hide admin panels from non-admin users, addresses #472

openid-connect-server/src/main/webapp/WEB-INF/tags/actionmenu.tag

@@ -13,5 +13,6 @@
 <li><a href="manage/#user/approved">Manage Sites</a></li>
 <li><a href="manage/#user/tokens">Manage Active Tokens</a></li>
 <li><a href="manage/#user/profile">Manage Profiles</a></li>
+<li class="divider"></li>
 <li class="nav-header">Developer</li>
 <li><a href="manage/#dev/dynreg">Self-service client registration</a><li>

openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag

@@ -119,6 +119,16 @@
 		function getUserAuthorities() {
 			return ${userAuthorities};
 		}
+		
+		// is the current user an admin?
+		function isAdmin() {
+			var auth = getUserAuthorities();
+			if (auth && _.contains(auth, "ROLE_ADMIN")) {
+				return true;
+			} else {
+				return false;
+			}
+		}
     </script>    
 </head>
 

openid-connect-server/src/main/webapp/resources/js/admin.js

@@ -340,7 +340,11 @@ var AppRouter = Backbone.Router.extend({
     },
     
     root:function() {
-    	this.navigate('user/approved', {trigger: true});
+    	if (isAdmin()) {
+    		this.navigate('admin/clients', {trigger: true});
+    	} else {
+    		this.navigate('user/approved', {trigger: true});
+    	}
     },
     
     initialize:function () {
@@ -410,6 +414,11 @@ var AppRouter = Backbone.Router.extend({
 
     listClients:function () {
 
+    	if (!isAdmin()) {
+    		this.root();
+    		return;
+    	}
+    	
         this.breadCrumbView.collection.reset();
         this.breadCrumbView.collection.add([
             {text:"Home", href:""},
@@ -424,6 +433,11 @@ var AppRouter = Backbone.Router.extend({
 
     newClient:function() {
 
+    	if (!isAdmin()) {
+    		this.root()();
+    		return;
+    	}
+
         this.breadCrumbView.collection.reset();
         this.breadCrumbView.collection.add([
             {text:"Home", href:""},
@@ -450,6 +464,11 @@ var AppRouter = Backbone.Router.extend({
 
     editClient:function(id) {
 
+    	if (!isAdmin()) {
+    		this.root()();
+    		return;
+    	}
+
         this.breadCrumbView.collection.reset();
         this.breadCrumbView.collection.add([
             {text:"Home", href:""},
@@ -483,7 +502,13 @@ var AppRouter = Backbone.Router.extend({
     },
 
     whiteList:function () {
-        this.breadCrumbView.collection.reset();
+
+    	if (!isAdmin()) {
+    		this.root()();
+    		return;
+    	}
+
+    	this.breadCrumbView.collection.reset();
         this.breadCrumbView.collection.add([
             {text:"Home", href:""},
             {text:"Manage Whitelisted Sites", href:"manage/#admin/whitelists"}
@@ -496,7 +521,13 @@ var AppRouter = Backbone.Router.extend({
     },
     
     newWhitelist:function(cid) {
-        var client = this.clientList.get(cid);
+
+    	if (!isAdmin()) {
+    		this.root()();
+    		return;
+    	}
+
+    	var client = this.clientList.get(cid);
 
         // if there's no client this is an error
         if (client != null) {
@@ -525,7 +556,13 @@ var AppRouter = Backbone.Router.extend({
     },
     
     editWhitelist:function(id) {
-        this.breadCrumbView.collection.reset();
+
+    	if (!isAdmin()) {
+    		this.root()();
+    		return;
+    	}
+
+    	this.breadCrumbView.collection.reset();
         this.breadCrumbView.collection.add([
             {text:"Home", href:""},
             {text:"Manage Whitelisted Sites", href:"manage/#admin/whitelists"},
@@ -551,8 +588,7 @@ var AppRouter = Backbone.Router.extend({
     },
     
     approvedSites:function() {
-    
-        this.breadCrumbView.collection.reset();
+    	this.breadCrumbView.collection.reset();
         this.breadCrumbView.collection.add([
             {text:"Home", href:""},
             {text:"Manage Approved Sites", href:"manage/#user/approve"}
@@ -578,7 +614,13 @@ var AppRouter = Backbone.Router.extend({
     },
     
     blackList:function() {
-        this.breadCrumbView.collection.reset();
+
+    	if (!isAdmin()) {
+    		this.root()();
+    		return;
+    	}
+
+    	this.breadCrumbView.collection.reset();
         this.breadCrumbView.collection.add([
             {text:"Home", href:""},
             {text:"Manage Blacklisted Sites", href:"manage/#admin/blacklist"}
@@ -596,6 +638,12 @@ var AppRouter = Backbone.Router.extend({
     },
     
     siteScope:function() {
+
+    	if (!isAdmin()) {
+    		this.root()();
+    		return;
+    	}
+
     	this.breadCrumbView.collection.reset();
     	this.breadCrumbView.collection.add([
              {text:"Home", href:""},
@@ -609,6 +657,12 @@ var AppRouter = Backbone.Router.extend({
     },
     
     newScope:function() {
+
+    	if (!isAdmin()) {
+    		this.root()();
+    		return;
+    	}
+
     	this.breadCrumbView.collection.reset();
     	this.breadCrumbView.collection.add([
              {text:"Home", href:""},
@@ -625,6 +679,12 @@ var AppRouter = Backbone.Router.extend({
     },
     
     editScope:function(sid) {
+
+    	if (!isAdmin()) {
+    		this.root()();
+    		return;
+    	}
+
     	this.breadCrumbView.collection.reset();
     	this.breadCrumbView.collection.add([
              {text:"Home", href:""},
@@ -676,6 +736,7 @@ var AppRouter = Backbone.Router.extend({
         ]);
     	
     	setPageTitle("Edit a New Client");
+    	// note that this doesn't actually load the client, that's supposed to happen elsewhere...
     }