[arvados.git] / apps / workbench / app / views / users / link_account.html.erb

<%# Copyright (C) The Arvados Authors. All rights reserved.

SPDX-License-Identifier: AGPL-3.0 %>

<%= javascript_tag do %>
  function update_visibility() {
    if (sessionStorage.getItem('link_account_api_token') &&
      sessionStorage.getItem('link_account_uuid') != '<%= Thread.current[:user].uuid %>')
    {
      $("#ready-to-link").css({"display": "inherit"});
      $("#need-login").css({"display": "none"});

      <% if params[:direction] == "in" %>
      var user_a = "<b>"+sessionStorage.getItem('link_account_email')+"</b> ("+sessionStorage.getItem('link_account_username')+", "+sessionStorage.getItem('link_account_uuid')+")";
      var user_b = "<b><%= Thread.current[:user].email %></b> (<%= Thread.current[:user].username%>, <%= Thread.current[:user].uuid%>)";
      var user_a_is_active = (sessionStorage.getItem('link_account_is_active') == "true");
      var user_a_is_admin = (sessionStorage.getItem('link_account_is_admin') == "true");
      var user_b_is_admin = <%=if Thread.current[:user].is_admin then "true" else "false" end %>;
      <% else %>
      var user_a = "<b><%= Thread.current[:user].email %></b> (<%= Thread.current[:user].username%>, <%= Thread.current[:user].uuid%>)";
      var user_b = "<b>"+sessionStorage.getItem('link_account_email')+"</b> ("+sessionStorage.getItem('link_account_username')+", "+sessionStorage.getItem('link_account_uuid')+")";
      var user_a_is_active = <%= Thread.current[:user].is_active %>;
      var user_a_is_admin = <%=if Thread.current[:user].is_admin then "true" else "false" end %>;
      var user_b_is_admin = (sessionStorage.getItem('link_account_is_admin') == "true");
      <% end %>

      $("#new-user-token-input").val(sessionStorage.getItem('link_account_api_token'));

      if (!user_a_is_active) {
        $("#will-link-to").html("<p>Cannot link "+user_b+" to inactive account "+user_a+".</p>");
        $("#link-account-submit").prop("disabled", true);
      } else if (user_b_is_admin && !user_a_is_admin) {
        $("#will-link-to").html("<p>Cannot link admin account "+user_b+" to non-admin account "+user_a+".</p>");
        $("#link-account-submit").prop("disabled", true);
      } else {
        $("#will-link-to").html("<p>Clicking 'Link accounts' will link "+user_b+" created on <%=Thread.current[:user].created_at%> to "+
          user_a+" created at <b>"+sessionStorage.getItem('link_account_created_at')+"</b>.</p>"+
          "<p>After linking, logging in as "+user_b+" will log you into the same account as "+user_a+
          ".</p>  <p>Any objects owned by "+user_b+" will be transferred to "+user_a+".</p>");
      }
    } else {
      $("#ready-to-link").css({"display": "none"});
      $("#need-login").css({"display": "inherit"});
    }

    sessionStorage.removeItem('link_account_api_token');
    sessionStorage.removeItem('link_account_uuid');
    sessionStorage.removeItem('link_account_email');
    sessionStorage.removeItem('link_account_username');
    sessionStorage.removeItem('link_account_created_at');
    sessionStorage.removeItem('link_account_is_active');
    sessionStorage.removeItem('link_account_is_admin');
  };

  $(window).on("load", function() {
    update_visibility();
  });

  function do_login(dir) {
    sessionStorage.setItem('link_account_api_token', '<%= Thread.current[:arvados_api_token] %>');
    sessionStorage.setItem('link_account_email', '<%= Thread.current[:user].email %>');
    sessionStorage.setItem('link_account_username', '<%= Thread.current[:user].username %>');
    sessionStorage.setItem('link_account_uuid', '<%= Thread.current[:user].uuid %>');
    sessionStorage.setItem('link_account_created_at', '<%= Thread.current[:user].created_at %>');
    sessionStorage.setItem('link_account_is_active', <%= if Thread.current[:user].is_active then "true" else "false" end %>);
    sessionStorage.setItem('link_account_is_admin', <%= if Thread.current[:user].is_admin then "true" else "false" end %>);
    window.location.replace('<%=arvados_api_client.arvados_logout_url(return_to: arvados_api_client.arvados_login_url(return_to: "#{strip_token_from_path(request.url)}?direction="))%>'+dir);
  }

  $(document).on("click", "#link-account-in", function(e) { do_login("in"); });
  $(document).on("click", "#link-account-out", function(e) { do_login("out"); });

  $(document).on("click", "#cancel-link-accounts", function() {
    window.location.replace('/users/link_account?api_token='+$("#new-user-token-input").val());
  });
<% end %>

<div id="need-login" style="display: none">

  <p>You are currently logged in as <b><%= Thread.current[:user].email %></b> (<%= Thread.current[:user].username%>, <%= Thread.current[:user].uuid %>) created at <b><%= Thread.current[:user].created_at%></b></p>

<p>You can link Arvados accounts.  After linking, either login will take you to the same account.</p>

  <p>
    <% if Thread.current[:user].is_active %>
  <button class="btn btn-primary" id="link-account-in" style="margin-right: 1em">
    <i class="fa fa-fw fa-sign-in"></i> Add another login to this account
  </button>
  <% end %>
  <button class="btn btn-primary" id="link-account-out" style="margin-right: 1em">
    <i class="fa fa-fw fa-sign-in"></i> Use this login to access another account
  </button>

</p>
</div>

<div id="ready-to-link" style="display: none">

  <div id="will-link-to"></div>

  <%= button_tag "Cancel", class: "btn btn-cancel pull-left", id: "cancel-link-accounts", style: "margin-right: 1em" %>

  <%= form_tag do |f| %>
    <input type="hidden" id="new-user-token-input" name="new_user_token" value="" />
    <input type="hidden" id="new-user-token-input" name="direction" value="<%=params[:direction]%>" />
    <%= button_tag class: "btn btn-primary", id: "link-account-submit" do %>
      <i class="fa fa-fw fa-link"></i> Link accounts
  <% end %>
<% end %>

</div>
</div>