changes required for read-only support for admin pages

GEANT · Apr 24, 2024 · 0722bc9 · 0722bc9
1 parent 839ed3f
commit 0722bc9
Show file tree

Hide file tree

Showing 20 changed files with 380 additions and 175 deletions.
diff --git a/core/AbstractProfile.php b/core/AbstractProfile.php
@@ -130,21 +130,47 @@ abstract class AbstractProfile extends EntityWithDBProperties
     const OVERALL_OPENROAMING_LEVEL_WARN = 1;
     const OVERALL_OPENROAMING_LEVEL_ERROR = 0;
 
-
+/**
+ * constants used for displaying messages
+ */    
     const OPENROAMING_ALL_GOOD = 24;
-    const OPENROAMING_NO_REALM = 17; //n
-    const OPENROAMING_BAD_SRV = 16; //n
-    const OPENROAMING_BAD_NAPTR = 10; // w
-    const OPENROAMING_SOME_BAD_CONNECTIONS = 8; //w
-    const OPENROAMING_NO_DNSSEC = 8; //w
-    const OPENROAMING_NO_NAPTR = 3; //e
-    const OPENROAMING_BAD_NAPTR_RESOLVE = 2; //e
-    const OPENROAMING_BAD_SRV_RESOLVE = 1; //e
-    const OPENROAMING_BAD_CONNECTION = 0; //e
+    const OPENROAMING_NO_REALM = 17; //none
+    const OPENROAMING_BAD_SRV = 16; //none
+    const OPENROAMING_BAD_NAPTR = 10; // warning
+    const OPENROAMING_SOME_BAD_CONNECTIONS = 8; //warning
+    const OPENROAMING_NO_DNSSEC = 8; //warning
+    const OPENROAMING_NO_NAPTR = 3; //error
+    const OPENROAMING_BAD_NAPTR_RESOLVE = 2; //error
+    const OPENROAMING_BAD_SRV_RESOLVE = 1; //error
+    const OPENROAMING_BAD_CONNECTION = 0; //error
+
 
+    const READINESS_LEVEL_NOTREADY = 0;
+    const READINESS_LEVEL_SUFFICIENTCONFIG = 1;
+    const READINESS_LEVEL_SHOWTIME = 2;
 
 
+    const CERT_STATUS_OK = 0;
+    const CERT_STATUS_WARN = 1;
+    const CERT_STATUS_ERROR = 2;
 
+    const OVERALL_OPENROAMING_INDEX = [
+        self::OVERALL_OPENROAMING_LEVEL_NO => 'OVERALL_OPENROAMING_LEVEL_NO',
+        self::OVERALL_OPENROAMING_LEVEL_GOOD => 'OVERALL_OPENROAMING_LEVEL_GOOD',
+        self::OVERALL_OPENROAMING_LEVEL_NOTE => 'OVERALL_OPENROAMING_LEVEL_NOTE',
+        self::OVERALL_OPENROAMING_LEVEL_WARN => 'OVERALL_OPENROAMING_LEVEL_WARN',
+        self::OVERALL_OPENROAMING_LEVEL_ERROR => 'OVERALL_OPENROAMING_LEVEL_ERROR',      
+    ];
+
+    const OPENROAMING_INDEX = [
+        self::OVERALL_OPENROAMING_LEVEL_NO => 'OVERALL_OPENROAMING_LEVEL_NO',
+    ];
+
+    const CERT_STATUS_INDEX = [
+        self::CERT_STATUS_OK => 'CERT_STATUS_OK',
+        self::CERT_STATUS_WARN => 'CERT_STATUS_WARN',
+        self::CERT_STATUS_ERROR => 'CERT_STATUS_ERROR',     
+    ];
 
     /**
      *  generates a detailed log of which installer was downloaded
@@ -867,15 +893,7 @@ public function getCollapsedAttributes($eap = [])
         }
         return $collapsedList;
     }
-
-    const READINESS_LEVEL_NOTREADY = 0;
-    const READINESS_LEVEL_SUFFICIENTCONFIG = 1;
-    const READINESS_LEVEL_SHOWTIME = 2;
-    const CERT_STATUS_OK = 0;
-    const CERT_STATUS_WARN = 1;
-    const CERT_STATUS_ERROR = 2;
 
