ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gau...@apache.org
Subject ranger git commit: RANGER-1380 : not able to delete group that is having special character from ranger admin
Date Mon, 20 Feb 2017 10:01:43 GMT
Repository: ranger
Updated Branches:
  refs/heads/master c07e8600a -> 1df13a47c


RANGER-1380 : not able to delete group that is having special character from ranger admin

Signed-off-by: Gautam Borad <gautam@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/1df13a47
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/1df13a47
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/1df13a47

Branch: refs/heads/master
Commit: 1df13a47ce8b2df5751bfd4fc7490abb5385c344
Parents: c07e860
Author: Mehul Parikh <mehul.parikh@freestoneinfotech.com>
Authored: Sat Feb 18 11:08:38 2017 +0530
Committer: Gautam Borad <gautam@apache.org>
Committed: Mon Feb 20 15:30:34 2017 +0530

----------------------------------------------------------------------
 .../java/org/apache/ranger/biz/XUserMgr.java    | 94 ++++++++++++++++----
 .../org/apache/ranger/common/StringUtil.java    |  2 +-
 .../webapp/scripts/models/RangerServiceDef.js   |  4 +-
 .../main/webapp/scripts/models/VXPortalUser.js  |  4 +-
 .../scripts/modules/globalize/message/en.js     |  4 +-
 .../src/main/webapp/scripts/utils/XAUtils.js    |  2 +-
 .../webapp/scripts/views/kms/KMSTableLayout.js  |  4 +-
 .../scripts/views/policies/PermissionList.js    | 48 +++-------
 .../scripts/views/policies/RangerPolicyForm.js  | 94 ++++++++------------
 .../scripts/views/service/ServiceCreate.js      |  3 +-
 .../webapp/scripts/views/users/GroupCreate.js   |  2 +-
 .../webapp/scripts/views/users/UserCreate.js    |  1 +
 .../main/webapp/scripts/views/users/UserForm.js |  4 +-
 .../scripts/views/users/UserTableLayout.js      |  4 +-
 .../main/webapp/templates/helpers/XAHelpers.js  |  4 +-
 15 files changed, 148 insertions(+), 126 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index 2373f35..9139b95 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -1463,9 +1463,41 @@ public class XUserMgr extends XUserMgrBase {
 
 	@Override
 	public VXUserList searchXUsers(SearchCriteria searchCriteria) {
-        VXUserList vXUserList = new VXUserList();
-        vXUserList=xUserService.searchXUsers(searchCriteria);
-        if(vXUserList!=null && !hasAccessToModule(RangerConstants.MODULE_USER_GROUPS)){
+                VXUserList vXUserList = new VXUserList();
+                VXUser vXUserExactMatch = null;
+                try{
+                        VXUserList vXUserListSort = new VXUserList();
+                        if(searchCriteria.getParamList() != null && searchCriteria.getParamList().get("name")
!= null){
+                                searchCriteria.setSortBy("name");
+                                vXUserListSort = xUserService.searchXUsers(searchCriteria);
+                                vXUserExactMatch = getXUserByUserName((String)searchCriteria.getParamList().get("name"));
+                        }
+                        if(vXUserExactMatch != null){
+                                List<VXUser> vXUsers = new ArrayList<VXUser>();
+                                if(searchCriteria.getStartIndex() == 0){
+                                        vXUsers.add(0,vXUserExactMatch);
+                                }
+                                for(VXUser vxUser:vXUserListSort.getVXUsers()){
+                                        if(vxUser.getId() != vXUserExactMatch.getId()){
+                                                vXUsers.add(vxUser);
+                                        }
+                                }
+                                vXUserList.setVXUsers(vXUsers);
+                                vXUserList.setStartIndex(searchCriteria.getStartIndex());
+                                vXUserList.setResultSize(vXUserList.getVXUsers().size());
+                                vXUserList.setTotalCount(vXUserListSort.getTotalCount());
+                                vXUserList.setPageSize(searchCriteria.getMaxRows());
+                                vXUserList.setSortBy(searchCriteria.getSortBy());
+                                vXUserList.setSortType(searchCriteria.getSortType());
+                        }
+                } catch (Exception e){
+                        logger.error("Error getting the exact match of user =>"+e);
+                }
+                if(vXUserList.getVXUsers().isEmpty()) {
+                        searchCriteria.setSortBy("id");
+                        vXUserList = xUserService.searchXUsers(searchCriteria);
+                }
+                if(vXUserList!=null && !hasAccessToModule(RangerConstants.MODULE_USER_GROUPS)){
 	        List<VXUser> vXUsers = new ArrayList<VXUser>();
 	        if(vXUserList!=null && vXUserList.getListSize()>0){
 	            for(VXUser vXUser:vXUserList.getList()){
@@ -1480,19 +1512,51 @@ public class XUserMgr extends XUserMgrBase {
 
