Updates for issues of account settings in LDAP.

src/ui/controllers/accountsetting.go

@@ -11,8 +11,14 @@ type AccountSettingController struct {
 
 // Get renders the account settings page
 func (asc *AccountSettingController) Get() {
-	if asc.AuthMode != "db_auth" {
+	var isAdminForLdap bool
+	sessionUserID, ok := asc.GetSession("userId").(int)
+	if ok && sessionUserID == 1 {
+		isAdminForLdap = true
+	}
+	if asc.AuthMode == "db_auth" || isAdminForLdap {
+		asc.Forward("page_title_account_setting", "account-settings.htm")
+	} else {
 		asc.CustomAbort(http.StatusForbidden, "")
 	}
-	asc.Forward("page_title_account_setting", "account-settings.htm")
 }

src/ui/controllers/base.go

@@ -8,10 +8,10 @@ import (
 
 	"github.com/astaxie/beego"
 	"github.com/beego/i18n"
-	"github.com/vmware/harbor/src/ui/auth"
 	"github.com/vmware/harbor/src/common/dao"
 	"github.com/vmware/harbor/src/common/models"
 	"github.com/vmware/harbor/src/common/utils/log"
+	"github.com/vmware/harbor/src/ui/auth"
 )
 
 // BaseController wraps common methods such as i18n support, forward,  which can be leveraged by other UI render controllers.

src/ui/controllers/changepassword.go

@@ -10,9 +10,15 @@ type ChangePasswordController struct {
 }
 
 // Get renders the change password page
-func (asc *ChangePasswordController) Get() {
-	if asc.AuthMode != "db_auth" {
-		asc.CustomAbort(http.StatusForbidden, "")
+func (cpc *ChangePasswordController) Get() {
+	var isAdminForLdap bool
+	sessionUserID, ok := cpc.GetSession("userId").(int)
+	if ok && sessionUserID == 1 {
+		isAdminForLdap = true
+	}
+	if cpc.AuthMode == "db_auth" || isAdminForLdap {
+		cpc.Forward("page_title_change_password", "change-password.htm")
+	} else {
+		cpc.CustomAbort(http.StatusForbidden, "")
 	}
-	asc.Forward("page_title_change_password", "change-password.htm")
 }

src/ui/controllers/optionalmenu.go

@@ -19,6 +19,8 @@ func (omc *OptionalMenuController) Get() {
 
 	var hasLoggedIn bool
 	var allowAddNew bool
+
+	var isAdminForLdap bool
 	var allowSettingAccount bool
 
 	if sessionUserID != nil {
@@ -35,7 +37,11 @@ func (omc *OptionalMenuController) Get() {
 		}
 		omc.Data["Username"] = u.Username
 
-		if omc.AuthMode == "db_auth" {
+		if userID == 1 {
+			isAdminForLdap = true
+		}
+
+		if omc.AuthMode == "db_auth" || isAdminForLdap {
 			allowSettingAccount = true
 		}
 

src/ui/static/resources/js/components/user/list-user.directive.html

@@ -31,7 +31,7 @@
               <th width="20%">// 'email' | tr //</th>
               <th width="35%">// 'registration_time' | tr //</th>
               <th width="15%">// 'administrator' | tr //</th>
-              <th width="20%">// 'operation' | tr //</th>
+              <th width="20%" ng-if="vm.authMode === 'db_auth'">// 'operation' | tr //</th>
             </thead>
           </table>
         </div>
@@ -46,7 +46,7 @@
                 <td width="15%">
                   <toggle-admin current-user="vm.currentUser" has-admin-role="u.has_admin_role" user-id="//u.user_id//"></toggle-admin>
                 </td>
-                <td width="20%">
+                <td width="20%" ng-if="vm.authMode === 'db_auth'">
                   &nbsp;&nbsp;<a ng-if="vm.currentUser.user_id != u.user_id" href="javascript:void(0)" ng-click="vm.confirmToDelete(u.user_id, u.username)"><span class="glyphicon glyphicon-trash"></span></a>
                 </td>
               </tr>

src/ui/static/resources/js/components/user/list-user.directive.js

@@ -98,6 +98,9 @@
       'restrict': 'E',
       'templateUrl': '/static/resources/js/components/user/list-user.directive.html',
       'link': link,
+      'scope': {
+        'authMode': '@'
+      },
       'controller': ListUserController,
       'controllerAs': 'vm',
       'bindToController': true

src/ui/views/admin-options.htm

@@ -24,7 +24,7 @@
           <span ng-if="vm.toggle">// 'system_management' | tr //</span>
           <a ng-if="!vm.toggle" href="#/destinations" class="title-color" ng-click="vm.toggleAdminOption({target: 'system_management'})">// 'system_management' | tr //</a>
         </h4> 
-        <list-user ng-if="vm.target === 'users'"></list-user>
+        <list-user ng-if="vm.target === 'users'" auth-mode="{{ .AuthMode }}"></list-user>
         <system-management ng-if="vm.target === 'system_management'"></system-management>
       </div>
     </div>