2015-03-16 18:17:27 +00:00
|
|
|
/**
|
|
|
|
|
* An element which displays a table of permissions on a repository and allows them to be
|
|
|
|
|
* edited.
|
|
|
|
|
*/
|
2015-04-01 18:23:39 +00:00
|
|
|
angular.module('quay').filter('objectFilter', function() {
|
|
|
|
|
return function(obj, filterFn) {
|
|
|
|
|
if (!obj) { return []; }
|
|
|
|
|
|
|
|
|
|
var result = [];
|
|
|
|
|
angular.forEach(obj, function(value) {
|
|
|
|
|
if (filterFn(value)) {
|
|
|
|
|
result.push(value);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
};
|
|
|
|
|
});
|
|
|
|
|
|
2015-03-16 18:17:27 +00:00
|
|
|
angular.module('quay').directive('repositoryPermissionsTable', function () {
|
|
|
|
|
var directiveDefinitionObject = {
|
|
|
|
|
priority: 0,
|
|
|
|
|
templateUrl: '/static/directives/repository-permissions-table.html',
|
|
|
|
|
replace: false,
|
|
|
|
|
transclude: true,
|
|
|
|
|
restrict: 'C',
|
|
|
|
|
scope: {
|
2015-05-06 22:16:03 +00:00
|
|
|
'repository': '=repository',
|
|
|
|
|
'isEnabled': '=isEnabled'
|
2015-03-16 18:17:27 +00:00
|
|
|
},
|
2015-06-15 20:11:39 +00:00
|
|
|
controller: function($scope, $element, ApiService, Restangular, UtilService, RolesService) {
|
2015-03-16 18:17:27 +00:00
|
|
|
$scope.permissionResources = {'team': {}, 'user': {}};
|
|
|
|
|
$scope.permissionCache = {};
|
|
|
|
|
$scope.permissions = {};
|
2015-06-15 20:11:39 +00:00
|
|
|
|
|
|
|
|
var readRole = RolesService.repoRoles[0].id;
|
|
|
|
|
|
|
|
|
|
$scope.addPermissionInfo = {
|
|
|
|
|
'role': readRole
|
|
|
|
|
};
|
2015-03-16 18:17:27 +00:00
|
|
|
|
|
|
|
|
var loadAllPermissions = function() {
|
2015-05-06 22:16:03 +00:00
|
|
|
if (!$scope.repository || !$scope.isEnabled) { return; }
|
|
|
|
|
|
2015-03-16 18:17:27 +00:00
|
|
|
fetchPermissions('user');
|
|
|
|
|
fetchPermissions('team');
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
var fetchPermissions = function(kind) {
|
|
|
|
|
if ($scope.permissionResources[kind]['loading'] != null) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var params = {
|
|
|
|
|
'repository': $scope.repository.namespace + '/' + $scope.repository.name
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
var Kind = kind[0].toUpperCase() + kind.substring(1);
|
|
|
|
|
var r = ApiService['listRepo' + Kind + 'PermissionsAsResource'](params).get(function(resp) {
|
|
|
|
|
$scope.permissions[kind] = resp.permissions;
|
|
|
|
|
return resp.permissions;
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$scope.permissionResources[kind] = r;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
$scope.$watch('repository', loadAllPermissions);
|
2015-05-06 22:16:03 +00:00
|
|
|
$scope.$watch('isEnabled', loadAllPermissions);
|
|
|
|
|
|
2015-03-16 18:17:27 +00:00
|
|
|
loadAllPermissions();
|
|
|
|
|
|
|
|
|
|
var getPermissionEndpoint = function(entityName, kind) {
|
|
|
|
|
var namespace = $scope.repository.namespace;
|
|
|
|
|
var name = $scope.repository.name;
|
|
|
|
|
var url = UtilService.getRestUrl('repository', namespace, name, 'permissions', kind, entityName);
|
|
|
|
|
return Restangular.one(url);
|
|
|
|
|
};
|
|
|
|
|
|
2015-04-01 18:23:39 +00:00
|
|
|
$scope.buildEntityForPermission = function(permission, kind) {
|
|
|
|
|
var key = permission.name + ':' + kind;
|
2015-03-16 18:17:27 +00:00
|
|
|
if ($scope.permissionCache[key]) {
|
|
|
|
|
return $scope.permissionCache[key];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $scope.permissionCache[key] = {
|
|
|
|
|
'kind': kind,
|
2015-04-01 18:23:39 +00:00
|
|
|
'name': permission.name,
|
2015-03-16 18:17:27 +00:00
|
|
|
'is_robot': permission.is_robot,
|
2015-03-30 21:55:04 +00:00
|
|
|
'is_org_member': permission.is_org_member,
|
|
|
|
|
'avatar': permission.avatar
|
2015-03-16 18:17:27 +00:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2015-04-01 18:23:39 +00:00
|
|
|
$scope.hasPermissions = function(teams, users) {
|
