/database", '_system'); + self.loginCounter = 0; + $('.wrong-credentials').show(); + $('#loginDatabase').html(''); + $('#loginDatabase').append( + '' + ); + } + else { + var url = arangoHelper.databaseUrl("/_api/user/" + encodeURIComponent(username) + "/database", '_system'); - if (frontendConfig.authenticationEnabled === false) { - url = arangoHelper.databaseUrl("/_api/database/user"); - } + if (frontendConfig.authenticationEnabled === false) { + url = arangoHelper.databaseUrl("/_api/database/user"); + } - $('.wrong-credentials').hide(); - self.loggedIn = true; - //get list of allowed dbs - $.ajax(url).success(function(data) { + $('.wrong-credentials').hide(); + self.loggedIn = true; - $('#loginForm').hide(); - $('#databases').show(); + //get list of allowed dbs + $.ajax(url).success(function(permissions) { - //enable db select and login button - $('#loginDatabase').html(''); - //fill select with allowed dbs - _.each(data.result, function(db, key) { - $('#loginDatabase').append( - '' - ); - }); - - self.renderDBS(); - }).error(function(data) { - $('.wrong-credentials').show(); + //HANDLE PERMISSIONS + _.each(permissions.result, function(value, key) { + if (value !== 'rw') { + delete permissions.result[key]; + } }); - } - }.bind(this); - this.collection.login(username, password, callback); + $('#loginForm').hide(); + $('#databases').show(); + + //enable db select and login button + $('#loginDatabase').html(''); + + + //fill select with allowed dbs + _.each(permissions.result, function(db, key) { + $('#loginDatabase').append( + '' + ); + }); + + self.renderDBS(); + }).error(function() { + $('.wrong-credentials').show(); + }); + } }, renderDBS: function() { - var db = $('#loginDatabase').val(); - $('#goToDatabase').html("Select: " + db); - window.setTimeout(function() { - $('#goToDatabase').focus(); - }, 300); + + if ($('#loginDatabase').children().length === 0) { + $('#dbForm').remove(); + $('#databases').prepend( + '
You do not have permission to a database.
' + ); + } + else { + var db = $('#loginDatabase').val(); + $('#goToDatabase').html("Select DB: " + db); + window.setTimeout(function() { + $('#goToDatabase').focus(); + }, 300); + } }, logout: function() { diff --git a/js/apps/system/_admin/aardvark/APP/frontend/js/views/userPermissions.js b/js/apps/system/_admin/aardvark/APP/frontend/js/views/userPermissions.js index 577721b9e5..562b86053e 100644 --- a/js/apps/system/_admin/aardvark/APP/frontend/js/views/userPermissions.js +++ b/js/apps/system/_admin/aardvark/APP/frontend/js/views/userPermissions.js @@ -1,6 +1,6 @@ /*jshint browser: true */ /*jshint unused: false */ -/*global CryptoJS, _, arangoHelper, Backbone, window, templateEngine, $ */ +/*global CryptoJS, _, frontendConfig, arangoHelper, Backbone, window, templateEngine, $ */ (function() { "use strict"; @@ -57,16 +57,13 @@ $.ajax({ type: "PUT", url: arangoHelper.databaseUrl("/_api/user/" + encodeURIComponent(user) + "/database/" + encodeURIComponent(db)), - contentType: "application/json", - data: JSON.stringify({ - grant: '' - }) + contentType: "application/json" }); }, continueRender: function() { var self = this; - + this.currentUser = this.collection.findWhere({ user: this.username }); @@ -75,11 +72,16 @@ arangoHelper.buildUserSubNav(this.currentUser.get("user"), 'Permissions'); + + var url = arangoHelper.databaseUrl("/_api/user/" + encodeURIComponent(self.currentUser.get("user")) + "/database"); + if (frontendConfig.db === '_system') { + url = arangoHelper.databaseUrl("/_api/user/root/database"); + } + //FETCH COMPLETE DB LIST $.ajax({ type: "GET", - //url: arangoHelper.databaseUrl("/_api/user/" + encodeURIComponent(this.currentUser.get("user")) + "/config"), - url: arangoHelper.databaseUrl("/_api/database/user"), + url: url, contentType: "application/json", success: function(data) { var allDBs = data.result; @@ -92,6 +94,13 @@ contentType: "application/json", success: function(data) { var permissions = data.result; + if (allDBs._system) { + var arr = []; + _.each(allDBs, function(db, name) { + arr.push(name); + }); + allDBs = arr; + } self.finishRender(allDBs, permissions); } }); @@ -101,6 +110,11 @@ }, finishRender: function(allDBs, permissions) { + _.each(permissions, function(value, key) { + if (value !== 'rw') { + delete permissions[key]; + } + }); $(this.el).html(this.template.render({ allDBs: allDBs, diff --git a/js/apps/system/_admin/aardvark/APP/frontend/scss/_abstracts.scss b/js/apps/system/_admin/aardvark/APP/frontend/scss/_abstracts.scss index 5ed5c127d6..bb4d4a7c55 100644 --- a/js/apps/system/_admin/aardvark/APP/frontend/scss/_abstracts.scss +++ b/js/apps/system/_admin/aardvark/APP/frontend/scss/_abstracts.scss @@ -328,12 +328,12 @@ } box-shadow: none; display: none; + left: initial; list-style: none; margin: 5px 0 0; padding: 5px 0; position: absolute; right: 0; - left: initial; top: 80%; z-index: 1000; diff --git a/js/apps/system/_admin/aardvark/APP/frontend/scss/_login.scss b/js/apps/system/_admin/aardvark/APP/frontend/scss/_login.scss index 5376ac50dd..d98afcb485 100644 --- a/js/apps/system/_admin/aardvark/APP/frontend/scss/_login.scss +++ b/js/apps/system/_admin/aardvark/APP/frontend/scss/_login.scss @@ -10,6 +10,13 @@ #databases { height: 140px; + .no-database { + background: $c-white; + border-radius: 2px; + padding: 40px; + text-align: center; + } + #logout { margin-top: 20px; }