Do not expose which backend was used
instead just indicate if the user is internal or not
This commit is contained in:
Marcial Rosales
Michael Klishin
parent
dc7d41042b
commit
f0adf3a2e8
|
|
@ -698,9 +698,6 @@ function DisplayControl() {
|
|||
|
||||
}
|
||||
|
||||
function is_internal_user(user) {
|
||||
return user.backends.includes("rabbit_auth_backend_internal");
|
||||
}
|
||||
|
||||
// Set up the above vars
|
||||
function setup_global_vars(overview) {
|
||||
|
|
@ -717,9 +714,9 @@ function setup_global_vars(overview) {
|
|||
'<li>Cluster ' + (user_administrator ? '<a href="#/cluster-name">' + cluster_name + '</a>' : cluster_name) + '</li>'
|
||||
);
|
||||
|
||||
user_name = fmt_escape_html(user.name);
|
||||
user_name = fmt_escape_html(user.name);
|
||||
$('#header #logout').prepend(
|
||||
'User ' + (user_administrator && is_internal_user(user) ? '<a href="#/users/' + user_name + '">' + user_name + '</a>' : user_name)
|
||||
'User ' + (user_administrator && user.is_internal_user ? '<a href="#/users/' + user_name + '">' + user_name + '</a>' : user_name)
|
||||
);
|
||||
|
||||
var product = overview.rabbitmq_version;
|
||||
|
|
|
|||
|
|
@ -20,31 +20,38 @@ bootstrap_oauth(Req0, State) ->
|
|||
Dependencies = oauth_dependencies(),
|
||||
JSContent = import_dependencies(Dependencies) ++
|
||||
set_oauth_settings(AuthSettings) ++
|
||||
case proplists:get_value(oauth_enabled, AuthSettings, false) of
|
||||
true -> set_token_auth(Req0) ++ export_dependencies(oauth_dependencies());
|
||||
false -> export_dependencies(["oauth_initialize_if_required", "set_oauth_settings"])
|
||||
end,
|
||||
{ok, cowboy_req:reply(200, #{<<"content-type">> => <<"text/javascript; charset=utf-8">>}, JSContent, Req0), State}.
|
||||
set_token_auth(AuthSettings, Req0) ++
|
||||
export_dependencies(Dependencies),
|
||||
{ok, cowboy_req:reply(200, #{<<"content-type">> => <<"text/javascript; charset=utf-8">>},
|
||||
JSContent, Req0), State}.
|
||||
|
||||
set_oauth_settings(AuthSettings) ->
|
||||
JsonAuthSettings = rabbit_json:encode(rabbit_mgmt_format:format_nulls(AuthSettings)),
|
||||
["set_oauth_settings(", JsonAuthSettings, ");"].
|
||||
|
||||
set_token_auth(Req0) ->
|
||||
case application:get_env(rabbitmq_management, oauth_enabled, false) of
|
||||
true ->
|
||||
|
||||
set_token_auth(AuthSettings, Req0) ->
|
||||
case proplists:get_value(oauth_enabled, AuthSettings, false) of
|
||||
true ->
|
||||
case cowboy_req:parse_header(<<"authorization">>, Req0) of
|
||||
{bearer, Token} -> ["set_token_auth('", Token, "');"];
|
||||
_ -> []
|
||||
end;
|
||||
false -> []
|
||||
false ->
|
||||
[]
|
||||
end.
|
||||
|
||||
import_dependencies(Dependencies) ->
|
||||
["import {", string:join(Dependencies, ","), "} from './helper.js';"].
|
||||
|
||||
oauth_dependencies() ->
|
||||
["oauth_initialize_if_required", "hasAnyResourceServerReady", "oauth_initialize", "oauth_initiate", "oauth_initiateLogin", "oauth_initiateLogout", "oauth_completeLogin", "oauth_completeLogout", "set_oauth_settings"].
|
||||
["oauth_initialize_if_required",
|
||||
"hasAnyResourceServerReady",
|
||||
"oauth_initialize", "oauth_initiate",
|
||||
"oauth_initiateLogin",
|
||||
"oauth_initiateLogout",
|
||||
"oauth_completeLogin",
|
||||
"oauth_completeLogout",
|
||||
"set_oauth_settings"].
|
||||
|
||||
export_dependencies(Dependencies) ->
|
||||
[ io_lib:format("window.~s = ~s;", [Dep, Dep]) || Dep <- Dependencies ].
|
||||
|
|
|
|||
|
|
@ -263,10 +263,11 @@ internal_user(User) ->
|
|||
{tags, tags_as_binaries(internal_user:get_tags(User))},
|
||||
{limits, internal_user:get_limits(User)}].
|
||||
|
||||
user(User) ->
|
||||
user(User) ->
|
||||
[{name, User#user.username},
|
||||
{tags, tags_as_binaries(User#user.tags)},
|
||||
{backends, [ Module || {Module, _} <- User#user.authz_backends]}].
|
||||
{is_internal_user, lists:any(fun({Module,_}) -> Module == rabbit_auth_backend_internal end,
|
||||
User#user.authz_backends)}].
|
||||
|
||||
tags_as_binaries(Tags) ->
|
||||
[to_binary(T) || T <- Tags].
|
||||
|
|
|
|||
Loading…
Reference in New Issue