 	@Override
 	public VXGroupList searchXGroups(SearchCriteria searchCriteria) {
-        VXGroupList vXGroupList=null;
-        vXGroupList=xGroupService.searchXGroups(searchCriteria);
-        if(vXGroupList!=null && !hasAccessToModule(RangerConstants.MODULE_USER_GROUPS)){
-            if(vXGroupList!=null && vXGroupList.getListSize()>0){
-                List<VXGroup> listMasked=new ArrayList<VXGroup>();
-                for(VXGroup vXGroup:vXGroupList.getList()){
-                    vXGroup=getMaskedVXGroup(vXGroup);
-                    listMasked.add(vXGroup);
+                VXGroupList vXGroupList= new VXGroupList();
+                VXGroup vXGroupExactMatch = null;
+                try{
+                        VXGroupList vXGroupListSort= new VXGroupList();
+                        if(searchCriteria.getParamList() != null && searchCriteria.getParamList().get("name")
!= null){
+                                searchCriteria.setSortBy("name");
+                                vXGroupListSort = xGroupService.searchXGroups(searchCriteria);
+                                vXGroupExactMatch = getGroupByGroupName((String)searchCriteria.getParamList().get("name"));
+                        }
+                        if(vXGroupExactMatch != null){
+                                List<VXGroup> vXGroups = new ArrayList<VXGroup>();
+                                if(searchCriteria.getStartIndex() == 0){
+                                        vXGroups.add(0,vXGroupExactMatch);
+                                }
+                                for(VXGroup vXGroup:vXGroupListSort.getList()){
+                                        if(vXGroup.getId() != vXGroupExactMatch.getId()){
+                                                vXGroups.add(vXGroup);
+                                        }
+                                }
+                                vXGroupList.setVXGroups(vXGroups);
+                                vXGroupList.setStartIndex(searchCriteria.getStartIndex());
+                                vXGroupList.setResultSize(vXGroupList.getList().size());
+                                vXGroupList.setTotalCount(vXGroupListSort.getTotalCount());
+                                vXGroupList.setPageSize(searchCriteria.getMaxRows());
+                                vXGroupList.setSortBy(searchCriteria.getSortBy());
+                                vXGroupList.setSortType(searchCriteria.getSortType());
+                        }
+                } catch (Exception e){
+                        logger.error("Error getting the exact match of group =>"+e);
                 }
-                vXGroupList.setVXGroups(listMasked);
-            }
-        }
-        return vXGroupList;
+                if(vXGroupList.getList().isEmpty()) {
+                        searchCriteria.setSortBy("id");
+                        vXGroupList=xGroupService.searchXGroups(searchCriteria);
+                }
+                if(vXGroupList!=null && !hasAccessToModule(RangerConstants.MODULE_USER_GROUPS)){
+                        if(vXGroupList!=null && vXGroupList.getListSize()>0){
+                                List<VXGroup> listMasked=new ArrayList<VXGroup>();
+                                for(VXGroup vXGroup:vXGroupList.getList()){
+                                        vXGroup=getMaskedVXGroup(vXGroup);
+                                        listMasked.add(vXGroup);
+                                }
+                                vXGroupList.setVXGroups(listMasked);
+                        }
+                }
+                return vXGroupList;
 	}
 
 	public Collection<String> getMaskedCollection(Collection<String> listunMasked){

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/java/org/apache/ranger/common/StringUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/StringUtil.java b/security-admin/src/main/java/org/apache/ranger/common/StringUtil.java
index b6192ae..da7231e 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/StringUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/StringUtil.java
@@ -34,7 +34,7 @@ public class StringUtil implements Serializable {
 
 	static final public int MIN_PASSWORD_LENGTH = 8;
 
