Enable role based admin access

thknieling · thknieling · commit aa3bf1d248c9 · 2020-08-10T23:21:06.000+02:00
diff --git a/public/api/swagger.yaml b/public/api/swagger.yaml
@@ -4257,6 +4257,8 @@ definitions:
     properties:
       token:
         type: string
+      roles:
+        type: string
       AdminRole:
         type: boolean
         x-omitempty: false
diff --git a/src/adabas/admin.ts b/src/adabas/admin.ts
@@ -187,42 +187,39 @@ export class AdabasAdmin {
             headers: authHeader("application/json"),
             useCredentails: true,
         };
-        try {
             return axios
                 .put(config.Url() + "/adabas/database/"
-                    + this.status.Dbid + "?name=" + newName, {}, getConfig);
-        }
-        catch (error) {
+                    + this.status.Dbid + "?name=" + newName, {}, getConfig)
+        .catch((error:any) => {
             if (error.response) {
                 if (error.response.status == 401 || error.response.status == 403) {
                     userService.logout();
                     location.reload(true);
                 }
             }
             throw error;
-        }
+        });
     }
     // Adabas file number can be renumbered
     async renumberFile(file: number, newNr: string): Promise<any> {
         const getConfig = {
             headers: authHeader("application/json"),
             useCredentails: true,
         };
-        try {
-            return axios
-                .put(config.Url() + "/adabas/database/"
+        return axios
+            .put(config.Url() + "/adabas/database/"
                     + this.status.Dbid + "/file/" + file
-                    + ":renumber?number=" + newNr, {}, getConfig);
-        }
-        catch (error) {
+                    + ":renumber?number=" + newNr, {}, getConfig)
+            .catch ((error: any) => {
+            console.log("E: "+JSON.stringify(error));
             if (error.response) {
                 if (error.response.status == 401 || error.response.status == 403) {
                     userService.logout();
                     location.reload(true);
                 }
             }
             throw error;
-        }
+        });
     }
     // Refresh content of a given Adabas file number (attention: data is lost)!!!
     async refreshFile(file: number): Promise<any> {
diff --git a/src/components/DatabaseInfos.vue b/src/components/DatabaseInfos.vue
@@ -15,6 +15,7 @@
 
 <template>
   <div class="databaseinfos p-2">
+    <ErrorModal />
     <div class="card">
       <div class="card-header h5">Adabas Database information</div>
       <div class="card-body">
@@ -46,7 +47,6 @@
         </b-modal>
         <b-table
           class="w-100 p-3"
-          
           striped
           bordered
           hover
@@ -66,12 +66,14 @@ import Sidebar from "./Sidebar.vue";
 import StatusBar from "./StatusBar.vue";
 import store from "../store/index";
 import Url from "./Url.vue";
+import ErrorModal from "@/components/ErrorModal.vue";
 
