diff options
-rw-r--r-- | _locales/en/messages.json | 4 | ||||
-rw-r--r-- | html/browser_action/browser_action.html | 1 | ||||
-rw-r--r-- | html/browser_action/views/edit_credential.html | 34 | ||||
-rw-r--r-- | js/background/service/background.js | 10 | ||||
-rw-r--r-- | js/lib/api.js | 23 | ||||
-rw-r--r-- | js/ui/popup/controllers/edit.js | 11 |
6 files changed, 55 insertions, 28 deletions
diff --git a/_locales/en/messages.json b/_locales/en/messages.json index a90e0aa..c28cace 100644 --- a/_locales/en/messages.json +++ b/_locales/en/messages.json @@ -415,6 +415,10 @@ "message": "Sorry,no vaults found. Please create a vault via the Nextcloud / ownCloud app and try again.", "description": "Search" }, + "edit_insufficient_permissions": { + "message": "You don't have permissions to edit this credential.", + "description": "You don't have permissions to edit this credential." + }, "invalid_server_settings": { "message": "Invalid server settings", "description": "Search" diff --git a/html/browser_action/browser_action.html b/html/browser_action/browser_action.html index 13b4a94..60150a2 100644 --- a/html/browser_action/browser_action.html +++ b/html/browser_action/browser_action.html @@ -15,6 +15,7 @@ <script src="/js/lib/API/cookies.js"></script> <script src="/js/lib/API/extension.js"></script> <script src="/js/lib/API/i18n.js"></script> + <script src="/js/lib/sharingAcl.js"></script> <script src="/js/lib/otp.js"></script> <script src="/js/lib/font-awesome.js"></script> <script src="/js/lib/passwordgen.js"></script> diff --git a/html/browser_action/views/edit_credential.html b/html/browser_action/views/edit_credential.html index ae0cd33..8e9f44d 100644 --- a/html/browser_action/views/edit_credential.html +++ b/html/browser_action/views/edit_credential.html @@ -6,21 +6,21 @@ <div class="tab-content" ng-class="{'active': tabActive === 1}"> <div class="group"> <copy-text text="credential.label"></copy-text> - <input type="text" ng-model="credential.label" required> + <input type="text" ng-model="credential.label" ng-disabled="!canEdit" required> <span class="highlight"></span> <span class="bar"></span> <label>{{'label' | translate}}</label> </div> <div class="group"> <copy-text text="credential.username"></copy-text> - <input type="text" ng-model="credential.username"> + <input type="text" ng-model="credential.username" ng-disabled="!canEdit"> <span class="highlight"></span> <span class="bar"></span> <label>{{'username' | translate}}</label> </div> <div class="group"> <copy-text text="credential.email"></copy-text> - <input type="text" ng-model="credential.email"> + <input type="text" ng-model="credential.email" ng-disabled="!canEdit"> <span class="highlight"></span> <span class="bar"></span> <label>{{ 'email' | translate}}</label> @@ -30,25 +30,31 @@ <i class="mdi mdi-refresh pointer" ng-click="generatePassword()"></i> <i class="pointer mdi" ng-class="{'mdi-eye': !pwFieldShown, 'mdi-eye-off': pwFieldShown}" ng-click="togglePwField()"></i> - <input type="text" ng-model="credential.password" ng-if="pwFieldShown"> - <input type="password" ng-model="credential.password" ng-if="!pwFieldShown"> + <input type="text" ng-model="credential.password" ng-if="pwFieldShown" ng-disabled="!canEdit"> + <input type="password" ng-model="credential.password" ng-if="!pwFieldShown" ng-disabled="!canEdit"> <span class="highlight"></span> <span class="bar"></span> <label>{{'password' | translate}}</label> </div> <div class="group"> - <input type="password" ng-model="credential.password_repeat"> + <input type="password" ng-model="credential.password_repeat" ng-disabled="!canEdit"> <span class="highlight"></span> <span class="bar"></span> <label>{{'password_repeat' | translate}}</label> </div> <div class="group"> <copy-text text="credential.url"></copy-text> - <input type="text" ng-model="credential.url"> + <input type="text" ng-model="credential.url" ng-disabled="!canEdit"> <span class="highlight"></span> <span class="bar"></span> <label>{{'url' | translate}}</label> </div> + + <div ng-show="!canEdit" class="alert alert-info"> + {{ 'edit_insufficient_permissions' | translate }} + + </div> + <div style="margin-left: -15px;" ng-include="'save_btn.html'"></div> </div> </div> @@ -60,7 +66,7 @@ <div class="custom_field" ng-repeat="custom_field in credential.custom_fields" ng-if="custom_field.field_type !== 'file'"> <div class="field"> <div class="group"> - <input type="text" ng-model="custom_field.label"> + <input type="text" ng-model="custom_field.label" ng-disabled="!canEdit"> <span class="highlight"></span> <span class="bar"></span> </div> @@ -68,8 +74,8 @@ <div class="field"> <div class="group"> <i class="mdi mdi-delete"></i> - <input type="password" ng-model="custom_field.value" ng-if="custom_field.field_type === 'password'"> - <input type="text" ng-model="custom_field.value" ng-if="custom_field.field_type === 'text'"> + <input type="password" ng-model="custom_field.value" ng-if="custom_field.field_type === 'password'" ng-disabled="!canEdit"> + <input type="text" ng-model="custom_field.value" ng-if="custom_field.field_type === 'text'" ng-disabled="!canEdit"> <span class="highlight"></span> <span class="bar"></span> </div> @@ -78,7 +84,7 @@ <h4 style="margin-left: 5px; margin-bottom: 30px;">Add custom field</h4> <div