diff options
author | Adam Young <ayoung@redhat.com> | 2010-11-05 13:11:56 -0400 |
---|---|---|
committer | Adam Young <ayoung@redhat.com> | 2010-11-05 16:41:07 -0400 |
commit | 9a785ed91c057a766f4dba71318130c6cdf11816 (patch) | |
tree | 07e6f090e502f49061d9003fc040302714df8b7a | |
parent | 655aa0fcdfefe8582d7527ae3638a8e9368a7d51 (diff) | |
download | freeipa-9a785ed91c057a766f4dba71318130c6cdf11816.tar.gz freeipa-9a785ed91c057a766f4dba71318130c6cdf11816.tar.xz freeipa-9a785ed91c057a766f4dba71318130c6cdf11816.zip |
rights check
if the field does not have a 'w' for writable in its rights, disable it.
Merged with the HBAC/Widget changes
add and remove links are managed via permissions now
-rw-r--r-- | install/static/details.js | 62 | ||||
-rw-r--r-- | install/static/test/details_tests.js | 58 | ||||
-rwxr-xr-x | install/static/widget.js | 2 |
3 files changed, 99 insertions, 23 deletions
diff --git a/install/static/details.js b/install/static/details.js index e69a5dac..9301f310 100644 --- a/install/static/details.js +++ b/install/static/details.js @@ -26,6 +26,13 @@ var ipa_details_cache = {}; +IPA.is_field_writable = function(rights){ + if (!rights){ + alert('no right'); + } + return rights.indexOf('w') > -1; +} + function ipa_details_field(spec) { spec = spec || {}; @@ -80,34 +87,41 @@ function ipa_details_field(spec) { } var value = result[that.name]; + var rights = 'rsc'; + if (result.attributelevelrights){ + rights = result.attributelevelrights[this.name] || rights ; + } if (value) { dd = ipa_create_first_dd( - that.name, ipa_create_input(that.entity_name, that.name, value[0],hint_span) + that.name,ipa_create_input( + that.entity_name, that.name, value[0],hint_span,rights) ); dt.after(dd); var last_dd = dd; for (var i = 1; i < value.length; ++i) { dd = ipa_create_other_dd( - that.name, ipa_create_input(that.entity_name, that.name, value[i],hint_span) + that.name, ipa_create_input(that.entity_name, that.name, + value[i],hint_span,rights) ); last_dd.after(dd); last_dd = dd; } - if (multivalue) { + if (multivalue && IPA.is_field_writable(rights) ) { dd = ipa_create_other_dd( that.name, _ipa_a_add_template.replace('A', that.name) ); last_dd.after(dd); } } else { - if (multivalue) { + if (multivalue && IPA.is_field_writable(rights)) { dd = ipa_create_first_dd( - that.name, _ipa_a_add_template.replace('A', that.name) /*.append(hint_span)*/ + that.name, _ipa_a_add_template.replace('A', that.name) ); dt.after(dd); } else { dd = ipa_create_first_dd( - that.name, ipa_create_input(that.entity_name, that.name, '') /*.append(hint_span)*/ + that.name, ipa_create_input( + that.entity_name, that.name,'',hint_span,rights) ); dt.after(dd); } @@ -334,7 +348,7 @@ function ipa_details_setup(container, unspecified) { if (facet.pkey) params.push(facet.pkey); ipa_cmd( - 'show', params, {all: true}, on_success, on_failure, facet.entity_name + 'show', params, {all: true, rights: true}, on_success, on_failure, facet.entity_name ); } @@ -473,7 +487,7 @@ function ipa_details_update(container, pkey, on_win, on_fail) return; var values; - var modlist = {'all': true, 'setattr': [], 'addattr': []}; + var modlist = {'all': true, 'setattr': [], 'addattr': [], 'rights': true}; var attrs_wo_option = {}; var facet = ipa_entity_get_details_facet(obj_name); @@ -599,13 +613,13 @@ var _ipa_param_type_2_handler_map = { * arguments: * attr - LDAP attribute name * value - the attributes value */ -function ipa_create_input(entity_name, attr, value,hint) +function ipa_create_input(entity_name, attr, value,hint,rights) { var input = $("<label>",{html:value.toString()}); var param_info = ipa_get_param_info(entity_name, attr); if (!param_info) { /* no information about the param is available, default to text input */ - input = _ipa_create_text_input(attr, value, null); + input = _ipa_create_text_input(attr, value, null,rights); if (hint){ input.after(hint); } @@ -618,8 +632,10 @@ function ipa_create_input(entity_name, attr, value,hint) /* call handler by param class */ var handler = _ipa_param_type_2_handler_map[param_info['class']]; if (handler) { - input = handler(attr, value, param_info); - if (param_info['multivalue'] || param_info['class'] == 'List') { + input = handler(attr, value, param_info,rights); + if ((param_info['multivalue'] || + param_info['class'] == 'List') && + IPA.is_field_writable(rights)){ input.append( _ipa_create_remove_link(attr, param_info)); } if (hint){ @@ -652,7 +668,7 @@ function _ipa_create_remove_link(attr, param_info) /* creates a input box for