From 8d32703456cc8c26d478c180707fc29db69631fb Mon Sep 17 00:00:00 2001 From: Anthony Lapenna Date: Thu, 29 Mar 2018 18:41:47 +1100 Subject: [PATCH] fix(service-details): prevent regular users from using bind mounts (#1778) --- app/docker/views/services/edit/includes/mounts.html | 9 ++++++--- app/docker/views/services/edit/serviceController.js | 12 +++++++++--- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/app/docker/views/services/edit/includes/mounts.html b/app/docker/views/services/edit/includes/mounts.html index 0b3a41743..e8a7b181c 100644 --- a/app/docker/views/services/edit/includes/mounts.html +++ b/app/docker/views/services/edit/includes/mounts.html @@ -14,7 +14,7 @@ - + @@ -23,14 +23,17 @@ -
TypeType Source Target Read only
+ - + + diff --git a/app/docker/views/services/edit/serviceController.js b/app/docker/views/services/edit/serviceController.js index 81396a80b..eb317988d 100644 --- a/app/docker/views/services/edit/serviceController.js +++ b/app/docker/views/services/edit/serviceController.js @@ -1,6 +1,6 @@ angular.module('portainer.docker') -.controller('ServiceController', ['$q', '$scope', '$transition$', '$state', '$location', '$timeout', '$anchorScroll', 'ServiceService', 'ConfigService', 'ConfigHelper', 'SecretService', 'ImageService', 'SecretHelper', 'Service', 'ServiceHelper', 'LabelHelper', 'TaskService', 'NodeService', 'Notifications', 'ModalService', 'PluginService', -function ($q, $scope, $transition$, $state, $location, $timeout, $anchorScroll, ServiceService, ConfigService, ConfigHelper, SecretService, ImageService, SecretHelper, Service, ServiceHelper, LabelHelper, TaskService, NodeService, Notifications, ModalService, PluginService) { +.controller('ServiceController', ['$q', '$scope', '$transition$', '$state', '$location', '$timeout', '$anchorScroll', 'ServiceService', 'ConfigService', 'ConfigHelper', 'SecretService', 'ImageService', 'SecretHelper', 'Service', 'ServiceHelper', 'LabelHelper', 'TaskService', 'NodeService', 'Notifications', 'ModalService', 'PluginService', 'Authentication', 'SettingsService', 'VolumeService', +function ($q, $scope, $transition$, $state, $location, $timeout, $anchorScroll, ServiceService, ConfigService, ConfigHelper, SecretService, ImageService, SecretHelper, Service, ServiceHelper, LabelHelper, TaskService, NodeService, Notifications, ModalService, PluginService, Authentication, SettingsService, VolumeService) { $scope.state = { updateInProgress: false, @@ -423,12 +423,14 @@ function ($q, $scope, $transition$, $state, $location, $timeout, $anchorScroll, originalService = angular.copy(service); return $q.all({ + volumes: VolumeService.volumes(), tasks: TaskService.tasks({ service: [service.Name] }), nodes: NodeService.nodes(), secrets: apiVersion >= 1.25 ? SecretService.secrets() : [], configs: apiVersion >= 1.30 ? ConfigService.configs() : [], availableImages: ImageService.images(), - availableLoggingDrivers: PluginService.loggingPlugins(apiVersion < 1.25) + availableLoggingDrivers: PluginService.loggingPlugins(apiVersion < 1.25), + settings: SettingsService.publicSettings() }); }) .then(function success(data) { @@ -438,6 +440,10 @@ function ($q, $scope, $transition$, $state, $location, $timeout, $anchorScroll, $scope.secrets = data.secrets; $scope.availableImages = ImageService.getUniqueTagListFromImages(data.availableImages); $scope.availableLoggingDrivers = data.availableLoggingDrivers; + $scope.availableVolumes = data.volumes; + $scope.allowBindMounts = data.settings.AllowBindMountsForRegularUsers; + var userDetails = Authentication.getUserDetails(); + $scope.isAdmin = userDetails.role === 1; // Set max cpu value var maxCpus = 0;