-	static final public String VALIDATION_NAME = "^([A-Za-z0-9_]|[\u00C0-\u017F])([a-zA-Z0-9\\s_.
-]|[\u00C0-\u017F])+$";
+        static final public String VALIDATION_NAME = "^([A-Za-z0-9_]|[\u00C0-\u017F])([a-zA-Z0-9\\s_.
-@]|[\u00C0-\u017F])+$";
 	static final public String VALIDATION_TEXT = "[a-zA-Z0-9\\ \"!@#$%^&amp;*()-_=+;:'&quot;|~`&lt;&gt;?/{}\\.\\,\\-\\?<>]*";
 	static final public String VALIDATION_LOGINID = "^([A-Za-z0-9_]|[\u00C0-\u017F])([a-z0-9,._\\-+/@=
]|[\u00C0-\u017F])+$";
 

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js b/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js
index 9c3b585..704f378 100644
--- a/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js
+++ b/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js
@@ -92,7 +92,7 @@ define(function(require){
 				width :'220px',
 				allowClear: true,
 				initSelection : function (element, callback) {
-					callback( { id:element.val(), text:element.val() })
+                                        callback( { id:_.escape(element.val()), text:_.escape(element.val())
})
 				},
 				ajax: { 
 					url: "service/plugins/services",
@@ -103,7 +103,7 @@ define(function(require){
 					results: function (data, page) { 
 						var results = [];
 						if(data.resultSize != "0"){
-							results = data.services.map(function(m, i){	return {id : m.name, text: m.name};	});
+                                                        results = data.services.map(function(m,
i){	return {id : _.escape(m.name), text: _.escape(m.name) };	});
 							return {results : results};
 						}
 						return {results : results};

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/models/VXPortalUser.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/models/VXPortalUser.js b/security-admin/src/main/webapp/scripts/models/VXPortalUser.js
index a99e2c4..920d205 100644
--- a/security-admin/src/main/webapp/scripts/models/VXPortalUser.js
+++ b/security-admin/src/main/webapp/scripts/models/VXPortalUser.js
@@ -49,7 +49,7 @@ define(function(require){
 				firstName : {
 					type		: 'TextFiledWithIcon',
 					title		: localization.tt("lbl.firstName")+' *',
-					validators  : ['required',{type:'regexp',regexp:/^([a-zA-Z0-9_]|[\u00C0-\u017F])([a-zA-Z0-9\s_.
-]|[\u00C0-\u017F])+$/i,message :'Invalid first name.'}],
+                                        validators  : ['required',{type:'regexp',regexp:/^([a-zA-Z0-9_]|[\u00C0-\u017F])([a-zA-Z0-9\s_.
-@]|[\u00C0-\u017F])+$/i,message :'Invalid first name.'}],
 					editorAttrs : { 'placeholder' : localization.tt("lbl.firstName")},
 					errorMsg    :localization.tt('validationMessages.firstNameValidationMsg'),
 					
@@ -57,7 +57,7 @@ define(function(require){
 				lastName : {
 					type		: 'TextFiledWithIcon',
 					title		: localization.tt("lbl.lastName"),
-					validators  : ['required',{type:'regexp',regexp:/^([a-zA-Z0-9_]|[\u00C0-\u017F])([a-zA-Z0-9\s_.
-]|[\u00C0-\u017F])+$/i,message :'Invalid last name.'}],
+                                        validators  : ['required',{type:'regexp',regexp:/^([a-zA-Z0-9_]|[\u00C0-\u017F])([a-zA-Z0-9\s_.
-@]|[\u00C0-\u017F])+$/i,message :'Invalid last name.'}],
 					editorAttrs : { 'placeholder' : localization.tt("lbl.lastName")},
 					errorMsg    :localization.tt('validationMessages.lastNameValidationMsg'),
 				},

