[GitHub] guacamole-client pull request #337: GUACAMOLE-220: Add user group support to...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/337#discussion_r232140865
--- Diff:
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleObjectPermissionSet.java
---
@@ -37,14 +38,77 @@
/**
* The set of all permissions currently granted.
*/
-private Set permissions =
Collections.emptySet();
+private Set permissions = Collections.emptySet();
/**
- * Creates a new empty SimpleObjectPermissionSet.
+ * Creates a new empty SimpleObjectPermissionSet. If you are not
extending
+ * SimpleObjectPermissionSet and only need an immutable, empty
+ * ObjectPermissionSet, consider using {@link
ObjectPermissionSet#EMPTY_SET}
+ * instead.
*/
public SimpleObjectPermissionSet() {
--- End diff --
Yeah, I think you're right that this is not the right place to address
these concerns. I guess as long as we keep moving in the direction of things
being more usable and less confusing this is OK for now.
---
[GitHub] guacamole-client pull request #337: GUACAMOLE-220: Add user group support to...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/337#discussion_r232139290
--- Diff:
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleObjectPermissionSet.java
---
@@ -37,14 +38,77 @@
/**
* The set of all permissions currently granted.
*/
-private Set permissions =
Collections.emptySet();
+private Set permissions = Collections.emptySet();
/**
- * Creates a new empty SimpleObjectPermissionSet.
+ * Creates a new empty SimpleObjectPermissionSet. If you are not
extending
+ * SimpleObjectPermissionSet and only need an immutable, empty
+ * ObjectPermissionSet, consider using {@link
ObjectPermissionSet#EMPTY_SET}
+ * instead.
*/
public SimpleObjectPermissionSet() {
--- End diff --
So I noticed that the other "Simple" classes seem to define (mostly) empty
read-only classes that require methods to be overridden if you want them to
actually contain data, but this class provides a convenient way of constructing
permission sets, much in the way that `SimpleUser` used to before this PR.
I think a more consistent naming scheme might be beneficial here, as at the
moment, seeing the prefix "SImple" on a class name might give a developer a
false impression about what it does based on previous experience.
---
[GitHub] guacamole-client pull request #337: GUACAMOLE-220: Add user group support to...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/337#discussion_r232137018
--- Diff:
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AbstractUser.java ---
@@ -44,4 +51,164 @@ public void setPassword(String password) {
this.password = password;
}
+/**
+ * {@inheritDoc}
+ *
+ * This implementation simply an immutable, empty map.
Implementations
+ * that wish to expose custom attributes should override this function.
+ */
+@Override
+public Map getAttributes() {
+return Collections.emptyMap();
--- End diff --
Are these type qualifiers actually needed?
---
[GitHub] guacamole-client pull request #337: GUACAMOLE-220: Add user group support to...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/337#discussion_r232136298
--- Diff:
extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/group/UserGroupService.java
---
@@ -0,0 +1,224 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.ldap.group;
+
+import com.google.inject.Inject;
+import com.novell.ldap.LDAPConnection;
+import com.novell.ldap.LDAPEntry;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import org.apache.guacamole.auth.ldap.ConfigurationService;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.ldap.ObjectQueryService;
+import org.apache.guacamole.net.auth.UserGroup;
+import org.apache.guacamole.net.auth.simple.SimpleUserGroup;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Service for querying user group membership and retrieving user groups
+ * visible to a particular Guacamole user.
+ */
+public class UserGroupService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(UserGroupService.class);
+
+/**
+ * Service for retrieving LDAP server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Service for executing LDAP queries.
+ */
+@Inject
+private ObjectQueryService queryService;
+
+/**
+ * Returns the base search filter which should be used to retrieve user
+ * groups which do not represent Guacamole connections. As excluding
the
+ * guacConfigGroup object class may not work as expected (may always
return
+ * zero results) if guacConfigGroup object class is not defined, it
should
--- End diff --
This is a very long sentence that's a bit hard to parse/understand. Perhaps
it should be reworded.
---
[GitHub] guacamole-client pull request #337: GUACAMOLE-220: Add user group support to...
