From 5cb3ede0b4f441c2ca6e3647bb08dee3d4286603 Mon Sep 17 00:00:00 2001
From: Vitalii Lysak <v.lysak@dunice.net>
Date: Wed, 31 Aug 2022 16:17:26 +0300
Subject: SILABMC-282|283: upd rights for Operator and NoAccess rolse

---
 .../Certificates/Certificates.vue                  |  5 ++-
 src/views/_sila/SecurityAndAccess/Ldap/Ldap.vue    | 44 ++++++++++++++++------
 .../UserManagement/UserManagement.vue              | 13 +++++--
 3 files changed, 47 insertions(+), 15 deletions(-)

(limited to 'src/views/_sila/SecurityAndAccess')

diff --git a/src/views/_sila/SecurityAndAccess/Certificates/Certificates.vue b/src/views/_sila/SecurityAndAccess/Certificates/Certificates.vue
index cdfb1e47..b7d56e08 100644
--- a/src/views/_sila/SecurityAndAccess/Certificates/Certificates.vue
+++ b/src/views/_sila/SecurityAndAccess/Certificates/Certificates.vue
@@ -37,7 +37,10 @@
           v-b-modal.generate-csr
           data-test-id="certificates-button-generateCsr"
           variant="link"
-          :disabled="$store.getters['authentication/role'] === 'ReadOnly'"
+          :disabled="
+            $store.getters['authentication/role'] === 'ReadOnly' ||
+            $store.getters['authentication/role'] === 'Operator'
+          "
         >
           <icon-add />
           {{ $t('pageCertificates.generateCsr') }}
diff --git a/src/views/_sila/SecurityAndAccess/Ldap/Ldap.vue b/src/views/_sila/SecurityAndAccess/Ldap/Ldap.vue
index b33cdf92..358cdf70 100644
--- a/src/views/_sila/SecurityAndAccess/Ldap/Ldap.vue
+++ b/src/views/_sila/SecurityAndAccess/Ldap/Ldap.vue
@@ -13,7 +13,10 @@
               <b-form-checkbox
                 v-model="form.ldapAuthenticationEnabled"
                 data-test-id="ldap-checkbox-ldapAuthenticationEnabled"
-                :disabled="$store.getters['authentication/role'] === 'ReadOnly'"
+                :disabled="
+                  $store.getters['authentication/role'] === 'ReadOnly' ||
+                  $store.getters['authentication/role'] === 'Operator'
+                "
                 @change="onChangeldapAuthenticationEnabled"
               >
                 {{ $t('global.action.enable') }}
@@ -45,7 +48,8 @@
                     :disabled="
                       !caCertificateExpiration ||
                       !ldapCertificateExpiration ||
-                      $store.getters['authentication/role'] === 'ReadOnly'
+                      $store.getters['authentication/role'] === 'ReadOnly' ||
+                      $store.getters['authentication/role'] === 'Operator'
                     "
                     @change="$v.form.secureLdapEnabled.$touch()"
                   >
@@ -80,7 +84,9 @@
                         data-test-id="ldap-radio-activeDirectoryEnabled"
                         :value="false"
                         :disabled="
-                          $store.getters['authentication/role'] === 'ReadOnly'
+                          $store.getters['authentication/role'] ===
+                            'ReadOnly' ||
+                          $store.getters['authentication/role'] === 'Operator'
                         "
                         @change="onChangeServiceType"
                       >
@@ -91,7 +97,9 @@
                         data-test-id="ldap-radio-activeDirectoryEnabled"
                         :value="true"
                         :disabled="
-                          $store.getters['authentication/role'] === 'ReadOnly'
+                          $store.getters['authentication/role'] ===
+                            'ReadOnly' ||
+                          $store.getters['authentication/role'] === 'Operator'
                         "
                         @change="onChangeServiceType"
                       >
@@ -116,7 +124,9 @@
                           data-test-id="ldap-input-serverUri"
                           :state="getValidationState($v.form.serverUri)"
                           :disabled="
-                            $store.getters['authentication/role'] === 'ReadOnly'
+                            $store.getters['authentication/role'] ===
+                              'ReadOnly' ||
+                            $store.getters['authentication/role'] === 'Operator'
                           "
                           @change="$v.form.serverUri.$touch()"
                         />
@@ -137,7 +147,9 @@
                         data-test-id="ldap-input-bindDn"
                         :state="getValidationState($v.form.bindDn)"
                         :disabled="
-                          $store.getters['authentication/role'] === 'ReadOnly'
+                          $store.getters['authentication/role'] ===
+                            'ReadOnly' ||
