jessikitty/Disco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

User Authorization UI #24

Browse Source 
Additional UI to help determining what effective authorization users
have.
This commit is contained in:
Gary Sharp
2013-10-14 12:12:50 +11:00
parent a099d68915
commit ec74039400
14 changed files with 804 additions and 388 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Disco.Models/UI/User/UserShowModel.cs
+1
View File
@@ -12,6 +12,7 @@ namespace Disco.Models.UI.User
Disco.Models.Repository.User User { get; set; }
Disco.Models.BI.Job.JobTableModel Jobs { get; set; }
List<Disco.Models.Repository.DocumentTemplate> DocumentTemplates { get; set; }
IAuthorizationToken AuthorizationToken { get; set; }
IClaimNavigatorItem ClaimNavigator { get; set; }
}
}
Disco.Web/Areas/Config/Views/AuthorizationRole/Show.cshtml
+2 -1
View File
@@ -237,7 +237,8 @@
selectMode: 3,
select: function(){
saveButton.removeClass('disabled');
}
},
keyboard: false
});
saveButton.click(function(){
Disco.Web/Areas/Config/Views/AuthorizationRole/Show.generated.cs
+4 -3
View File
@@ -511,7 +511,8 @@ WriteLiteral(@";
selectMode: 3,
select: function(){
saveButton.removeClass('disabled');
}
},
keyboard: false
});
saveButton.click(function(){
@@ -531,7 +532,7 @@ WriteLiteral(@";
url: '");
#line 257 "..\..\Areas\Config\Views\AuthorizationRole\Show.cshtml"
#line 258 "..\..\Areas\Config\Views\AuthorizationRole\Show.cshtml"
Write(Url.Action(MVC.API.AuthorizationRole.UpdateClaims(Model.Token.Role.Id)));
@@ -571,7 +572,7 @@ WriteLiteral(">\r\n");
WriteLiteral(" ");
#line 283 "..\..\Areas\Config\Views\AuthorizationRole\Show.cshtml"
#line 284 "..\..\Areas\Config\Views\AuthorizationRole\Show.cshtml"
Write(Html.ActionLinkButton("Delete", MVC.API.AuthorizationRole.Delete(Model.Token.Role.Id, true), "Config_AuthRoles_Actions_Delete_Button"));
Disco.Web/ClientSource/Style/Fancytree/icons-DiscoMod.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.6 KiB

Disco.Web/ClientSource/Style/Fancytree/ui.fancytree.css
+325 -352
View File
File diff suppressed because one or more lines are too long
Disco.Web/ClientSource/Style/Fancytree/ui.fancytree.min.css
Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
Disco.Web/ClientSource/Style/User.css
+60
View File
@@ -197,6 +197,66 @@
right: 220px;
margin-top: -24px;
}
#UserDetailTab-Authorization #UserDetailTab-AuthorizationContainer {
background-color: #fff;
border: 1px solid #cccccc;
}
#UserDetailTab-Authorization #UserDetailTab-Authorization_ClaimsTree_Container {
width: 50%;
float: left;
padding: 6px 10px 6px 4px;
}
#UserDetailTab-Authorization #UserDetailTab-Authorization_ClaimsTree_Container > span.smallMessage:last-child {
display: block;
text-align: right;
}
#UserDetailTab-Authorization .fancytree-container {
border: none;
}
#UserDetailTab-Authorization span.fancytree-node.fancytree-selected {
font-style: normal;
}
#UserDetailTab-Authorization span.fancytree-checkbox {
margin-left: 3px;
background-position: -96px -32px;
}
#UserDetailTab-Authorization span.fancytree-checkbox:hover {
background-position: -96px -32px;
}
#UserDetailTab-Authorization .fancytree-partsel span.fancytree-checkbox {
background-position: -128px -32px;
}
#UserDetailTab-Authorization .fancytree-partsel span.fancytree-checkbox:hover {
background-position: -128px -32px;
}
#UserDetailTab-Authorization .fancytree-selected span.fancytree-checkbox {
background-position: -112px -32px;
}
#UserDetailTab-Authorization .fancytree-selected span.fancytree-checkbox:hover {
background-position: -112px -32px;
}
#UserDetailTab-Authorization #UserDetailTab-Authorization_Membership {
width: 40%;
