Skip to content

Commit

Permalink
Revert "RANGER-1948: Support for Read-only Ranger Admin users."
Browse files Browse the repository at this point in the history 
This reverts commit 72ed7d3.
  • Loading branch information
@pradeepagrawal8184
pradeepagrawal8184 committed Mar 10, 2018
1 parent bb5706b commit 367a724
Show file tree
Hide file tree
Showing 28 changed files with 74 additions and 430 deletions.
2 changes: 1 addition & 1 deletion security-admin/src/main/webapp/scripts/controllers/Controller.js
View file
Expand Up @@ -102,7 +102,7 @@ define(function(require) {
var view = require('views/user/UserProfile');

App.rContent.show(new view({
model : App.userProfile.clone()
model : App.userProfile
}));

},
Expand Down
6 changes: 0 additions & 6 deletions security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js
View file
Expand Up @@ -134,11 +134,5 @@ define(function(require){
SessionMgr.isUser = function(){
return this.userInRole('ROLE_USER') ? true : false;
};
SessionMgr.isAuditor = function(){
return this.userInRole('ROLE_ADMIN_AUDITOR') ? true : false;
};
SessionMgr.isKMSAuditor = function(){
return this.userInRole('ROLE_KEY_ADMIN_AUDITOR') ? true : false;
};
return SessionMgr;
});
11 changes: 3 additions & 8 deletions security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
View file
Expand Up @@ -241,11 +241,8 @@ define(function(require) {
download : 'Download',
lastUpdate : 'Last Update',
modules : 'Modules',
clusterName : 'Cluster Name',
policyLabels : 'Policy Labels',
activeStatus : 'Active Status',
selectTagService : 'Tag Service'

clusterName : 'Cluster Name',
policyLabels : 'Policy Labels'
},
btn : {
add : 'Add',
Expand Down Expand Up @@ -353,9 +350,7 @@ define(function(require) {
custom :'CUSTOM',
mask :'Mask',
rowFilter : 'Row Filter',
policyLabelsinfo : 'Label of policy',
serviceDetails :'Service Details',
configProperties : 'Config Properties'
policyLabelsinfo : 'Label of policy'
},
msg : {
deletePolicyValidationMsg : 'Policy does not have any settings for the specific resource. Policy will be deleted. Press [Ok] to continue. Press [Cancel] to edit the policy.',
Expand Down
13 changes: 5 additions & 8 deletions security-admin/src/main/webapp/scripts/utils/XAEnums.js
View file
Expand Up @@ -57,8 +57,6 @@ define(function(require) {
ROLE_SYS_ADMIN:{value:0, label:'Admin', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_ALLOWED', tt: 'lbl.AccessResult_ACCESS_RESULT_ALLOWED'},
ROLE_USER:{value:1, label:'User', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_DENIED', tt: 'lbl.AccessResult_ACCESS_RESULT_DENIED'},
ROLE_KEY_ADMIN:{value:2, label:'KeyAdmin', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_ALLOWED', tt: 'lbl.AccessResult_ACCESS_RESULT_ALLOWED'},
ROLE_ADMIN_AUDITOR:{value:3, label:'Auditor', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_ALLOWED', tt: 'lbl.AccessResult_ACCESS_RESULT_ALLOWED'},
ROLE_KEY_ADMIN_AUDITOR:{value:4, label:'KMSAuditor', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_ALLOWED', tt: 'lbl.AccessResult_ACCESS_RESULT_ALLOWED'}
});

XAEnums.UserTypes = mergeParams(XAEnums.UserTypes, {
Expand Down Expand Up @@ -367,12 +365,11 @@ define(function(require) {
});