-
     /**
      * Does the profile contain enough information to generate installers with
      * it? Silverbullet will always return TRUE; RADIUS profiles need to do some

diff --git a/core/Federation.php b/core/Federation.php
@@ -525,6 +525,9 @@ public function listIdentityProviders($activeOnly = 0)
         // SELECT -> resource, not boolean
         while ($idpQuery = mysqli_fetch_object(/** @scrutinizer ignore-type */ $allIDPs)) {
             $idp = new IdP($idpQuery->inst_id);
+            if (!isset($idpQuery->realms)) {
+                $idpQuery->realms = '';
+            }
             $name = $idp->name;
             $idpInfo = ['entityID' => $idp->identifier,
                 'title' => $name,

diff --git a/core/IdP.php b/core/IdP.php
@@ -171,6 +171,12 @@ public function listDeployments(bool $activeOnly = FALSE)
     const PROFILES_INCOMPLETE = 0;
     const PROFILES_CONFIGURED = 1;
     const PROFILES_SHOWTIME = 2;
+
+    const PROFILES_INDEX = [
+        self::PROFILES_INCOMPLETE => 'PROFILES_INCOMPLETE',
+        self::PROFILES_CONFIGURED => 'PROFILES_CONFIGURED',
+        self::PROFILES_SHOWTIME => 'PROFILES_SHOWTIME',
+    ];
 
     /**
      * looks through all the profiles of the inst and determines the highest prod-ready level among the profiles

diff --git a/core/User.php b/core/User.php
@@ -119,14 +119,26 @@ public function isFederationAdmin($federation = 0)
 
     /**
      * This function tests if the current user has been configured as the system superadmin, i.e. if the user is allowed
-     * to execute the 112365365321.php script
+     * to execute the 112365365321.php script and obtain read-only access to admin areas.
      *
      * @return boolean TRUE if the user is a superadmin, FALSE if not 
      */
     public function isSuperadmin()
     {
         return in_array($this->userName, \config\Master::SUPERADMINS);
     }
+
+
+    /**
+     * This function tests if the current user has been configured as the system superadmin, i.e. if the user is allowed
+     *  obtain read-only access to admin areas.
+     *
+     * @return boolean TRUE if the user is a support member, FALSE if not 
+     */
+    public function isSupport()
+    {
+        return in_array($this->userName, \config\Master::SUPPORT);
+    }
 
     /**
      * This function tests if the current user is an ovner of a given IdP

diff --git a/web/admin/edit_federation.php b/web/admin/edit_federation.php
@@ -39,7 +39,7 @@
 $fedPost = $_POST['fed_id'];
 
 
-$my_fed = $validator->existingFederation($fedPost, $_SESSION['user']);
+[$my_fed, $editMode] = $validator->existingFederationInt($fedPost, $_SESSION['user']);
 $fed_options = $my_fed->getAttributes();
 /// product name (eduroam CAT), then term used for "federation", then actual name of federation.
 echo $deco->defaultPagePrelude(sprintf(_("%s: Editing %s '%s'"), \config\Master::APPEARANCE['productname'], $uiElements->nomenclatureFed, $my_fed->name));
@@ -49,6 +49,15 @@
 <script src="js/option_expand.js" type="text/javascript"></script>
 <script type="text/javascript" src="../external/jquery/jquery.js"></script> 
 <script type="text/javascript" src="../external/jquery/jquery-migrate.js"></script> 
+<?php
+if ($editMode == 'readonly') {
+    print('<style>'
+            . 'button.newoption {visibility: hidden}'
+            . 'input {pointer-events: none} '
+            . '.ui-sortable-handle {pointer-events: none}'
+            . '</style>');
+}
+?>
 </head>
 <body>
 
