make capabilities disableable on consent screen

51b3b36d · Gabriel Zachmann · 812c5ce1 · 51b3b36d · 51b3b36d · 51b3b36d
Commit 51b3b36d authored 4 years ago by Gabriel Zachmann
--- a/internal/db/dbrepo/supertokenrepo/transfercoderepo/pollingCodeTmpST.go
+++ b/internal/db/dbrepo/supertokenrepo/transfercoderepo/pollingCodeTmpST.go
@@ -24,7 +24,7 @@ func CheckTransferCode(tx *sqlx.Tx, pollingCode string) (TransferCodeStatus, err
 	pt := createProxyToken(pollingCode)
 	var p TransferCodeStatus
 	err := db.RunWithinTransaction(tx, func(tx *sqlx.Tx) error {
-		if err := tx.Get(&p, `SELECT 1 as found, CURRENT_TIMESTAMP() > expires_at AS expired, response_type, redirect FROM TransferCodes WHERE id=?`, pt.ID()); err != nil {
+		if err := tx.Get(&p, `SELECT 1 as found, CURRENT_TIMESTAMP() > expires_at AS expired, response_type FROM TransferCodes WHERE id=?`, pt.ID()); err != nil {
 			if errors.Is(err, sql.ErrNoRows) {
 				err = nil  // polling code was not found, but this is fine
 				return err // p.Found is false

--- a/internal/db/dbrepo/supertokenrepo/transfercoderepo/transfercode.go
+++ b/internal/db/dbrepo/supertokenrepo/transfercoderepo/transfercode.go
@@ -63,7 +63,7 @@ func (tc TransferCode) Store(tx *sqlx.Tx) error {
 		if err := tc.proxyToken.Store(tx); err != nil {
 			return err
 		}
-		_, err := tx.Exec(`INSERT INTO TransferCodesAttributes (id, expires_in,  revoke_ST, response_type) VALUES(?,?,?,?,?)`, tc.id, config.Get().Features.Polling.PollingCodeExpiresAfter, tc.Attributes.NewST, tc.Attributes.ResponseType)
+		_, err := tx.Exec(`INSERT INTO TransferCodesAttributes (id, expires_in,  revoke_ST, response_type) VALUES(?,?,?,?)`, tc.id, config.Get().Features.Polling.PollingCodeExpiresAfter, tc.Attributes.NewST, tc.Attributes.ResponseType)
 		return err
 	})
 }

--- a/internal/endpoints/consent/consent.go
+++ b/internal/endpoints/consent/consent.go
@@ -28,6 +28,9 @@ func handleConsent(ctx *fiber.Ctx, r restrictions.Restrictions, c capabilities.C
 		"capabilities": pkg.WebCapabilities(c),
 	}
 	if c.Has(capabilities.CapabilityCreateST) {
+		if len(sc) == 0 {
+			sc = c
+		}
 		binding["subtoken-capabilities"] = pkg.WebCapabilities(sc)
 	}
 	return ctx.Render("sites/consent", binding, "layouts/main")

--- a/web/sites/consent.mustache
+++ b/web/sites/consent.mustache
@@ -8,15 +8,16 @@
        <h4 class="text-center">Capabilities</h4>
 <table class="table table-hover table-bordered col-md table-secondary">
    <tbody>
-    <script>
-        let capabilities = [];
-        let subtoken_capabilities = [];
-    </script>
    {{#capabilities}}
        <tr>
+            <td class="text-center">
+                <div class="custom-control custom-switch">
+                <input type="checkbox" class="custom-control-input capability-check" value="{{Name}}" checked id="cp-{{Name}}">
+                <label class="custom-control-label" for="cp-{{Name}}"><span class="sr-only"></span></label>
+                </div>
+            </td>
            <td>
            <div class="d-flex justify-content-between">
-                <script>capabilities.push("{{Name}}");</script>
                <h5>{{Name}}</h5>
                <i class="fas fa-exclamation-circle {{ColorClass}}" data-toggle="tooltip" data-placement="right" title="" data-original-title="{{CapabilityLevel}}"></i>
            </div>
@@ -30,14 +31,21 @@
                        <table class="table table-hover table-grey">
                            <tbody>
                            {{#subtoken-capabilities}}
-                            <tr><td>
+                            <tr>
+                                <td class="text-center">
+                                    <div class="custom-control custom-switch">
+                                        <input type="checkbox" class="custom-control-input subtoken-capability-check" value="{{Name}}" checked id="scp-{{Name}}">
+                                        <label class="custom-control-label" for="scp-{{Name}}"><span class="sr-only"></span></label>
+                                    </div>
+                                </td>
+                                <td>
                                <div class="d-flex justify-content-between">
-                                    <script>subtoken_capabilities.push("{{Name}}");</script>
                                    <h5>{{Name}}</h5>
                                    <i class="fas fa-exclamation-circle {{ColorClass}}" data-toggle="tooltip" data-placement="right" title="" data-original-title="{{CapabilityLevel}}"></i>
                                </div>
                                <div>{{Description}}</div>
-                            </td></tr>
+                                </td>
+                            </tr>
                            {{/subtoken-capabilities}}
                            </tbody>
                        </table>

--- a/web/static/js/consent.js
+++ b/web/static/js/consent.js
@@ -138,10 +138,15 @@ function updateIcons() {
 function approve() {
    let data = {
        "restrictions": restrictions,
-        "capabilities": capabilities,
-        "subtoken_capabilities": subtoken_capabilities
+        "capabilities": $('.capability-check:checked').map(function(_, el) {
+            return $(el).val();
+        }).get(),
+        "subtoken_capabilities": $('.subtoken-capability-check:checked').map(function(_, el) {
+            return $(el).val();
+        }).get()
    };
    data = JSON.stringify(data);
+    console.log(data);
    $.ajax({
        type: "POST",
        url: window.location.href,
@@ -161,4 +166,10 @@ function approve() {
 function cancel() {
    //TODO POST cancel
    window.location.href = "/";
-}
\ No newline at end of file
+}
+
+$('#cp-create_super_token').click(function() {
+    let enabled = $(this).prop("checked");
+    $('.subtoken-capability-check').prop("checked", enabled);
+    $('.subtoken-capability-check').prop("disabled", !enabled);
+});