feat(endpoint): relocate docker security settings (#4657)

* feat(endpoint): migrate security settings to endpoint * feat(endpoint): check for specific endpoint settings * feat(endpoint): check security settings * feat(docker): add config page * feat(endpoint): save settings page * feat(endpoints): disable features when not agent * feat(sidebar): hide docker settings for regular user * fix(docker): small fixes in configs * fix(volumes): hide browse button for non admins * refactor(docker): introduce switch component * refactor(components/switch): seprate label from switch * feat(app/components): align switch label * refactor(app/components): move switch css * fix(docker/settings): add ngijnect * feat(endpoints): set default security values * style(portainer): sort types * fix(endpoint): rename security heading * fix(endpoints): update endpoints settings
2025-07-23 07:19:41 +02:00 · 2021-02-09 10:09:06 +02:00 · 2021-02-09 10:09:06 +02:00 · 46dec01fe3
commit 46dec01fe3
parent e401724d43
46 changed files with 714 additions and 461 deletions
--- a/app/docker/views/containers/create/createContainerController.js
+++ b/app/docker/views/containers/create/createContainerController.js
@ -27,9 +27,9 @@ angular.module('portainer.docker').controller('CreateContainerController', [
  'ModalService',
  'RegistryService',
  'SystemService',
-  'SettingsService',
  'PluginService',
  'HttpRequestHelper',
+  'endpoint',
  function (
    $q,
    $scope,
@ -53,9 +53,9 @@ angular.module('portainer.docker').controller('CreateContainerController', [
    ModalService,
    RegistryService,
    SystemService,
-    SettingsService,
    PluginService,
-    HttpRequestHelper
+    HttpRequestHelper,
+    endpoint
  ) {
    $scope.create = create;

@ -709,14 +709,8 @@ angular.module('portainer.docker').controller('CreateContainerController', [
          Notifications.error('Failure', err, 'Unable to retrieve engine details');
        });

-      SettingsService.publicSettings()
-        .then(function success(data) {
-          $scope.allowBindMounts = $scope.isAdminOrEndpointAdmin || data.AllowBindMountsForRegularUsers;
-          $scope.allowPrivilegedMode = data.AllowPrivilegedModeForRegularUsers;
-        })
-        .catch(function error(err) {
-          Notifications.error('Failure', err, 'Unable to retrieve application settings');
-        });
+      $scope.allowBindMounts = $scope.isAdminOrEndpointAdmin || endpoint.SecuritySettings.allowBindMountsForRegularUsers;
+      $scope.allowPrivilegedMode = endpoint.SecuritySettings.allowPrivilegedModeForRegularUsers;

      PluginService.loggingPlugins(apiVersion < 1.25).then(function success(loggingDrivers) {
        $scope.availableLoggingDrivers = loggingDrivers;
@ -933,15 +927,11 @@ angular.module('portainer.docker').controller('CreateContainerController', [
    }

    async function shouldShowDevices() {
-      const { allowDeviceMappingForRegularUsers } = $scope.applicationState.application;
-
-      return allowDeviceMappingForRegularUsers || Authentication.isAdmin();
+      return endpoint.SecuritySettings.allowDeviceMappingForRegularUsers || Authentication.isAdmin();
    }

    async function checkIfContainerCapabilitiesEnabled() {
-      const { allowContainerCapabilitiesForRegularUsers } = $scope.applicationState.application;
-
-      return allowContainerCapabilitiesForRegularUsers || Authentication.isAdmin();
+      return endpoint.SecuritySettings.allowContainerCapabilitiesForRegularUsers || Authentication.isAdmin();
    }

    initView();