jessikitty/Disco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: use more antiforgery tokens

Browse Source
This commit is contained in:
Gary Sharp
2025-07-25 12:32:44 +10:00
parent fd43d85778
commit 7deead494b
222 changed files with 12919 additions and 11728 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Disco.Web/Areas/Config/Views/AuthorizationRole/Create.cshtml
+4 -3
View File
@@ -4,7 +4,8 @@
ViewBag.Title = Html.ToBreadcrumb("Configuration", MVC.Config.Config.Index(), "Authorization Roles", MVC.Config.AuthorizationRole.Index(null), "Create");
}
@using (Html.BeginForm())
{
{
@Html.AntiForgeryToken()
<div class="form" style="width: 450px">
<table>
<tr>
@@ -12,7 +13,7 @@
Name:
</th>
<td>
@Html.EditorFor(model => model.AuthorizationRole.Name)<br />@Html.ValidationMessageFor(model => model.AuthorizationRole.Name)
@Html.EditorFor(model => model.Name)<br />@Html.ValidationMessageFor(model => model.Name)
</td>
</tr>
</table>
@@ -22,7 +23,7 @@
</div>
<script type="text/javascript">
$(function () {
$('#AuthorizationRole_Name').focus().select();
$('#Name').focus().select();
});
</script>
}
Disco.Web/Areas/Config/Views/AuthorizationRole/Create.generated.cs
+22 -8
View File
@@ -57,7 +57,21 @@ WriteLiteral("\r\n");
#line 6 "..\..\Areas\Config\Views\AuthorizationRole\Create.cshtml"
using (Html.BeginForm())
{
{
#line default
#line hidden
#line 8 "..\..\Areas\Config\Views\AuthorizationRole\Create.cshtml"
Write(Html.AntiForgeryToken());
#line default
#line hidden
#line 8 "..\..\Areas\Config\Views\AuthorizationRole\Create.cshtml"
#line default
@@ -74,8 +88,8 @@ WriteLiteral(">\r\n <table>\r\n <tr>\r\n <th>\r
WriteLiteral(" ");
#line 15 "..\..\Areas\Config\Views\AuthorizationRole\Create.cshtml"
Write(Html.EditorFor(model => model.AuthorizationRole.Name));
#line 16 "..\..\Areas\Config\Views\AuthorizationRole\Create.cshtml"
Write(Html.EditorFor(model => model.Name));
#line default
@@ -83,8 +97,8 @@ WriteLiteral(" ");
WriteLiteral("<br />");
#line 15 "..\..\Areas\Config\Views\AuthorizationRole\Create.cshtml"
Write(Html.ValidationMessageFor(model => model.AuthorizationRole.Name));
#line 16 "..\..\Areas\Config\Views\AuthorizationRole\Create.cshtml"
Write(Html.ValidationMessageFor(model => model.Name));
#line default
@@ -107,11 +121,11 @@ WriteLiteral(" <script");
WriteLiteral(" type=\"text/javascript\"");
WriteLiteral(">\r\n $(function () {\r\n $(\'#AuthorizationRole_Name\').focus().sele" +
"ct();\r\n });\r\n </script>\r\n");
WriteLiteral(">\r\n $(function () {\r\n $(\'#Name\').focus().select();\r\n });" +
"\r\n </script>\r\n");
#line 28 "..\..\Areas\Config\Views\AuthorizationRole\Create.cshtml"
#line 29 "..\..\Areas\Config\Views\AuthorizationRole\Create.cshtml"
}
Disco.Web/Areas/Config/Views/AuthorizationRole/Index.cshtml
+103 -114
View File
@@ -7,15 +7,17 @@
{
<div class="form" style="width: 450px; padding: 100px 0;">
<h2>No authorization roles are configured</h2>
</div>
</div>
}
else
{
<table class="tableData">
<tr>
<th>Name
<th>
Name
</th>
<th>Linked Groups/Users
<th>
Linked Groups/Users
</th>
</tr>
@foreach (var item in Model.Tokens)
@@ -39,58 +41,75 @@ else
</table>
}
<!-- #region Administrator Subjects -->
<div id="Config_AuthRoles_Subjects_Update_Dialog" class="dialog" title="Disco ICT Administrators">
<div id="Config_AuthRoles_Subjects_Update_Dialog_ListContainer">
<span id="Config_AuthRoles_Subjects_Update_Dialog_None" class="smallMessage">None Associated</span>
<ul id="Config_AuthRoles_Subjects_Update_Dialog_List" class="none">
@foreach (var sg in Model.AdministratorSubjects)
{
var displayName = sg.Id == sg.Name ? sg.Id : string.Format("{0} [{1}]", sg.Name, sg.Id);
<li class="@(sg.IsGroup ? "group" : "user")" data-subjectid="@sg.Id">@if (sg.IsGroup)
{
<i class="fa fa-users fa-lg"></i>@displayName
}
else
{
<i class="fa fa-user fa-lg"></i>@displayName
}<i class="fa fa-times-circle remove"></i></li>
}
</ul>
</div>
<div id="Config_AuthRoles_Subjects_Update_Dialog" class="dialog" title="Disco ICT Administrators" data-searchsubjectsurl="@(Url.Action(MVC.API.System.SearchSubjects()))" data-subjecturl="@Url.Action(MVC.API.System.Subject())">
@using (Html.BeginForm(MVC.API.AuthorizationRole.UpdateAdministratorSubjects(null, true)))
{
@Html.AntiForgeryToken()
<div id="Config_AuthRoles_Subjects_Update_Dialog_ListContainer">
<span id="Config_AuthRoles_Subjects_Update_Dialog_None" class="smallMessage">None Associated</span>
<ul id="Config_AuthRoles_Subjects_Update_Dialog_List" class="none">
@foreach (var sg in Model.AdministratorSubjects)
{
var displayName = sg.Id == sg.Name ? sg.Id : string.Format("{0} [{1}]", sg.Name, sg.Id);
<li class="@(sg.IsGroup ? "group" : "user")" data-subjectid="@sg.Id">
<input type="hidden" name="subjects" value="@sg.Id" />
@if (sg.IsGroup)
{
<i class="fa fa-users fa-lg"></i>@displayName
}
else
{
<i class="fa fa-user fa-lg"></i>@displayName
}<i class="fa fa-times-circle remove"></i>
</li>
}
</ul>
</div>
}
<div id="Config_AuthRoles_Subjects_Update_Dialog_AddContainer">
<input type="text" id="Config_AuthRoles_Subjects_Update_Dialog_TextAdd" />
<a id="Config_AuthRoles_Subjects_Update_Dialog_Add" href="#" class="button small">Add</a>
<button id="Config_AuthRoles_Subjects_Update_Dialog_Add" type="button" class="button small">Add</button>
</div>