@@ -90,5 +99,12 @@
         <button type='button' class='newoption' onclick='getXML("fed", "<?php echo $my_fed->tld ?>")'><?php echo _("Add new option"); ?></button>
     </fieldset>
     <?php
-    echo "<div><button type='submit' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_SAVE . "'>" . _("Save data") . "</button> <button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_federation.php\"'>" . _("Discard changes") . "</button></div></form>";
+    echo "<div>";
+    if ($editMode === 'fullaccess') {
+        echo "<button type='submit' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_SAVE . "'>" . _("Save data") . "</button>";
+        $discardLabel = _("Discard changes");
+    } else {
+        $discardLabel = _("Return");
+    }
+    echo "<button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_federation.php?fed_id=$fedPost\"'>" . $discardLabel . "</button></div></form>";
     echo $deco->footer();
diff --git a/web/admin/js/nro.js b/web/admin/js/nro.js
@@ -20,6 +20,43 @@
 
 /* various jquery scripts for the NRO admin page */
 
+function row_filter(table) {
+    var linked = table.find('[id^="unlinked_ck_"]').is(':checked');
+    var broken_cert = table.find('[id^="brokencert_ck_"]').is(':checked');
+    var or_warn = table.find('[id^="or_ck_"]').is(':checked');
+    var profile_warn = table.find('[id^="profile_ck_"]').is(':checked');
+    var input = table.find('[id^="qsearch_"]').val().toLowerCase();
+    var tr_visible;
+    var inp_found;
+    table.children("tr.idp_tr").each(function() {
+        tr_visible = true;
+        if (linked && $(this).hasClass('linked')) {
+            tr_visible = false;
+        }
+        if (tr_visible && broken_cert && $(this).hasClass('certok')) {
+            tr_visible = false;
+        }
+        if (tr_visible && or_warn && $(this).hasClass('orok')) {
+            tr_visible = false;
+        }        
+        if (tr_visible && profile_warn && $(this).hasClass('profileok')) {
+            tr_visible = false;
+        }         
+        if (tr_visible && input !== '') {
+            inp_found = $(this).find("span.inst_name:contains('"+input+"')").length;
+            if (inp_found == 0) {
+                tr_visible = false;
+            }
+        }
+
+        if (tr_visible) {
+            $(this).show();
+        } else {
+            $(this).hide();            
+        }
+    });
+}
+
 $(document).ready(function() {
     // realm diagnostics
     $("#realmcheck").on('click', function() {
@@ -52,45 +89,28 @@ $(document).ready(function() {
     // handler for the text filter (must take into account possible filtering 
     // on linked status
     $('[id^="qsearch_"]').keyup(function() {
-        var input = $(this).val().toLowerCase();
-        var this_row = $(this).parent().parent();
-        var this_table = this_row.parent();
-        var this_ck = this_row.find('input[id^="unlinked_ck_"]');
-        var tr;
-        if (input === '') {
-            if (this_ck.is(':checked')) {
-                console.log("checked");
-                this_table.children("tr.notlinked").show();
-            } else {
-                console.log("unchecked");
-                this_table.children("tr.idp_tr").show();
-            }
-        } else {
-            if (this_ck.is(':checked')) {
-                this_table.children("tr.idp_tr").hide();
-                this_table.find("span.inst_name:contains('"+input+"')").each(function() {
-                    tr = $(this).parent().parent();
-                    if (tr.hasClass("notlinked")) {
-                       tr.show();
-                   }
-               });
-            } else {
-                this_table.children("tr.idp_tr").hide();
-                this_table.find("span.inst_name:contains('"+input+"')").parent().parent().show();
-            }
-
-        }
+        var this_table = $(this).parent().parent().parent();
+        row_filter(this_table);
     });
 
     // the linked filter checkbox handler
-    $('[id^="unlinked_ck_"]').on('click', function() {
+    $(":checkbox").on('click', function() {
         var this_table = $(this).parent().parent().parent();
-        if ($(this).is(':checked')) {
-            this_table.children("tr.linked").hide();
-        } else {
-            this_table.children("tr.linked").show();
+        row_filter(this_table);
+    });
+
+    $("#fed_selection").on('change', function() {
+        fed = $("#fed_selection option:selected").val();
+        if (fed === "XX") {
+            return;
         }
+        $("#thirdrow").hide();
+        document.location.href = "overview_federation.php?fed_id="+fed;
     });
+
+
+    $("img.cat-icon").tooltip();
+
 });