feat(secrets): add UAC (#1200)

2025-08-05 05:45:22 +02:00 · 2017-09-19 17:10:15 +02:00 · 2017-09-19 17:10:15 +02:00 · 61f652da04
commit 61f652da04
parent a2b4cd8050
11 changed files with 221 additions and 20 deletions
--- a/app/components/createSecret/createSecretController.js
+++ b/app/components/createSecret/createSecretController.js
@ -1,11 +1,17 @@
 angular.module('createSecret', [])
-.controller('CreateSecretController', ['$scope', '$state', 'Notifications', 'SecretService', 'LabelHelper',
-function ($scope, $state, Notifications, SecretService, LabelHelper) {
+.controller('CreateSecretController', ['$scope', '$state', 'Notifications', 'SecretService', 'LabelHelper', 'Authentication', 'ResourceControlService', 'FormValidator',
+function ($scope, $state, Notifications, SecretService, LabelHelper, Authentication, ResourceControlService, FormValidator) {
+
  $scope.formValues = {
    Name: '',
    Data: '',
    Labels: [],
-    encodeSecret: true
+    encodeSecret: true,
+    AccessControlData: new AccessControlFormData()
+  };
+
+  $scope.state = {
+    formValidationError: ''
  };

  $scope.addLabel = function() {
@ -36,10 +42,38 @@ function ($scope, $state, Notifications, SecretService, LabelHelper) {
    return config;
  }

-  function createSecret(config) {
-    $('#createSecretSpinner').show();
-    SecretService.create(config)
+  function validateForm(accessControlData, isAdmin) {
+    $scope.state.formValidationError = '';
+    var error = '';
+    error = FormValidator.validateAccessControl(accessControlData, isAdmin);
+
+    if (error) {
+      $scope.state.formValidationError = error;
+      return false;
+    }
+    return true;
+  }
+
+  $scope.create = function () {
+    $('#createResourceSpinner').show();
+
+    var accessControlData = $scope.formValues.AccessControlData;
+    var userDetails = Authentication.getUserDetails();
+    var isAdmin = userDetails.role === 1 ? true : false;
+
+    if (!validateForm(accessControlData, isAdmin)) {
+      $('#createResourceSpinner').hide();
+      return;
+    }
+
+    var secretConfiguration = prepareConfiguration();
+    SecretService.create(secretConfiguration)
    .then(function success(data) {
+      var secretIdentifier = data.ID;
+      var userId = userDetails.ID;
+      return ResourceControlService.applyResourceControl('secret', secretIdentifier, userId, accessControlData, []);
+    })
+    .then(function success() {
      Notifications.success('Secret successfully created');
      $state.go('secrets', {}, {reload: true});
    })
@ -47,12 +81,7 @@ function ($scope, $state, Notifications, SecretService, LabelHelper) {
      Notifications.error('Failure', err, 'Unable to create secret');
    })
    .finally(function final() {
-      $('#createSecretSpinner').hide();
+      $('#createResourceSpinner').hide();
    });
-  }
-
-  $scope.create = function () {
-    var config = prepareConfiguration();
-    createSecret(config);
  };
 }]);
--- a/app/components/createSecret/createsecret.html
+++ b/app/components/createSecret/createsecret.html
@ -66,6 +66,9 @@
            <!-- !labels-input-list -->
          </div>
          <!-- !labels-->
+          <!-- access-control -->
+          <por-access-control-form form-data="formValues.AccessControlData" ng-if="applicationState.application.authentication"></por-access-control-form>
+          <!-- !access-control -->
          <!-- actions -->
          <div class="col-sm-12 form-section-title">
            Actions
@ -74,7 +77,8 @@
            <div class="col-sm-12">
              <button type="button" class="btn btn-primary btn-sm" ng-disabled="!formValues.Name || !formValues.Data" ng-click="create()">Create secret</button>
              <a type="button" class="btn btn-default btn-sm" ui-sref="secrets">Cancel</a>
-              <i id="createSecretSpinner" class="fa fa-cog fa-spin" style="margin-left: 5px; display: none;"></i>
+              <i id="createResourceSpinner" class="fa fa-cog fa-spin" style="margin-left: 5px; display: none;"></i>
+              <span class="text-danger" ng-if="state.formValidationError" style="margin-left: 5px;">{{ state.formValidationError }}</span>
            </div>
          </div>
          <!-- !actions -->
--- a/app/components/secret/secret.html
+++ b/app/components/secret/secret.html
@ -53,3 +53,12 @@
    </rd-widget>
  </div>
 </div>
+
+<!-- access-control-panel -->
+<por-access-control-panel
+  ng-if="secret && applicationState.application.authentication"
+  resource-id="secret.Id"
+  resource-control="secret.ResourceControl"
+  resource-type="'secret'">
+</por-access-control-panel>
+<!-- !access-control-panel -->
--- a/app/components/secrets/secrets.html
+++ b/app/components/secrets/secrets.html
@ -30,31 +30,44 @@
                <input type="checkbox" ng-model="allSelected" ng-change="selectItems(allSelected)" />
              </th>
              <th>
-                <a ui-sref="secrets" ng-click="order('Name')">
+                <a ng-click="order('Name')">
                  Name
                  <span ng-show="sortType == 'Name' && !sortReverse" class="glyphicon glyphicon-chevron-down"></span>
                  <span ng-show="sortType == 'Name' && sortReverse" class="glyphicon glyphicon-chevron-up"></span>
                </a>
              </th>
              <th>
-                <a ui-sref="secrets" ng-click="order('CreatedAt')">
+                <a ng-click="order('CreatedAt')">
                  Created at
                  <span ng-show="sortType == 'Image' && !sortReverse" class="glyphicon glyphicon-chevron-down"></span>
                  <span ng-show="sortType == 'Image' && sortReverse" class="glyphicon glyphicon-chevron-up"></span>
                </a>
              </th>
+              <th ng-if="applicationState.application.authentication">
+                <a ng-click="order('ResourceControl.Ownership')">
+                  Ownership
+                  <span ng-show="sortType == 'ResourceControl.Ownership' && !sortReverse" class="glyphicon glyphicon-chevron-down"></span>
+                  <span ng-show="sortType == 'ResourceControl.Ownership' && sortReverse" class="glyphicon glyphicon-chevron-up"></span>
+                </a>
+              </th>
            </thead>
            <tbody>
              <tr dir-paginate="secret in (state.filteredSecrets = ( secrets | filter:state.filter | orderBy:sortType:sortReverse | itemsPerPage: pagination_count))">
                <td><input type="checkbox" ng-model="secret.Checked" ng-change="selectItem(secret)"/></td>
                <td><a ui-sref="secret({id: secret.Id})">{{ secret.Name }}</a></td>
                <td>{{ secret.CreatedAt | getisodate }}</td>
+                <td ng-if="applicationState.application.authentication">
+                  <span>
+                    <i ng-class="secret.ResourceControl.Ownership | ownershipicon" aria-hidden="true"></i>
+                    {{ secret.ResourceControl.Ownership ? secret.ResourceControl.Ownership : secret.ResourceControl.Ownership = 'public' }}
+                  </span>
+                </td>
              </tr>
              <tr ng-if="!secrets">
-                <td colspan="3" class="text-center text-muted">Loading...</td>
+                <td colspan="4" class="text-center text-muted">Loading...</td>
              </tr>
              <tr ng-if="secrets.length == 0">
-                <td colspan="3" class="text-center text-muted">No secrets available.</td>
+                <td colspan="4" class="text-center text-muted">No secrets available.</td>
              </tr>
            </tbody>
          </table>