GUACAMOLE-538: Add web application support for AUDIT permission.

guacamole/src/main/frontend/src/app/manage/directives/systemPermissionEditor.js

@@ -121,6 +121,10 @@ angular.module('manage').directive('systemPermissionEditor', ['$injector',
                 label: "MANAGE_USER.FIELD_HEADER_ADMINISTER_SYSTEM",
                 value: PermissionSet.SystemPermissionType.ADMINISTER
             },
+            {
+                label: "MANAGE_USER.FIELD_HEADER_AUDIT_SYSTEM",
+                value: PermissionSet.SystemPermissionType.AUDIT
+            },
             {
                 label: "MANAGE_USER.FIELD_HEADER_CREATE_NEW_USERS",
                 value: PermissionSet.SystemPermissionType.CREATE_USER

guacamole/src/main/frontend/src/app/navigation/services/userPageService.js

@@ -298,8 +298,9 @@ angular.module('navigation').factory('userPageService', ['$injector',
 
             // Determine whether the current user needs access to view connection history
             if (
-                    // A user must be a system administrator to view connection records
-                    PermissionSet.hasSystemPermission(permissions, PermissionSet.SystemPermissionType.ADMINISTER)
+                    // A user must be a system administrator or auditor to view connection records
+                       PermissionSet.hasSystemPermission(permissions, PermissionSet.SystemPermissionType.ADMINISTER)
+                    || PermissionSet.hasSystemPermission(permissions, PermissionSet.SystemPermissionType.AUDIT)
             ) {
                 canViewConnectionRecords.push(dataSource);
             }
@@ -312,7 +313,7 @@ angular.module('navigation').factory('userPageService', ['$injector',
             url  : '/settings/sessions'
         }));
 
-        // If user can manage connections, add links for connection management pages
+        // If user can view connection records, add links for connection history pages
         angular.forEach(canViewConnectionRecords, function addConnectionHistoryLink(dataSource) {
             pages.push(new PageDefinition({
                 name : [

guacamole/src/main/frontend/src/app/rest/types/PermissionSet.js

@@ -136,6 +136,11 @@ angular.module('rest').factory('PermissionSet', [function definePermissionSet()
          * Permission to administer the entire system.
          */
         ADMINISTER : "ADMINISTER",
+
+        /**
+         * Permission to view connection and user records for the entire system.
+         */
+        AUDIT : "AUDIT",
 
         /**
          * Permission to create new users.

guacamole/src/main/frontend/src/translations/en.json

@@ -408,6 +408,7 @@
         "ERROR_PASSWORD_MISMATCH" : "@:APP.ERROR_PASSWORD_MISMATCH",
 
         "FIELD_HEADER_ADMINISTER_SYSTEM"             : "Administer system:",
+        "FIELD_HEADER_AUDIT_SYSTEM"                  : "Audit system:",
         "FIELD_HEADER_CHANGE_OWN_PASSWORD"           : "Change own password:",
         "FIELD_HEADER_CREATE_NEW_USERS"              : "Create new users:",
         "FIELD_HEADER_CREATE_NEW_USER_GROUPS"        : "Create new user groups:",
@@ -449,6 +450,7 @@
         "DIALOG_HEADER_ERROR"          : "@:APP.DIALOG_HEADER_ERROR",
 
         "FIELD_HEADER_ADMINISTER_SYSTEM"             : "@:MANAGE_USER.FIELD_HEADER_ADMINISTER_SYSTEM",
+        "FIELD_HEADER_AUDIT_SYSTEM"                  : "@:MANAGE_USER.FIELD_HEADER_AUDIT_SYSTEM",
         "FIELD_HEADER_CHANGE_OWN_PASSWORD"           : "@:MANAGE_USER.FIELD_HEADER_CHANGE_OWN_PASSWORD",
         "FIELD_HEADER_CREATE_NEW_USERS"              : "@:MANAGE_USER.FIELD_HEADER_CREATE_NEW_USERS",
         "FIELD_HEADER_CREATE_NEW_USER_GROUPS"        : "@:MANAGE_USER.FIELD_HEADER_CREATE_NEW_USER_GROUPS",