diff options
| author | Petr Vobornik <pvoborni@redhat.com> | 2011-12-12 15:52:23 +0100 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2011-12-12 19:14:46 +0000 |
| commit | 7710bfb5bdef1faa959b7f9402c2840b5ef65d7e (patch) | |
| tree | 9e10ff0085e87e08b4627cfb57c5efa7229df4d1 /install | |
| parent | 433cf5b5e733732d284398749db9633d27c619d5 (diff) | |
| download | freeipa-7710bfb5bdef1faa959b7f9402c2840b5ef65d7e.tar.gz freeipa-7710bfb5bdef1faa959b7f9402c2840b5ef65d7e.tar.xz freeipa-7710bfb5bdef1faa959b7f9402c2840b5ef65d7e.zip | |
Association facets are read only in self service
This patch works with assumption that user in self-service mode doesn't have rights for enrolling/un-enrolling himself to/from group, role, hbac rule, net group, sudo rule. He can only read the attributes. Therefore in self service mode all user association facets are set read only.
Checkingi and working with the actual rights would require significantly bigger effort.
https://fedorahosted.org/freeipa/ticket/1972
Diffstat (limited to 'install')
| -rw-r--r-- | install/ui/user.js | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/install/ui/user.js b/install/ui/user.js index 77fbae5bb..879055edb 100644 --- a/install/ui/user.js +++ b/install/ui/user.js @@ -32,7 +32,8 @@ IPA.user.entity = function(spec) { that.init = function() { that.entity_init(); - var link = IPA.nav.name == 'self-service' ? false : undefined; + var self_service = IPA.nav.name === 'self-service'; + var link = self_service ? false : undefined; that.builder.search_facet({ columns: [ @@ -108,31 +109,36 @@ IPA.user.entity = function(spec) { association_facet({ name: 'memberof_group', associator: IPA.serial_associator, - link: link + link: link, + read_only: self_service }). association_facet({ name: 'memberof_netgroup', associator: IPA.serial_associator, - link: link + link: link, + read_only: self_service }). association_facet({ name: 'memberof_role', associator: IPA.serial_associator, - link: link + link: link, + read_only: self_service }). association_facet({ name: 'memberof_hbacrule', associator: IPA.serial_associator, add_method: 'add_user', remove_method: 'remove_user', - link: link + link: link, + read_only: self_service }). association_facet({ name: 'memberof_sudorule', associator: IPA.serial_associator, add_method: 'add_user', remove_method: 'remove_user', - link: link + link: link, + read_only: self_service }). standard_association_facets({ link: link |