XAEnums.MenuPermissions = mergeParams(XAEnums.MenuPermissions, {
XA_RESOURCE_BASED_POLICIES:{value:1, label:'Resource Based Policies', rbkey:'xa.enum.MenuPermissions.XA_RESOURCE_BASED_POLICIES', tt: 'lbl.XAPermForType_XA_RESOURCE_BASED_POLICIES'},
XA_USER_GROUPS:{value:2, label:'Users/Groups', rbkey:'xa.enum.MenuPermissions.XA_USER_GROUP', tt: 'lbl.XAPermForType_XA_USER_GROUPS'},
XA_REPORTS:{value:3, label:'Reports', rbkey:'xa.enum.MenuPermissions.XA_REPORTS', tt: 'lbl.XAPermForType_XA_REPORTS'},
XA_AUDITS:{value:4, label:'Audit', rbkey:'xa.enum.MenuPermissions.XA_AUDITS', tt: 'lbl.XAPermForType_XA_AUDITS'},
XA_KEY_MANAGER:{value:5, label:'Key Manager', rbkey:'xa.enum.MenuPermissions.XA_KEY_MANAGER', tt: 'lbl.XAPermForType_XA_KEY_MANAGER'},
XA_TAG_BASED_POLICIES:{value:6, label:'Tag Based Policies', rbkey:'xa.enum.MenuPermissions.XA_TAG_BASED_POLICIES', tt: 'lbl.XAPermForType_XA_TAG_BASED_POLICIES'}
XA_RESOURCE_BASED_POLICIES:{value:0, label:'Resource Based Policies', rbkey:'xa.enum.MenuPermissions.XA_RESOURCE_BASED_POLICIES', tt: 'lbl.XAPermForType_XA_PERM_FOR_UNKNOWN'},
XA_USER_GROUPS:{value:1, label:'Users/Groups', rbkey:'xa.enum.MenuPermissions.XA_USER_GROUP', tt: 'lbl.XAPermForType_XA_PERM_FOR_USER'},
XA_REPORTS:{value:2, label:'Reports', rbkey:'xa.enum.MenuPermissions.XA_REPORTS', tt: 'lbl.XAPermForType_XA_PERM_FOR_GROUP'},
XA_AUDITS:{value:3, label:'Audit', rbkey:'xa.enum.MenuPermissions.XA_AUDITS', tt: 'lbl.XAPermForType_XA_PERM_FOR_GROUP'},
XA_KEY_MANAGER:{value:4, label:'Key Manager', rbkey:'xa.enum.MenuPermissions.XA_KEY_MANAGER', tt: 'lbl.XAPermForType_XA_PERM_FOR_GROUP'}
});

return XAEnums;
Expand Down
23 changes: 5 additions & 18 deletions security-admin/src/main/webapp/scripts/utils/XAUtils.js
View file
Expand Up @@ -1148,7 +1148,7 @@ define(function(require) {
var denyControllerActions = [], denyModulesObj = [];
var userModuleNames = _.pluck(vXPortalUser.get('userPermList'),'moduleName');
//add by default permission module to admin user
if (XAUtils.isAuditorOrSystemAdmin(SessionMgr)){
if (SessionMgr.isSystemAdmin()){
userModuleNames.push('Permissions')
}
var groupModuleNames = _.pluck(vXPortalUser.get('groupPermissions'), 'moduleName'),
Expand Down Expand Up @@ -1216,23 +1216,16 @@ define(function(require) {
var SessionMgr = require('mgrs/SessionMgr');
var userRoleList = []
_.each(XAEnums.UserRoles,function(val, key){
if(SessionMgr.isKeyAdmin() && XAEnums.UserRoles.ROLE_SYS_ADMIN.value != val.value
&& XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value != val.value){
if(SessionMgr.isKeyAdmin() && XAEnums.UserRoles.ROLE_SYS_ADMIN.value != val.value){
userRoleList.push(key)
}else if(SessionMgr.isSystemAdmin() && XAEnums.UserRoles.ROLE_KEY_ADMIN.value != val.value
&& XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value != val.value){
}else if(SessionMgr.isSystemAdmin() && XAEnums.UserRoles.ROLE_KEY_ADMIN.value != val.value){
userRoleList.push(key)
}else if(SessionMgr.isUser() && XAEnums.UserRoles.ROLE_USER.value == val.value){
userRoleList.push(key)
}else if(SessionMgr.isAuditor() && XAEnums.UserRoles.ROLE_KEY_ADMIN.value != val.value
&& XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.value != val.value){
userRoleList.push(key)
}else if(SessionMgr.isKMSAuditor() && XAEnums.UserRoles.ROLE_SYS_ADMIN.value != val.value
&& XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.value != val.value){
userRoleList.push(key)
}
})
return {'userRoleList' : userRoleList }; };
return {'userRoleList' : userRoleList };
};
XAUtils.showErrorMsg = function(respMsg){
var respArr = respMsg.split(/\([0-9]*\)/);
respArr = respArr.filter(function(str){ return str; });
Expand Down Expand Up @@ -1383,11 +1376,5 @@ define(function(require) {
newLabelArr.push('</div>');
return newLabelArr.length ? newLabelArr.join(' ') : '--';
};
XAUtils.isAuditorOrSystemAdmin = function(SessionMgr){
return (SessionMgr.isAuditor() || SessionMgr.isSystemAdmin()) ? true : false ;
};
XAUtils.isAuditorOrKMSAuditor = function(SessionMgr){
return (SessionMgr.isAuditor() || SessionMgr.isKMSAuditor()) ? true : false ;
}
return XAUtils;
});
8 changes: 2 additions & 6 deletions security-admin/src/main/webapp/scripts/views/common/TopNav.js
View file
Expand Up @@ -23,9 +23,7 @@ define(function(require){

