You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@esme.apache.org by rh...@apache.org on 2011/03/11 12:17:07 UTC
svn commit: r1080526 - in /esme/trunk/server/src/main:
scala/org/apache/esme/lib/AccessPoolMgr.scala webapp/pools_view/index.html
Author: rhirsch
Date: Fri Mar 11 11:17:07 2011
New Revision: 1080526
URL: http://svn.apache.org/viewvc?rev=1080526&view=rev
Log:
[ESME-337] User with no admin rights to a pool shouldn't be able to edit it.
Patch from Vladimir Ivanov
Modified:
esme/trunk/server/src/main/scala/org/apache/esme/lib/AccessPoolMgr.scala
esme/trunk/server/src/main/webapp/pools_view/index.html
Modified: esme/trunk/server/src/main/scala/org/apache/esme/lib/AccessPoolMgr.scala
URL: http://svn.apache.org/viewvc/esme/trunk/server/src/main/scala/org/apache/esme/lib/AccessPoolMgr.scala?rev=1080526&r1=1080525&r2=1080526&view=diff
==============================================================================
--- esme/trunk/server/src/main/scala/org/apache/esme/lib/AccessPoolMgr.scala (original)
+++ esme/trunk/server/src/main/scala/org/apache/esme/lib/AccessPoolMgr.scala Fri Mar 11 11:17:07 2011
@@ -349,13 +349,21 @@ object AccessPoolMgr {
val accessPool = AccessPool.find(By(AccessPool.id, poolId.is))
Privilege.findAll(By(Privilege.pool, poolId.is), NotBy(Privilege.permission, Permission.Denied)) match {
case Nil => NodeSeq.Empty
- case xs => bind("pool", in,
- "user" ->
- (lst => xs.flatMap(i => bind("user", lst,
- "name" -> User.find(i.user).map(
- _.nickname.is).getOrElse(""),
- "privilege" -> i.permission.is.toString
- ))))
+ case xs => {
+ def userNamePrivilege(lst : NodeSeq) : NodeSeq = {
+ xs.flatMap(i => bind("user", lst,
+ "name" -> User.find(i.user).map(
+ _.nickname.is).getOrElse(""),
+ "privilege" -> i.permission.is.toString
+ ))
+ }
+
+ def renderEditButton(in : NodeSeq) : NodeSeq = if(Privilege.findAdminPools(user.open_!.id).contains(poolId.is)) in else NodeSeq.Empty
+
+ bind("pool", in,
+ "user" -> userNamePrivilege _,
+ "action" -> renderEditButton _)
+ }
}
}
Modified: esme/trunk/server/src/main/webapp/pools_view/index.html
URL: http://svn.apache.org/viewvc/esme/trunk/server/src/main/webapp/pools_view/index.html?rev=1080526&r1=1080525&r2=1080526&view=diff
==============================================================================
--- esme/trunk/server/src/main/webapp/pools_view/index.html (original)
+++ esme/trunk/server/src/main/webapp/pools_view/index.html Fri Mar 11 11:17:07 2011
@@ -122,11 +122,13 @@
</pool:user>
</tbody>
</table>
+ <pool:action>
<div class="post-form-row">
<div class="submit-btn tipelement" title="Add a user to an existing pool." >
<input type="image" onclick="javascript:$('#dialog-form-user').dialog('open')" id="create-user" src="../images/edit.gif"/>
</div>
</div>
+ </pool:action>
</lift:poolUsers>
</div>
<div class="pool_select">