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
index 86b4cdd..7a4b82c 100644
--- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
+++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
@@ -415,8 +415,8 @@ define(function(require) {
 				passwordError          :'Password should be minimum 8 characters with min one alphabet
and one numeric.',
 				userNameValidationMsg  :'1. User name should be start with alphabet / numeric / underscore
/ non-us characters.<br> 2. Allowed special character ,._\-+/@= and space. <br>3.
Name length should be greater than one.',
 				groupNameValidationMsg :'1. Group name should be start with alphabet / numeric / underscore
/ non-us characters.<br> 2. Allowed special character ,._\-+/@= and space. <br>3.
Name length should be greater than one.',
-				firstNameValidationMsg :'1. First name should be start with alphabet / numeric / underscore
/ non-us characters.<br> 2. Allowed special character ._- and space. <br>3. Name
length should be greater than one.',
-				lastNameValidationMsg  :'1. Last name should be start with alphabet / numeric / underscore
/ non-us characters.<br> 2. Allowed special character ._- and space. <br>3. Name
length should be greater than one.',
+                                firstNameValidationMsg :'1. First name should be start with
alphabet / numeric / underscore / non-us characters.<br> 2. Allowed special character
._-@ and space. <br>3. Name length should be greater than one.',
+                                lastNameValidationMsg  :'1. Last name should be start with
alphabet / numeric / underscore / non-us characters.<br> 2. Allowed special character
._-@ and space. <br>3. Name length should be greater than one.',
 			},
 			serverMsg : {
 				

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/utils/XAUtils.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/utils/XAUtils.js b/security-admin/src/main/webapp/scripts/utils/XAUtils.js
index c68c596..7a35ce3 100644
--- a/security-admin/src/main/webapp/scripts/utils/XAUtils.js
+++ b/security-admin/src/main/webapp/scripts/utils/XAUtils.js
@@ -229,7 +229,7 @@ define(function(require) {
 	XAUtils.notifyError = function(type, text, options) {
 		var html = '<div style="width: 245px;"><div style="min-height: 16px;"><div><span
class="icon-warning-sign"></span>\
 			</div><h4 style="margin-top: -19px;margin-left: 15px;">Error</h4><div>'
-				+ text + '</div></div></div>';
+                                + _.escape(text) + '</div></div></div>';
 		if (_.isUndefined(options)) {
 			options = {
 				message : {

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js b/security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js
index 0a24bc1..fbbee46 100755
--- a/security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/kms/KMSTableLayout.js
@@ -269,7 +269,7 @@ define(function(require){
 				width :'220px',
 				placeholder : 'Please select KMS service',
 				initSelection : function (element, callback) {
-					callback({ id : element.val(), text : element.val()});
+                                        callback({ id : element.val(), text : _.escape( element.val()
)});
 				},
 				ajax: { 
 					url: "service/plugins/services",
@@ -280,7 +280,7 @@ define(function(require){
 					results: function (data, page) { 
 						var results = [],selectedVals = [];
 						if(data.resultSize != "0"){
-							results = data.services.map(function(m, i){	return {id : m.name, text: m.name};	});
+                                                        results = data.services.map(function(m,
i){	return {id : m.name, text: _.escape( m.name )};	});
 							return { results : results };
 						}
 						return { results : results };

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js b/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
index b3a91d4..2ac494e 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
@@ -77,7 +77,7 @@ define(function(require) {
 		},
 
 		initialize : function(options) {
-			_.extend(this, _.pick(options, 'groupList','accessTypes','policyConditions','userList','rangerServiceDefModel','rangerPolicyType'));
+                        _.extend(this, _.pick(options,'accessTypes','policyConditions','rangerServiceDefModel','rangerPolicyType'));
 			this.setupPermissionsAndConditions();
 			