class="col33" style="padding-left: 0"> <div class="group"> - <input type="text" ng-model="new_custom_field.label" placeholder="Label"> + <input type="text" ng-model="new_custom_field.label" placeholder="Label" ng-disabled="!canEdit"> <span class="highlight"></span> <span class="bar"></span> <label>{{'label' | translate}}</label> @@ -87,7 +93,7 @@ <div class="col33"> <div class="group"> <input type="password" ng-model="new_custom_field.value" ng-if="new_custom_field.field_type === 'password'"> - <input type="text" ng-model="new_custom_field.value" ng-if="new_custom_field.field_type === 'text'" placeholder="Value"> + <input type="text" ng-model="new_custom_field.value" ng-if="new_custom_field.field_type === 'text'" placeholder="Value" ng-disabled="!canEdit"> <span class="highlight"></span> <span class="bar"></span> <label>{{'value' | translate}}</label> @@ -95,7 +101,7 @@ </div> <div class="col33"> <div class="group"> - <select class="input-md" name="type" ng-model="new_custom_field.field_type"> + <select class="input-md" name="type" ng-model="new_custom_field.field_type" ng-disabled="!canEdit"> <option value="text">Text</option> <option value="password">Password</option> </select> @@ -119,7 +125,7 @@ <div class="clearfix"></div> <script type="text/ng-template" id="save_btn.html"> - <button class="md-btn default" ng-click="saveCredential()" ng-disabled="saving"> + <button class="md-btn default" ng-click="saveCredential()" ng-disabled="saving || !canEdit"> <span> <i ng-show="saving" ng-class="{'fa-spinner fa-spin': saving}" diff --git a/js/background/service/background.js b/js/background/service/background.js index 6fbe628..71a6333 100644 --- a/js/background/service/background.js +++ b/js/background/service/background.js @@ -262,9 +262,6 @@ var background = (function () { function saveCredential(credential) { //@TODO save shared password - if (credential.shared_key) { - return; - } if (!credential.credential_id) { PAPI.createCredential(credential, _self.settings.vault_password, function (createdCredential) { local_credentials.push(createdCredential); @@ -278,6 +275,13 @@ var background = (function () { } } + if(credential.hasOwnProperty('acl')){ + var permissons = new SharingACL(credential.acl.permissions.permission); + if(!permissons.hasPermission(0x02)){ + return; + } + } + PAPI.updateCredential(credential, _self.settings.vault_password, function (updatedCredential) { if (credential_index) { local_credentials[credential_index] = updatedCredential; diff --git a/js/lib/api.js b/js/lib/api.js index 79ab68f..e19ddd5 100644 --- a/js/lib/api.js +++ b/js/lib/api.js @@ -148,31 +148,34 @@ window.PAPI = (function () { updateCredential: function (credential, key, callback) { var origKey = key; var _credential, _key; + if (!credential.hasOwnProperty('acl') && credential.hasOwnProperty('shared_key')) { if (credential.shared_key) { - _key = this.decryptString(credential.shared_key); + _key = this.decryptString(credential.shared_key, key); } } if (credential.hasOwnProperty('acl')) { - _key = this.decryptString(credential.acl.shared_key); + _key = this.decryptString(credential.acl.shared_key, key); + } + + var regex = /(<([^>]+)>)/ig; + if(credential.description && credential.description !== "") { + credential.description = credential.description.replace(regex, ""); } + if (_key) { - _credential = this.encryptSharedCredential(credential, _key, origKey); + _credential = this.encryptSharedCredential(JSON.parse(JSON.stringify(credential)), _key, origKey); } else { - _credential = credential; + _credential = this.encryptCredential(JSON.parse(JSON.stringify(credential)), key); } delete _credential.shared_key; - var regex = /(<([^>]+)>)/ig; - if(_credential.description && _credential.description !== "") { - _credential.description = _credential.description.replace(regex, ""); - } - credential = this.encryptCredential(_credential, key); credential.expire_time = new Date(credential.expire_time).getTime() / 1000; - api_request('/api/v2/credentials/' + credential.guid, 'PATCH', credential, function () { + + api_request('/api/v2/credentials/' + credential.guid, 'PATCH', _credential, function () { callback(credential); }); } diff --git a/js/ui/popup/controllers/edit.js b/js/ui/popup/controllers/edit.js index 0606fcd..bed4de8 100644 --- a/js/ui/popup/controllers/edit.js +++ b/js/ui/popup/controllers/edit.js @@ -38,6 +38,12 @@ method: "getCredentialByGuid", args: $routeParams.guid }).then(function (credential) { + $scope.canEdit = true; + if(credential.hasOwnProperty('acl')) { + var permissions = new SharingACL(credential.acl.permissions.permission); + $scope.canEdit = permissions.hasPermission(0x02); + } + console.log(credential) $scope.credential = credential; $scope.credential.password_repeat = angular.copy(credential.password); $scope.$apply(); @@ -131,6 +137,9 @@ }; $scope.saving = false; $scope.saveCredential = function () { + if(!$scope.canEdit){ + return; + } $scope.saving = true; if (!$scope.credential.label) { notify(API.i18n.getMessage('label_required')); @@ -150,7 +159,7 @@ API.runtime.sendMessage(API.runtime.id, { method: "saveCredential", args: $scope.credential - }).then(function (credential) { + }).then(function () { $scope.saving = false; if (!$scope.credential.credential_id) { notify(API.i18n.getMessage('credential_created')); |