From 4aeaaa167be213e270176d1c3c8432ea57d5b358 Mon Sep 17 00:00:00 2001
From: Ilja <ilja@ilja.space>
Date: Sun, 11 Sep 2022 13:35:25 +0200
Subject: [PATCH] Don't show create new account button if not privileged
In view Users
---
src/views/users/index.vue | 8 +++++++-
test/views/users/index.test.js | 32 ++++++++++++++++++++++++++++-
test/views/users/store.conf.js | 37 ++++++++++++++++++++++++++++++++++
3 files changed, 75 insertions(+), 2 deletions(-)
diff --git a/src/views/users/index.vue b/src/views/users/index.vue
index 510c7b23..f053aace 100644
--- a/src/views/users/index.vue
+++ b/src/views/users/index.vue
@@ -17,7 +17,7 @@
@input="handleDebounceSearchInput"/>
</div>
<div class="actions-container">
- <el-button class="actions-button" @click="createAccountDialogOpen = true">
+ <el-button v-if="isPrivileged([], ['admin'])" class="actions-button" @click="createAccountDialogOpen = true">
<span class="create-account">
<i class="el-icon-plus"/>
{{ $t('users.createAccount') }}
@@ -208,6 +208,12 @@ export default {
clearSelection() {
this.$refs.usersTable.clearSelection()
},
+ isPrivileged(accepted_privileges, accepted_roles) {
+ const user_privileges = this.$store.getters.privileges
+ const user_roles = this.$store.getters.roles
+ return accepted_privileges.some(privilege => user_privileges.indexOf(privilege) >= 0) || accepted_roles.some(role => user_roles.indexOf(role) >= 0)
+ },
+
closeResetPasswordDialog() {
this.resetPasswordDialogOpen = false
this.$store.dispatch('RemovePasswordToken')
diff --git a/test/views/users/index.test.js b/test/views/users/index.test.js
index 8c486cdf..19528299 100644
--- a/test/views/users/index.test.js
+++ b/test/views/users/index.test.js
@@ -4,7 +4,11 @@ import flushPromises from 'flush-promises'
import Element from 'element-ui'
import Users from '@/views/users/index'
import NewAccountDialog from '@/views/users/components/NewAccountDialog'
-import { storeConfig } from './store.conf'
+import {
+ storeConfig,
+ storeWithRoleAdminNoPrivileges,
+ storeWithNoRolesNoPrivileges
+} from './store.conf'
import { cloneDeep } from 'lodash'
config.mocks["$t"] = () => {}
@@ -82,6 +86,32 @@ describe('Users actions', () => {
store = new Vuex.Store(cloneDeep(storeConfig))
})
+ it('doesnt show create new account button if not privileged', async (done) => {
+ const wrapper_admin = mount(Users, {
+ store: new Vuex.Store(cloneDeep(storeWithRoleAdminNoPrivileges)),
+ localVue,
+ sync: false,
+ stubs: {
+ RouterLink: RouterLinkStub
+ }
+ })
+
+ const wrapper_no_admin = mount(Users, {
+ store: new Vuex.Store(cloneDeep(storeWithNoRolesNoPrivileges)),
+ localVue,
+ sync: false,
+ stubs: {
+ RouterLink: RouterLinkStub
+ }
+ })
+
+ await flushPromises()
+ expect(wrapper_admin.find('.actions-button').isVisible()).toBe(true)
+ expect(wrapper_no_admin.find('.actions-button').exists()).toBe(false)
+
+ done()
+ })
+
it('grants admin right to a local user', async (done) => {
const wrapper = mount(Users, {
store,
diff --git a/test/views/users/store.conf.js b/test/views/users/store.conf.js
index 265ebbfb..6a7736ce 100644
--- a/test/views/users/store.conf.js
+++ b/test/views/users/store.conf.js
@@ -46,3 +46,40 @@ export const storeWithTagPolicy = {
},
getters
}
+
+export const storeWithRoleAdminNoPrivileges = {
+ modules: {
+ app,
+ settings,
+ user: {
+ ...user,
+ state: {
+ ...user.state,
+ roles: ['admin'],
+ privileges: []
+ }
+ },
+ userProfile,
+ users
+ },
+ getters
+}
+
+
+export const storeWithNoRolesNoPrivileges = {
+ modules: {
+ app,
+ settings,
+ user: {
+ ...user,
+ state: {
+ ...user.state,
+ roles: [],
+ privileges: []
+ }
+ },
+ userProfile,
+ users
+ },
+ getters
+}
--
GitLab