From 9f6cde6b0338b972146019c5a47a84cb56fcd182 Mon Sep 17 00:00:00 2001
From: zachmann <gabriel.zachmann@kit.edu>
Date: Mon, 22 Aug 2022 15:18:15 +0200
Subject: [PATCH] fix problem with capability checking / displaying when parent
 not checked

---
 internal/server/web/static/js/capabilities.js | 14 +++++++++++++-
 internal/server/web/static/js/consent.js      |  2 +-
 internal/server/web/static/js/create-mt.js    |  4 ++--
 internal/server/web/static/js/ssh.js          |  2 ++
 internal/server/web/static/js/tokeninfo.js    |  6 +++---
 5 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/internal/server/web/static/js/capabilities.js b/internal/server/web/static/js/capabilities.js
index f186ef52..3ffb641a 100644
--- a/internal/server/web/static/js/capabilities.js
+++ b/internal/server/web/static/js/capabilities.js
@@ -61,6 +61,18 @@ function subtokenCapabilities(prefix = "") {
     return $('#' + prefix + 'subtokenCapabilities');
 }
 
+function enableCapability(cap, prefix = "") {
+    // This function should be called after initCapabilities to preselect / check capabilities
+    // We do it with a click instead of prop("checked", true) because click handles sub-/parent- capabilities correctly.
+    // We first set checked to false ensuring that it was not previously selected
+    let $c = $(prefixId(cap, prefix));
+    let disabled = $c.prop('disabled');
+    $c.prop('disabled', false);
+    $c.prop("checked", false);
+    $c.click();
+    $c.prop('disabled', disabled);
+}
+
 
 const rPrefix = "read@";
 
@@ -304,7 +316,7 @@ function checkCapability(cap, typePrefix, prefix = "") {
     if (rCap) {
         cap = cap.substring(rPrefix.length);
     }
-    $('#' + prefix + typePrefix + '-' + escapeSelector(cap)).prop("checked", true);
+    enableCapability(typePrefix + '-' + cap, prefix);
     let $mode = $('#' + prefix + typePrefix + '-' + escapeSelector(rPrefix + cap) + '-mode');
     let disabled = $mode.prop('disabled');
     $mode.prop('disabled', false);
diff --git a/internal/server/web/static/js/consent.js b/internal/server/web/static/js/consent.js
index dd41b546..25c043ee 100644
--- a/internal/server/web/static/js/consent.js
+++ b/internal/server/web/static/js/consent.js
@@ -9,13 +9,13 @@ $(document).ready(function () {
         rotationAutoRevoke().prop("disabled", !rot_onAT && !rot_onOther);
     }
     updateRotationIcon();
+    initCapabilities();
     checkedCapabilities.forEach(function (value) {
         checkCapability(value, 'cp');
     })
     checkedSubtokenCapabilities.forEach(function (value) {
         checkCapability(value, 'sub-cp');
     })
-    initCapabilities();
     chainFunctions(
         discovery,
         function (...next) {
diff --git a/internal/server/web/static/js/create-mt.js b/internal/server/web/static/js/create-mt.js
index 8127fc67..bf0a0902 100644
--- a/internal/server/web/static/js/create-mt.js
+++ b/internal/server/web/static/js/create-mt.js
@@ -15,9 +15,9 @@ const $mtInstructions = $('#mt-instructions');
 const mtPrefix = "createMT-";
 
 function initCreateMT(...next) {
-    capabilityAT(mtPrefix).prop('checked', true);
-    $('#' + mtPrefix + 'cp-tokeninfo').prop('checked', true);
     initCapabilities(mtPrefix);
+    checkCapability("tokeninfo", "cp", mtPrefix);
+    checkCapability("AT", "cp", mtPrefix);
     updateRotationIcon(mtPrefix);
     initRestr(mtPrefix);
     doNext(...next);
diff --git a/internal/server/web/static/js/ssh.js b/internal/server/web/static/js/ssh.js
index dfba0dd7..9e26b790 100644
--- a/internal/server/web/static/js/ssh.js
+++ b/internal/server/web/static/js/ssh.js
@@ -41,6 +41,8 @@ disableGrantCallbacks['ssh'] = function disableSSHCallback() {
 function initSSH(...next) {
     initRestr();
     initCapabilities();
+    checkCapability("tokeninfo", "cp", mtPrefix);
+    checkCapability("AT", "cp", mtPrefix);
     clearSSHKeyTable();
     useSettingsToken(function (token) {
         $.ajax({
diff --git a/internal/server/web/static/js/tokeninfo.js b/internal/server/web/static/js/tokeninfo.js
index c4a9a103..c9e4f0ac 100644
--- a/internal/server/web/static/js/tokeninfo.js
+++ b/internal/server/web/static/js/tokeninfo.js
@@ -50,6 +50,7 @@ function fillTokenInfo(tokenPayload) {
     copy.removeClass('d-none');
 
     // capabilities
+    initCapabilities(tokeninfoPrefix);
     capabilityChecks(tokeninfoPrefix).prop("checked", false);
     subtokenCapabilityChecks(tokeninfoPrefix).prop("checked", false);
     for (let c of tokenPayload['capabilities']) {
@@ -60,11 +61,10 @@ function fillTokenInfo(tokenPayload) {
             checkCapability(c, 'sub-cp', tokeninfoPrefix);
         }
     }
-    initCapabilities(tokeninfoPrefix);
     capabilityChecks(tokeninfoPrefix).not(":checked").closest('.capability').hideB();
     subtokenCapabilityChecks(tokeninfoPrefix).not(":checked").closest('.capability').hideB();
-    capabilityChecks(tokeninfoPrefix).filter(":checked").closest('.capability').showB();
-    subtokenCapabilityChecks(tokeninfoPrefix).filter(":checked").closest('.capability').showB();
+    capabilityChecks(tokeninfoPrefix).filter(":checked").parents('.capability').showB();
+    subtokenCapabilityChecks(tokeninfoPrefix).filter(":checked").parents('.capability').showB();
 
     // rotation
     let rot = tokenPayload['rotation'] || {};
-- 
GitLab