Implement OAuth2 server, link oauth:Client and auth::Oauth2Client, implement permission checks
This commit is contained in:
@@ -37,6 +37,7 @@ const template = `
|
||||
>
|
||||
<h6 class="dropdown-header">Hello, {{ first_name }}.</h6>
|
||||
<a href="/dash/profile" class="dropdown-item">My Profile</a>
|
||||
<a href="/dash/c/listing/reflect/Token" v-if="can.api_tokens" class="dropdown-item">API Tokens</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a href="/auth/logout" class="dropdown-item">Sign-Out of {{ app_name }}</a>
|
||||
</div>
|
||||
@@ -51,6 +52,8 @@ export default class NavBarComponent extends Component {
|
||||
static get template() { return template }
|
||||
static get props() { return [] }
|
||||
|
||||
can = {}
|
||||
|
||||
constructor() {
|
||||
super()
|
||||
this.toggle_event = event_bus.event('sidebar.toggle')
|
||||
@@ -59,6 +62,10 @@ export default class NavBarComponent extends Component {
|
||||
this.app_name = session.get('app.name')
|
||||
}
|
||||
|
||||
async vue_on_create() {
|
||||
this.can.api_tokens = await session.check_permissions('v1:reflect:tokens:list')
|
||||
}
|
||||
|
||||
toggle_sidebar() {
|
||||
this.toggle_event.fire()
|
||||
}
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
import { Component } from '../../lib/vues6/vues6.js'
|
||||
import { event_bus } from '../service/EventBus.service.js'
|
||||
import { action_service } from '../service/Action.service.js'
|
||||
import { resource_service } from '../service/Resource.service.js'
|
||||
import { session } from '../service/Session.service.js'
|
||||
|
||||
const template = `
|
||||
<div class="bg-light border-right coreid-sidebar-wrapper" id="sidebar-wrapper" v-bind:class="{ collapsed: isCollapsed }">
|
||||
@@ -23,7 +25,9 @@ export default class SideBarComponent extends Component {
|
||||
static get props() { return ['app_name'] }
|
||||
static get template() { return template }
|
||||
|
||||
actions = [
|
||||
actions = []
|
||||
|
||||
possible_actions = [
|
||||
{
|
||||
text: 'Profile',
|
||||
action: 'redirect',
|
||||
@@ -31,23 +35,45 @@ export default class SideBarComponent extends Component {
|
||||
},
|
||||
{
|
||||
text: 'Users',
|
||||
action: 'redirect',
|
||||
next: '/dash/users',
|
||||
action: 'list',
|
||||
type: 'resource',
|
||||
resource: 'auth/User',
|
||||
},
|
||||
{
|
||||
text: 'Groups',
|
||||
action: 'redirect',
|
||||
next: '/dash/c/listing/ldap/Group',
|
||||
action: 'list',
|
||||
type: 'resource',
|
||||
resource: 'auth/Group',
|
||||
},
|
||||
{
|
||||
text: 'Applications',
|
||||
action: 'list',
|
||||
type: 'resource',
|
||||
resource: 'App',
|
||||
},
|
||||
{
|
||||
text: 'IAM Policy',
|
||||
action: 'list',
|
||||
type: 'resource',
|
||||
resource: 'iam/Policy',
|
||||
},
|
||||
{
|
||||
text: 'LDAP Clients',
|
||||
action: 'redirect',
|
||||
next: '/dash/c/listing/ldap/Client',
|
||||
action: 'list',
|
||||
type: 'resource',
|
||||
resource: 'ldap/Client',
|
||||
},
|
||||
{
|
||||
text: 'OAuth2 Clients',
|
||||
action: 'list',
|
||||
type: 'resource',
|
||||
resource: 'oauth/Client',
|
||||
},
|
||||
{
|
||||
text: 'SAML Service Providers',
|
||||
action: 'redirect',
|
||||
next: '/dash/c/listing/saml/Provider',
|
||||
action: 'list',
|
||||
type: 'resource',
|
||||
resource: 'saml/Provider',
|
||||
},
|
||||
{
|
||||
text: 'Settings',
|
||||
@@ -63,6 +89,32 @@ export default class SideBarComponent extends Component {
|
||||
})
|
||||
}
|
||||
|
||||
async vue_on_create() {
|
||||
const new_actions = []
|
||||
|
||||
const perm_lookups = []
|
||||
for ( const action of this.possible_actions ) {
|
||||
if ( action.resource ) {
|
||||
action.rsc = await resource_service.get(action.resource)
|
||||
perm_lookups.push(`${action.rsc.permission_base}:list`)
|
||||
}
|
||||
}
|
||||
|
||||
const perms = await session.check_permissions(...perm_lookups)
|
||||
|
||||
for ( const action of this.possible_actions ) {
|
||||
if ( action.resource ) {
|
||||
if ( perms[`${action.rsc.permission_base}:list`] ) {
|
||||
new_actions.push(action)
|
||||
}
|
||||
} else {
|
||||
new_actions.push(action)
|
||||
}
|
||||
}
|
||||
|
||||
this.actions = new_actions
|
||||
}
|
||||
|
||||
isCollapsed = false
|
||||
|
||||
toggle() {
|
||||
|
||||
@@ -175,8 +175,6 @@ export default class EditProfileComponent extends Component {
|
||||
this.form_message = 'Saving...'
|
||||
save()
|
||||
}
|
||||
|
||||
console.log('profile form', this)
|
||||
}
|
||||
|
||||
get_submit_data() {
|
||||
|
||||
@@ -80,7 +80,6 @@ export default class AppPasswordFormComponent extends Component {
|
||||
|
||||
vue_on_create() {
|
||||
this.uuid = utility.uuid()
|
||||
console.log({auth_api})
|
||||
}
|
||||
|
||||
async on_name_change(event) {
|
||||
|
||||
Reference in New Issue
Block a user