Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/passman-webextension.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--_locales/en/messages.json4
-rw-r--r--html/browser_action/browser_action.html1
-rw-r--r--html/browser_action/views/edit_credential.html34
-rw-r--r--js/background/service/background.js10
-rw-r--r--js/lib/api.js23
-rw-r--r--js/ui/popup/controllers/edit.js11
6 files changed, 55 insertions, 28 deletions
diff --git a/_locales/en/messages.json b/_locales/en/messages.json
index a90e0aa..c28cace 100644
--- a/_locales/en/messages.json
+++ b/_locales/en/messages.json
@@ -415,6 +415,10 @@
"message": "Sorry,no vaults found. Please create a vault via the Nextcloud / ownCloud app and try again.",
"description": "Search"
},
+ "edit_insufficient_permissions": {
+ "message": "You don't have permissions to edit this credential.",
+ "description": "You don't have permissions to edit this credential."
+ },
"invalid_server_settings": {
"message": "Invalid server settings",
"description": "Search"
diff --git a/html/browser_action/browser_action.html b/html/browser_action/browser_action.html
index 13b4a94..60150a2 100644
--- a/html/browser_action/browser_action.html
+++ b/html/browser_action/browser_action.html
@@ -15,6 +15,7 @@
<script src="/js/lib/API/cookies.js"></script>
<script src="/js/lib/API/extension.js"></script>
<script src="/js/lib/API/i18n.js"></script>
+ <script src="/js/lib/sharingAcl.js"></script>
<script src="/js/lib/otp.js"></script>
<script src="/js/lib/font-awesome.js"></script>
<script src="/js/lib/passwordgen.js"></script>
diff --git a/html/browser_action/views/edit_credential.html b/html/browser_action/views/edit_credential.html
index ae0cd33..8e9f44d 100644
--- a/html/browser_action/views/edit_credential.html
+++ b/html/browser_action/views/edit_credential.html
@@ -6,21 +6,21 @@
<div class="tab-content" ng-class="{'active': tabActive === 1}">
<div class="group">
<copy-text text="credential.label"></copy-text>
- <input type="text" ng-model="credential.label" required>
+ <input type="text" ng-model="credential.label" ng-disabled="!canEdit" required>
<span class="highlight"></span>
<span class="bar"></span>
<label>{{'label' | translate}}</label>
</div>
<div class="group">
<copy-text text="credential.username"></copy-text>
- <input type="text" ng-model="credential.username">
+ <input type="text" ng-model="credential.username" ng-disabled="!canEdit">
<span class="highlight"></span>
<span class="bar"></span>
<label>{{'username' | translate}}</label>
</div>
<div class="group">
<copy-text text="credential.email"></copy-text>
- <input type="text" ng-model="credential.email">
+ <input type="text" ng-model="credential.email" ng-disabled="!canEdit">
<span class="highlight"></span>
<span class="bar"></span>
<label>{{ 'email' | translate}}</label>
@@ -30,25 +30,31 @@
<i class="mdi mdi-refresh pointer" ng-click="generatePassword()"></i>
<i class="pointer mdi" ng-class="{'mdi-eye': !pwFieldShown, 'mdi-eye-off': pwFieldShown}"
ng-click="togglePwField()"></i>
- <input type="text" ng-model="credential.password" ng-if="pwFieldShown">
- <input type="password" ng-model="credential.password" ng-if="!pwFieldShown">
+ <input type="text" ng-model="credential.password" ng-if="pwFieldShown" ng-disabled="!canEdit">
+ <input type="password" ng-model="credential.password" ng-if="!pwFieldShown" ng-disabled="!canEdit">
<span class="highlight"></span>
<span class="bar"></span>
<label>{{'password' | translate}}</label>
</div>
<div class="group">
- <input type="password" ng-model="credential.password_repeat">