 		},
@@ -86,8 +86,8 @@ define(function(require) {
 			//To setup permissions for edit mode 
 			this.setupFormForEditMode();
 			//create select2 dropdown for groups and users  
-			this.createDropDown(this.ui.selectGroups, this.groupList, true);
-			this.createDropDown(this.ui.selectUsers, this.userList, false);
+                        this.createDropDown(this.ui.selectGroups, true);
+                        this.createDropDown(this.ui.selectUsers, false);
 			//groups or users select2 dropdown change vent 
 			
 			this.dropDownChange(this.ui.selectGroups);
@@ -182,43 +182,24 @@ define(function(require) {
 				}
 			});
 		},
-		createDropDown :function($select, list, typeGroup){
-			var that = this,
+                createDropDown :function($select, typeGroup){
+                        var that = this, tags = [],
 			placeholder = (typeGroup) ? 'Select Group' : 'Select User',
-			searchUrl   = (typeGroup) ? "service/xusers/groups" : "service/xusers/users",
-			getUrl 		= (typeGroup) ? "service/xusers/groups/groupName/" : "service/xusers/users/userName/";
+                        searchUrl   = (typeGroup) ? "service/xusers/groups" : "service/xusers/users";
 			if(this.model.has('editMode') && !_.isEmpty($select.val())){
-				var temp = this.model.attributes.userName;
+                                var temp = this.model.attributes[ (typeGroup) ? 'groupName':
'userName'];
 				_.each(temp , function(name){
-					if(_.isEmpty(list.where({ 'name' : name}))){
-						var model = typeGroup ? new VXGroup() : new VXUser();
-						model.urlRoot = getUrl + name;
-						model.fetch({async:false}).done(function(){
-							list.add(model);
-						});
-					}
+                                        tags.push( { 'id' : _.escape( name ), 'text' : _.escape(
name ) } );
 				});
 			}
-			var tags = list.map(function(m){
-//				return { id : m.id+"" , text : _.escape(m.get('name'))};
-				return { id : m.id+"" , text : m.get('name')};
-			});
-			
 			$select.select2({
 				closeOnSelect : true,
 				placeholder : placeholder,
-			//	maximumSelectionSize : 1,
 				width :'220px',
 				tokenSeparators: [",", " "],
-				tags : tags, 
+                                tags : true,
 				initSelection : function (element, callback) {
-					var data = [], names = (typeGroup) ? that.model.get('groupName') : that.model.get('userName');
-					_.each(names, function (name) {
-//						name = _.escape(name);
-						var obj = _.findWhere(tags, {text: name });
-						data.push({ id : obj.id, text : name })
-					});
-					callback(data);
+                                        callback(tags);
 				},
 				ajax: { 
 					url: searchUrl,
@@ -232,9 +213,9 @@ define(function(require) {
 						selectedVals = that.getSelectedValues($select, typeGroup);
 						if(data.resultSize != "0"){
 							if(typeGroup){
-								results = data.vXGroups.map(function(m, i){	return {id : m.id+"", text: _.escape(m.name)
};	});
+                                                                results = data.vXGroups.map(function(m,
i){	return {id : _.escape(m.name), text: _.escape(m.name) };	});
 							} else {
-								results = data.vXUsers.map(function(m, i){	return {id : m.id+"", text: _.escape(m.name)
};	});
+                                                                results = data.vXUsers.map(function(m,
i){	return {id : _.escape(m.name), text: _.escape(m.name) };	});
 							}
 							if(!_.isEmpty(selectedVals)){
 								results = XAUtil.filterResultByText(results, selectedVals);
@@ -695,8 +676,6 @@ define(function(require) {
 			this.setAccessTypeByPolicyType();
 			return {
 				'collection' 	: this.collection,
-				'groupList' 	: this.groupList,
-				'userList' 	: this.userList,
 				'accessTypes'	: this.accessTypes,
 				'policyConditions' : this.rangerServiceDefModel.get('policyConditions'),
 				'rangerServiceDefModel' : this.rangerServiceDefModel,
@@ -707,8 +686,7 @@ define(function(require) {
 			'click [data-action="addGroup"]' : 'addNew'
 		},
 		initialize : function(options) {
-			_.extend(this, _.pick(options, 'groupList','accessTypes','rangerServiceDefModel','userList',
'headerTitle','rangerPolicyType'));
-			this.listenTo(this.groupList, 'sync', this.render, this);
+                        _.extend(this, _.pick(options, 'accessTypes','rangerServiceDefModel',
'headerTitle','rangerPolicyType'));
 			if(this.collection.length == 0)
 				this.collection.add(new Backbone.Model());
 		},