float: right;
padding: 6px 10px;
border-left: 1px dashed #cccccc;
border-bottom: 1px dashed #cccccc;
}
#UserDetailTab-Authorization #UserDetailTab-Authorization_Membership #UserDetailTab-Authorization_Membership_Roles {
margin-bottom: 10px;
}
#UserDetailTab-Authorization #UserDetailTab-Authorization_Membership #UserDetailTab-Authorization_Membership_Groups_Container > span.smallMessage:last-child {
display: block;
text-align: right;
}
#UserDetailTab-Authorization #UserDetailTab-Authorization_NoAccess {
width: 50%;
float: left;
padding: 6px 10px;
}
#UserDetailTab-Authorization #UserDetailTab-Authorization_NoAccess h3 {
margin-bottom: 10px;
}
#userShowResources #Attachments {
padding: 0;
border: 1px solid #cccccc;
Disco.Web/ClientSource/Style/User.less
+82 -1
View File
@@ -161,6 +161,87 @@
}
}
#UserDetailTab-Authorization {
#UserDetailTab-AuthorizationContainer {
background-color: #fff;
border: 1px solid @SubtleBorderColour;
}
#UserDetailTab-Authorization_ClaimsTree_Container {
width: 50%;
float: left;
padding: 6px 10px 6px 4px;
& > span.smallMessage:last-child {
display: block;
text-align: right;
}
}
.fancytree-container {
border: none;
}
span.fancytree-node.fancytree-selected {
font-style: normal;
}
span.fancytree-checkbox {
margin-left: 3px;
background-position: -96px -32px;
}
span.fancytree-checkbox:hover {
background-position: -96px -32px;
}
.fancytree-partsel span.fancytree-checkbox {
background-position: -128px -32px;
}
.fancytree-partsel span.fancytree-checkbox:hover {
background-position: -128px -32px;
}
.fancytree-selected span.fancytree-checkbox {
background-position: -112px -32px;
}
.fancytree-selected span.fancytree-checkbox:hover {
background-position: -112px -32px;
}
#UserDetailTab-Authorization_Membership {
width: 40%;
float: right;
padding: 6px 10px;
border-left: 1px dashed @SubtleBorderColour;
border-bottom: 1px dashed @SubtleBorderColour;
#UserDetailTab-Authorization_Membership_Roles {
margin-bottom: 10px;
}
#UserDetailTab-Authorization_Membership_Groups_Container {
& > span.smallMessage:last-child {
display: block;
text-align: right;
}
}
}
#UserDetailTab-Authorization_NoAccess {
width: 50%;
float: left;
padding: 6px 10px;
h3 {
margin-bottom: 10px;
}
}
}
#userShowResources {
#Attachments {
padding: 0;
@@ -291,7 +372,7 @@
padding: 4px;
cursor: pointer;
&:not(:last-child){
&:not(:last-child) {
border-bottom: 1px dashed #ddd;
}
Disco.Web/ClientSource/Style/User.min.css
Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
Disco.Web/Controllers/UserController.cs
+2 -2
View File
@@ -69,8 +69,8 @@ namespace Disco.Web.Controllers
{
if (Authorization.Has(Claims.User.ShowAuthorization))
{
var userAuth = UserService.GetAuthorization(id);
var claims = userAuth.RoleTokens.Cast<RoleToken>().Select(rt => rt.Claims).ToArray();
m.AuthorizationToken = UserService.GetAuthorization(id);
var claims = m.AuthorizationToken.RoleTokens.Cast<RoleToken>().Select(rt => rt.Claims).ToArray();
if (claims.Length > 0)
m.ClaimNavigator = Claims.RoleClaimNavigator.BuildClaimTree(claims);
}
Disco.Web/Disco.Web.csproj
+2 -1
View File
@@ -1180,6 +1180,7 @@
<None Include="ClientSource\Style\Fancytree\icons.gif" />
<None Include="ClientSource\Style\Fancytree\loading.gif" />
<None Include="ClientSource\Style\Fancytree\ui.fancytree.css" />
<None Include="ClientSource\Style\Fancytree\icons-DiscoMod.png" />
<Content Include="ClientSource\Style\Fancytree\ui.fancytree.min.css">
<DependentUpon>ui.fancytree.css</DependentUpon>
</Content>
@@ -2006,7 +2007,7 @@
<SaveServerSettingsInUserFile>False</SaveServerSettingsInUserFile>
</WebProjectProperties>
</FlavorProperties>
