diff --git a/domain-server/resources/describe-settings.json b/domain-server/resources/describe-settings.json
index 83c59f81a7..2965276969 100644
--- a/domain-server/resources/describe-settings.json
+++ b/domain-server/resources/describe-settings.json
@@ -460,7 +460,7 @@
"groups": [
{
"label": "Group",
- "span": 5
+ "span": 2
},
{
"label": "Permissions ?",
@@ -475,20 +475,26 @@
},
{
"name": "rank_id",
- "label": "Rank ID"
+ "label": "Rank ID",
+ "readonly": true,
+ "hidden": true
},
{
"name": "rank_order",
- "label": "Rank Order"
+ "label": "Rank Order",
+ "readonly": true,
+ "hidden": true
},
{
"name": "rank_name",
- "label": "Rank Name"
+ "label": "Rank Name",
+ "readonly": true
},
{
"name": "group_id",
"label": "Group ID",
- "readonly": true
+ "readonly": true,
+ "hidden": true
},
{
"name": "id_can_connect",
@@ -543,7 +549,7 @@
"groups": [
{
"label": "Group",
- "span": 5
+ "span": 2
},
{
"label": "Permissions ?",
@@ -558,20 +564,24 @@
},
{
"name": "rank_id",
- "label": "Rank ID"
+ "label": "Rank ID",
+ "hidden": true
},
{
"name": "rank_order",
- "label": "Rank Order"
+ "label": "Rank Order",
+ "hidden": true
},
{
"name": "rank_name",
- "label": "Rank Name"
+ "label": "Rank Name",
+ "readonly": true
},
{
"name": "group_id",
"label": "Group ID",
- "readonly": true
+ "readonly": true,
+ "hidden": true
},
{
"name": "id_can_connect",
diff --git a/domain-server/resources/web/settings/js/settings.js b/domain-server/resources/web/settings/js/settings.js
index 54be33e764..df4509a1ac 100644
--- a/domain-server/resources/web/settings/js/settings.js
+++ b/domain-server/resources/web/settings/js/settings.js
@@ -975,7 +975,8 @@ function makeTable(setting, keypath, setting_value, isLocked) {
}
_.each(setting.columns, function(col) {
- html += "| " + col.label + " | " // Data
+ html += "" + col.label + " | " // Data
})
if (!isLocked && !setting.read_only) {
@@ -1027,8 +1028,9 @@ function makeTable(setting, keypath, setting_value, isLocked) {
+ "name='" + colName + "' value='" + (colValue || col.default || "00:00") + "' />";
} else {
// Use a hidden input so that the values are posted.
- html += ""
- + colValue + " | ";
+ html += "" + colValue + " | ";
}
})
@@ -1081,7 +1083,7 @@ function makeTableInputs(setting) {
+ "";
} else {
- html += "\
+ html += " | \
\
| "
diff --git a/domain-server/src/DomainServerSettingsManager.cpp b/domain-server/src/DomainServerSettingsManager.cpp
index 665ce222ed..9d2d4c83ee 100644
--- a/domain-server/src/DomainServerSettingsManager.cpp
+++ b/domain-server/src/DomainServerSettingsManager.cpp
@@ -324,8 +324,34 @@ void DomainServerSettingsManager::validateDescriptorsMap() {
}
}
+
+void DomainServerSettingsManager::initializeGroupPermissions(NodePermissionsMap& permissionsRows,
+ QString groupName, NodePermissionsPointer perms) {
+ // this is called when someone has used the domain-settings webpage to add a group. They type the group's name
+ // and give it some permissions. The domain-server asks api for the group's ranks and populates the map
+ // with them. Here, that initial user-entered row is removed and it's permissions are copied to all the ranks
+ // except owner.
+
+ QString groupNameLower = groupName.toLower();
+
+ foreach (NodePermissionsKey nameKey, permissionsRows.keys()) {
+ if (nameKey.first.toLower() != groupNameLower) {
+ continue;
+ }
+ QUuid groupID = _groupIDs[groupNameLower];
+ QUuid rankID = nameKey.second;
+ GroupRank rank = _groupRanks[groupID][rankID];
+ if (rank.order == 0) {
+ // we don't copy the initial permissions to the owner.
+ continue;
+ }
+ permissionsRows[nameKey]->setAll(false);
+ permissionsRows[nameKey] |= perms;
+ }
+}
+
void DomainServerSettingsManager::packPermissionsForMap(QString mapName,
- NodePermissionsMap& agentPermissions,
+ NodePermissionsMap& permissionsRows,
QString keyPath) {
// find (or create) the "security" section of the settings map
QVariant* security = valueForKeyPath(_configMap.getUserConfig(), "security");
@@ -344,7 +370,7 @@ void DomainServerSettingsManager::packPermissionsForMap(QString mapName,
// convert details for each member of the subsection
QVariantList* permissionsList = reinterpret_cast(permissions);
(*permissionsList).clear();
- QList permissionsKeys = agentPermissions.keys();
+ QList permissionsKeys = permissionsRows.keys();
// when a group is added from the domain-server settings page, the config map has a group-name with
// no ID or rank. We need to leave that there until we get a valid response back from the api.
@@ -353,20 +379,30 @@ void DomainServerSettingsManager::packPermissionsForMap(QString mapName,
QHash groupNamesWithRanks;
// note which groups have rank/ID information
foreach (NodePermissionsKey userKey, permissionsKeys) {
- NodePermissionsPointer perms = agentPermissions[userKey];
+ NodePermissionsPointer perms = permissionsRows[userKey];
if (perms->getRankID() != QUuid()) {
groupNamesWithRanks[userKey.first] = true;
}
}
+ foreach (NodePermissionsKey userKey, permissionsKeys) {
+ NodePermissionsPointer perms = permissionsRows[userKey];
+ if (perms->isGroup()) {
+ QString groupName = userKey.first;
+ if (perms->getRankID() == QUuid() && groupNamesWithRanks.contains(groupName)) {
+ // copy the values from this user-added entry to the other (non-owner) ranks and remove it.
