You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ignite.apache.org by se...@apache.org on 2015/07/09 13:24:45 UTC
[1/2] incubator-ignite git commit: # IGNITE-843 Fix security issue.
Repository: incubator-ignite
Updated Branches:
refs/heads/ignite-843 bea625984 -> 87be52723
# IGNITE-843 Fix security issue.
Project: http://git-wip-us.apache.org/repos/asf/incubator-ignite/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ignite/commit/62b1854e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ignite/tree/62b1854e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ignite/diff/62b1854e
Branch: refs/heads/ignite-843
Commit: 62b1854ee6381646d262423cf4b61a2dba071b5c
Parents: bea6259
Author: sevdokimov <se...@jetbrains.com>
Authored: Thu Jul 9 14:23:01 2015 +0300
Committer: sevdokimov <se...@jetbrains.com>
Committed: Thu Jul 9 14:23:01 2015 +0300
----------------------------------------------------------------------
modules/web-control-center/nodejs/app.js | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/62b1854e/modules/web-control-center/nodejs/app.js
----------------------------------------------------------------------
diff --git a/modules/web-control-center/nodejs/app.js b/modules/web-control-center/nodejs/app.js
index fe5b032..0086d10 100644
--- a/modules/web-control-center/nodejs/app.js
+++ b/modules/web-control-center/nodejs/app.js
@@ -92,7 +92,6 @@ var adminOnly = function(req, res, next) {
req.isAuthenticated() && req.user.admin ? next() : res.sendStatus(403);
};
-app.all('/admin/*', mustAuthenticated, adminOnly);
app.all('/configuration/*', mustAuthenticated);
for (var p in uiUtils) {
@@ -126,7 +125,7 @@ app.all('*', function(req, res, next) {
});
app.use('/', publicRoutes);
-app.use('/admin', adminRouter);
+app.use('/admin', mustAuthenticated, adminOnly, adminRouter);
app.use('/', mustAuthenticated, profileRouter);
app.use('/configuration/clusters', clustersRouter);
[2/2] incubator-ignite git commit: # IGNITE-843 Fix notification.
Posted by se...@apache.org.
# IGNITE-843 Fix notification.
Project: http://git-wip-us.apache.org/repos/asf/incubator-ignite/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ignite/commit/87be5272
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ignite/tree/87be5272
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ignite/diff/87be5272
Branch: refs/heads/ignite-843
Commit: 87be527239c5fdae862e0f1238aa57361822a689
Parents: 62b1854
Author: sevdokimov <se...@jetbrains.com>
Authored: Thu Jul 9 14:24:38 2015 +0300
Committer: sevdokimov <se...@jetbrains.com>
Committed: Thu Jul 9 14:24:38 2015 +0300
----------------------------------------------------------------------
.../nodejs/controllers/admin-controller.js | 40 ++++++++++++++------
.../nodejs/views/admin/userList.jade | 5 +--
2 files changed, 31 insertions(+), 14 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/87be5272/modules/web-control-center/nodejs/controllers/admin-controller.js
----------------------------------------------------------------------
diff --git a/modules/web-control-center/nodejs/controllers/admin-controller.js b/modules/web-control-center/nodejs/controllers/admin-controller.js
index 8cff86b..870821d 100644
--- a/modules/web-control-center/nodejs/controllers/admin-controller.js
+++ b/modules/web-control-center/nodejs/controllers/admin-controller.js
@@ -15,16 +15,35 @@
* limitations under the License.
*/
-controlCenterModule.controller('adminController', ['$scope', '$alert', '$http', function ($scope, $alert, $http) {
+controlCenterModule.controller('adminController', ['$scope', '$alert', '$http', 'commonFunctions', function ($scope, $alert, $http, commonFunctions) {
$scope.userList = null;
+ $scope.showInfo = function (msg) {
+ $scope.showAlert(msg, 'success');
+ };
+
+ $scope.showError = function (msg) {
+ $scope.showAlert(msg, 'danger');
+ };
+
+ $scope.showAlert = function (msg, type) {
+ if ($scope.alert)
+ $scope.alert.hide();
+
+ $scope.alert = $alert({
+ type: type,
+ title: msg,
+ duration: 2
+ });
+ };
+
function reload() {
$http.post('admin/list')
.success(function (data) {
$scope.userList = data;
})
.error(function (errMsg) {
- $alert({title: $scope.errorMessage(errMsg)});
+ $scope.showError(commonFunctions.errorMessage(errMsg));
});
}
@@ -36,21 +55,20 @@ controlCenterModule.controller('adminController', ['$scope', '$alert', '$http',
$http.post('admin/remove', {userId: user._id}).success(
function (data) {
- $scope.alertStr = "User has been removed: " + user.username;
- $scope.alertType = 'success';
-
reload();
+
+ $scope.showInfo("User has been removed: " + user.username);
}).error(function (err) {
- $scope.alertStr = "Failed to remove user: " + err;
+ $scope.showError("Failed to remove user: " + commonFunctions.errorMessage(errMsg));
});
return false;
};
-
- $scope.toggleAdmin = function(user) {
+
+ $scope.toggleAdmin = function (user) {
if (user.adminChanging)
return;
-
+
user.adminChanging = true;
$http.post('admin/save', {userId: user._id, adminFlag: user.admin}).success(
@@ -58,8 +76,8 @@ controlCenterModule.controller('adminController', ['$scope', '$alert', '$http',
reload();
adminChanging = false;
- }).error(function (err) {
- $scope.alertStr = "Failed to update user: " + err;
+ }).error(function (errMsg) {
+ $scope.showError("Failed to remove user: " + commonFunctions.errorMessage(errMsg));
adminChanging = false;
});
http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/87be5272/modules/web-control-center/nodejs/views/admin/userList.jade
----------------------------------------------------------------------
diff --git a/modules/web-control-center/nodejs/views/admin/userList.jade b/modules/web-control-center/nodejs/views/admin/userList.jade
index d3cd122..6a9f9b3 100644
--- a/modules/web-control-center/nodejs/views/admin/userList.jade
+++ b/modules/web-control-center/nodejs/views/admin/userList.jade
@@ -24,7 +24,6 @@ block container
p List of registered users
hr
.docs-body
- div(ng-class='{alert: true, "alert-danger": alertType == danger, "alert-success": alertType == "success"}' ng-show='alertStr') {{alertStr}}
table.table.table-striped(st-table='userListDisplay' st-safe-src='userList')
thead
tr
@@ -44,8 +43,8 @@ block container
td
span.small {{user.lastLogin | date:'medium'}}
td
- input(type='checkbox' ng-disabled='user.adminChanging' ng-model='user.admin'
- ng-change='toggleAdmin(user)')
+ input(type='checkbox' ng-disabled='user.adminChanging || user._id == loggedInUser._id'
+ ng-model='user.admin' ng-change='toggleAdmin(user)')
td(width='1%')
a(ng-click='removeUser(user)' ng-show='user._id != loggedInUser._id' title='Remove user')
span.glyphicon.glyphicon-remove(style='color: red')