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
index bdc2ef4..64baf76 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
@@ -261,65 +261,42 @@ define(function(require){
 				this.$el.find(this.ui.denyConditionItems).remove();
 			} 
 	
-			this.userList = new VXUserList();
-			var params = {sortBy : 'name', isVisible : XAEnums.VisibilityStatus.STATUS_VISIBLE.value};
-			this.userList.setPageSize(100,{fetch:false});
-			this.userList.fetch({
-				cache :true,
-				data: params,
-				async : false
-			});
-			this.groupList = new VXGroupList();
-			this.groupList.setPageSize(100,{fetch:false});
-			this.groupList.fetch({
-					cache :true,
-					data : params
-				}).done(function(){
-						that.$('[data-customfields="groupPerms"]').html(new PermissionList({
-							collection : that.formInputList,
-							groupList  : that.groupList,
-							userList   : that.userList,
-							model 	   : that.model,
-							accessTypes: accessType,
-							headerTitle: "",
-							rangerServiceDefModel : that.rangerServiceDefModel,
-							rangerPolicyType : that.model.get('policyType')
-						}).render().el);
-						
-						if( enableDenyAndExceptionsInPolicies ){
-							that.$('[data-customfields="groupPermsAllowExclude"]').html(new PermissionList({
-								collection : that.formInputAllowExceptionList,
-								groupList  : that.groupList,
-								userList   : that.userList,
-								model 	   : that.model,
-								accessTypes: accessType,
-								headerTitle: "",
-								rangerServiceDefModel : that.rangerServiceDefModel,
-								rangerPolicyType : that.model.get('policyType')
-							}).render().el);
+                        that.$('[data-customfields="groupPerms"]').html(new PermissionList({
+                                collection : that.formInputList,
+                                model 	   : that.model,
+                                accessTypes: accessType,
+                                headerTitle: "",
+                                rangerServiceDefModel : that.rangerServiceDefModel,
+                                rangerPolicyType : that.model.get('policyType')
+                        }).render().el);
 						
-							that.$('[data-customfields="groupPermsDeny"]').html(new PermissionList({
-								collection : that.formInputDenyList,
-								groupList  : that.groupList,
-								userList   : that.userList,
-								model 	   : that.model,
-								accessTypes: accessType,
-								headerTitle: "Deny",
-								rangerServiceDefModel : that.rangerServiceDefModel,
-								rangerPolicyType : that.model.get('policyType')
-							}).render().el);
-							that.$('[data-customfields="groupPermsDenyExclude"]').html(new PermissionList({
-								collection : that.formInputDenyExceptionList,
-								groupList  : that.groupList,
-								userList   : that.userList,
-								model 	   : that.model,
-								accessTypes: accessType,
-								headerTitle: "Deny",
-								rangerServiceDefModel : that.rangerServiceDefModel,
-								rangerPolicyType : that.model.get('policyType')
-							}).render().el);
-					}
-			});
+                        if( enableDenyAndExceptionsInPolicies ){
+                                that.$('[data-customfields="groupPermsAllowExclude"]').html(new
PermissionList({
+                                        collection : that.formInputAllowExceptionList,
+                                        model 	   : that.model,
+                                        accessTypes: accessType,
+                                        headerTitle: "",
+                                        rangerServiceDefModel : that.rangerServiceDefModel,
+                                        rangerPolicyType : that.model.get('policyType')
+                                }).render().el);
+
+                                that.$('[data-customfields="groupPermsDeny"]').html(new PermissionList({
+                                        collection : that.formInputDenyList,
+                                        model 	   : that.model,
+                                        accessTypes: accessType,
+                                        headerTitle: "Deny",
+                                        rangerServiceDefModel : that.rangerServiceDefModel,
+                                        rangerPolicyType : that.model.get('policyType')
+                                }).render().el);
+                                that.$('[data-customfields="groupPermsDenyExclude"]').html(new
PermissionList({
+                                        collection : that.formInputDenyExceptionList,
+                                        model 	   : that.model,
+                                        accessTypes: accessType,
+                                        headerTitle: "Deny",
+                                        rangerServiceDefModel : that.rangerServiceDefModel,
+                                        rangerPolicyType : that.model.get('policyType')
+                                }).render().el);
+                        }
 
