Merge pull request #974 from wknet123/dev-admin-options

Updates for issues about account settings.
2024-09-26 04:23:22 +02:00 · 2016-10-28 04:55:55 -05:00 · 2016-10-28 04:55:55 -05:00 · 7a14e69ea0
commit 7a14e69ea0
parent c732b624e9 1d18f5d154
9 changed files with 51 additions and 25 deletions
--- a/src/ui/controllers/accountsetting.go
+++ b/src/ui/controllers/accountsetting.go
@ -1,9 +1,5 @@
 package controllers

-import (
-	"net/http"
-)
-
 // AccountSettingController handles request to /account_setting
 type AccountSettingController struct {
 	BaseController
@ -11,8 +7,14 @@ type AccountSettingController struct {

 // Get renders the account settings page
 func (asc *AccountSettingController) Get() {
-	if asc.AuthMode != "db_auth" {
-		asc.CustomAbort(http.StatusForbidden, "")
+	var isAdminForLdap bool
+	sessionUserID, ok := asc.GetSession("userId").(int)
+	if ok && sessionUserID == 1 {
+		isAdminForLdap = true
+	}
+	if asc.AuthMode == "db_auth" || isAdminForLdap {
+		asc.Forward("page_title_account_setting", "account-settings.htm")
+	} else {
+		asc.Redirect("/dashboard", 302)
 	}
-	asc.Forward("page_title_account_setting", "account-settings.htm")
 }
--- a/src/ui/controllers/adminoption.go
+++ b/src/ui/controllers/adminoption.go
@ -1,5 +1,10 @@
 package controllers

+import (
+	"github.com/vmware/harbor/src/common/dao"
+	"github.com/vmware/harbor/src/common/utils/log"
+)
+
 // AdminOptionController handles requests to /admin_option
 type AdminOptionController struct {
 	BaseController
@ -7,5 +12,16 @@ type AdminOptionController struct {

 // Get renders the admin options  page
 func (aoc *AdminOptionController) Get() {
-	aoc.Forward("page_title_admin_option", "admin-options.htm")
+	sessionUserID, ok := aoc.GetSession("userId").(int)
+	if ok {
+		isAdmin, err := dao.IsAdminRole(sessionUserID)
+		if err != nil {
+			log.Errorf("Error occurred in IsAdminRole: %v", err)
+		}
+		if isAdmin {
+			aoc.Forward("page_title_admin_option", "admin-options.htm")
+			return
+		}
+	}
+	aoc.Redirect("/dashboard", 302)
 }
--- a/src/ui/controllers/base.go
+++ b/src/ui/controllers/base.go
@ -8,10 +8,10 @@ import (

 	"github.com/astaxie/beego"
 	"github.com/beego/i18n"
-	"github.com/vmware/harbor/src/ui/auth"
 	"github.com/vmware/harbor/src/common/dao"
 	"github.com/vmware/harbor/src/common/models"
 	"github.com/vmware/harbor/src/common/utils/log"
+	"github.com/vmware/harbor/src/ui/auth"
 )

 // BaseController wraps common methods such as i18n support, forward,  which can be leveraged by other UI render controllers.
--- a/src/ui/controllers/changepassword.go
+++ b/src/ui/controllers/changepassword.go
@ -1,18 +1,20 @@
 package controllers

-import (
-	"net/http"
-)
-
 // ChangePasswordController handles request to /change_password
 type ChangePasswordController struct {
 	BaseController
 }

 // Get renders the change password page
-func (asc *ChangePasswordController) Get() {
-	if asc.AuthMode != "db_auth" {
-		asc.CustomAbort(http.StatusForbidden, "")
+func (cpc *ChangePasswordController) Get() {
+	var isAdminForLdap bool
+	sessionUserID, ok := cpc.GetSession("userId").(int)
+	if ok && sessionUserID == 1 {
+		isAdminForLdap = true
+	}
+	if cpc.AuthMode == "db_auth" || isAdminForLdap {
+		cpc.Forward("page_title_change_password", "change-password.htm")
+	} else {
+		cpc.Redirect("/dashboard", 302)
 	}
-	asc.Forward("page_title_change_password", "change-password.htm")
 }
--- a/src/ui/controllers/controllers_test.go
+++ b/src/ui/controllers/controllers_test.go
@ -113,19 +113,16 @@ func TestMain(t *testing.T) {
 	w = httptest.NewRecorder()
 	beego.BeeApp.Handlers.ServeHTTP(w, r)
 	assert.Equal(int(200), w.Code, "'/account_setting' httpStatusCode should be 200")
-	assert.Equal(true, strings.Contains(fmt.Sprintf("%s", w.Body), "<title>page_title_account_setting</title>"), "http respond should have '<title>page_title_account_setting</title>'")