|
|
|
|
if (teams && teams.value) {
|
|
|
|
|
if (Object.keys(teams.value).length > 0) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (users && users.value) {
|
|
|
|
|
if (Object.keys(users.value).length > 0) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
$scope.allEntries = function() {
|
|
|
|
|
return true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
$scope.onlyRobot = function(permission) {
|
|
|
|
|
return permission.is_robot == true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
$scope.onlyUser = function(permission) {
|
|
|
|
|
return !permission.is_robot;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
$scope.addPermission = function() {
|
2015-03-16 18:49:57 +00:00
|
|
|
$scope.addPermissionInfo['working'] = true;
|
|
|
|
|
$scope.addNewPermission($scope.addPermissionInfo.entity, $scope.addPermissionInfo.role)
|
|
|
|
|
};
|
|
|
|
|
|
2015-03-16 18:17:27 +00:00
|
|
|
$scope.grantPermission = function(entity, callback) {
|
|
|
|
|
$scope.addRole(entity.name, 'read', entity.kind, callback);
|
|
|
|
|
};
|
|
|
|
|
|
2015-03-16 18:49:57 +00:00
|
|
|
$scope.addNewPermission = function(entity, opt_role) {
|
2015-03-16 18:17:27 +00:00
|
|
|
// Don't allow duplicates.
|
2015-03-16 18:49:57 +00:00
|
|
|
if (!entity || !entity.kind || $scope.permissions[entity.kind][entity.name]) {
|
|
|
|
|
$scope.addPermissionInfo = {};
|
|
|
|
|
return;
|
|
|
|
|
}
|
2015-03-16 18:17:27 +00:00
|
|
|
|
|
|
|
|
if (entity.is_org_member === false) {
|
|
|
|
|
$scope.grantPermissionInfo = {
|
|
|
|
|
'entity': entity
|
|
|
|
|
};
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-16 18:49:57 +00:00
|
|
|
$scope.addRole(entity.name, opt_role || 'read', entity.kind);
|
2015-03-16 18:17:27 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
$scope.deleteRole = function(entityName, kind) {
|
|
|
|
|
var errorHandler = ApiService.errorDisplay('Cannot change permission', function(resp) {
|
|
|
|
|
if (resp.status == 409) {
|
|
|
|
|
return 'Cannot change permission as you do not have the authority';
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
var endpoint = getPermissionEndpoint(entityName, kind);
|
|
|
|
|
endpoint.customDELETE().then(function() {
|
|
|
|
|
delete $scope.permissions[kind][entityName];
|
|
|
|
|
}, errorHandler);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
$scope.addRole = function(entityName, role, kind, opt_callback) {
|
|
|
|
|
var permission = {
|
|
|
|
|
'role': role,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
var errorHandler = ApiService.errorDisplay('Cannot change permission', function() {
|
|
|
|
|
opt_callback && opt_callback(false);
|
2015-06-15 20:11:39 +00:00
|
|
|
$scope.addPermissionInfo = {
|
|
|
|
|
'role': readRole
|
|
|
|
|
};
|
2015-03-16 18:17:27 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
var endpoint = getPermissionEndpoint(entityName, kind);
|
|
|
|
|
endpoint.customPUT(permission).then(function(result) {
|
|
|
|
|
$scope.permissions[kind][entityName] = result;
|
2015-06-15 20:11:39 +00:00
|
|
|
$scope.addPermissionInfo = {
|
|
|
|
|
'role': readRole
|
|
|
|
|
};
|
2015-03-16 18:17:27 +00:00
|
|
|
opt_callback && opt_callback(true)
|
|
|
|
|
}, errorHandler);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
$scope.setRole = function(role, entityName, kind) {
|
|
|
|
|
var errorDisplay = ApiService.errorDisplay(function(resp) {
|
|
|
|
|
$scope.permissions[kind][entityName] = {'role': currentRole};
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
var permission = $scope.permissions[kind][entityName];
|
|
|
|
|
var currentRole = permission.role;
|
|
|
|
|
permission.role = role;
|
|
|
|
|
|
|
|
|
|
var endpoint = getPermissionEndpoint(entityName, kind);
|
|
|
|
|
endpoint.customPUT(permission).then(function() {}, errorDisplay);
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
return directiveDefinitionObject;
|
|
|
|
|
});
|