<form id="Config_AuthRoles_Subjects_Update_Dialog_Form" action="@(Url.Action(MVC.API.AuthorizationRole.UpdateAdministratorSubjects(null, true)))" method="post"></form>
</div>
<script>
(function () {
var dialog, textAdd, list, noSubjects, form;
let dialog = null;
let originalList = null;
let list = null;
let textAdd = null;
let noSubjects = null;
function showDialog() {
if (!dialog) {
list = $('#Config_AuthRoles_Subjects_Update_Dialog_List');
originalList = list.html();
noSubjects = $('#Config_AuthRoles_Subjects_Update_Dialog_None');
textAdd = $('#Config_AuthRoles_Subjects_Update_Dialog_TextAdd');
dialog = $('#Config_AuthRoles_Subjects_Update_Dialog').dialog({
resizable: false,
modal: true,
autoOpen: false,
width: 350,
height: 420,
buttons: {
"Save Changes": saveChanges,
Cancel: cancel
Cancel: function () {
$(this).dialog("close");
}
},
close: function () {
list.html(originalList);
}
});
dialog.on('click', '.remove', remove);
list = $('#Config_AuthRoles_Subjects_Update_Dialog_List');
noSubjects = $('#Config_AuthRoles_Subjects_Update_Dialog_None');
textAdd = $('#Config_AuthRoles_Subjects_Update_Dialog_TextAdd');
dialog.on('click', '.remove', function () {
$(this).closest('li').remove();
updateNoSubjects();
});
textAdd.watermark('Search Subjects')
.autocomplete({
source: '@(Url.Action(MVC.API.System.SearchSubjects()))',
source: dialog.attr('data-searchsubjectsurl'),
minLength: 2,
focus: function (e, ui) {
textAdd.val(ui.item.Id);
@@ -98,6 +117,7 @@ else
},
select: function (e, ui) {
textAdd.val(ui.item.Id).blur();
$('#Config_AuthRoles_Subjects_Update_Dialog_Add').trigger('click');
return false;
}
}).data('ui-autocomplete')._renderItem = function (ul, item) {
@@ -107,7 +127,7 @@ else
.appendTo(ul);
};
$('#Config_AuthRoles_Subjects_Update_Dialog_Add').click(add);
$('#Config_AuthRoles_Subjects_Update_Dialog_Add').on('click', add);
}
dialog.dialog('open');
@@ -116,79 +136,61 @@ else
return false;
}
function cancel() {
$(this).dialog("close");
async function add() {
const id = textAdd.val();
list.find('li').each(function () {
$this = $(this);
if ($this.is('[data-subjectstatus="new"]')) {
$this.remove();
} else {
if ($this.is('[data-subjectstatus="removed"]')) {
$this.show();
try {
const body = new FormData();
body.append('__RequestVerificationToken', document.body.dataset.antiforgery);
body.append('id', id);
const response = await fetch(dialog.attr('data-subjecturl'), {
method: 'POST',
body: body
});
if (response.ok) {
const data = await response.json();
if (!data)
throw 'Unknown user id';
if (!data.IsGroup && !data.IsUserAccount)
throw data.Name + ' [' + data.Id + '] is a ' + data.Type + '. Only users and groups can be added.';
if (list.find('li[data-subjectid="' + data.Id.replace('\\', '\\\\') + '"]').length != 0) {
throw 'That subject has already been added';
}
const liIcon = $('<i>').addClass('fa fa-lg');
if (data.Type === 'user')
liIcon.addClass('fa-user');
else
liIcon.addClass('fa-users');
const li = $('<li>')
.append($('<input>').attr({ type: 'hidden', name: 'subjects', value: data.Id }))
.append(liIcon)
.append($('<span>').text(data.Id == data.Name ? data.Id : data.Name + ' [' + data.Id + ']'))
.append($('<i>').addClass('fa fa-times-circle remove'))
.addClass(data.Type)
.attr('data-subjectid', data.Id)
.attr('data-subjectstatus', 'new');
list.append(li);
textAdd.val('');
updateNoSubjects();
} else {
alert('Error: ' + response.statusText);
}
});
}
function remove() {
$this = $(this).closest('li');
if ($this.is('[data-subjectstatus="new"]')) {
$this.remove();
} else {
$this.attr('data-subjectstatus', 'removed').hide();
} catch (e) {
alert('Error: ' + e);
}
updateNoSubjects();
return false;
}
function add() {
var id = textAdd.val();
$.ajax({
url: '@Url.Action(MVC.API.System.Subject())',
method: 'post',
data: { Id: id }
}).done(function (response) {
if (response) {
if (response.IsGroup || response.IsUserAccount) {
if (list.find('li[data-subjectid="' + response.Id.replace('\\', '\\\\') + '"]').length == 0) {
var liIcon = $('<i>').addClass('fa fa-lg');
if (response.Type === 'user')
liIcon.addClass('fa-user');
else
liIcon.addClass('fa-users');
var li = $('<li>')
.append(liIcon)
.append($('<span>').text(response.Id == response.Name ? response.Id : response.Name + ' [' + response.Id + ']'))
.append($('<i>').addClass('fa fa-times-circle remove'))
.addClass(response.Type)
.attr('data-subjectid', response.Id)
.attr('data-subjectstatus', 'new');
list.append(li);
updateNoSubjects();
} else {
alert('That subject has already been added');
}
}
else {
alert(response.Name + ' ['+response.Id+'] is a ' + response.Type + '. Only users and groups can be added.');
}
} else {
alert('Unknown Id');
}
}).fail(function (jqXHR, textStatus, errorThrown) {
alert('Error: ' + errorThrown);
});
return false;
}
function updateNoSubjects() {
if (list.find('li:visible').length > 0)
noSubjects.hide();
@@ -197,22 +199,9 @@ else
}
function saveChanges() {
var form = $('#Config_AuthRoles_Subjects_Update_Dialog_Form').empty();
list.find('li[data-subjectstatus!="removed"]').each(function () {
var subjectId = $(this).attr('data-subjectid');
form.append($('<input>').attr({
'name': 'Subjects',
'type': 'hidden'
}).val(subjectId));
}).get();
form.submit();
dialog.dialog("disable");
dialog.dialog("option", "buttons", null);
dialog
.dialog("option", "buttons", null)
.find('form').trigger('submit');
}
$(function () {
Disco.Web/Areas/Config/Views/AuthorizationRole/Index.generated.cs