+ permissionsRows.remove(userKey);
+ initializeGroupPermissions(permissionsRows, groupName, perms);
+ }
+ }
+ }
// convert each group-name / rank-id pair to a variant-map
foreach (NodePermissionsKey userKey, permissionsKeys) {
- NodePermissionsPointer perms = agentPermissions[userKey];
+ if (!permissionsRows.contains(userKey)) {
+ continue;
+ }
+ NodePermissionsPointer perms = permissionsRows[userKey];
if (perms->isGroup()) {
- if (perms->getRankID() == QUuid() && groupNamesWithRanks.contains(userKey.first)) {
- // skip over the entry that was created when the user added the group.
- continue;
- }
QHash& groupRanks = _groupRanks[perms->getGroupID()];
*permissionsList += perms->toVariant(groupRanks);
} else {
@@ -567,10 +603,17 @@ bool DomainServerSettingsManager::ensurePermissionsForGroupRanks() {
perms = _groupPermissions[nameKey];
} else {
perms = NodePermissionsPointer(new NodePermissions(nameKey));
- perms->setGroupID(groupID);
_groupPermissions[nameKey] = perms;
changed = true;
}
+ if (perms->getGroupID() != groupID) {
+ perms->setGroupID(groupID);
+ changed = true;
+ }
+ if (perms->getRankID() != rankID) {
+ perms->setRankID(rankID);
+ changed = true;
+ }
_groupPermissionsByUUID[idKey] = perms;
}
}
@@ -587,10 +630,17 @@ bool DomainServerSettingsManager::ensurePermissionsForGroupRanks() {
perms = _groupForbiddens[nameKey];
} else {
perms = NodePermissionsPointer(new NodePermissions(nameKey));
- perms->setGroupID(groupID);
_groupForbiddens[nameKey] = perms;
changed = true;
}
+ if (perms->getGroupID() != groupID) {
+ perms->setGroupID(groupID);
+ changed = true;
+ }
+ if (perms->getRankID() != rankID) {
+ perms->setRankID(rankID);
+ changed = true;
+ }
_groupForbiddensByUUID[idKey] = perms;
}
}
@@ -745,6 +795,7 @@ bool DomainServerSettingsManager::handleAuthenticatedHTTPRequest(HTTPConnection
QTimer::singleShot(DOMAIN_SERVER_RESTART_TIMER_MSECS, qApp, SLOT(restart()));
} else {
unpackPermissions();
+ apiRefreshGroupInformation();
emit updateNodePermissions();
}
@@ -1272,8 +1323,6 @@ void DomainServerSettingsManager::apiGetGroupRanks(const QUuid& groupID) {
}
void DomainServerSettingsManager::apiGetGroupRanksJSONCallback(QNetworkReply& requestReply) {
-
-
// {
// "data":{
// "groups":{
@@ -1420,16 +1469,11 @@ void DomainServerSettingsManager::debugDumpGroupsState() {
qDebug() << "_groupRanks:";
foreach (QUuid groupID, _groupRanks.keys()) {
QHash& ranksForGroup = _groupRanks[groupID];
- QString readableRanks;
+ qDebug() << "| " << groupID;
foreach (QUuid rankID, ranksForGroup.keys()) {
QString rankName = ranksForGroup[rankID].name;
- if (readableRanks == "") {
- readableRanks = rankName;
- } else {
- readableRanks += "," + rankName;
- }
+ qDebug() << "| " << rankID << rankName;
}
- qDebug() << "| " << groupID << "==>" << readableRanks;
}
qDebug() << "_groupMembership";
diff --git a/domain-server/src/DomainServerSettingsManager.h b/domain-server/src/DomainServerSettingsManager.h
index 61642d4914..f56b1ecd21 100644
--- a/domain-server/src/DomainServerSettingsManager.h
+++ b/domain-server/src/DomainServerSettingsManager.h
@@ -125,7 +125,8 @@ private:
void apiGetGroupID(const QString& groupName);
void apiGetGroupRanks(const QUuid& groupID);
- void packPermissionsForMap(QString mapName, NodePermissionsMap& agentPermissions, QString keyPath);
+ void initializeGroupPermissions(NodePermissionsMap& permissionsRows, QString groupName, NodePermissionsPointer perms);
+ void packPermissionsForMap(QString mapName, NodePermissionsMap& permissionsRows, QString keyPath);
void packPermissions();
void unpackPermissions();
bool ensurePermissionsForGroupRanks();
diff --git a/libraries/networking/src/NodePermissions.h b/libraries/networking/src/NodePermissions.h
index 6d12c4cf7e..37aea6dd05 100644
--- a/libraries/networking/src/NodePermissions.h
+++ b/libraries/networking/src/NodePermissions.h
@@ -34,6 +34,7 @@ public:
NodePermissions(QMap perms);
QString getID() const { return _id; } // a user-name or a group-name, not verified
+ void setRankID(QUuid& rankID) { _rankID = rankID; }
QUuid getRankID() const { return _rankID; }
NodePermissionsKey getKey() const { return NodePermissionsKey(_id, _rankID); }
@@ -116,6 +117,7 @@ public:
QList keys() const { return _data.keys(); }
QHash get() { return _data; }
void clear() { _data.clear(); }
+ void remove(const NodePermissionsKey& key) { _data.remove(key); }
private:
QHash _data;