Github user jmuehlner commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/337#discussion_r232134927 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ObjectQueryService.java --- @@ -0,0 +1,326 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.ldap; + +import com.google.inject.Inject; +import com.novell.ldap.LDAPAttribute; +import com.novell.ldap.LDAPConnection; +import com.novell.ldap.LDAPEntry; +import com.novell.ldap.LDAPException; +import com.novell.ldap.LDAPReferralException; +import com.novell.ldap.LDAPSearchResults; +import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.function.Function; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.GuacamoleServerException; +import org.apache.guacamole.net.auth.Identifiable; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Service for executing queries against an LDAP directory intended to retrieve + * Guacamole-related objects. Referrals are automatically handled. Convenience + * functions are provided for generating the LDAP queries typically required + * for retrieving Guacamole objects, as well as for converting the results of a + * query into a Map of Guacamole objects. --- End diff -- Incredibly minor quibble: you're capitalizing "Map" here (to refer to the Java class I assume), but in the javadoc for `asMap`, you use the lowercase form "map". ---
[GitHub] guacamole-server pull request #186: GUACAMOLE-623: Add support for attaching...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-server/pull/186#discussion_r220423463
--- Diff: src/protocols/kubernetes/settings.h ---
@@ -0,0 +1,279 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#ifndef GUAC_KUBERNETES_SETTINGS_H
+#define GUAC_KUBERNETES_SETTINGS_H
+
+#include
+
+#include
+
+/**
+ * The name of the font to use for the terminal if no name is specified.
+ */
+#define GUAC_KUBERNETES_DEFAULT_FONT_NAME "monospace"
+
+/**
+ * The size of the font to use for the terminal if no font size is
specified,
+ * in points.
+ */
+#define GUAC_KUBERNETES_DEFAULT_FONT_SIZE 12
+
+/**
+ * The port to connect to when initiating any Kubernetes connection, if no
+ * other port is specified.
+ */
+#define GUAC_KUBERNETES_DEFAULT_PORT 8080
+
+/**
+ * The name of the Kubernetes namespace that should be used by default if
no
+ * specific Kubernetes namespace is provided.
+ */
+#define GUAC_KUBERNETES_DEFAULT_NAMESPACE "default"
+
+/**
+ * The filename to use for the typescript, if not specified.
+ */
+#define GUAC_KUBERNETES_DEFAULT_TYPESCRIPT_NAME "typescript"
+
+/**
+ * The filename to use for the screen recording, if not specified.
+ */
+#define GUAC_KUBERNETES_DEFAULT_RECORDING_NAME "recording"
+
+/**
+ * The default maximum scrollback size in rows.
+ */
+#define GUAC_KUBERNETES_DEFAULT_MAX_SCROLLBACK 1000
+
+/**
+ * Settings for the Kubernetes connection. The values for this structure
are
+ * parsed from the arguments given during the Guacamole protocol handshake
+ * using the guac_kubernetes_parse_args() function.
+ */
+typedef struct guac_kubernetes_settings {
+
+/**
+ * The hostname of the Kubernetes server to connect to.
+ */
+char* hostname;
+
+/**
+ * The port of the Kubernetes server to connect to.
+ */
+int port;
+
+/**
+ * The name of the Kubernetes namespace of the pod containing the
container
+ * being attached to.
+ */
+char* kubernetes_namespace;
+
+/**
+ * The name of the Kubernetes pod containing with the container being
+ * attached to.
+ */
+char* kubernetes_pod;
+
+/**
+ * The name of the container to attach to, or NULL to arbitrarily
attach to
+ * the first container in the pod.
+ */
+char* kubernetes_container;
+
+/**
+ * Whether SSL/TLS should be used.
+ */
+bool use_ssl;
+
+/**
+ * The certificate to use if performing SSL/TLS client authentication
to
+ * authenticate with the Kubernetes server, in PEM format. If omitted,
SSL
+ * client authentication will not be performed.
+ */
+char* client_cert;
+
+/**
+ * The key to use if performing SSL/TLS client authentication to
+ * authenticate with the Kubernetes server, in PEM format. If omitted,
SSL
+ * client authentication will not be performed.
+ */
+char* client_key;
+
+/**
+ * The certificate of the certificate authority that signed the
certificate
+ * of the Kubernetes server, in PEM format. If omitted. verification of
+ * the Kubernetes server certificate will use the systemwide
certificate
+ * authorities.