 @Component({
   components: {
     Sidebar,
     StatusBar,
     Url,
+    ErrorModal,
   },
 })
 export default class ParameterList extends Vue {
@@ -158,9 +160,22 @@ export default class ParameterList extends Vue {
   }
   renameDatabase(): void {
     if (this.$data.newName !== "") {
-      this.$data.db.renameDatabase(this.$data.newName).then(()=> {
-            this.queryInformation();
-      });
+      this.$data.db
+        .renameDatabase(this.$data.newName)
+        .then(() => {
+          this.queryInformation();
+        })
+        .catch((error: any) => {
+          let errorText = "unknown error to rename database";
+          if (error.response !== undefined) {
+            errorText =
+              error.response.data.Error.code +
+              ": " +
+              error.response.data.Error.message;
+          }
+          this.$root.$emit("errorMessage", errorText);
+          this.$root.$emit("bv::show::modal", "modal-error", "#btnShow");
+        });
     }
     this.$data.newName = "";
   }
diff --git a/src/components/ErrorModal.vue b/src/components/ErrorModal.vue
@@ -0,0 +1,59 @@
+<!--
+ * Copyright (c) 2020 Software AG (http://www.softwareag.com/)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.-->
+
+<template>
+  <div class="errormodal p-2">
+    <b-modal id="modal-error" header-bg-variant="danger" title="Error..." ok-only>
+      <div class="d-block">Problem: {{ error }}</div>
+    </b-modal>
+  </div>
+</template>
+
+<script lang="ts">
+import { Component, Prop, Vue } from "vue-property-decorator";
+
+@Component
+export default class ErrorModal extends Vue {
+  @Prop() private msg!: string;
+  data() {
+    return {
+      error: "xx",
+    };
+  }
+  created() {
+    this.$root.$on("errorMessage", (data: any) => {
+      this.$data.error = data;
+    });
+  }
+}
+</script>
+
+<!-- Add "scoped" attribute to limit CSS to this component only -->
+<style scoped lang="scss">
+h3 {
+  margin: 40px 0 0;
+}
+ul {
+  list-style-type: none;
+  padding: 0;
+}
+li {
+  display: inline-block;
+  margin: 0 10px;
+}
+a {
+  color: #42b983;
+}
+</style>
diff --git a/src/components/Header.vue b/src/components/Header.vue
@@ -33,8 +33,8 @@
             <b-dropdown-item to="/metadata">Adabas Map Metadata</b-dropdown-item>
             <b-dropdown-item to="/modify">Modify record</b-dropdown-item>
           </b-nav-item-dropdown>
-            <b-nav-item to="/databases">Database Administration</b-nav-item>
-            <b-nav-item to="/jobs">Job list</b-nav-item>
+            <b-nav-item :disabled="!isAdministrator" to="/databases">Database Administration</b-nav-item>
+            <b-nav-item :disabled="!isAdministrator" to="/jobs">Job list</b-nav-item>
         </b-navbar-nav>
         <b-navbar-nav class="ml-auto" right>
             <b-nav-item target="_blank" href="/api/">Swagger API</b-nav-item>
@@ -54,7 +54,7 @@
               >Descriptor read</b-dropdown-item
             >
           </b-nav-item-dropdown>
-          <b-nav-item v-on:click="logout">Logout</b-nav-item>
+          <b-nav-item v-on:click="logout">Logout<br/>&lt;{{user}}&gt;</b-nav-item>
         </b-navbar-nav>
       </b-collapse>
     </b-navbar>
@@ -73,6 +73,7 @@ import {
 import "bootstrap/dist/css/bootstrap.css";
 import "bootstrap-vue/dist/bootstrap-vue.css";
 import { userService } from "../user/service";
+import { authHeader, adminRole } from '../user/auth-header';
 
 Vue.use(NavbarPlugin);
 Vue.use(ButtonPlugin);
@@ -91,14 +92,14 @@ export default Vue.extend({
   name: "Header",
   data() {
     return {
+      user: "",
+      isAdministrator: false,
       checked: true,
     };
   },
   created() {
-    // console.log("Created Header, read maps");
-    // store.dispatch('INIT_MAPS');
-    // console.log("Created Header, read databases");
-    // store.dispatch('INIT_DATABASES');
+    this.$data.isAdministrator = adminRole();
+    this.$data.user = userService.getUsername()
   },
   methods: {
     logout() {
diff --git a/src/examples/ImageExample.vue b/src/examples/ImageExample.vue
@@ -108,7 +108,7 @@ export default class ImageExample extends Vue {
       ],
       image: [],
       xURL:
-        "/rest/map/LOBEXAMPLE?fields=Filename,Size,@Thumbnail,@Picture,Model,DateOriginal,EXIFinformation",
+        "/rest/map/LOBEXAMPLE?fields=Filename,Size,@Thumbnail,@Picture,Model,DateOriginal,EXIFinformation&limit=0",
     };
   }
   created() {
diff --git a/src/store/config.ts b/src/store/config.ts
@@ -23,8 +23,8 @@ import Vue from 'vue';
 export function Url() {
    // console.log('Mode:' + process.env.NODE_ENV);
    if (process.env.NODE_ENV === 'development') {
-      return 'http://localhost:8130'; // GO
-      // return 'http://localhost:8091'; // Java
+      // return 'http://localhost:8130'; // GO
+      return 'http://localhost:8091'; // Java
    }
    return '.';
 }
diff --git a/src/user/auth-header.ts b/src/user/auth-header.ts
@@ -65,5 +65,12 @@ export function adminRole() : boolean {
         return false;
     }
     const user = JSON.parse(x);
-    return user.AdminRole;
+    if (user.AdminRole!==undefined) {
+        return user.AdminRole;
+    }
+    if (user.roles!==undefined) {
+        const roles = user.roles.split(",");
+        return roles.includes("aifadmin");
+    }
+    return false;
 }
diff --git a/src/user/service.ts b/src/user/service.ts
@@ -26,21 +26,20 @@ function logout(): void {
     version();
 }
 