+210 -181
View File
@@ -68,7 +68,7 @@ WriteLiteral(" class=\"form\"");
WriteLiteral(" style=\"width: 450px; padding: 100px 0;\"");
WriteLiteral(">\r\n <h2>No authorization roles are configured</h2>\r\n </div> \r\n");
WriteLiteral(">\r\n <h2>No authorization roles are configured</h2>\r\n </div>\r\n");
#line 11 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
@@ -83,17 +83,18 @@ WriteLiteral(" <table");
WriteLiteral(" class=\"tableData\"");
WriteLiteral(">\r\n <tr>\r\n <th>Name\r\n </th>\r\n <th>Linked " +
"Groups/Users\r\n </th>\r\n </tr>\r\n");
WriteLiteral(">\r\n <tr>\r\n <th>\r\n Name\r\n </th>\r\n " +
" <th>\r\n Linked Groups/Users\r\n </th>\r\n </t" +
"r>\r\n");
#line 21 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 23 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line default
#line hidden
#line 21 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 23 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
foreach (var item in Model.Tokens)
{
@@ -105,7 +106,7 @@ WriteLiteral(" <tr>\r\n <td>\r\n");
WriteLiteral(" ");
#line 25 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 27 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(Html.ActionLink(item.Role.Name, MVC.Config.AuthorizationRole.Index(item.Role.Id)));
@@ -114,13 +115,13 @@ WriteLiteral(" ");
WriteLiteral("\r\n </td>\r\n <td>\r\n");
#line 28 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 30 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line default
#line hidden
#line 28 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 30 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
if (item.SubjectIds.Count == 0)
{
@@ -134,7 +135,7 @@ WriteLiteral(" class=\"smallMessage\"");
WriteLiteral(">&lt;None&gt;</span>\r\n");
#line 31 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 33 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
else
{
@@ -143,14 +144,14 @@ WriteLiteral(">&lt;None&gt;</span>\r\n");
#line default
#line hidden
#line 34 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 36 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(string.Join(", ", item.SubjectIds.OrderBy(i => i)));
#line default
#line hidden
#line 34 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 36 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
@@ -160,7 +161,7 @@ WriteLiteral(">&lt;None&gt;</span>\r\n");
WriteLiteral(" </td>\r\n </tr>\r\n");
#line 38 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 40 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
@@ -169,7 +170,7 @@ WriteLiteral(" </td>\r\n </tr>\r\n");
WriteLiteral(" </table>\r\n");
#line 40 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 42 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
@@ -183,17 +184,69 @@ WriteLiteral(" class=\"dialog\"");
WriteLiteral(" title=\"Disco ICT Administrators\"");
WriteLiteral(">\r\n <div");
WriteLiteral(" data-searchsubjectsurl=\"");
#line 44 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(Url.Action(MVC.API.System.SearchSubjects()));
#line default
#line hidden
WriteLiteral("\"");
WriteLiteral(" data-subjecturl=\"");
#line 44 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(Url.Action(MVC.API.System.Subject()));
#line default
#line hidden
WriteLiteral("\"");
WriteLiteral(">\r\n");
#line 45 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line default
#line hidden
#line 45 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
using (Html.BeginForm(MVC.API.AuthorizationRole.UpdateAdministratorSubjects(null, true)))
{
#line default
#line hidden
#line 47 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(Html.AntiForgeryToken());
#line default
#line hidden
#line 47 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line default
#line hidden
WriteLiteral(" <div");
WriteLiteral(" id=\"Config_AuthRoles_Subjects_Update_Dialog_ListContainer\"");
WriteLiteral(">\r\n <span");
WriteLiteral(">\r\n <span");
WriteLiteral(" id=\"Config_AuthRoles_Subjects_Update_Dialog_None\"");
WriteLiteral(" class=\"smallMessage\"");
WriteLiteral(">None Associated</span>\r\n <ul");
WriteLiteral(">None Associated</span>\r\n <ul");
WriteLiteral(" id=\"Config_AuthRoles_Subjects_Update_Dialog_List\"");
@@ -202,105 +255,127 @@ WriteLiteral(" class=\"none\"");
WriteLiteral(">\r\n");
#line 46 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 51 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line default
#line hidden
#line 46 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
foreach (var sg in Model.AdministratorSubjects)
{
var displayName = sg.Id == sg.Name ? sg.Id : string.Format("{0} [{1}]", sg.Name, sg.Id);
#line 51 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
foreach (var sg in Model.AdministratorSubjects)
{
var displayName = sg.Id == sg.Name ? sg.Id : string.Format("{0} [{1}]", sg.Name, sg.Id);
#line default
#line hidden
WriteLiteral(" <li");
WriteLiteral(" <li");
WriteAttribute("class", Tuple.Create(" class=\"", 1809), Tuple.Create("\"", 1849)
WriteAttribute("class", Tuple.Create(" class=\"", 2136), Tuple.Create("\"", 2176)
#line 49 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
, Tuple.Create(Tuple.Create("", 1817), Tuple.Create<System.Object, System.Int32>(sg.IsGroup ? "group" : "user"
#line 54 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
