Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Fixes #3168 - Don't provide option to create API-Token if authentication via API token is disabled.

Browse source
This commit is contained in:
Rolf Schmidt 2021-09-10 17:26:17 +02:00 committed by Thorsten Eckel
parent 179b87ffe0
commit 28636727cc
6 changed files with 70 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
app/assets/javascripts/app/controllers/_application_controller/nav_sidebar.coffee
View file

@ -64,10 +64,15 @@ class App.ControllerNavSidbar extends App.Controller
groupsUnsorted.push item groupsUnsorted.push item
else else
match = false match = false
for permissionName in item.permission if typeof item.permission is 'function'
if !match && @permissionCheck(permissionName) match = item.permission(@)
match = true if match
groupsUnsorted.push item groupsUnsorted.push item
else
for permissionName in item.permission
if !match && @permissionCheck(permissionName)
match = true
groupsUnsorted.push item
_.sortBy(groupsUnsorted, (item) -> return item.prio) _.sortBy(groupsUnsorted, (item) -> return item.prio)
selectedItem: (groups) => selectedItem: (groups) =>
@ -83,10 +88,15 @@ class App.ControllerNavSidbar extends App.Controller
itemsUnsorted.push item itemsUnsorted.push item
else else
match = false match = false
for permissionName in item.permission if typeof item.permission is 'function'
if !match && @permissionCheck(permissionName) match = item.permission(@)
match = true if match
itemsUnsorted.push item itemsUnsorted.push item
else
for permissionName in item.permission
if !match && @permissionCheck(permissionName)
match = true
itemsUnsorted.push item
group.items = _.sortBy(itemsUnsorted, (item) -> return item.prio) group.items = _.sortBy(itemsUnsorted, (item) -> return item.prio)

11
app/assets/javascripts/app/controllers/_profile/token_access.coffee
View file

@ -144,4 +144,13 @@ class Create extends App.ControllerModal
msg: App.i18n.translateContent(data.message || data.error) msg: App.i18n.translateContent(data.message || data.error)
) )
App.Config.set('Token Access', { prio: 3200, name: 'Token Access', parent: '#profile', target: '#profile/token_access', controller: ProfileTokenAccess, permission: ['user_preferences.access_token'] }, 'NavBarProfile') App.Config.set('Token Access', {
prio: 3200,
name: 'Token Access',
parent: '#profile',
target: '#profile/token_access',
controller: ProfileTokenAccess,
permission: (controller) ->
return false if !App.Config.get('api_token_access')
return controller.permissionCheck('user_preferences.access_token')
}, 'NavBarProfile')

9
app/assets/javascripts/app/controllers/profile.coffee
View file

@ -2,6 +2,15 @@ class App.Profile extends App.ControllerNavSidbar
authenticateRequired: true authenticateRequired: true
configKey: 'NavBarProfile' configKey: 'NavBarProfile'
constructor: (params) ->
super
@controllerBind('config_update', (data) =>
return if data.name isnt 'api_token_access'
@render(true)
@updateNavigation(true, params)
)
class ProfileRouter extends App.ControllerPermanent class ProfileRouter extends App.ControllerPermanent
requiredPermission: ['user_preferences.*'] requiredPermission: ['user_preferences.*']

10
db/migrate/20210909093800_issue_3168_token_setting.rb Normal file
View file

@ -0,0 +1,10 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class Issue3168TokenSetting < ActiveRecord::Migration[6.0]
def change
# return if it's a new setup
return if !Setting.exists?(name: 'system_init_done')
Setting.find_by(name: 'api_token_access').update(frontend: true)
end
end

2
db/seeds/settings.rb
View file

@ -2864,7 +2864,7 @@ Setting.create_if_not_exists(
preferences: { preferences: {
permission: ['admin.api'], permission: ['admin.api'],
}, },
frontend: false frontend: true
) )
Setting.create_if_not_exists( Setting.create_if_not_exists(
title: 'API Password Access', title: 'API Password Access',

24
spec/system/profile_spec.rb
View file

@ -22,4 +22,28 @@ RSpec.describe 'Profile', type: :system do
expect(page).to have_no_css('.dropdown-menu > li > a[href="#profile"]') expect(page).to have_no_css('.dropdown-menu > li > a[href="#profile"]')
end end
end end
context "Don't provide option to create API-Token if authentication via API token is disabled #3168" do
before do
visit 'profile'
end
it 'does show the navbar link Token Access based on the Setting api_token_access' do
expect(page).to have_text('Token Access')
# disable token access
visit 'system/api'
click 'label[for=api_token_access]'
visit 'profile'
expect(page).to have_no_text('Token Access')
# enable token access
visit 'system/api'
click 'label[for=api_token_access]'
visit 'profile'
expect(page).to have_text('Token Access')
end
end
end end