var Backbone = require('backbone');

var TopNav_tmpl = require('hbs!tmpl/common/TopNav_tmpl');
var SessionMgr = require('mgrs/SessionMgr');
var XAUtil = require('utils/XAUtils');
var TopNav_tmpl = require('hbs!tmpl/common/TopNav_tmpl');
require('jquery.cookie');
var TopNav = Backbone.Marionette.ItemView.extend(
/** @lends TopNav */
Expand All @@ -34,9 +32,7 @@ define(function(require){

template: TopNav_tmpl,
templateHelpers : function(){
return{
showPermissionTab : XAUtil.isAuditorOrSystemAdmin(SessionMgr)
}

},

/** ui selector cache */
Expand Down
7 changes: 0 additions & 7 deletions security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js
View file
Expand Up @@ -32,7 +32,6 @@ define(function(require){
var KmsKey = require('models/VXKmsKey');
var XATableLayout = require('views/common/XATableLayout');
var KmsTablelayoutTmpl = require('hbs!tmpl/kms/KmsTableLayout_tmpl');
var SessionMgr = require('mgrs/SessionMgr');

var KmsTableLayout = Backbone.Marionette.Layout.extend(
/** @lends KmsTableLayout */
Expand All @@ -41,9 +40,6 @@ define(function(require){

template: KmsTablelayoutTmpl,
templateHelpers : function(){
return {
isKeyadmin : SessionMgr.isKeyAdmin() ? true :false
}
},
breadCrumbs :[XALinks.get('KmsManage')],
/** Layout sub regions */
Expand Down Expand Up @@ -235,9 +231,6 @@ define(function(require){
}

};
if(!SessionMgr.isKeyAdmin()){
delete cols.operation;
}
return this.collection.constructor.getTableCols(cols, this.collection);
},

Expand Down
14 changes: 3 additions & 11 deletions security-admin/src/main/webapp/scripts/views/permissions/ModulePermissionForm.js
View file
Expand Up @@ -161,23 +161,15 @@ define(function(require) {
return { name : term, isVisible : XAEnums.VisibilityStatus.STATUS_VISIBLE.value };
},
results: function (data, page) {
var results = [];
var results = [], selectedVals = [];
//Get selected values of groups/users dropdown
selectedVals = that.getSelectedValues(options);
if(data.resultSize != "0"){
if(!_.isUndefined(data.vXGroups)){
results = data.vXGroups.map(function(m, i){ return {id : m.id, text: _.escape(m.name) }; });
results = data.vXGroups.map(function(m, i){ return {id : m.id, text: _.escape(m.name) }; });
} else if(!_.isUndefined(data.vXUsers)){
// tag base policy tab hide from KeyAdmin and KMSAuditor users
if(that.model.get('module') === XAEnums.MenuPermissions.XA_TAG_BASED_POLICIES.label){
_.map(data.vXUsers ,function(m, i){
if(XAEnums.UserRoles[m.userRoleList[0]].label != 'KeyAdmin' && XAEnums.UserRoles[m.userRoleList[0]].label != 'KMSAuditor'){
results.push({id : m.id, text: _.escape(m.name) });
}
});
}else{
results = data.vXUsers.map(function(m, i){ return {id : m.id, text: _.escape(m.name) }; });
}
results = data.vXUsers.map(function(m, i){ return {id : m.id, text: _.escape(m.name) }; });
}
if(!_.isEmpty(selectedVals)){
results = XAUtil.filterResultByText(results, selectedVals);
Expand Down
7 changes: 1 addition & 6 deletions security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js
View file
Expand Up @@ -124,7 +124,7 @@ define(function(require){
cell : "uri",
reName : 'module',
href: function(model){
return '#!/permissions/'+model.id+'/edit';
return '#!/permissions/'+model.id+'/edit';
},
label : localization.tt("lbl.modules"),
editable: false,
Expand Down Expand Up @@ -162,7 +162,6 @@ define(function(require){
sortable : false
},
};
if(SessionMgr.isSystemAdmin()){
cols['permissions'] = {
cell : "html",
label : localization.tt("lbl.action"),
Expand All @@ -175,10 +174,6 @@ define(function(require){
sortable : false