, Tuple.Create(Tuple.Create("", 2144), Tuple.Create<System.Object, System.Int32>(sg.IsGroup ? "group" : "user"
#line default
#line hidden
, 1817), false)
, 2144), false)
);
WriteLiteral(" data-subjectid=\"");
#line 49 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(sg.Id);
#line 54 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(sg.Id);
#line default
#line hidden
WriteLiteral("\"");
WriteLiteral(">");
WriteLiteral(">\r\n <input");
WriteLiteral(" type=\"hidden\"");
WriteLiteral(" name=\"subjects\"");
WriteAttribute("value", Tuple.Create(" value=\"", 2264), Tuple.Create("\"", 2278)
#line 55 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
, Tuple.Create(Tuple.Create("", 2272), Tuple.Create<System.Object, System.Int32>(sg.Id
#line default
#line hidden
, 2272), false)
);
WriteLiteral(" />\r\n");
#line 49 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
if (sg.IsGroup)
{
#line 56 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line default
#line hidden
#line 56 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
if (sg.IsGroup)
{
#line default
#line hidden
WriteLiteral(" <i");
WriteLiteral(" <i");
WriteLiteral(" class=\"fa fa-users fa-lg\"");
WriteLiteral("></i>");
#line 51 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 58 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line default
#line hidden
#line 51 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(displayName);
#line 58 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(displayName);
#line default
#line hidden
#line 51 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
else
{
#line 58 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
else
{
#line default
#line hidden
WriteLiteral(" <i");
WriteLiteral(" <i");
WriteLiteral(" class=\"fa fa-user fa-lg\"");
WriteLiteral("></i>");
#line 55 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 62 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line default
#line hidden
#line 55 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(displayName);
#line 62 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(displayName);
#line default
#line hidden
#line 55 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
#line 62 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
#line default
#line hidden
@@ -308,16 +383,25 @@ WriteLiteral("<i");
WriteLiteral(" class=\"fa fa-times-circle remove\"");
WriteLiteral("></i></li>\r\n");
WriteLiteral("></i>\r\n </li>\r\n");
#line 57 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
#line 65 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
#line default
#line hidden
WriteLiteral(" </ul>\r\n </div>\r\n <div");
WriteLiteral(" </ul>\r\n </div>\r\n");
#line 68 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
}
#line default
#line hidden
WriteLiteral(" <div");
WriteLiteral(" id=\"Config_AuthRoles_Subjects_Update_Dialog_AddContainer\"");
@@ -327,136 +411,81 @@ WriteLiteral(" type=\"text\"");
WriteLiteral(" id=\"Config_AuthRoles_Subjects_Update_Dialog_TextAdd\"");
WriteLiteral(" />\r\n <a");
WriteLiteral(" />\r\n <button");
WriteLiteral(" id=\"Config_AuthRoles_Subjects_Update_Dialog_Add\"");
WriteLiteral(" href=\"#\"");
WriteLiteral(" type=\"button\"");
WriteLiteral(" class=\"button small\"");
WriteLiteral(">Add</a>\r\n </div>\r\n <form");
WriteLiteral(" id=\"Config_AuthRoles_Subjects_Update_Dialog_Form\"");
WriteAttribute("action", Tuple.Create(" action=\"", 2880), Tuple.Create("\"", 2969)
#line 64 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
, Tuple.Create(Tuple.Create("", 2889), Tuple.Create<System.Object, System.Int32>(Url.Action(MVC.API.AuthorizationRole.UpdateAdministratorSubjects(null, true))
#line default
#line hidden
, 2889), false)
);
WriteLiteral(" method=\"post\"");
WriteLiteral(@"></form>
</div>
<script>
(function () {
var dialog, textAdd, list, noSubjects, form;
function showDialog() {
if (!dialog) {
dialog = $('#Config_AuthRoles_Subjects_Update_Dialog').dialog({
resizable: false,
modal: true,
autoOpen: false,
width: 350,
height: 420,
buttons: {
""Save Changes"": saveChanges,
Cancel: cancel
}
});
dialog.on('click', '.remove', remove);
list = $('#Config_AuthRoles_Subjects_Update_Dialog_List');
noSubjects = $('#Config_AuthRoles_Subjects_Update_Dialog_None');
textAdd = $('#Config_AuthRoles_Subjects_Update_Dialog_TextAdd');
textAdd.watermark('Search Subjects')
.autocomplete({
source: '");
#line 93 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(Url.Action(MVC.API.System.SearchSubjects()));
#line default
#line hidden
WriteLiteral("\',\r\n minLength: 2,\r\n focus: functio" +
"n (e, ui) {\r\n textAdd.val(ui.item.Id);\r\n " +
" return false;\r\n },\r\n " +
" select: function (e, ui) {\r\n textAdd.val(ui.item.Id" +
").blur();\r\n return false;\r\n }\r" +
"\n }).data(\'ui-autocomplete\')._renderItem = function (ul, item" +
") {\r\n return $(\"<li></li>\")\r\n " +
".data(\"item.autocomplete\", item)\r\n .append(\"<a><stron" +
"g>\" + item.Name + \"</strong><br>\" + item.Id + \" (\" + item.Type + \")</a>\")\r\n " +
" .appendTo(ul);\r\n };\r\n\r\n " +
" $(\'#Config_AuthRoles_Subjects_Update_Dialog_Add\').click(add);\r\n }\r\n\r" +
"\n dialog.dialog(\'open\');\r\n\r\n updateNoSubjects();\r\n " +
" return false;\r\n }\r\n\r\n function cancel() {\r\n $(this)" +
".dialog(\"close\");\r\n\r\n list.find(\'li\').each(function () {\r\n " +