<UserProperties BuildVersion_StartDate="2011/7/1" BuildVersion_BuildAction="Both" BuildVersion_UseGlobalSettings="False" BuildVersion_DetectChanges="False" BuildVersion_BuildVersioningStyle="None.DeltaBaseYear.MonthAndDayStamp.TimeStamp" BuildVersion_UpdateAssemblyVersion="True" BuildVersion_UpdateFileVersion="True" />
<UserProperties BuildVersion_UpdateFileVersion="True" BuildVersion_UpdateAssemblyVersion="True" BuildVersion_BuildVersioningStyle="None.DeltaBaseYear.MonthAndDayStamp.TimeStamp" BuildVersion_DetectChanges="False" BuildVersion_UseGlobalSettings="False" BuildVersion_BuildAction="Both" BuildVersion_StartDate="2011/7/1" />
</VisualStudio>
</ProjectExtensions>
<Import Project="$(SolutionDir)\.nuget\nuget.targets" />
Disco.Web/Models/User/ShowModel.cs
+1
View File
@@ -18,6 +18,7 @@ namespace Disco.Web.Models.User
public Disco.Models.Repository.User User { get; set; }
public Disco.Models.BI.Job.JobTableModel Jobs { get; set; }
public List<Disco.Models.Repository.DocumentTemplate> DocumentTemplates { get; set; }
public IAuthorizationToken AuthorizationToken { get; set; }
public IClaimNavigatorItem ClaimNavigator { get; set; }
public FancyTreeNode[] ClaimNavigatorFancyTreeNodes
Disco.Web/Views/User/UserParts/_Authorization.cshtml
+57 -5
View File
@@ -1,35 +1,87 @@
@model Disco.Web.Models.User.ShowModel
@using Disco.Services.Authorization.Roles;
@{
Authorization.Require(Claims.User.ShowAuthorization);
var isDiscoAdmin = Authorization.Has(Claims.DiscoAdminAccount);
Html.BundleDeferred("~/Style/Fancytree");
Html.BundleDeferred("~/ClientScripts/Modules/jQuery-Fancytree");
}
<div id="UserDetailTab-Authorization" class="UserPart">
<div id="UserDetailTab-AuthorizationContainer">
<div id="UserDetailTab-AuthorizationContainer" class="clearfix">
@if (Model.ClaimNavigator != null)
{
<div id="Config_AuthRoles_Claims_Tree">
<div id="UserDetailTab-Authorization_ClaimsTree_Container">
<h3>Effective Permissions</h3>
<div id="UserDetailTab-Authorization_ClaimsTree">
</div>
<script>
(function(){
var claimNodes = @(new HtmlString(Newtonsoft.Json.JsonConvert.SerializeObject(Model.ClaimNavigatorFancyTreeNodes)));
$(function(){
var tree = $('#Config_AuthRoles_Claims_Tree').fancytree({
var tree = $('#UserDetailTab-Authorization_ClaimsTree').fancytree({
source: claimNodes,
checkbox: true,
selectMode: 3
selectMode: 3,
keyboard: false
});
});
})();
</script>
<span class="smallMessage">Calculated from authorization roles</span>
</div>
}
else
{
<div>NO ACCESS</div>
<div id="UserDetailTab-Authorization_NoAccess">
<h3>User Not Authorized</h3>
<p>The user (<span class="code">@(Model.User.Id)</span>) is not authorized to access any authenticated components.</p>
@if (isDiscoAdmin)
{
@Html.ActionLinkButton("Configure Authorization Roles", MVC.Config.AuthorizationRole.Index(null), null, "small")
}
</div>
}
<div id="UserDetailTab-Authorization_Membership">
@if (Model.ClaimNavigator != null)
{
<h3>Associated Roles</h3>
<ul id="UserDetailTab-Authorization_Membership_Roles">
@foreach (var roleToken in Model.AuthorizationToken.RoleTokens.Cast<RoleToken>())
{
<li>@if (roleToken.Role.Id < 0)
{
<text>@roleToken.Role.Name <span class="code">[SYSTEM ROLE]</span></text>
}
else
{
if (isDiscoAdmin)
{
@Html.ActionLink(roleToken.Role.Name, MVC.Config.AuthorizationRole.Index(roleToken.Role.Id))
}
else
{
@roleToken.Role.Name
}
}
</li>
}
</ul>
}
<div id="UserDetailTab-Authorization_Membership_Groups_Container">
<h4>Associated Active Directory Security Groups</h4>
<ul id="UserDetailTab-Authorization_Membership_Groups">
@foreach (var group in Model.AuthorizationToken.GroupMembership)
{
<li>@group</li>
}
</ul>