};
}
if(SessionMgr.isAuditor()){
cols.module.cell = "string";
}
return this.collection.constructor.getTableCols(cols, this.collection);
},
onShowMore : function(e){
Expand Down
19 changes: 6 additions & 13 deletions security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
View file
Expand Up @@ -55,8 +55,7 @@ define(function(require){
rangerServiceDef : this.rangerServiceDefModel,
rangerPolicyType : this.collection.queryParams['policyType'],
isRenderAccessTab : XAUtil.isRenderMasking(this.rangerServiceDefModel.get('dataMaskDef')) ? true
: XAUtil.isRenderRowFilter(this.rangerServiceDefModel.get('rowFilterDef')) ? true : false,
isNotAuditorAdminOrKmsAuditor : !(XAUtil.isAuditorOrKMSAuditor(SessionMgr))
: XAUtil.isRenderRowFilter(this.rangerServiceDefModel.get('rowFilterDef')) ? true : false
};
},

Expand Down Expand Up @@ -206,7 +205,7 @@ define(function(require){
id : {
cell : "uri",
href: function(model){
return '#!/service/'+that.rangerService.id+'/policies/'+model.id+'/edit';
return '#!/service/'+that.rangerService.id+'/policies/'+model.id+'/edit';
},
label : localization.tt("lbl.policyId"),
editable: false,
Expand Down Expand Up @@ -288,28 +287,22 @@ define(function(require){
sortable : false
},
};

cols['permissions'] = {
cell : "html",
label : localization.tt("lbl.action"),
formatter: _.extend({}, Backgrid.CellFormatter.prototype, {
fromRaw: function (rawValue,model) {
if(XAUtil.isAuditorOrKMSAuditor(SessionMgr)){
return '<a href="javascript:void(0);" data-name ="viewPolicy" data-id="'+model.id+'" class="btn btn-mini" title="View"><i class="icon-eye-open icon-large" /></a>';
}else{
return '<a href="javascript:void(0);" data-name ="viewPolicy" data-id="'+model.id+'" class="btn btn-mini" title="View"><i class="icon-eye-open icon-large" /></a>\
<a href="#!/service/'+that.rangerService.id+'/policies/'+model.id+'/edit" class="btn btn-mini" title="Edit"><i class="icon-edit icon-large" /></a>\
<a href="javascript:void(0);" data-name ="deletePolicy" data-id="'+model.id+'" class="btn btn-mini btn-danger" title="Delete"><i class="icon-trash icon-large" /></a>';
return '<a href="javascript:void(0);" data-name ="viewPolicy" data-id="'+model.id+'" class="btn btn-mini" title="View"><i class="icon-eye-open icon-large" /></a>\
<a href="#!/service/'+that.rangerService.id+'/policies/'+model.id+'/edit" class="btn btn-mini" title="Edit"><i class="icon-edit icon-large" /></a>\
<a href="javascript:void(0);" data-name ="deletePolicy" data-id="'+model.id+'" class="btn btn-mini btn-danger" title="Delete"><i class="icon-trash icon-large" /></a>';
//You can use rawValue to custom your html, you can change this value using the name parameter.
}
}
}),
editable: false,
sortable : false