+ */
+char* ca_cert;
+
+/**
+ * Whether the certificate used by the Kubernetes server for SSL/TLS
should
+ * be ignored if it cannot be validated.
+ */
+bool ignore_cert;
+
+/**
+ * Whether this connection is read-only, and user input should be
dropped.
+ */
+bool read_only;
+
+/**
+ * The maximum size of the scrollb
[GitHub] guacamole-client pull request #309: GUACAMOLE-220: Add user interface for ma...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/309#discussion_r208809231
--- Diff:
guacamole/src/main/webapp/app/settings/directives/guacSettingsUserGroups.js ---
@@ -0,0 +1,270 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * A directive for managing all user groups in the system.
+ */
+angular.module('settings').directive('guacSettingsUserGroups',
['$injector',
+function guacSettingsUserGroups($injector) {
+
+// Required types
+var ManageableUserGroup = $injector.get('ManageableUserGroup');
+var PermissionSet = $injector.get('PermissionSet');
+var SortOrder = $injector.get('SortOrder');
+
+// Required services
+var $location = $injector.get('$location');
+var authenticationService = $injector.get('authenticationService');
+var dataSourceService = $injector.get('dataSourceService');
+var permissionService = $injector.get('permissionService');
+var requestService = $injector.get('requestService');
+var userGroupService = $injector.get('userGroupService');
+
+var directive = {
+restrict: 'E',
+replace : true,
+templateUrl : 'app/settings/templates/settingsUserGroups.html',
+scope : {}
+};
+
+directive.controller = ['$scope', function
settingsUserGroupsController($scope) {
+
+// Identifier of the current user
+var currentUsername = authenticationService.getCurrentUsername();
+
+/**
+ * The identifiers of all data sources accessible by the current
+ * user.
+ *
+ * @type String[]
+ */
+var dataSources = authenticationService.getAvailableDataSources();
+
+/**
+ * Map of data source identifiers to all permissions associated
+ * with the current user within that data source, or null if the
+ * user's permissions have not yet been loaded.
+ *
+ * @type Object.
+ */
+var permissions = null;
+
+/**
+ * All visible user groups, along with their corresponding data
+ * sources.
+ *
+ * @type ManageableUserGroup[]
+ */
+$scope.manageableUserGroups = null;
+
+/**
+ * Array of all user group properties that are filterable.
+ *
+ * @type String[]
+ */
+$scope.filteredUserGroupProperties = [
+'userGroup.identifier'
+];
+
+/**
+ * SortOrder instance which stores the sort order of the listed
+ * user groups.
+ *
+ * @type SortOrder
+ */
+$scope.order = new SortOrder([
+'userGroup.identifier'
+]);
+
+/**
+ * Returns whether critical data has completed being loaded.
+ *
+ * @returns {Boolean}
+ * true if enough data has been loaded for the user group
+ * interface to be useful, false otherwise.
+ */
+$scope.isLoaded = function isLoaded() {
+return $scope.manageableUserGroups !== null;
+};
+
+/**
+ * Returns the identifier of the data source that should be used by
+ * default when creating a new user group.
+ *
+ * @return {String}
+ * The identifier of the data source that should be used by
+ * default when creating a new user group, or null if user
group
+ * creation is not allowed.
+ */
+$scope.getDefaultDataSource = function getDefaultDataSource() {
+
+// Abort if permissions
[GitHub] guacamole-client pull request #309: GUACAMOLE-220: Add user interface for ma...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/309#discussion_r208804256
--- Diff:
guacamole/src/main/webapp/app/manage/directives/identifierSetEditor.js ---
@@ -0,0 +1,299 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * A directive for manipulating a set of objects sharing some common
relation
+ * and represented by an array of their identifiers. The specific objects
+ * added or removed are tracked within a separate pair of arrays of
+ * identifiers.
+ */
+angular.module('manage').directive('identifierSetEditor', ['$injector',
+function identifierSetEditor($injector) {
+
+var directive = {
+
+// Element only
+restrict: 'E',
+replace: true,
+
+scope: {
+
+/**
+ * The translation key of the text which should be displayed
within
+ * the main header of the identifier set editor.
+ *
+ * @type String
+ */
+header : '@',
+
+/**
+ * The translation key of the text which should be displayed
if no
+ * identifiers are currently present within the set.