+                          $store.getters['authentication/role'] === 'Operator'
                         "
                         @change="$v.form.bindDn.$touch()"
                       />
@@ -161,7 +173,9 @@
                           :state="getValidationState($v.form.bindPassword)"
                           class="form-control-with-button"
                           :disabled="
-                            $store.getters['authentication/role'] === 'ReadOnly'
+                            $store.getters['authentication/role'] ===
+                              'ReadOnly' ||
+                            $store.getters['authentication/role'] === 'Operator'
                           "
                           @change="$v.form.bindPassword.$touch()"
                         />
@@ -182,7 +196,9 @@
                         data-test-id="ldap-input-baseDn"
                         :state="getValidationState($v.form.baseDn)"
                         :disabled="
-                          $store.getters['authentication/role'] === 'ReadOnly'
+                          $store.getters['authentication/role'] ===
+                            'ReadOnly' ||
+                          $store.getters['authentication/role'] === 'Operator'
                         "
                         @change="$v.form.baseDn.$touch()"
                       />
@@ -204,7 +220,9 @@
                         v-model="form.userIdAttribute"
                         data-test-id="ldap-input-userIdAttribute"
                         :disabled="
-                          $store.getters['authentication/role'] === 'ReadOnly'
+                          $store.getters['authentication/role'] ===
+                            'ReadOnly' ||
+                          $store.getters['authentication/role'] === 'Operator'
                         "
                         @change="$v.form.userIdAttribute.$touch()"
                       />
@@ -223,7 +241,9 @@
                         v-model="form.groupIdAttribute"
                         data-test-id="ldap-input-groupIdAttribute"
                         :disabled="
-                          $store.getters['authentication/role'] === 'ReadOnly'
+                          $store.getters['authentication/role'] ===
+                            'ReadOnly' ||
+                          $store.getters['authentication/role'] === 'Operator'
                         "
                         @change="$v.form.groupIdAttribute.$touch()"
                       />
@@ -241,7 +261,9 @@
               type="submit"
               data-test-id="ldap-button-saveSettings"
               :disabled="
-                loading || $store.getters['authentication/role'] === 'ReadOnly'
+                loading ||
+                $store.getters['authentication/role'] === 'ReadOnly' ||
+                $store.getters['authentication/role'] === 'Operator'
               "
             >
               {{ $t('global.action.saveSettings') }}
diff --git a/src/views/_sila/SecurityAndAccess/UserManagement/UserManagement.vue b/src/views/_sila/SecurityAndAccess/UserManagement/UserManagement.vue
index e65b00df..8c073224 100644
--- a/src/views/_sila/SecurityAndAccess/UserManagement/UserManagement.vue
+++ b/src/views/_sila/SecurityAndAccess/UserManagement/UserManagement.vue
@@ -5,7 +5,10 @@
       <b-col xl="9" class="text-right">
         <b-button
           variant="link"
-          :disabled="$store.getters['authentication/role'] === 'ReadOnly'"
+          :disabled="
+            $store.getters['authentication/role'] === 'ReadOnly' ||
+            $store.getters['authentication/role'] === 'Operator'
+          "
           @click="initModalSettings"
         >
           <icon-settings />
@@ -14,7 +17,10 @@
         <b-button
           variant="primary"
           data-test-id="userManagement-button-addUser"
-          :disabled="$store.getters['authentication/role'] === 'ReadOnly'"
+          :disabled="
+            $store.getters['authentication/role'] === 'ReadOnly' ||
+            $store.getters['authentication/role'] === 'Operator'
+          "
           @click="initModalUser(null)"
         >
           <icon-add />
@@ -75,7 +81,8 @@
               :title="action.title"
               :class="{
                 disabledDiv:
-                  $store.getters['authentication/role'] === 'ReadOnly' &&
+                  ($store.getters['authentication/role'] === 'ReadOnly' ||
+                    $store.getters['authentication/role'] === 'Operator') &&
                   (action.value === 'delete' || action.value === 'edit'),
               }"
               @click-table-action="onTableRowAction($event, item)"
-- 
cgit v1.2.3