Skip to content

Commit

Permalink
SHIBUI-1165 Disallow current user to modify their role/delete themselves
Browse files Browse the repository at this point in the history
  • Loading branch information
@rmathis
rmathis committed Jan 23, 2019
1 parent bcbb57b commit ad86788
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 5 deletions.
6 changes: 4 additions & 2 deletions ui/src/app/user/admin/container/admin-management.component.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,12 +24,14 @@
<td>{{ user.firstName }} {{ user.lastName }}</td>
<td>{{ user.emailAddress }}</td>
<td>
<select [name]="user.username" [ngModel]="user.role" class="form-control" (change)="setUserRole(user, $event.target.value)">
<select [name]="user.username" [ngModel]="user.role" class="form-control"
[disabled]="currentUser.username === user.username"
(change)="setUserRole(user, $event.target.value)">
<option *ngFor="let role of roles$ | async" [value]="role">{{ role }}</option>
</select>
</td>
<td>
<button class="btn btn-link" (click)="deleteUser(user.username)">
<button class="btn btn-link" (click)="deleteUser(user.username)" *ngIf="!(currentUser.username === user.username)">
<span class="sr-only" translate="label.delete-user">
Delete User
</span>
Expand Down
9 changes: 6 additions & 3 deletions ui/src/app/user/admin/container/admin-management.component.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import { Component, ChangeDetectionStrategy } from '@angular/core';
import { Store } from '@ngrx/store';
import { Observable, of } from 'rxjs';
import { Observable, Subscription } from 'rxjs';

import * as fromRoot from '../../../app.reducer';
import * as fromCore from '../../../core/reducer';
Expand All @@ -9,9 +9,7 @@ import * as fromAdmin from '../reducer';
import { LoadAdminRequest, UpdateAdminRequest, RemoveAdminRequest } from '../action/collection.action';
import { Admin } from '../model/admin';
import { LoadRoleRequest } from '../../../core/action/configuration.action';
import { ModalService } from '../../../core/service/modal.service';
import { DeleteUserDialogComponent } from '../component/delete-user-dialog.component';
import { map } from 'rxjs/operators';
import { NgbModal } from '@ng-bootstrap/ng-bootstrap';

@Component({
Expand All @@ -23,6 +21,8 @@ import { NgbModal } from '@ng-bootstrap/ng-bootstrap';
export class AdminManagementPageComponent {

users$: Observable<Admin[]>;
currentUser: Admin;
userSub: Subscription;
roles$: Observable<string[]>;

constructor(
Expand All @@ -34,6 +34,9 @@ export class AdminManagementPageComponent {

this.users$ = this.store.select(fromAdmin.getAllAdmins);
this.roles$ = this.store.select(fromCore.getRoles);
let user$ = this.store.select(fromCore.getUser);

this.userSub = user$.subscribe(u => this.currentUser = u);
}

setUserRole(user: Admin, change: string): void {
Expand Down

0 comments on commit ad86788

Please sign in to comment.