" $this = $(this);\r\n if ($this.is(\'[data-subjectstatus=\"new\"]\'" +
")) {\r\n $this.remove();\r\n } else {\r\n " +
" if ($this.is(\'[data-subjectstatus=\"removed\"]\')) {\r\n " +
" $this.show();\r\n }\r\n }\r\n });\r\n " +
" }\r\n\r\n function remove() {\r\n $this = $(this).closest(\'li\'" +
");\r\n\r\n if ($this.is(\'[data-subjectstatus=\"new\"]\')) {\r\n " +
" $this.remove();\r\n } else {\r\n $this.attr(\'data-subject" +
"status\', \'removed\').hide();\r\n }\r\n\r\n updateNoSubjects();\r\n " +
" return false;\r\n }\r\n\r\n function add() {\r\n var" +
" id = textAdd.val();\r\n\r\n $.ajax({\r\n url: \'");
#line 151 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(Url.Action(MVC.API.System.Subject()));
#line default
#line hidden
WriteLiteral("\',\r\n method: \'post\',\r\n data: { Id: id }\r\n " +
" }).done(function (response) {\r\n if (response) {\r\n " +
" if (response.IsGroup || response.IsUserAccount) {\r\n " +
" if (list.find(\'li[data-subjectid=\"\' + response.Id.replace(\'\\\\\', \'\\\\\\\\\') + \'\"]\')" +
".length == 0) {\r\n\r\n var liIcon = $(\'<i>\').addClass(\'f" +
"a fa-lg\');\r\n if (response.Type === \'user\')\r\n " +
" liIcon.addClass(\'fa-user\');\r\n " +
"else\r\n liIcon.addClass(\'fa-users\');\r\n\r\n " +
" var li = $(\'<li>\')\r\n .append(li" +
"Icon)\r\n .append($(\'<span>\').text(response.Id == r" +
"esponse.Name ? response.Id : response.Name + \' [\' + response.Id + \']\'))\r\n " +
" .append($(\'<i>\').addClass(\'fa fa-times-circle remove\'))" +
"\r\n .addClass(response.Type)\r\n " +
" .attr(\'data-subjectid\', response.Id)\r\n " +
" .attr(\'data-subjectstatus\', \'new\');\r\n\r\n list.append" +
"(li);\r\n\r\n updateNoSubjects();\r\n " +
" } else {\r\n alert(\'That subject has already been add" +
"ed\');\r\n }\r\n }\r\n els" +
"e {\r\n alert(response.Name + \' [\'+response.Id+\'] is a \' + " +
"response.Type + \'. Only users and groups can be added.\');\r\n }" +
"\r\n } else {\r\n alert(\'Unknown Id\');\r\n " +
" }\r\n }).fail(function (jqXHR, textStatus, errorThrown) {\r\n " +
" alert(\'Error: \' + errorThrown);\r\n });\r\n retu" +
"rn false;\r\n }\r\n\r\n function updateNoSubjects() {\r\n i" +
"f (list.find(\'li:visible\').length > 0)\r\n noSubjects.hide();\r\n " +
" else\r\n noSubjects.show();\r\n }\r\n\r\n function " +
"saveChanges() {\r\n var form = $(\'#Config_AuthRoles_Subjects_Update_Dia" +
"log_Form\').empty();\r\n\r\n list.find(\'li[data-subjectstatus!=\"removed\"]\'" +
").each(function () {\r\n var subjectId = $(this).attr(\'data-subject" +
"id\');\r\n\r\n form.append($(\'<input>\').attr({\r\n \'n" +
"ame\': \'Subjects\',\r\n \'type\': \'hidden\'\r\n }).val(" +
"subjectId));\r\n\r\n }).get();\r\n\r\n form.submit();\r\n\r\n " +
" dialog.dialog(\"disable\");\r\n dialog.dialog(\"option\", \"buttons\", nul" +
"l);\r\n }\r\n\r\n $(function () {\r\n $(\'#Config_AuthRoles_Upda" +
"teAdministrators\').click(showDialog);\r\n });\r\n\r\n })();\r\n</script>\r\n<!--" +
" #endregion -->\r\n<div");
WriteLiteral(">Add</button>\r\n </div>\r\n</div>\r\n<script>\r\n (function () {\r\n let dial" +
"og = null;\r\n let originalList = null;\r\n let list = null;\r\n " +
"let textAdd = null;\r\n let noSubjects = null;\r\n\r\n function showDial" +
"og() {\r\n if (!dialog) {\r\n list = $(\'#Config_AuthRoles_" +
"Subjects_Update_Dialog_List\');\r\n originalList = list.html();\r\n " +
" noSubjects = $(\'#Config_AuthRoles_Subjects_Update_Dialog_None\');\r\n " +
" textAdd = $(\'#Config_AuthRoles_Subjects_Update_Dialog_TextAdd\');\r" +
"\n\r\n dialog = $(\'#Config_AuthRoles_Subjects_Update_Dialog\').dialog" +
"({\r\n resizable: false,\r\n modal: true,\r\n " +
" autoOpen: false,\r\n width: 350,\r\n " +
" buttons: {\r\n \"Save Changes\": saveChanges,\r\n " +
" Cancel: function () {\r\n $(this).dia" +
"log(\"close\");\r\n }\r\n },\r\n " +
" close: function () {\r\n list.html(originalList);\r\n " +
" }\r\n });\r\n\r\n dialog.on(\'click\', \'" +
".remove\', function () {\r\n $(this).closest(\'li\').remove();\r\n " +
" updateNoSubjects();\r\n });\r\n\r\n te" +
"xtAdd.watermark(\'Search Subjects\')\r\n .autocomplete({\r\n " +
" source: dialog.attr(\'data-searchsubjectsurl\'),\r\n " +
" minLength: 2,\r\n focus: function (e, ui) {\r\n " +
" textAdd.val(ui.item.Id);\r\n ret" +
"urn false;\r\n },\r\n select: function" +
" (e, ui) {\r\n textAdd.val(ui.item.Id).blur();\r\n " +
" $(\'#Config_AuthRoles_Subjects_Update_Dialog_Add\').trigger(\'" +
"click\');\r\n return false;\r\n }\r\n" +
" }).data(\'ui-autocomplete\')._renderItem = function (ul, item)" +
" {\r\n return $(\"<li></li>\")\r\n ." +
"data(\"item.autocomplete\", item)\r\n .append(\"<a><strong" +
">\" + item.Name + \"</strong><br>\" + item.Id + \" (\" + item.Type + \")</a>\")\r\n " +
" .appendTo(ul);\r\n };\r\n\r\n " +
"$(\'#Config_AuthRoles_Subjects_Update_Dialog_Add\').on(\'click\', add);\r\n " +
" }\r\n\r\n dialog.dialog(\'open\');\r\n\r\n updateNoSubjects();\r\n " +
" return false;\r\n }\r\n\r\n async function add() {\r\n " +
" const id = textAdd.val();\r\n\r\n try {\r\n const body = ne" +
"w FormData();\r\n body.append(\'__RequestVerificationToken\', documen" +
"t.body.dataset.antiforgery);\r\n body.append(\'id\', id);\r\n " +
" const response = await fetch(dialog.attr(\'data-subjecturl\'), {\r\n " +
" method: \'POST\',\r\n body: body\r\n });\r\n" +
"\r\n if (response.ok) {\r\n const data = await res" +