<span class="smallMessage">[Note: Includes inherited groups]</span>
</div>
</div>
</div>
Disco.Web/Views/User/UserParts/_Authorization.generated.cs
+263 -18
View File
@@ -29,6 +29,12 @@ namespace Disco.Web.Views.User.UserParts
using Disco.BI.Extensions;
using Disco.Models.Repository;
using Disco.Services.Authorization;
#line 2 "..\..\Views\User\UserParts\_Authorization.cshtml"
using Disco.Services.Authorization.Roles;
#line default
#line hidden
using Disco.Services.Web;
using Disco.Web;
using Disco.Web.Extensions;
@@ -43,10 +49,12 @@ namespace Disco.Web.Views.User.UserParts
public override void Execute()
{
#line 2 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line 3 "..\..\Views\User\UserParts\_Authorization.cshtml"
Authorization.Require(Claims.User.ShowAuthorization);
var isDiscoAdmin = Authorization.Has(Claims.DiscoAdminAccount);
Html.BundleDeferred("~/Style/Fancytree");
Html.BundleDeferred("~/ClientScripts/Modules/jQuery-Fancytree");
@@ -63,16 +71,18 @@ WriteLiteral(">\r\n <div");
WriteLiteral(" id=\"UserDetailTab-AuthorizationContainer\"");
WriteLiteral(">\r\n \r\n");
WriteLiteral(" class=\"clearfix\"");
WriteLiteral(">\r\n\r\n");
#line 11 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line 14 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line default
#line hidden
#line 11 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line 14 "..\..\Views\User\UserParts\_Authorization.cshtml"
if (Model.ClaimNavigator != null)
{
@@ -81,15 +91,17 @@ WriteLiteral(">\r\n \r\n");
#line hidden
WriteLiteral(" <div");
WriteLiteral(" id=\"Config_AuthRoles_Claims_Tree\"");
WriteLiteral(" id=\"UserDetailTab-Authorization_ClaimsTree_Container\"");
WriteLiteral(">\r\n </div>\r\n");
WriteLiteral(">\r\n <h3>Effective Permissions</h3>\r\n <div");
WriteLiteral(" <script>\r\n (function(){\r\n " +
" var claimNodes = ");
WriteLiteral(" id=\"UserDetailTab-Authorization_ClaimsTree\"");
WriteLiteral(">\r\n </div>\r\n <script>\r\n (functio" +
"n(){\r\n var claimNodes = ");
#line 17 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line 22 "..\..\Views\User\UserParts\_Authorization.cshtml"
Write(new HtmlString(Newtonsoft.Json.JsonConvert.SerializeObject(Model.ClaimNavigatorFancyTreeNodes)));
@@ -98,18 +110,23 @@ WriteLiteral(" <script>\r\n (function(){\r\n
WriteLiteral(@";
$(function(){
var tree = $('#Config_AuthRoles_Claims_Tree').fancytree({
var tree = $('#UserDetailTab-Authorization_ClaimsTree').fancytree({
source: claimNodes,
checkbox: true,
selectMode: 3
selectMode: 3,
keyboard: false
});
});
})();
</script>
");
<span");
WriteLiteral(" class=\"smallMessage\"");
WriteLiteral(">Calculated from authorization roles</span>\r\n </div>\r\n");
#line 28 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line 36 "..\..\Views\User\UserParts\_Authorization.cshtml"
}
else
{
@@ -117,18 +134,246 @@ WriteLiteral(@";
#line default
#line hidden
WriteLiteral(" <div>NO ACCESS</div>\r\n");
WriteLiteral(" <div");
WriteLiteral(" id=\"UserDetailTab-Authorization_NoAccess\"");
WriteLiteral(">\r\n <h3>User Not Authorized</h3>\r\n <p>The user (<sp" +
"an");
WriteLiteral(" class=\"code\"");
WriteLiteral(">");
#line 32 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line 41 "..\..\Views\User\UserParts\_Authorization.cshtml"
Write(Model.User.Id);
#line default
#line hidden
WriteLiteral("</span>) is not authorized to access any authenticated components.</p>\r\n");
#line 42 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line default
#line hidden
#line 42 "..\..\Views\User\UserParts\_Authorization.cshtml"
if (isDiscoAdmin)
{
#line default
#line hidden
#line 44 "..\..\Views\User\UserParts\_Authorization.cshtml"
