You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@stratos.apache.org by im...@apache.org on 2015/05/21 14:43:53 UTC
stratos git commit: Fixing issue of not validating login permission
in the login page and adding /permission/admin/login to Internal/user role
Repository: stratos
Updated Branches:
refs/heads/master 7a4cd0052 -> 1387b2855
Fixing issue of not validating login permission in the login page and adding /permission/admin/login to Internal/user role
Project: http://git-wip-us.apache.org/repos/asf/stratos/repo
Commit: http://git-wip-us.apache.org/repos/asf/stratos/commit/1387b285
Tree: http://git-wip-us.apache.org/repos/asf/stratos/tree/1387b285
Diff: http://git-wip-us.apache.org/repos/asf/stratos/diff/1387b285
Branch: refs/heads/master
Commit: 1387b2855e3aaaacf0a28d2b060b6f9bff604e7c
Parents: 7a4cd00
Author: Imesh Gunaratne <im...@apache.org>
Authored: Thu May 21 18:25:07 2015 +0530
Committer: Imesh Gunaratne <im...@apache.org>
Committed: Thu May 21 18:25:07 2015 +0530
----------------------------------------------------------------------
.../console/controllers/login/login.jag | 20 ++++++++++----------
.../console/themes/theme0/js/login/login.js | 2 +-
.../manager/utils/PermissionConstants.java | 1 +
3 files changed, 12 insertions(+), 11 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/stratos/blob/1387b285/components/org.apache.stratos.manager.console/console/controllers/login/login.jag
----------------------------------------------------------------------
diff --git a/components/org.apache.stratos.manager.console/console/controllers/login/login.jag b/components/org.apache.stratos.manager.console/console/controllers/login/login.jag
index e60e31f..4843262 100644
--- a/components/org.apache.stratos.manager.console/console/controllers/login/login.jag
+++ b/components/org.apache.stratos.manager.console/console/controllers/login/login.jag
@@ -1,6 +1,5 @@
<%
/*
- *
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
@@ -49,10 +48,8 @@ if (username || password) {
try {
var auth = server.authenticate(username, password);
-
if (!auth) {
- session.put("error", "The username or password you entered is incorrect.");
- print({status: 0});
+ print({ status: 0, "message" : "The username or password you entered is incorrect." });
} else {
var userObject = carbon.server.tenantUser(username);
var um = new carbon.user.UserManager({}, userObject.tenantId);
@@ -70,16 +67,19 @@ try {
session.put("PERMISSIONS", userPermissions);
//call the authentication rest-endpoint and get the JSESSION_ID
var result = util.RESTCalls.getSession(username, password);
- //save the JSESSION_ID in current console.session.
- var jSessionId = result.data.Success.sessionId;
- session.put("JSESSIONID", jSessionId);
+ if((result == null) || (result.data == null) || (result.data.Success == null)) {
+ print({ "status": 0, "message" : "Login permission is not granted for user." });
+ } else {
+ //save the JSESSION_ID in current console.session.
+ var jSessionId = result.data.Success.sessionId;
+ session.put("JSESSIONID", jSessionId);
+ // require('console').server.current(session,username);
+ print({status: 1});
+ }
} catch (e) {
log.warn(e);
}
- // require('console').server.current(session,username);
- print({status: 1});
}
-
} catch (e) {
session.put("error", e.toString());
print({status: e.toString()});
http://git-wip-us.apache.org/repos/asf/stratos/blob/1387b285/components/org.apache.stratos.manager.console/console/themes/theme0/js/login/login.js
----------------------------------------------------------------------
diff --git a/components/org.apache.stratos.manager.console/console/themes/theme0/js/login/login.js b/components/org.apache.stratos.manager.console/console/themes/theme0/js/login/login.js
index 06df12c..ef9e396 100644
--- a/components/org.apache.stratos.manager.console/console/themes/theme0/js/login/login.js
+++ b/components/org.apache.stratos.manager.console/console/themes/theme0/js/login/login.js
@@ -78,7 +78,7 @@ $(document).ready(function () {
if (data.status === 1) {
window.location = caramel.context;
} else {
- form_error.show().html("The username or password you entered is incorrect.");
+ form_error.show().html(data.message);
}
}
})
http://git-wip-us.apache.org/repos/asf/stratos/blob/1387b285/components/org.apache.stratos.manager/src/main/java/org/apache/stratos/manager/utils/PermissionConstants.java
----------------------------------------------------------------------
diff --git a/components/org.apache.stratos.manager/src/main/java/org/apache/stratos/manager/utils/PermissionConstants.java b/components/org.apache.stratos.manager/src/main/java/org/apache/stratos/manager/utils/PermissionConstants.java
index 0d129aa..d655628 100644
--- a/components/org.apache.stratos.manager/src/main/java/org/apache/stratos/manager/utils/PermissionConstants.java
+++ b/components/org.apache.stratos.manager/src/main/java/org/apache/stratos/manager/utils/PermissionConstants.java
@@ -22,6 +22,7 @@ package org.apache.stratos.manager.utils;
public class PermissionConstants {
public static final String[] STRATOS_PERMISSIONS = new String[] {
+ "/permission/admin/login",
"/permission/admin/stratos",
"/permission/admin/stratos/autoscalingPolicies",
"/permission/admin/stratos/autoscalingPolicies/manage",