+ *
+ * @type String
+ */
+emptyPlaceholder : '@',
+
+/**
+ * The translation key of the text which should be displayed
if no
+ * identifiers are available to be added within the set.
+ *
+ * @type String
+ */
+unavailablePlaceholder : '@',
+
+/**
+ * All identifiers which are available to be added to or
removed
+ * from the identifier set being edited.
+ *
+ * @type String[]
+ */
+identifiersAvailable : '=',
+
+/**
+ * The current state of the identifier set being manipulated.
This
+ * array will be modified as changes are made through this
+ * identifier set editor.
+ *
+ * @type String[]
+ */
+identifiers : '=',
+
+/**
+ * The set of identifiers that have been added, relative to the
+ * initial state of the identifier set being manipulated.
+ *
+ * @type String[]
+ */
+identifiersAdded : '=',
+
+/**
+ * The set of identifiers that have been removed, relative to
the
+ * initial state of the identifier set being manipulated.
+ *
+ * @type String[]
+ */
+identifiersRemoved : '='
+
+},
+
+templateUrl: 'app/manage/templates/identifierSetEditor.html'
+
+};
+
+directive.controller = ['$scope', function
identifierSetEditorController($scope) {
+
+/**
+ * Whether the full list of available identifiers should be
displayed.
+ * Initially, only an abbreviated list of identifiers currently
present
+ * is shown.
+ *
+ * @type Boolean
+ */
+$scope.expanded = false;
+
+/**
+ * Map of identifiers to boolean flags indicating whether that
+ * identifier is currently present (true) or absent (false). If an
+ * identifier is absent, it may also be absent from this map.
+ *
+ * @type Object.
+ */
+$scope.identifierFlags = {};
+
+/**
+ * Map of identifiers to boolean flags indicating whether that
+ * identifier is editable. If an identifier is not editable, it
will be
+ *
[GitHub] guacamole-client pull request #309: GUACAMOLE-220: Add user interface for ma...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/309#discussion_r208803042
--- Diff:
guacamole/src/main/webapp/app/manage/directives/identifierSetEditor.js ---
@@ -0,0 +1,299 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * A directive for manipulating a set of objects sharing some common
relation
+ * and represented by an array of their identifiers. The specific objects
+ * added or removed are tracked within a separate pair of arrays of
+ * identifiers.
+ */
+angular.module('manage').directive('identifierSetEditor', ['$injector',
+function identifierSetEditor($injector) {
+
+var directive = {
+
+// Element only
+restrict: 'E',
+replace: true,
+
+scope: {
+
+/**
+ * The translation key of the text which should be displayed
within
+ * the main header of the identifier set editor.
+ *
+ * @type String
+ */
+header : '@',
+
+/**
+ * The translation key of the text which should be displayed
if no
+ * identifiers are currently present within the set.
+ *
+ * @type String
+ */
+emptyPlaceholder : '@',
+
+/**
+ * The translation key of the text which should be displayed
if no
+ * identifiers are available to be added within the set.
+ *
+ * @type String
+ */
+unavailablePlaceholder : '@',
+
+/**
+ * All identifiers which are available to be added to or
removed
+ * from the identifier set being edited.
+ *
+ * @type String[]
+ */
+identifiersAvailable : '=',
+
+/**
+ * The current state of the identifier set being manipulated.
This
+ * array will be modified as changes are made through this
+ * identifier set editor.
+ *
+ * @type String[]
+ */
+identifiers : '=',
+
+/**
+ * The set of identifiers that have been added, relative to the
+ * initial state of the identifier set being manipulated.
+ *
+ * @type String[]
+ */
+identifiersAdded : '=',
+
+/**
+ * The set of identifiers that have been removed, relative to
the
+ * initial state of the identifier set being manipulated.
+ *
+ * @type String[]
+ */
+identifiersRemoved : '='
+
+},
+
+templateUrl: 'app/manage/templates/identifierSetEditor.html'
+
+};
+
+directive.controller = ['$scope', function
identifierSetEditorController($scope) {
+
+/**
+ * Whether the full list of available identifiers should be
displayed.
+ * Initially, only an abbreviated list of identifiers currently
present
+ * is shown.