"ponse.json();\r\n\r\n if (!data)\r\n throw \'" +
"Unknown user id\';\r\n\r\n if (!data.IsGroup && !data.IsUserAccoun" +
"t)\r\n throw data.Name + \' [\' + data.Id + \'] is a \' + data." +
"Type + \'. Only users and groups can be added.\';\r\n\r\n if (list." +
"find(\'li[data-subjectid=\"\' + data.Id.replace(\'\\\\\', \'\\\\\\\\\') + \'\"]\').length != 0) " +
"{\r\n throw \'That subject has already been added\';\r\n " +
" }\r\n\r\n const liIcon = $(\'<i>\').addClass(\'fa fa-lg" +
"\');\r\n if (data.Type === \'user\')\r\n liIc" +
"on.addClass(\'fa-user\');\r\n else\r\n liIco" +
"n.addClass(\'fa-users\');\r\n\r\n const li = $(\'<li>\')\r\n " +
" .append($(\'<input>\').attr({ type: \'hidden\', name: \'subjects\', value" +
": data.Id }))\r\n .append(liIcon)\r\n " +
".append($(\'<span>\').text(data.Id == data.Name ? data.Id : data.Name + \' [\' + dat" +
"a.Id + \']\'))\r\n .append($(\'<i>\').addClass(\'fa fa-times-cir" +
"cle remove\'))\r\n .addClass(data.Type)\r\n " +
" .attr(\'data-subjectid\', data.Id)\r\n .attr(\'data-subje" +
"ctstatus\', \'new\');\r\n\r\n list.append(li);\r\n " +
"textAdd.val(\'\');\r\n\r\n updateNoSubjects();\r\n } e" +
"lse {\r\n alert(\'Error: \' + response.statusText);\r\n " +
" }\r\n\r\n } catch (e) {\r\n alert(\'Error: \' + e);\r\n " +
" }\r\n\r\n return false;\r\n }\r\n\r\n function updateNoSub" +
"jects() {\r\n if (list.find(\'li:visible\').length > 0)\r\n " +
"noSubjects.hide();\r\n else\r\n noSubjects.show();\r\n " +
" }\r\n\r\n function saveChanges() {\r\n dialog\r\n .di" +
"alog(\"option\", \"buttons\", null)\r\n .find(\'form\').trigger(\'submit\')" +
";\r\n }\r\n\r\n $(function () {\r\n $(\'#Config_AuthRoles_Update" +
"Administrators\').click(showDialog);\r\n });\r\n\r\n })();\r\n</script>\r\n<!-- #" +
"endregion -->\r\n<div");
WriteLiteral(" class=\"actionBar\"");
@@ -471,7 +500,7 @@ WriteLiteral(" class=\"button\"");
WriteLiteral(">Update Disco ICT Administrators [");
#line 226 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 215 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(Model.AdministratorSubjects.Count);
@@ -482,7 +511,7 @@ WriteLiteral("]</a>\r\n");
WriteLiteral(" ");
#line 227 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
#line 216 "..\..\Areas\Config\Views\AuthorizationRole\Index.cshtml"
Write(Html.ActionLinkButton("Create Authorization Role", MVC.Config.AuthorizationRole.Create()));
Disco.Web/Areas/Config/Views/AuthorizationRole/Show.cshtml
+180 -184
View File
@@ -11,16 +11,19 @@
<div id="Config_AuthRoles_Show" class="form" style="width: 550px">
<table>
<tr>
<th style="width: 150px">Id:
<th style="width: 150px">
Id:
</th>
<td>
@Html.DisplayFor(model => model.Token.Role.Id)
</td>
</tr>
<tr>
<th>Name:
<th>
Name:
</th>
<td>@Html.EditorFor(model => model.Token.Role.Name)
<td>
@Html.EditorFor(model => model.Token.Role.Name)
@AjaxHelpers.AjaxSave()
@AjaxHelpers.AjaxLoader()
<script type="text/javascript">
@@ -48,71 +51,87 @@
@foreach (var sg in Model.Subjects)
{
var displayName = sg.Id == sg.Name ? sg.Id : string.Format("{0} [{1}]", sg.Name, sg.Id);
<li class="@(sg.IsGroup ? "group" : "user")">@if (sg.IsGroup)
{
<i class="fa fa-users fa-lg"></i>@displayName
}
else
{
<a href="@(Url.Action(MVC.User.Show(sg.Id)))#UserDetailTab-Authorization"><i class="fa fa-user fa-lg"></i>@displayName</a>
}</li>
<li class="@(sg.IsGroup ? "group" : "user")">
@if (sg.IsGroup)
{
<i class="fa fa-users fa-lg"></i>@displayName
}
else
{
<a href="@(Url.Action(MVC.User.Show(sg.Id)))#UserDetailTab-Authorization"><i class="fa fa-user fa-lg"></i>@displayName</a>
}
</li>
}
</ul>
}
<div>
<a id="Config_AuthRoles_Subjects_Update" href="#" class="button small">Update</a>
<div id="Config_AuthRoles_Subjects_Update_Dialog" class="dialog" title="Authorization Role Linked Groups/Users">
<div id="Config_AuthRoles_Subjects_Update_Dialog_ListContainer">
<span id="Config_AuthRoles_Subjects_Update_Dialog_None" class="smallMessage">None Associated</span>
<ul id="Config_AuthRoles_Subjects_Update_Dialog_List" class="none">
@foreach (var sg in Model.Subjects)
{
var displayName = sg.Id == sg.Name ? sg.Id : string.Format("{0} [{1}]", sg.Name, sg.Id);
<li class="@(sg.IsGroup ? "group" : "user")" data-subjectid="@sg.Id">@if (sg.IsGroup)
{
<i class="fa fa-users fa-lg"></i>@displayName
}
else
{
<i class="fa fa-user fa-lg"></i>@displayName
}<i class="fa fa-times-circle remove"></i></li>
}
</ul>
</div>
<div id="Config_AuthRoles_Subjects_Update_Dialog" class="dialog" title="Authorization Role Linked Groups/Users" data-searchsubjectsurl="@(Url.Action(MVC.API.System.SearchSubjects()))" data-subjecturl="@Url.Action(MVC.API.System.Subject())">
@using (Html.BeginForm(MVC.API.AuthorizationRole.UpdateSubjects(Model.Token.Role.Id, null, true)))
{
@Html.AntiForgeryToken()
<div id="Config_AuthRoles_Subjects_Update_Dialog_ListContainer">
<span id="Config_AuthRoles_Subjects_Update_Dialog_None" class="smallMessage">None Associated</span>
<ul id="Config_AuthRoles_Subjects_Update_Dialog_List" class="none">
@foreach (var sg in Model.Subjects)
{
var displayName = sg.Id == sg.Name ? sg.Id : string.Format("{0} [{1}]", sg.Name, sg.Id);
<li class="@(sg.IsGroup ? "group" : "user")" data-subjectid="@sg.Id">
<input type="hidden" name="subjects" value="@sg.Id" />
@if (sg.IsGroup)
{
<i class="fa fa-users fa-lg"></i>@displayName
}
else
{