-function handleResponse(response: Response) {
-    return response.text().then((text: string) => {
-        const data = text && JSON.parse(text);
-        if (!response.ok) {
-            if (response.status === 401 || response.status === 404) {
-                // auto logout if 401 response returned from api
-                logout();
-                location.reload(true);
-            }
-
-            const error = (data && data.message) || response.statusText;
-            return Promise.reject(error);
+async function handleResponse(response: Response) {
+    const text = await response.text();
+    const data = text && JSON.parse(text);
+    if (!response.ok) {
+        if (response.status === 401 || response.status === 404) {
+            // auto logout if 401 response returned from api
+            logout();
+            location.reload(true);
         }
-        return data;
-    });
+
+        const error = (data && data.message) || response.statusText;
+        return Promise.reject(error);
+    }
+    return data;
 }
 
 function handleVersionResponse(response: Response): Promise<Response>|any {
@@ -51,16 +50,18 @@ function handleVersionResponse(response: Response): Promise<Response>|any {
         return v;
     });
 }
-function version() {
+async function version() {
     const requestOptions = {
         method: 'GET',
         headers: { Accept: 'application/json' },
     };
 
-    return fetch(`${config.Url()}/version`, requestOptions).then(handleVersionResponse);
+    const response = await fetch(`${config.Url()}/version`, requestOptions);
+    return handleVersionResponse(response);
 }
 
-function login(username: string, password: string): Promise<Response> {
+// call login with username and password
+async function login(username: string, password: string): Promise<Response> {
     const v = localStorage.getItem('version');
     if (v) {
         const version = JSON.parse(v).version;
@@ -70,25 +71,26 @@ function login(username: string, password: string): Promise<Response> {
         headers: authInitHeader(username, password),
     };
 
-    return fetch(`${config.Url()}/login`, requestOptions)
-        .then(handleResponse)
-        .then((user) => {
-            // login successful if there's a user in the response
-            if (user) {
-                // store user details and basic auth credentials in local storage
-                // to keep user logged in between page refreshes
-                if (!user.token) {
-                    user.authdata = window.btoa(username + ':' + password);
-                }
-                user.username = username;
-                localStorage.setItem('user', JSON.stringify(user));
-                // console.log("Save user: " + JSON.stringify(user));
-            }
-
-            return user;
-        });
+    const response = await fetch(`${config.Url()}/login`, requestOptions);
+    const user = await handleResponse(response);
+    // login successful if there's a user in the response
+    if (user) {
+        // store user details and basic auth credentials in local storage
+        // to keep user logged in between page refreshes
+        if (user.token===undefined) {
+            user.authdata = window.btoa(username + ':' + password);
+        }
+        if (user.AdminRole===undefined) {
+            user.AdminRole = true;
+        }
+        user.username = username;
+        localStorage.setItem('user', JSON.stringify(user));
+        // console.log("Save user: " + JSON.stringify(user));
+    }
+    return user;
 }
 
+// get login user name
 function getUsername() {
     const x = localStorage.getItem('user');
     if (x === null) {

Original file line number	Diff line number	Diff line change
`@@ -108,7 +108,7 @@ export default class ImageExample extends Vue {`
`108`	`108`	`],`
`109`	`109`	`image: [],`
`110`	`110`	`xURL:`
`111`		`- "/rest/map/LOBEXAMPLE?fields=Filename,Size,@Thumbnail,@Picture,Model,DateOriginal,EXIFinformation",`
	`111`	`+ "/rest/map/LOBEXAMPLE?fields=Filename,Size,@Thumbnail,@Picture,Model,DateOriginal,EXIFinformation&limit=0",`
`112`	`112`	`};`
`113`	`113`	`}`
`114`	`114`	`created() {`
Original file line number	Diff line number	Diff line change
`@@ -23,8 +23,8 @@ import Vue from 'vue';`
`23`	`23`	`export function Url() {`
`24`	`24`	`// console.log('Mode:' + process.env.NODE_ENV);`
`25`	`25`	`if (process.env.NODE_ENV === 'development') {`
`26`		`- return 'http://localhost:8130'; // GO`
`27`		`- // return 'http://localhost:8091'; // Java`
	`26`	`+ // return 'http://localhost:8130'; // GO`
	`27`	`+ return 'http://localhost:8091'; // Java`
`28`	`28`	`}`
`29`	`29`	`return '.';`
`30`	`30`	`}`
Original file line number	Diff line number	Diff line change
`@@ -65,5 +65,12 @@ export function adminRole() : boolean {`
`65`	`65`	`return false;`
`66`	`66`	`}`
`67`	`67`	`const user = JSON.parse(x);`
`68`		`- return user.AdminRole;`
	`68`	`+ if (user.AdminRole!==undefined) {`
	`69`	`+ return user.AdminRole;`
	`70`	`+ }`
	`71`	`+ if (user.roles!==undefined) {`
	`72`	`+ const roles = user.roles.split(",");`
	`73`	`+ return roles.includes("aifadmin");`
	`74`	`+ }`
	`75`	`+ return false;`
`69`	`76`	`}`