editing a string attribute */ -function _ipa_create_text_input(attr, value, param_info) +function _ipa_create_text_input(attr, value, param_info, rights) { function calculate_dd_index(jobj){ @@ -683,8 +699,8 @@ function _ipa_create_text_input(attr, value, param_info) } } - var input = $("<Span />"); - input.append($("<input/>",{ + var span = $("<Span />"); + var input = $("<input/>",{ type:"text", name:attr, value:value.toString(), @@ -696,9 +712,13 @@ function _ipa_create_text_input(attr, value, param_info) var text = $(this).val(); validate_input(text, param_info,error_link); } + }).appendTo(span) ; - })); - input.append($("<a/>",{ + if (!IPA.is_field_writable(rights)){ + input.attr('disabled', 'disabled'); + } + + span.append($("<a/>",{ html:"undo", "class":"ui-state-highlight ui-corner-all", style:"display:none", @@ -722,12 +742,12 @@ function _ipa_create_text_input(attr, value, param_info) validate_input(previous_value, param_info,error_link); } })); - input.append($("<span/>",{ + span.append($("<span/>",{ html:"Does not match pattern", "class":"ui-state-error ui-corner-all", style:"display:none" })); - return input; + return span; } function ipa_details_reset(container) @@ -750,7 +770,9 @@ function _ipa_add_on_click(obj) var obj_name = jobj.closest('.entity-container').attr('title'); var param_info = ipa_get_param_info(obj_name, ''); - var input = _ipa_create_text_input(attr, '', param_info); + //TODO rights need to be inherited + //And used to control presnece of the add link + var input = _ipa_create_text_input(attr, '', param_info, 'rswco'); par.prepend(input); jobj.next('input').focus(); diff --git a/install/static/test/details_tests.js b/install/static/test/details_tests.js index 8482f6df..1dd0ddf1 100644 --- a/install/static/test/details_tests.js +++ b/install/static/test/details_tests.js @@ -36,7 +36,7 @@ test("Testing ipa_details_section.setup().", function() { var result = {}; - var section = ipa_stanza({name:'IDIDID', label:'NAMENAMENAME'}). + var section = ipa_details_section({name:'IDIDID', label:'NAMENAMENAME'}). input({name:'cn', label:'Entity Name'}). input({name:'description', label:'Description'}). input({name:'number', label:'Entity ID'}); @@ -221,7 +221,8 @@ test("Testing _ipa_create_text_input().", function(){ var name = "name"; var value="value"; - var input = _ipa_create_text_input(name, value); + var rights = 'rscwo' + var input = _ipa_create_text_input(name, value, null,rights); ok(input,"input not null"); var text = input.find('input'); @@ -231,3 +232,56 @@ test("Testing _ipa_create_text_input().", function(){ same(text[0].value,value ); same(text[0].type,"text" ); }); + +test("Testing _ipa_create_text_input() read only .", function(){ + + var name = "name"; + var value="value"; + var rights = 'rsc' + var input = _ipa_create_text_input(name, value, null,rights); + ok(input,"input not null"); + + var text = input.find('input'); + ok(text); + + same(text[0].name,name ); + same(text[0].value,value ); + same(text[0].type,"text" ); + ok(text[0].disabled); + +}); + + + + +test("Testing ipa_details_section_setup again()",function(){ + + var section = ipa_details_section({name: 'IDIDID', label: 'NAMENAMENAME'}). + input({name:'cn', label:'Entity Name'}). + input({name:'description', label:'Description'}). + input({name:'number', label:'Entity ID'}); + var fields = section.fields; + var container = $("<div title='entity'/>"); + var details = $("<div/>"); + container.append(details); + + section.setup(container, details, section); + + ok(container.find('hr'),'hr'); + + //var h2= container.find('h2'); + //ok(h2); + //ok(h2[0].innerHTML.indexOf(section.label) > 1,"find name in html"); + + var dl = container.find('dl'); + ok(dl,'dl'); + same(dl[0].children.length,6,'6 children'); + same(dl[0].id, section.name); + same(dl[0].children[0].title, fields[0].name,'title matches name'); + same(dl[0].children[0].innerHTML, fields[0].label+":", + 'inner HTML matches label'); + same(dl[0].children[5].title, fields[2].name, + 'title matches fields[2] name'); + + +}); diff --git a/install/static/widget.js b/install/static/widget.js index bf893e04..73969432 100755 --- a/install/static/widget.js +++ b/install/static/widget.js @@ -461,7 +461,7 @@ function ipa_table_widget(spec) { } var pkey = $.bbq.getState(that.entity_name + '-pkey', true) || ''; - ipa_cmd('show', [pkey], {}, on_success, on_error, that.entity_name); + ipa_cmd('show', [pkey], {'rights': true}, on_success, on_error, that.entity_name); }; if (spec.columns) { |