diff options
| author | Jo-Philipp Wich <jo@mein.io> | 2020-04-13 17:48:06 +0200 |
|---|---|---|
| committer | Jo-Philipp Wich <jo@mein.io> | 2020-04-14 17:13:19 +0200 |
| commit | 5c22340f43e1b4a0d25b59c5adbc2ebd0ea5facf (patch) | |
| tree | 23d0b3f5693e682915fbf86702323be4b52e87ab | |
| parent | c89fd0a7f324bb6c0ebd803f542bb63d49e41984 (diff) | |
luci-base: form.js: make map readonly on insufficient uci permissions
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
| -rw-r--r-- | modules/luci-base/htdocs/luci-static/resources/form.js | 26 |
1 files changed, 23 insertions, 3 deletions
diff --git a/modules/luci-base/htdocs/luci-static/resources/form.js b/modules/luci-base/htdocs/luci-static/resources/form.js index 3d9b18efa..c65cb04b1 100644 --- a/modules/luci-base/htdocs/luci-static/resources/form.js +++ b/modules/luci-base/htdocs/luci-static/resources/form.js @@ -1,11 +1,19 @@ 'use strict'; 'require ui'; 'require uci'; +'require rpc'; 'require dom'; 'require baseclass'; var scope = this; +var callSessionAccess = rpc.declare({ + object: 'session', + method: 'access', + params: [ 'scope', 'object', 'function' ], + expect: { 'access': false } +}); + var CBIJSONConfig = baseclass.extend({ __init__: function(data) { data = Object.assign({}, data); @@ -360,7 +368,6 @@ var CBIMap = CBIAbstractElement.extend(/** @lends LuCI.form.Map.prototype */ { this.config = config; this.parsechain = [ config ]; - this.readonly = false; this.data = uci; }, @@ -370,6 +377,10 @@ var CBIMap = CBIAbstractElement.extend(/** @lends LuCI.form.Map.prototype */ { * If set to `true`, the Map instance is marked readonly and any form * option elements added to it will inherit the readonly state. * + * If left unset, the Map will test the access permission of the primary + * uci configuration upon loading and mark the form readonly if no write + * permissions are granted. + * * @name LuCI.form.Map.prototype#readonly * @type boolean */ @@ -520,8 +531,17 @@ var CBIMap = CBIAbstractElement.extend(/** @lends LuCI.form.Map.prototype */ { * an error. */ load: function() { - return this.data.load(this.parsechain || [ this.config ]) - .then(this.loadChildren.bind(this)); + var doCheckACL = (!(this instanceof CBIJSONMap) && this.readonly == null); + + return Promise.all([ + doCheckACL ? callSessionAccess('uci', this.config, 'write') : true, + this.data.load(this.parsechain || [ this.config ]) + ]).then(L.bind(function(res) { + if (res[0] === false) + this.readonly = true; + + return this.loadChildren(); + }, this)); }, /** |