+ <input type="password" ng-model="credential.password_repeat" ng-disabled="!canEdit">
<span class="highlight"></span>
<span class="bar"></span>
<label>{{'password_repeat' | translate}}</label>
</div>
<div class="group">
<copy-text text="credential.url"></copy-text>
- <input type="text" ng-model="credential.url">
+ <input type="text" ng-model="credential.url" ng-disabled="!canEdit">
<span class="highlight"></span>
<span class="bar"></span>
<label>{{'url' | translate}}</label>
</div>
+
+ <div ng-show="!canEdit" class="alert alert-info">
+ {{ 'edit_insufficient_permissions' | translate }}
+
+ </div>
+
<div style="margin-left: -15px;" ng-include="'save_btn.html'"></div>
</div>
</div>
@@ -60,7 +66,7 @@
<div class="custom_field" ng-repeat="custom_field in credential.custom_fields" ng-if="custom_field.field_type !== 'file'">
<div class="field">
<div class="group">
- <input type="text" ng-model="custom_field.label">
+ <input type="text" ng-model="custom_field.label" ng-disabled="!canEdit">
<span class="highlight"></span>
<span class="bar"></span>
</div>
@@ -68,8 +74,8 @@
<div class="field">
<div class="group">
<i class="mdi mdi-delete"></i>
- <input type="password" ng-model="custom_field.value" ng-if="custom_field.field_type === 'password'">
- <input type="text" ng-model="custom_field.value" ng-if="custom_field.field_type === 'text'">
+ <input type="password" ng-model="custom_field.value" ng-if="custom_field.field_type === 'password'" ng-disabled="!canEdit">
+ <input type="text" ng-model="custom_field.value" ng-if="custom_field.field_type === 'text'" ng-disabled="!canEdit">
<span class="highlight"></span>
<span class="bar"></span>
</div>
@@ -78,7 +84,7 @@
<h4 style="margin-left: 5px; margin-bottom: 30px;">Add custom field</h4>
<div class="col33" style="padding-left: 0">
<div class="group">
- <input type="text" ng-model="new_custom_field.label" placeholder="Label">
+ <input type="text" ng-model="new_custom_field.label" placeholder="Label" ng-disabled="!canEdit">
<span class="highlight"></span>
<span class="bar"></span>
<label>{{'label' | translate}}</label>
@@ -87,7 +93,7 @@
<div class="col33">
<div class="group">
<input type="password" ng-model="new_custom_field.value" ng-if="new_custom_field.field_type === 'password'">
- <input type="text" ng-model="new_custom_field.value" ng-if="new_custom_field.field_type === 'text'" placeholder="Value">
+ <input type="text" ng-model="new_custom_field.value" ng-if="new_custom_field.field_type === 'text'" placeholder="Value" ng-disabled="!canEdit">
<span class="highlight"></span>
<span class="bar"></span>
<label>{{'value' | translate}}</label>
@@ -95,7 +101,7 @@
</div>
<div class="col33">
<div class="group">
- <select class="input-md" name="type" ng-model="new_custom_field.field_type">
+ <select class="input-md" name="type" ng-model="new_custom_field.field_type" ng-disabled="!canEdit">
<option value="text">Text</option>
<option value="password">Password</option>
</select>
@@ -119,7 +125,7 @@
<div class="clearfix"></div>
<script type="text/ng-template" id="save_btn.html">
- <button class="md-btn default" ng-click="saveCredential()" ng-disabled="saving">
+ <button class="md-btn default" ng-click="saveCredential()" ng-disabled="saving || !canEdit">
<span>
<i ng-show="saving"
ng-class="{'fa-spinner fa-spin': saving}"
diff --git a/js/background/service/background.js b/js/background/service/background.js
index 6fbe628..71a6333 100644
--- a/js/background/service/background.js
+++ b/js/background/service/background.js
@@ -262,9 +262,6 @@ var background = (function () {