 	r, _ = http.NewRequest("GET", "/change_password", nil)
 	w = httptest.NewRecorder()
 	beego.BeeApp.Handlers.ServeHTTP(w, r)
 	assert.Equal(int(200), w.Code, "'/change_password' httpStatusCode should be 200")
-	assert.Equal(true, strings.Contains(fmt.Sprintf("%s", w.Body), "<title>page_title_change_password</title>"), "http respond should have '<title>page_title_change_password</title>'")

 	r, _ = http.NewRequest("GET", "/admin_option", nil)
 	w = httptest.NewRecorder()
 	beego.BeeApp.Handlers.ServeHTTP(w, r)
-	assert.Equal(int(200), w.Code, "'/admin_option' httpStatusCode should be 200")
-	assert.Equal(true, strings.Contains(fmt.Sprintf("%s", w.Body), "<title>page_title_admin_option</title>"), "http respond should have '<title>page_title_admin_option</title>'")
+	assert.Equal(int(302), w.Code, "'/admin_option' httpStatusCode should be 302")

 	r, _ = http.NewRequest("GET", "/forgot_password", nil)
 	w = httptest.NewRecorder()
--- a/src/ui/controllers/optionalmenu.go
+++ b/src/ui/controllers/optionalmenu.go
@ -19,6 +19,8 @@ func (omc *OptionalMenuController) Get() {

 	var hasLoggedIn bool
 	var allowAddNew bool
+
+	var isAdminForLdap bool
 	var allowSettingAccount bool

 	if sessionUserID != nil {
@ -35,7 +37,11 @@ func (omc *OptionalMenuController) Get() {
 		}
 		omc.Data["Username"] = u.Username

-		if omc.AuthMode == "db_auth" {
+		if userID == 1 {
+			isAdminForLdap = true
+		}
+
+		if omc.AuthMode == "db_auth" || isAdminForLdap {
 			allowSettingAccount = true
 		}

--- a/src/ui/static/resources/js/components/user/list-user.directive.html
+++ b/src/ui/static/resources/js/components/user/list-user.directive.html
@ -31,7 +31,7 @@
              <th width="20%">// 'email' | tr //</th>
              <th width="35%">// 'registration_time' | tr //</th>
              <th width="15%">// 'administrator' | tr //</th>
-              <th width="20%">// 'operation' | tr //</th>
+              <th width="20%" ng-if="vm.authMode === 'db_auth'">// 'operation' | tr //</th>
            </thead>
          </table>
        </div>
@ -46,7 +46,7 @@
                <td width="15%">
                  <toggle-admin current-user="vm.currentUser" has-admin-role="u.has_admin_role" user-id="//u.user_id//"></toggle-admin>
                </td>
-                <td width="20%">
+                <td width="20%" ng-if="vm.authMode === 'db_auth'">
                  &nbsp;&nbsp;<a ng-if="vm.currentUser.user_id != u.user_id" href="javascript:void(0)" ng-click="vm.confirmToDelete(u.user_id, u.username)"><span class="glyphicon glyphicon-trash"></span></a>
                </td>
              </tr>
--- a/src/ui/static/resources/js/components/user/list-user.directive.js
+++ b/src/ui/static/resources/js/components/user/list-user.directive.js
@ -98,6 +98,9 @@
      'restrict': 'E',
      'templateUrl': '/static/resources/js/components/user/list-user.directive.html',
      'link': link,
+      'scope': {
+        'authMode': '@'
+      },
      'controller': ListUserController,
      'controllerAs': 'vm',
      'bindToController': true
--- a/src/ui/views/admin-options.htm
+++ b/src/ui/views/admin-options.htm
@ -24,7 +24,7 @@
          <span ng-if="vm.toggle">// 'system_management' | tr //</span>
          <a ng-if="!vm.toggle" href="#/destinations" class="title-color" ng-click="vm.toggleAdminOption({target: 'system_management'})">// 'system_management' | tr //</a>
        </h4> 
-        <list-user ng-if="vm.target === 'users'"></list-user>
+        <list-user ng-if="vm.target === 'users'" auth-mode="{{ .AuthMode }}"></list-user>
        <system-management ng-if="vm.target === 'system_management'"></system-management>
      </div>
    </div>