<i class="fa fa-user fa-lg"></i>@displayName
}<i class="fa fa-times-circle remove"></i>
</li>
}
</ul>
</div>
}
<div id="Config_AuthRoles_Subjects_Update_Dialog_AddContainer">
<input type="text" id="Config_AuthRoles_Subjects_Update_Dialog_TextAdd" />
<a id="Config_AuthRoles_Subjects_Update_Dialog_Add" href="#" class="button small">Add</a>
<button id="Config_AuthRoles_Subjects_Update_Dialog_Add" type="button" class="button small">Add</button>
</div>
<form id="Config_AuthRoles_Subjects_Update_Dialog_Form" action="@(Url.Action(MVC.API.AuthorizationRole.UpdateSubjects(Model.Token.Role.Id, null, true)))" method="post"></form>
</div>
<script>
(function(){
var dialog, textAdd, list, noSubjects, form;
function showDialog(){
if (!dialog){
(function () {
let dialog, textAdd, list, originalList, noSubjects;
function showDialog() {
if (!dialog) {
list = $('#Config_AuthRoles_Subjects_Update_Dialog_List');
originalList = list.html();
noSubjects = $('#Config_AuthRoles_Subjects_Update_Dialog_None');
textAdd = $('#Config_AuthRoles_Subjects_Update_Dialog_TextAdd');
dialog = $('#Config_AuthRoles_Subjects_Update_Dialog').dialog({
resizable: false,
modal: true,
autoOpen: false,
width: 350,
height: 420,
buttons: {
"Save Changes": saveChanges,
Cancel: cancel
Cancel: function () {
$(this).dialog("close");
}
},
close: function () {
list.html(originalList);
}
});
dialog.on('click', '.remove', remove);
dialog.on('click', '.remove', function () {
$(this).closest('li').remove();
updateNoSubjects();
});
list = $('#Config_AuthRoles_Subjects_Update_Dialog_List');
noSubjects = $('#Config_AuthRoles_Subjects_Update_Dialog_None');
textAdd = $('#Config_AuthRoles_Subjects_Update_Dialog_TextAdd');
textAdd.watermark('Search Subjects')
.autocomplete({
source: '@(Url.Action(MVC.API.System.SearchSubjects()))',
source: dialog.attr('data-searchsubjectsurl'),
minLength: 2,
focus: function (e, ui) {
textAdd.val(ui.item.Id);
@@ -120,6 +139,7 @@
},
select: function (e, ui) {
textAdd.val(ui.item.Id).blur();
$('#Config_AuthRoles_Subjects_Update_Dialog_Add').trigger('click');
return false;
}
}).data('ui-autocomplete')._renderItem = function (ul, item) {
@@ -129,7 +149,7 @@
.appendTo(ul);
};
$('#Config_AuthRoles_Subjects_Update_Dialog_Add').click(add);
$('#Config_AuthRoles_Subjects_Update_Dialog_Add').on('click', add);
}
dialog.dialog('open');
@@ -138,106 +158,75 @@
return false;
}
function cancel(){
$(this).dialog("close");
async function add() {
const id = textAdd.val();
list.find('li').each(function(){
$this = $(this);
if ($this.is('[data-subjectstatus="new"]')){
$this.remove();
}else{
if ($this.is('[data-subjectstatus="removed"]')){
$this.show();
try {
const body = new FormData();
body.append('__RequestVerificationToken', document.body.dataset.antiforgery);
body.append('id', id);
const response = await fetch(dialog.attr('data-subjecturl'), {
method: 'POST',
body: body
});
if (response.ok) {
const data = await response.json();
if (!data)
throw 'Unknown user id';
if (!data.IsGroup && !data.IsUserAccount)
throw data.Name + ' [' + data.Id + '] is a ' + data.Type + '. Only users and groups can be added.';
if (list.find('li[data-subjectid="' + data.Id.replace('\\', '\\\\') + '"]').length != 0) {
throw 'That subject has already been added';
}
const liIcon = $('<i>').addClass('fa fa-lg');
if (data.Type === 'user')
liIcon.addClass('fa-user');
else
liIcon.addClass('fa-users');
const li = $('<li>')
.append($('<input>').attr({ type: 'hidden', name: 'subjects', value: data.Id }))
.append(liIcon)
.append($('<span>').text(data.Id == data.Name ? data.Id : data.Name + ' [' + data.Id + ']'))
.append($('<i>').addClass('fa fa-times-circle remove'))
.addClass(data.Type)
.attr('data-subjectid', data.Id)
.attr('data-subjectstatus', 'new');
list.append(li);
textAdd.val('');
updateNoSubjects();
} else {
alert('Error: ' + response.statusText);
}
});
}
function remove(){
$this = $(this).closest('li');
if ($this.is('[data-subjectstatus="new"]')){
$this.remove();
}else{
$this.attr('data-subjectstatus', 'removed').hide();
} catch (e) {
alert('Error: ' + e);
}
updateNoSubjects();
return false;
}
function add(){
var id = textAdd.val();
$.ajax({
url: '@Url.Action(MVC.API.System.Subject())',
method: 'post',
data: { Id: id }
}).done(function(response){
if (response){
if (response.IsGroup || response.IsUserAccount) {
if (list.find('li[data-subjectid="'+response.Id.replace('\\', '\\\\')+'"]').length == 0){
var liIcon = $('<i>').addClass('fa fa-lg');
if (response.Type === 'user')
liIcon.addClass('fa-user');
else
liIcon.addClass('fa-users');
var li = $('<li>')
.append(liIcon)
.append($('<span>').text(response.Id == response.Name ? response.Id : response.Name + ' [' + response.Id + ']'))
.append($('<i>').addClass('fa fa-times-circle remove'))
.addClass(response.Type)
.attr('data-subjectid', response.Id)
.attr('data-subjectstatus', 'new');
list.append(li);
updateNoSubjects();
}else{
alert('That subject has already been added');
}
}else{
alert(response.Name + ' ['+response.Id+'] is a ' + response.Type + '. Only users and groups can be added.');
}
}else{
alert('Unknown Id');
}
}).fail(function(jqXHR, textStatus, errorThrown){
alert('Error: ' + errorThrown);
});
}
function updateNoSubjects(){
function updateNoSubjects() {
if (list.find('li:visible').length > 0)
noSubjects.hide();
else
noSubjects.show();
}
function saveChanges(){