Write(Html.ActionLinkButton("Configure Authorization Roles", MVC.Config.AuthorizationRole.Index(null), null, "small"));
#line default
#line hidden
#line 44 "..\..\Views\User\UserParts\_Authorization.cshtml"
}
#line default
#line hidden
WriteLiteral(" </div>\r\n");
#line 47 "..\..\Views\User\UserParts\_Authorization.cshtml"
}
#line default
#line hidden
WriteLiteral("\r\n\r\n </div>\r\n <script>\r\n $(\'#UserDetailTabItems\').append(\'<li><a hre" +
"f=\"#UserDetailTab-Authorization\">Authorization</a></li>\');\r\n </script>\r\n</div" +
">");
WriteLiteral(" <div");
WriteLiteral(" id=\"UserDetailTab-Authorization_Membership\"");
WriteLiteral(">\r\n");
#line 49 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line default
#line hidden
#line 49 "..\..\Views\User\UserParts\_Authorization.cshtml"
if (Model.ClaimNavigator != null)
{
#line default
#line hidden
WriteLiteral(" <h3>Associated Roles</h3>\r\n");
WriteLiteral(" <ul");
WriteLiteral(" id=\"UserDetailTab-Authorization_Membership_Roles\"");
WriteLiteral(">\r\n");
#line 53 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line default
#line hidden
#line 53 "..\..\Views\User\UserParts\_Authorization.cshtml"
foreach (var roleToken in Model.AuthorizationToken.RoleTokens.Cast<RoleToken>())
{
#line default
#line hidden
WriteLiteral(" <li>");
#line 55 "..\..\Views\User\UserParts\_Authorization.cshtml"
if (roleToken.Role.Id < 0)
{
#line default
#line hidden
WriteLiteral(" ");
#line 57 "..\..\Views\User\UserParts\_Authorization.cshtml"
Write(roleToken.Role.Name);
#line default
#line hidden
WriteLiteral(" <span");
WriteLiteral(" class=\"code\"");
WriteLiteral(">[SYSTEM ROLE]</span>");
WriteLiteral("\r\n");
#line 58 "..\..\Views\User\UserParts\_Authorization.cshtml"
}
else
{
if (isDiscoAdmin)
{
#line default
#line hidden
#line 63 "..\..\Views\User\UserParts\_Authorization.cshtml"
Write(Html.ActionLink(roleToken.Role.Name, MVC.Config.AuthorizationRole.Index(roleToken.Role.Id)));
#line default
#line hidden
#line 63 "..\..\Views\User\UserParts\_Authorization.cshtml"
}
else
{
#line default
#line hidden
#line 67 "..\..\Views\User\UserParts\_Authorization.cshtml"
Write(roleToken.Role.Name);
#line default
#line hidden
#line 67 "..\..\Views\User\UserParts\_Authorization.cshtml"
}
}
#line default
#line hidden
WriteLiteral(" </li>\r\n");
#line 71 "..\..\Views\User\UserParts\_Authorization.cshtml"
}
#line default
#line hidden
WriteLiteral(" </ul>\r\n");
#line 73 "..\..\Views\User\UserParts\_Authorization.cshtml"
}
#line default
#line hidden
WriteLiteral(" <div");
WriteLiteral(" id=\"UserDetailTab-Authorization_Membership_Groups_Container\"");
WriteLiteral(">\r\n <h4>Associated Active Directory Security Groups</h4>\r\n " +
" <ul");
WriteLiteral(" id=\"UserDetailTab-Authorization_Membership_Groups\"");
WriteLiteral(">\r\n");
#line 77 "..\..\Views\User\UserParts\_Authorization.cshtml"
#line default
#line hidden
#line 77 "..\..\Views\User\UserParts\_Authorization.cshtml"
foreach (var group in Model.AuthorizationToken.GroupMembership)
{
#line default
#line hidden
WriteLiteral(" <li>");
#line 79 "..\..\Views\User\UserParts\_Authorization.cshtml"
Write(group);
#line default
#line hidden
WriteLiteral("</li>\r\n");
#line 80 "..\..\Views\User\UserParts\_Authorization.cshtml"
}
#line default
#line hidden
WriteLiteral(" </ul>\r\n <span");
WriteLiteral(" class=\"smallMessage\"");
WriteLiteral(">[Note: Includes inherited groups]</span>\r\n </div>\r\n </div>\r\n\r\n" +
"\r\n </div>\r\n <script>\r\n $(\'#UserDetailTabItems\').append(\'<li><a href" +
"=\"#UserDetailTab-Authorization\">Authorization</a></li>\');\r\n </script>\r\n</div>" +
"\r\n");
}
}