};
if(XAUtil.isAuditorOrKMSAuditor(SessionMgr)){
cols.id.cell = 'string';
}
return this.collection.constructor.getTableCols(cols, this.collection);
},
onDelete :function(e){
Expand Down
27 changes: 2 additions & 25 deletions security-admin/src/main/webapp/scripts/views/policymanager/ServiceLayout.js
View file
Expand Up @@ -32,7 +32,6 @@ define(function(require){
var ServicemanagerlayoutTmpl = require('hbs!tmpl/common/ServiceManagerLayout_tmpl');
var vUploadServicePolicy = require('views/UploadServicePolicy');
var vDownloadServicePolicy = require('views/DownloadServicePolicy');
var RangerServiceViewDetail = require('views/service/RangerServiceViewDetail');
require('Backbone.BootstrapModal');
return Backbone.Marionette.Layout.extend(
/** @lends Servicemanagerlayout */
Expand All @@ -46,7 +45,7 @@ define(function(require){
operation : SessionMgr.isSystemAdmin() || SessionMgr.isKeyAdmin(),
serviceDefs : this.collection.models,
services : this.services.groupBy("type"),
showImportExportBtn : (SessionMgr.isUser() || XAUtil.isAuditorOrKMSAuditor(SessionMgr)) ? false : true
showImportExportBtn : SessionMgr.isUser() ? false : true
};

},
Expand All @@ -66,8 +65,7 @@ define(function(require){
'downloadReport' : '[data-id="downloadBtnOnService"]',
'uploadServiceReport' :'[data-id="uploadBtnOnServices"]',
'exportReport' : '[data-id="exportBtn"]',
'importServiceReport' :'[data-id="importBtn"]',
'viewServices' : '[data-name="viewService"]'
'importServiceReport' :'[data-id="importBtn"]'
},

/** ui events hash */
Expand All @@ -78,7 +76,6 @@ define(function(require){
events['click ' + this.ui.uploadServiceReport] = 'uploadServiceReport';
events['click ' + this.ui.exportReport] = 'downloadReport';
events['click ' + this.ui.importServiceReport] = 'uploadServiceReport';
events['click ' + this.ui.viewServices] = 'viewServices';
return events;
},
/**
Expand Down Expand Up @@ -243,26 +240,6 @@ define(function(require){
});
}
},
viewServices : function(e){
var that =this;
var serviceId = $(e.currentTarget).data('id');
var rangerService = that.services.find(function(m){return m.id == serviceId});
var serviceDef = that.collection.find(function(m){return m.get('name') == rangerService.get('type')});
var view = new RangerServiceViewDetail({
serviceDef : serviceDef,
rangerService : rangerService,

});
var modal = new Backbone.BootstrapModal({
animate : true,
content : view,
title: localization.tt("h.serviceDetails"),
okText :localization.tt("lbl.ok"),
allowCancel : true,
escape : true
}).open();
modal.$el.find('.cancel').hide();
},
/** on close */
onClose: function(){
}
Expand Down
8 changes: 0 additions & 8 deletions security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js
View file
Expand Up @@ -370,20 +370,12 @@ define(function(require){
m.set('newValue',XAEnums.UserRoles.ROLE_SYS_ADMIN.label)
else if(newRole == "ROLE_KEY_ADMIN")
m.set('newValue',XAEnums.UserRoles.ROLE_KEY_ADMIN.label)
else if(newRole == "ROLE_KEY_ADMIN_AUDITOR")
m.set('newValue',XAEnums.UserRoles.ROLE_KEY_ADMIN_AUDITOR.label)
else if(newRole == "ROLE_ADMIN_AUDITOR")
m.set('newValue',XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.label)
if(prevRole == "ROLE_USER")
m.set('previousValue',XAEnums.UserRoles.ROLE_USER.label)
else if(prevRole == "ROLE_SYS_ADMIN")
m.set('previousValue',XAEnums.UserRoles.ROLE_SYS_ADMIN.label)
else if(prevRole == "ROLE_KEY_ADMIN")
m.set('previousValue',XAEnums.UserRoles.ROLE_KEY_ADMIN.label)
else if(prevRole == "ROLE_KEY_ADMIN_AUDITOR")
m.set('previousValue',XAEnums.UserRoles.ROLE_KEY_ADMIN_AUIDTOR.label)
else if(prevRole == "ROLE_ADMIN_AUDITOR")
m.set('previousValue',XAEnums.UserRoles.ROLE_ADMIN_AUDITOR.label)
} else {
if(!m.has('attributeName'))
modelArr.push(m);
Expand Down

0 comments on commit 367a724

Please sign in to comment.