var form = $('#Config_AuthRoles_Subjects_Update_Dialog_Form').empty();
list.find('li[data-subjectstatus!="removed"]').each(function(){
var subjectId = $(this).attr('data-subjectid');
form.append($('<input>').attr({
'name': 'Subjects',
'type': 'hidden'
}).val(subjectId));
}).get();
form.submit();
dialog.dialog("disable");
dialog.dialog("option", "buttons", null);
function saveChanges() {
dialog
.dialog("option", "buttons", null)
.find('form').trigger('submit');
}
$(function(){
$('#Config_AuthRoles_Subjects_Update').click(showDialog);
});
$('#Config_AuthRoles_Subjects_Update').click(showDialog);
})();
</script>
</div>
@@ -248,13 +237,16 @@
<div id="Config_AuthRoles_Claims_Tree">
</div>
<div>
<a href="#" id="Config_AuthRoles_Claims_SaveChanges" class="button small disabled">Save Changes</a>@AjaxHelpers.AjaxLoader()
<button type="button" id="Config_AuthRoles_Claims_SaveChanges" class="button small disabled" data-saveurl="@Url.Action(MVC.API.AuthorizationRole.UpdateClaims(Model.Token.Role.Id))">Save Changes</button>@AjaxHelpers.AjaxLoader()
</div>
<script id="Config_AuthRoles_Claims_NodesJson" type="application/json">
@Html.Raw(Newtonsoft.Json.JsonConvert.SerializeObject(Model.ClaimNavigatorFancyTreeNodes))
</script>
<script>
(function(){
var claimNodes = @(new HtmlString(Newtonsoft.Json.JsonConvert.SerializeObject(Model.ClaimNavigatorFancyTreeNodes)));
(function () {
var claimNodes = JSON.parse($('#Config_AuthRoles_Claims_NodesJson').html());
$(function(){
$(function () {
var saveButton = $('#Config_AuthRoles_Claims_SaveChanges');
var ajaxLoading = saveButton.next('.ajaxLoading');
@@ -262,43 +254,45 @@
source: claimNodes,
checkbox: true,
selectMode: 3,
select: function(){
select: function () {
saveButton.removeClass('disabled');
},
keyboard: false
});
saveButton.click(function(){
if (!saveButton.is('.disabled')){
var selectedNodes = tree.fancytree('getTree').getSelectedNodes();
saveButton.on('click', async function () {
if (!saveButton.is('.disabled')) {
ajaxLoading.show();
var selectedKeys = [];
for (var i = 0; i < selectedNodes.length; i++) {
var node = selectedNodes[i];
if (!node.folder)
selectedKeys.push(node.key);
}
try {
const body = new FormData();
body.append('__RequestVerificationToken', document.body.dataset.antiforgery);
ajaxLoading.show()
var selectedNodes = tree.fancytree('getTree').getSelectedNodes();
$.ajax({
url: '@Url.Action(MVC.API.AuthorizationRole.UpdateClaims(Model.Token.Role.Id))',
method: 'post',
data: { ClaimKeys: selectedKeys },
traditional: true
}).done(function(response, result){
if (result != 'success' || response != 'OK') {
alert('Unable to save changes:\n' + response);
ajaxLoading.hide();
} else {
saveButton.addClass('disabled');
ajaxLoading.hide().next('.ajaxOk').show().delay('fast').fadeOut('slow');
var selectedKeys = [];
for (var i = 0; i < selectedNodes.length; i++) {
var node = selectedNodes[i];
if (!node.folder)
body.append('claimKeys', node.key);
}
}).fail(function(jqXHR, textStatus, errorThrown){
alert('Error: ' + errorThrown);
});
const response = await fetch(saveButton.attr('data-saveurl'), {
method: 'POST',
body: body
});
if (response.ok) {
saveButton.addClass('disabled');
ajaxLoading.next('.ajaxOk').show().delay('fast').fadeOut('slow');
} else {
alert('Unable to save changes:\n' + response);
}
} catch (e) {
alert('Error: ' + e);
}
ajaxLoading.hide();
}
return false;
});
});
})();
@@ -308,8 +302,12 @@
</table>
</div>
<div class="actionBar">
@Html.ActionLinkButton("Delete", MVC.API.AuthorizationRole.Delete(Model.Token.Role.Id, true), "Config_AuthRoles_Actions_Delete_Button")
<div id="Config_AuthRoles_Actions_Delete_Dialog" title="Delete this Authorization Role?">
<button id="Config_AuthRoles_Actions_Delete_Button" type="button" class="button">Delete</button>
<div id="Config_AuthRoles_Actions_Delete_Dialog" class="dialog" title="Delete this Authorization Role?">
@using (Html.BeginForm(MVC.API.AuthorizationRole.Delete(Model.Token.Role.Id, true)))
{
@Html.AntiForgeryToken()
}
<p>
<i class="fa fa-exclamation-triangle fa-lg warning"></i>
This item will be permanently deleted and cannot be recovered.<br />
@@ -319,30 +317,28 @@
</div>
<script type="text/javascript">
$(function () {
var button = $('#Config_AuthRoles_Actions_Delete_Button');
var buttonDialog = $('#Config_AuthRoles_Actions_Delete_Dialog');
var buttonLink = button.attr('href');
button.attr('href', '#');
button.click(function () {
buttonDialog.dialog('open');
return false;
});
buttonDialog.dialog({
resizable: false,
modal: true,
autoOpen: false,
buttons: {
"Delete": function () {
var $this = $(this);
$this.dialog("disable");
$this.dialog("option", "buttons", null);
window.location.href = buttonLink;
},
Cancel: function () {
$(this).dialog("close");
}
let buttonDialog = null;
$('#Config_AuthRoles_Actions_Delete_Button').click(function () {
if (!buttonDialog) {
buttonDialog = $('#Config_AuthRoles_Actions_Delete_Dialog').dialog({
resizable: false,
modal: true,
autoOpen: false,
buttons: {
"Delete": function () {
$(this)
.dialog("option", "buttons", null)
.find('form').trigger('submit');
},
Cancel: function () {
$(this).dialog("close");
}
}
});
}
buttonDialog.dialog('open');
});
});
</script>
</div>
Disco.Web/Areas/Config/Views/AuthorizationRole/Show.generated.cs
+403 -338
View File
File diff suppressed because it is too large Load Diff