From d619bf6931890c318859b96f40a46ce1ef6db306 Mon Sep 17 00:00:00 2001 From: Clark Andrianasolo Date: Wed, 11 Sep 2024 15:04:50 +0200 Subject: [PATCH] Fixes #25447: Admin user should have notification that their session is kept until timeout --- .../src/main/elm/sources/UserManagement.elm | 27 ++++++++++++++----- .../UserManagementService.scala | 2 +- 2 files changed, 22 insertions(+), 7 deletions(-) diff --git a/user-management/src/main/elm/sources/UserManagement.elm b/user-management/src/main/elm/sources/UserManagement.elm index 764a73f19..3a47cf167 100644 --- a/user-management/src/main/elm/sources/UserManagement.elm +++ b/user-management/src/main/elm/sources/UserManagement.elm @@ -2,7 +2,7 @@ module UserManagement exposing (processApiError, update) import ApiCalls exposing (activateUser, addUser, disableUser, getRoleConf, getUsersConf, postReloadConf, updateUser, updateUserInfo) import Browser -import DataTypes exposing (Model, Msg(..), PanelMode(..), StateInput(..), mergeUserNewInfo, userProviders) +import DataTypes exposing (Model, Msg(..), PanelMode(..), StateInput(..), Username, mergeUserNewInfo, userProviders) import Dict exposing (fromList) import Http exposing (..) import Init exposing (createErrorNotification, createSuccessNotification, defaultConfig, init, subscriptions) @@ -11,9 +11,6 @@ import Toasty import View exposing (view) import List import List.FlatMap -import DataTypes exposing (User) -import DataTypes exposing (UI) -import DataTypes exposing (UserForm) main = Browser.element @@ -126,7 +123,7 @@ update msg model = case result of Ok username -> (model, getUsersConf model) - |> createSuccessNotification (username ++ " have been modified") + |> createUserNotification username model Err err -> processApiError err model @@ -135,7 +132,7 @@ update msg model = case result of Ok username -> (model, getUsersConf model) - |> createSuccessNotification (username ++ " have been modified") + |> createUserNotification username model Err err -> processApiError err model @@ -322,6 +319,24 @@ update msg model = in ({model | ui = newUI, userForm = newUserForm}, Cmd.none) +-- When a user with admin rights is updated, changes will not have effect now: session is kept until it expires +createUserNotification : Username -> Model -> (Model, Cmd Msg) -> (Model, Cmd Msg) +createUserNotification username model = + let + hasAdminRights = + model.users + |> Dict.get username + |> Maybe.map (.authz) + |> Maybe.map (List.any (\auth -> "any_rights" == auth || String.startsWith "administration_" auth)) + |> Maybe.withDefault False + message = + if hasAdminRights then + username ++ " has been modified, change will be taken into account on next login" + else + username ++ " has been modified" + in + createSuccessNotification message + processApiError : Error -> Model -> ( Model, Cmd Msg ) processApiError err model = let diff --git a/user-management/src/main/scala/com/normation/plugins/usermanagement/UserManagementService.scala b/user-management/src/main/scala/com/normation/plugins/usermanagement/UserManagementService.scala index 8eef0d4be..bc83c26a6 100644 --- a/user-management/src/main/scala/com/normation/plugins/usermanagement/UserManagementService.scala +++ b/user-management/src/main/scala/com/normation/plugins/usermanagement/UserManagementService.scala @@ -350,7 +350,7 @@ class UserManagementService( } }).transform(toUpdate).head _ <- UserManagementIO.replaceXml(userXML, newXml, file) - _ <- userService.reloadPure() + _ <- userService.reloadPure() // this is also required to invalidate sessions } yield () }