Manage user access to app.

This commit is contained in:
opi 2014-03-02 19:30:46 +01:00
parent 4b8bcd669f
commit 5deb621fae
2 changed files with 202 additions and 0 deletions

111
js/app.js
View file

@ -603,6 +603,117 @@ app = Sammy('#main', function (sam) {
} }
}); });
// Manage app access
sam.get('#/apps/:app/access', function (c) {
c.api('/app/'+c.params['app']+'?raw=true', function(data) { // http://api.yunohost.org/#!/app/app_info_get_9
c.api('/users', function(dataUsers) {
// allowed_users as array
if (typeof data.settings.allowed_users !== 'undefined') {
if (data.settings.allowed_users.length === 0) {
// Force empty array, means no user has access
data.settings.allowed_users = [];
}
else {
data.settings.allowed_users = data.settings.allowed_users.split(',');
}
} else {
data.settings.allowed_users = []; // Force array
// if 'allowed_users' is undefined, everyone has access
// that means that undefined is different from empty array
data.settings.allow_everyone = true;
}
// Available users
data.users = [];
$.each(dataUsers.Users, function(key, user){
// Do not list allowed_users in select list
if ( data.settings.allowed_users.indexOf(user.Username) === -1 ) {
data.users.push({
value: user.Username,
label: user.Fullname+' ('+user.Mail+')'
});
} else {
// Complete allowed_users data
data.settings.allowed_users[data.settings.allowed_users.indexOf(user.Username)] = {
username: user.Username,
fullname: user.Fullname,
mail: user.Mail,
}
}
})
c.view('app_access', data);
});
});
});
// Remove all access
sam.get('#/apps/:app/access/remove', function (c) {
if (confirm('Are you sure you want to remove all access to '+ c.params['app'] +' ?')) {
params = {'apps': c.params['app'], 'users':[]}
c.api('/app/access?'+c.serialize(params), function(data) { // http://api.yunohost.org/#!/app/app_removeaccess_delete_12
store.clear('slide');
c.redirect('#/apps/'+ c.params['app']+ '/access');
}, 'DELETE', params);
} else {
store.clear('slide');
c.redirect('#/apps/'+ c.params['app']+ '/access');
}
});
// Remove access to a specific user
sam.get('#/apps/:app/access/remove/:user', function (c) {
if (confirm('Are you sure you want to remove access to '+ c.params['app'] +' for '+ c.params['user'] +' ?')) {
params = {'apps': c.params['app'], 'users': c.params['user']}
c.api('/app/access?'+c.serialize(params), function(data) { // http://api.yunohost.org/#!/app/app_removeaccess_delete_12
store.clear('slide');
c.redirect('#/apps/'+ c.params['app']+ '/access');
}, 'DELETE', params); // passing 'params' here is useless because jQuery doesn't handle ajax datas for DELETE requests. Passing parameters through uri.
} else {
store.clear('slide');
c.redirect('#/apps/'+ c.params['app']+ '/access');
}
});
// Grant all access
sam.get('#/apps/:app/access/add', function (c) {
if (confirm('Are you sure you want to add access to '+ c.params['app'] +' for all users ?')) {
params = {'apps': c.params['app'], 'users': null}
c.api('/app/access', function() { // http://api.yunohost.org/#!/app/app_addaccess_put_13
store.clear('slide');
c.redirect('#/apps/'+ c.params['app'] +'/access');
}, 'PUT', params);
} else {
store.clear('slide');
c.redirect('#/apps/'+ c.params['app']+ '/access');
}
});
// Grant access for a specific user
sam.post('#/apps/:app/access/add', function (c) {
params = {'users': c.params['user'], 'apps': c.params['app']}
c.api('/app/access', function() { // http://api.yunohost.org/#!/app/app_addaccess_put_13
store.clear('slide');
c.redirect('#/apps/'+ c.params['app'] +'/access');
}, 'PUT', params);
});
// Clear access (reset)
sam.get('#/apps/:app/access/clear', function (c) {
if (confirm('Are you sure you want to clear all access to '+ c.params['app'] +' ?')) {
params = {'apps': c.params['app']}
c.api('/app/access', function() { //
store.clear('slide');
c.redirect('#/apps/'+ c.params['app'] +'/access');
}, 'POST', params);
} else {
store.clear('slide');
c.redirect('#/apps/'+ c.params['app']+ '/access');
}
});
/** /**
* Services * Services
* *

91
views/app_access.ms Normal file
View file

@ -0,0 +1,91 @@
<div class="pull-left">
<a href="#/apps/{{settings.id}}" class="btn btn-default slide back"><span class="glyphicon glyphicon-chevron-left"></span> {{settings.label}}</a>
</div>
<div class="pull-right">
</div>
<div class="clearfix"></div>
<div class="view-title">{{settings.label}} access</div>
<div class="br"></div>
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title">Allowed users</h2>
</div>
{{#if settings.allowed_users}}
<div class="list-group">
{{#each settings.allowed_users}}
<div class="list-group-item">
<a href="#/apps/{{../settings.id}}/access/remove/{{username}}" class="btn btn-danger slide back pull-right">
<span class="glyphicon glyphicon-trash"></span> Remove access
</a>
<h3 class="list-group-item-heading">{{fullname}} ({{mail}})</h3>
<a href="#/users/{{username}}">View {{username}}'s profile</a>
</div>
{{/each}}
</div>
<div class="panel-footer">
<a href="#/apps/{{../settings.id}}/access/remove" class="btn btn-danger slide back">
<span class="glyphicon glyphicon-trash"></span> Remove all access
</a>
<p class="text-danger">
No users will have access to {{settings.label}}.
</p>
</div>
{{else}}
<div class="panel-body">
{{#if settings.allow_everyone}}
<p class="text-success">Everyone has access.</p>
{{else}}
<p class="text-warning">No allowed users.</p>
{{/if}}
</div>
{{/if}}
</div>
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title">Add access</h2>
</div>
<div class="panel-body">
{{#if users}}
<form method="POST" action="#/apps/{{settings.id}}/access/add" class="row">
<input type="hidden" name="app" value="{{settings.id}}">
<div class="col-xs-9 col-sm-9">
<select name="user" required class="form-control">
<option value="" default disabled selected>Select user</option>
{{#users}}<option value="{{value}}">{{label}}</option>{{/users}}
</select>
</div>
<div class="col-xs-3 col-sm-3">
<input type="submit" class="btn btn-success slide back" value="Add">
</div>
</form>
{{else}}
<p class="text-warning">No users to add.</p>
{{/if}}
</div>
{{#if users}}
<div class="panel-footer">
<a href="#/apps/{{settings.id}}/access/add" class="btn btn-success slide back">
<span class="glyphicon glyphicon-plus"></span> Add all access
</a>
</div>
{{/if}}
</div>
{{#unless settings.allow_everyone}}
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title">Clear access</h2>
</div>
<div class="panel-body">
<a href="#/apps/{{settings.id}}/access/clear" class="btn btn-warning slide back">
<span class="glyphicon glyphicon-trash"></span> Clear all access
</a>
<p class="text-warning">
Every user will have access to {{settings.label}}.
</p>
</div>
</div>
{{/unless}}