 		},
 		renderParentChildHideShow : function(onChangeOfSameLevelType) {
@@ -436,6 +413,7 @@ define(function(require){
 				this.model.set('denyExceptions', this.setPermissionsToColl(this.formInputDenyExceptionList,
new RangerPolicyItem()));
 			}
 			this.model.set('service',this.rangerService.get('name'));
+                        this.model.set('name', _.escape(this.model.get('name')));
 		},
 		setPermissionsToColl : function(list, policyItemList) {
 			list.each(function(m){

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js b/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js
index f348744..c2b78ab 100644
--- a/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js
+++ b/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js
@@ -206,7 +206,8 @@ define(function(require){
 	                            			   callback:function(e){
 	                            				   console.log(e)
 	                            				   if($(e.currentTarget).text() == 'Show More..'){
-                        							   var div = '<div class="showMore connection-error-font"><br>'+msResponse.messageList[0].message.split('\n').join('<br>')+'</div>'
+									   var respMsg = _.escape( msResponse.messageList[0].message );
+										   var div = '<div class="showMore connection-error-font"><br>'+respMsg.split('\n').join('<br>')+'</div>'
                         							   $(e.delegateTarget).find('.modal-body').append(div)
                         							   $(e.currentTarget).html('Show Less..')
 	                            				   } else {

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/views/users/GroupCreate.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/users/GroupCreate.js b/security-admin/src/main/webapp/scripts/views/users/GroupCreate.js
index a11dc47..f915468 100644
--- a/security-admin/src/main/webapp/scripts/views/users/GroupCreate.js
+++ b/security-admin/src/main/webapp/scripts/views/users/GroupCreate.js
@@ -94,7 +94,7 @@ define(function(require){
 			this.rForm.$el.dirtyFields();
 			XAUtil.preventNavigation(localization.tt('dialogMsg.preventNavGroupForm'),this.rForm.$el);
 			if(!_.isUndefined(this.model.get('groupSource')) && this.model.get('groupSource')
== XAEnums.GroupSource.XA_GROUP.value){
-				this.ui.btnSave.hide();
+                                this.ui.btnSave.prop( "disabled", true );
 			}
 		},
 

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/views/users/UserCreate.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/users/UserCreate.js b/security-admin/src/main/webapp/scripts/views/users/UserCreate.js
index a0af92d..46eff6d 100644
--- a/security-admin/src/main/webapp/scripts/views/users/UserCreate.js
+++ b/security-admin/src/main/webapp/scripts/views/users/UserCreate.js
@@ -96,6 +96,7 @@ define(function(require){
 			if(!_.isUndefined(this.model.get('userSource')) && this.model.get('userSource')
== XAEnums.UserSource.XA_USER.value){
 				this.$('[data-tab="edit-password"]').hide();
 				this.$('[data-tab="edit-basic"]').hide();
+                                this.ui.btnSave.prop( "disabled", true );
 			}
 			this.renderForm();
 			this.rForm.$el.dirtyFields();