+ *
+ * @type Boolean
+ */
+$scope.expanded = false;
+
+/**
+ * Map of identifiers to boolean flags indicating whether that
+ * identifier is currently present (true) or absent (false). If an
+ * identifier is absent, it may also be absent from this map.
+ *
+ * @type Object.
+ */
+$scope.identifierFlags = {};
+
+/**
+ * Map of identifiers to boolean flags indicating whether that
+ * identifier is editabl. If an identifier is not editable, it
will be
--- End diff --
Typo: "editabl".
---
[GitHub] guacamole-client pull request #309: GUACAMOLE-220: Add user interface for ma...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/309#discussion_r208801372
--- Diff:
guacamole/src/main/webapp/app/manage/controllers/manageUserGroupController.js
---
@@ -0,0 +1,535 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * The controller for editing user groups.
+ */
+angular.module('manage').controller('manageUserGroupController',
['$scope', '$injector',
+function manageUserGroupController($scope, $injector) {
+
+// Required types
+var ManagementPermissions = $injector.get('ManagementPermissions');
+var PermissionFlagSet = $injector.get('PermissionFlagSet');
+var PermissionSet = $injector.get('PermissionSet');
+var UserGroup = $injector.get('UserGroup');
+
+// Required services
+var $location = $injector.get('$location');
+var $routeParams = $injector.get('$routeParams');
+var $q= $injector.get('$q');
+var authenticationService = $injector.get('authenticationService');
+var dataSourceService = $injector.get('dataSourceService');
+var membershipService = $injector.get('membershipService');
+var permissionService = $injector.get('permissionService');
+var requestService= $injector.get('requestService');
+var schemaService = $injector.get('schemaService');
+var userGroupService = $injector.get('userGroupService');
+var userService = $injector.get('userService');
+
+/**
+ * The identifiers of all data sources currently available to the
+ * authenticated user.
+ *
+ * @type String[]
+ */
+var dataSources = authenticationService.getAvailableDataSources();
+
+/**
+ * The username of the current, authenticated user.
+ *
+ * @type String
+ */
+var currentUsername = authenticationService.getCurrentUsername();
+
+/**
+ * The identifier of the original user group from which this user
group is
+ * being cloned. Only valid if this is a new user group.
+ *
+ * @type String
+ */
+var cloneSourceIdentifier = $location.search().clone;
+
+/**
+ * The identifier of the user group being edited. If a new user group
is
+ * being created, this will not be defined.
+ *
+ * @type String
+ */
+var identifier = $routeParams.id;
+
+/**
+ * The unique identifier of the data source containing the user group
being
+ * edited.
+ *
+ * @type String
+ */
+$scope.dataSource = $routeParams.dataSource;
+
+/**
+ * All user groups associated with the same identifier as the group
being
+ * created or edited, as a map of data source identifier to the
UserGroup
+ * object within that data source.
+ *
+ * @type Object.
+ */
+$scope.userGroups = null;
+
+/**
+ * The user group being modified.
+ *
+ * @type UserGroup
+ */
+$scope.userGroup = null;
+
+/**
+ * All permissions associated with the user group being modified.
+ *
+ * @type PermissionFlagSet
+ */
+$scope.permissionFlags = null;
+
+/**
+ * The set of permissions that will be added to the user group when the
+ * user group is saved. Permissions will only be present in this set
if they
+ * are manually added, and not later manually removed before saving.
+ *
+ * @type PermissionSet
+ */
+$scope.permissionsAdded = new PermissionSet();
+
+/**
+ * The set of permissions that will be removed from the user group
when the
+ * user group is saved. Permissions will only be
[GitHub] guacamole-client pull request #282: GUACAMOLE-220: Extract common base for m...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/282#discussion_r185387927
--- Diff:
guacamole/src/main/webapp/app/manage/templates/manageConnection.html ---
@@ -41,7 +41,7 @@ {{'MANAGE_CONNECTION.SECTION_HEADER_EDIT_CONNECTION'
| translate}}
+ model="connection.attributes"
model-only="managementPermissions.canChangeAllAttributes">
--- End diff --
Are you missing a `!` here?