function saveCredential(credential) {
//@TODO save shared password
- if (credential.shared_key) {
- return;
- }
if (!credential.credential_id) {
PAPI.createCredential(credential, _self.settings.vault_password, function (createdCredential) {
local_credentials.push(createdCredential);
@@ -278,6 +275,13 @@ var background = (function () {
}
}
+ if(credential.hasOwnProperty('acl')){
+ var permissons = new SharingACL(credential.acl.permissions.permission);
+ if(!permissons.hasPermission(0x02)){
+ return;
+ }
+ }
+
PAPI.updateCredential(credential, _self.settings.vault_password, function (updatedCredential) {
if (credential_index) {
local_credentials[credential_index] = updatedCredential;
diff --git a/js/lib/api.js b/js/lib/api.js
index 79ab68f..e19ddd5 100644
--- a/js/lib/api.js
+++ b/js/lib/api.js
@@ -148,31 +148,34 @@ window.PAPI = (function () {
updateCredential: function (credential, key, callback) {
var origKey = key;
var _credential, _key;
+
if (!credential.hasOwnProperty('acl') && credential.hasOwnProperty('shared_key')) {
if (credential.shared_key) {
- _key = this.decryptString(credential.shared_key);
+ _key = this.decryptString(credential.shared_key, key);
}
}
if (credential.hasOwnProperty('acl')) {
- _key = this.decryptString(credential.acl.shared_key);
+ _key = this.decryptString(credential.acl.shared_key, key);
+ }
+
+ var regex = /(<([^>]+)>)/ig;
+ if(credential.description && credential.description !== "") {
+ credential.description = credential.description.replace(regex, "");
}
+
if (_key) {
- _credential = this.encryptSharedCredential(credential, _key, origKey);
+ _credential = this.encryptSharedCredential(JSON.parse(JSON.stringify(credential)), _key, origKey);
} else {
- _credential = credential;
+ _credential = this.encryptCredential(JSON.parse(JSON.stringify(credential)), key);
}
delete _credential.shared_key;
- var regex = /(<([^>]+)>)/ig;
- if(_credential.description && _credential.description !== "") {
- _credential.description = _credential.description.replace(regex, "");
- }
- credential = this.encryptCredential(_credential, key);
credential.expire_time = new Date(credential.expire_time).getTime() / 1000;
- api_request('/api/v2/credentials/' + credential.guid, 'PATCH', credential, function () {
+
+ api_request('/api/v2/credentials/' + credential.guid, 'PATCH', _credential, function () {
callback(credential);
});
}
diff --git a/js/ui/popup/controllers/edit.js b/js/ui/popup/controllers/edit.js
index 0606fcd..bed4de8 100644
--- a/js/ui/popup/controllers/edit.js
+++ b/js/ui/popup/controllers/edit.js
@@ -38,6 +38,12 @@
method: "getCredentialByGuid",
args: $routeParams.guid
}).then(function (credential) {
+ $scope.canEdit = true;
+ if(credential.hasOwnProperty('acl')) {
+ var permissions = new SharingACL(credential.acl.permissions.permission);
+ $scope.canEdit = permissions.hasPermission(0x02);
+ }
+ console.log(credential)
$scope.credential = credential;
$scope.credential.password_repeat = angular.copy(credential.password);
$scope.$apply();
@@ -131,6 +137,9 @@
};
$scope.saving = false;
$scope.saveCredential = function () {
+ if(!$scope.canEdit){
+ return;
+ }
$scope.saving = true;
if (!$scope.credential.label) {
notify(API.i18n.getMessage('label_required'));
@@ -150,7 +159,7 @@
API.runtime.sendMessage(API.runtime.id, {
method: "saveCredential",
args: $scope.credential
- }).then(function (credential) {
+ }).then(function () {
$scope.saving = false;
if (!$scope.credential.credential_id) {
notify(API.i18n.getMessage('credential_created'));
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 17:47:29 +0300