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/views/users/UserForm.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/users/UserForm.js b/security-admin/src/main/webapp/scripts/views/users/UserForm.js
index e7184d0..f74e2a4 100644
--- a/security-admin/src/main/webapp/scripts/views/users/UserForm.js
+++ b/security-admin/src/main/webapp/scripts/views/users/UserForm.js
@@ -89,14 +89,14 @@ define(function(require){
 				firstName : { 
 					type		: 'TextFiledWithIcon',
 					title		: localization.tt("lbl.firstName")+' *',
-					validators  : ['required',{type:'regexp',regexp:/^([A-Za-z0-9_]|[\u00C0-\u017F])([a-zA-Z0-9\s_.
-]|[\u00C0-\u017F])+$/i, 
+                                        validators  : ['required',{type:'regexp',regexp:/^([A-Za-z0-9_]|[\u00C0-\u017F])([a-zA-Z0-9\s_.
-@]|[\u00C0-\u017F])+$/i,
 						            message :' Invalid first name'}],
 					errorMsg    :localization.tt('validationMessages.firstNameValidationMsg'),
 				},
 				lastName : { 
 					type		: 'TextFiledWithIcon',
 					title		: localization.tt("lbl.lastName"),
-					validators  : [{type:'regexp',regexp:/^([A-Za-z0-9_]|[\u00C0-\u017F])([a-zA-Z0-9\s_.
-]|[\u00C0-\u017F])+$/i, 
+                                        validators  : [{type:'regexp',regexp:/^([A-Za-z0-9_]|[\u00C0-\u017F])([a-zA-Z0-9\s_.
-@]|[\u00C0-\u017F])+$/i,
 						            message :' Invalid last name'}],
 					errorMsg    :localization.tt('validationMessages.lastNameValidationMsg'),
 				},

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js b/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js
index da39d39..4b1b036 100644
--- a/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js
@@ -456,7 +456,7 @@ define(function(require){
 			var selArr = [];
 			var message = '';
 			_.each(collection.selected,function(obj){
-				 selArr.push(_.escape(obj.get('name')));
+                                 selArr.push(obj.get('name'));
             });
 			var  vXStrings = [];
 			var jsonUsers  = {};
@@ -471,7 +471,7 @@ define(function(require){
 			var total_selected = jsonUsers.vXStrings.length;
 
 			if(total_selected == 1) {
-				message = 'Are you sure you want to delete '+(that.showUsers ? 'user':'group')+' \''+jsonUsers.vXStrings[0].value+'\'?';
+                                message = 'Are you sure you want to delete '+(that.showUsers
? 'user':'group')+' \''+ _.escape( jsonUsers.vXStrings[0].value )+'\'?';
 			}
 			else {
 				message = 'Are you sure you want to delete '+total_selected+' '+(that.showUsers ? 'users':'groups')+'?';

http://git-wip-us.apache.org/repos/asf/ranger/blob/1df13a47/security-admin/src/main/webapp/templates/helpers/XAHelpers.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/templates/helpers/XAHelpers.js b/security-admin/src/main/webapp/templates/helpers/XAHelpers.js
index 3559421..4491d70 100644
--- a/security-admin/src/main/webapp/templates/helpers/XAHelpers.js
+++ b/security-admin/src/main/webapp/templates/helpers/XAHelpers.js
@@ -353,7 +353,7 @@
 	    return new Handlebars.SafeString(ret);
 	});
 	Handlebars.registerHelper('highlightNewForAttr', function(newValue, oldValue, hightlightValue)
{
-		var html='';
+                var html='', newValue = _.escape( newValue ), oldValue = _.escape( oldValue
);
 		if(hightlightValue == 'new'){
 			if(_.isNull(oldValue) || oldValue == '--' || oldValue == "" || _.isUndefined(oldValue)){
 				html = '<span class="add-text">'+newValue+'</span>';
@@ -370,7 +370,7 @@
 	    return html;
 	});
 	Handlebars.registerHelper('highlightNewForObj', function(prop, newValue, oldValue, hightlightValue)
{
-		var html='';
+                var html='', newValue = _.escape( newValue ), oldValue = _.escape( oldValue
);
 		if(hightlightValue == 'new'){
 			if(_.isNull(oldValue[prop]) || oldValue[prop] == ""){
 				html = '<span class="add-text">'+newValue+'</span>';


Mime
View raw message