---
[GitHub] guacamole-client pull request #282: GUACAMOLE-220: Extract common base for m...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/282#discussion_r185387232
--- Diff:
guacamole/src/main/webapp/app/manage/controllers/manageConnectionController.js
---
@@ -157,205 +137,178 @@
angular.module('manage').controller('manageConnectionController', ['$scope', '$i
*/
$scope.isLoaded = function isLoaded() {
-return $scope.protocols!== null
-&& $scope.rootGroup!== null
-&& $scope.connection !== null
-&& $scope.parameters !== null
-&& $scope.historyDateFormat!== null
-&& $scope.historyEntryWrappers !== null
-&& $scope.permissions !== null
-&& $scope.attributes !== null
-&& $scope.canSaveConnection!== null
-&& $scope.canDeleteConnection !== null
-&& $scope.canCloneConnection !== null;
+return $scope.protocols !== null
+&& $scope.rootGroup !== null
+&& $scope.connection!== null
+&& $scope.parameters!== null
+&& $scope.historyDateFormat !== null
+&& $scope.historyEntryWrappers !== null
+&& $scope.managementPermissions !== null
+&& $scope.attributes!== null;
};
-// Pull connection attribute schema
-schemaService.getConnectionAttributes($scope.selectedDataSource)
-.then(function attributesReceived(attributes) {
-$scope.attributes = attributes;
-}, requestService.WARN);
-
-// Pull connection group hierarchy
-connectionGroupService.getConnectionGroupTree(
-$scope.selectedDataSource,
-ConnectionGroup.ROOT_IDENTIFIER,
-[PermissionSet.ObjectPermissionType.ADMINISTER]
-)
-.then(function connectionGroupReceived(rootGroup) {
-$scope.rootGroup = rootGroup;
-}, requestService.WARN);
-
-// Query the user's permissions for the current connection
-permissionService.getEffectivePermissions($scope.selectedDataSource,
authenticationService.getCurrentUsername())
-.then(function permissionsReceived(permissions) {
-
-$scope.permissions = permissions;
-
-// Check if the connection is new or if the user has UPDATE
permission
-$scope.canSaveConnection =
- !identifier
-|| PermissionSet.hasSystemPermission(permissions,
PermissionSet.SystemPermissionType.ADMINISTER)
-|| PermissionSet.hasConnectionPermission(permissions,
PermissionSet.ObjectPermissionType.UPDATE, identifier);
-
-// Check if connection is not new and the user has DELETE
permission
-$scope.canDeleteConnection =
-!!identifier && (
- PermissionSet.hasSystemPermission(permissions,
PermissionSet.SystemPermissionType.ADMINISTER)
- || PermissionSet.hasConnectionPermission(permissions,
PermissionSet.ObjectPermissionType.DELETE, identifier)
-);
-
-// Check if the connection is not new and the user has UPDATE and
CREATE_CONNECTION permissions
-$scope.canCloneConnection =
-!!identifier && (
- PermissionSet.hasSystemPermission(permissions,
PermissionSet.SystemPermissionType.ADMINISTER) || (
- PermissionSet.hasConnectionPermission(permissions,
PermissionSet.ObjectPermissionType.UPDATE, identifier)
- && PermissionSet.hasSystemPermission(permissions,
PermissionSet.SystemPermissionType.CREATE_CONNECTION)
- )
-);
-
-}, requestService.WARN);
-
-// Get protocol metadata
-schemaService.getProtocols($scope.selectedDataSource)
-.then(function protocolsReceived(protocols) {
-$scope.protocols = protocols;
-}, requestService.WARN);
-
-// Get history date format
-$translate('MANAGE_CONNECTION.FORMAT_HISTORY_START').then(function
historyDateFormatReceived(historyDateFormat) {
-$scope.historyDateFormat = historyDateFormat;
-}, angular.noop);
-
-// If we are editing an existing connection, pull its data
-if (identifier) {
-
-// Pull data from existing connection
-connectionService.getConnection($scope.selectedDataSource,
identifier)
-.then(
[GitHub] guacamole-client pull request #265: GUACAMOLE-526: Update webapp to angular ...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/265#discussion_r183946762
--- Diff: guacamole/src/main/webapp/app/rest/services/requestService.js ---
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Service for converting $http promises that pass the entire response into
+ * promises that pass only the data from that response.
+ */
+angular.module('rest').factory('requestService', ['$q', '$http', 'Error',
+function requestService($q, $http, Error) {
+
+function wrappedHttpCall(object) {
+
+var deferred = $q.defer();
+
+$http(object)
--- End diff --
Good call. Updated and it looks much cleaner that way.
---
[GitHub] guacamole-client pull request #265: GUACAMOLE-526: Update webapp to angular ...
Github user jmuehlner commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/265#discussion_r183946775 --- Diff: guacamole/src/main/webapp/app/index/filters/arrayFilter.js --- @@ -0,0 +1,38 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +/** + * A filter for transforming an object into a an array of all non-inherited --- End diff -- Fixed. ---
[GitHub] guacamole-client pull request #265: GUACAMOLE-526: Update webapp to angular ...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/265#discussion_r183946769
--- Diff: guacamole/src/main/webapp/app/index/filters/arrayFilter.js ---
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * A filter for transforming an object into a an array of all non-inherited
+ * property values.
+ */
+angular.module('index').filter('toArray', [function toArrayFactory() {
+
+return function toArrayFiter(input) {
+
+// If no object is available, just return an empty array
+if (!input) {
+return [];
+}
+
+return Object.keys(input).map(function fetchValueByKey(key) {
+return input[key]
--- End diff --
Fixed.
---
[GitHub] guacamole-client pull request #265: GUACAMOLE-526: Update webapp to angular ...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/265#discussion_r183946783
--- Diff: guacamole/src/main/webapp/app/rest/services/requestService.js ---
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Service for converting $http promises that pass the entire response into
+ * promises that pass only the data from that response.
+ */
+angular.module('rest').factory('requestService', ['$q', '$http', 'Error',
+function requestService($q, $http, Error) {
+
+function wrappedHttpCall(object) {
--- End diff --
Done.
---
[GitHub] guacamole-client pull request #265: GUACAMOLE-526: Update webapp to angular ...
Github user jmuehlner commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/265#discussion_r174344419 --- Diff: guacamole/pom.xml --- @@ -388,9 +388,14 @@ org.webjars.bower angular-translate-loader-static-files -2.8.0 +2.16.0 runtime + +org.webjars.bower +angular-toArrayFilter --- End diff -- The `orderBy` filter no longer supports objects, which necessitates transforming any object into an array before using it - that's what this new dependency is for. ---
[GitHub] guacamole-client pull request #265: GUACAMOLE-526: Update webapp to angular ...
GitHub user jmuehlner opened a pull request: https://github.com/apache/guacamole-client/pull/265 GUACAMOLE-526: Update webapp to angular 1.6.9. You can merge this pull request into a Git repository by running: $ git pull https://github.com/jmuehlner/guacamole-client angular-1.6.9 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/guacamole-client/pull/265.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #265 commit e5e92e08ec319f80ddf9aef8c17ed42bcd00c193 Author: James Muehlner <james.muehlner@...> Date: 2018-03-14T02:58:34Z GUACAMOLE-526: Update webapp to angular 1.6.9. ---
[GitHub] guacamole-client pull request #217: GUACAMOLE-394: Add interface for browsin...
Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/217#discussion_r159809794
--- Diff: guacamole/src/main/webapp/app/rest/types/Connection.js ---
@@ -104,6 +104,15 @@ angular.module('rest').factory('Connection', [function
defineConnection() {
*/
this.sharingProfiles = template.sharingProfiles;
+/**
+ * The time that this connection was last used, in seconds since
+ * 1970-01-01 00:00:00 UTC. If this information is unknown or
+ * unavailable, this will be null.
+ *
+ * @type Number
--- End diff --
It looks like milliseconds, yeah. The documentation indicates so, as does
inspection of existing API responses.
---
[GitHub] guacamole-website pull request #51: GUACAMOLE-436: Update website to reflect...
Github user jmuehlner commented on a diff in the pull request: https://github.com/apache/guacamole-website/pull/51#discussion_r153685207 --- Diff: _releases/0.9.12-incubating.md --- @@ -8,8 +8,8 @@ summary: > improvements, and fixes for printing, file transfer, and terminal emulation. -artifact-root: "http://apache.org/dyn/closer.cgi?action=download=; -checksum-root: "https://www.apache.org/dist/; +artifact-root: "http://archive.apache.org/dist/; --- End diff -- Why are these paths different for 0.9.12 and 0.9.13? ---
