updated the support user permissions to disallow authentications as well and updated webui to nav to auth page if auth is available but secrets are not w/ burnettk (#454)
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
This commit is contained in:
parent
9925105a5e
commit
9ea90a94bf
|
@ -578,6 +578,7 @@ class AuthorizationService:
|
|||
for permission in ["create", "read", "update", "delete"]:
|
||||
permissions_to_assign.append(PermissionToAssign(permission=permission, target_uri="/secrets/*"))
|
||||
|
||||
permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/authentications"))
|
||||
permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/authentication/configuration"))
|
||||
permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/authentication_begin/*"))
|
||||
permissions_to_assign.append(
|
||||
|
@ -599,7 +600,6 @@ class AuthorizationService:
|
|||
# can also start through messages as well
|
||||
permissions_to_assign.append(PermissionToAssign(permission="create", target_uri="/messages/*"))
|
||||
permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/messages"))
|
||||
permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/authentications"))
|
||||
|
||||
permissions_to_assign.append(
|
||||
PermissionToAssign(permission="create", target_uri="/can-run-privileged-script/*")
|
||||
|
|
|
@ -476,7 +476,6 @@ class TestAuthorizationService(BaseTest):
|
|||
return sorted(
|
||||
self._expected_basic_permissions()
|
||||
+ [
|
||||
("/authentications", "read"),
|
||||
("/can-run-privileged-script/*", "create"),
|
||||
("/data-stores/*", "read"),
|
||||
("/debug/*", "create"),
|
||||
|
@ -511,6 +510,7 @@ class TestAuthorizationService(BaseTest):
|
|||
("/authentication/configuration", "read"),
|
||||
("/authentication/configuration", "update"),
|
||||
("/authentication_begin/*", "read"),
|
||||
("/authentications", "read"),
|
||||
("/secrets/*", "create"),
|
||||
("/secrets/*", "delete"),
|
||||
("/secrets/*", "read"),
|
||||
|
|
|
@ -1,29 +1,58 @@
|
|||
import { useEffect, useState } from 'react';
|
||||
import { Link, useSearchParams } from 'react-router-dom';
|
||||
import { Link, useNavigate, useSearchParams } from 'react-router-dom';
|
||||
// @ts-ignore
|
||||
import { Button, Table } from '@carbon/react';
|
||||
import { MdDelete } from 'react-icons/md';
|
||||
import PaginationForTable from '../components/PaginationForTable';
|
||||
import HttpService from '../services/HttpService';
|
||||
import { getPageInfoFromSearchParams } from '../helpers';
|
||||
import { useUriListForPermissions } from '../hooks/UriListForPermissions';
|
||||
import { PermissionsToCheck } from '../interfaces';
|
||||
import { usePermissionFetcher } from '../hooks/PermissionService';
|
||||
|
||||
export default function SecretList() {
|
||||
const [searchParams] = useSearchParams();
|
||||
const navigate = useNavigate();
|
||||
|
||||
const [secrets, setSecrets] = useState([]);
|
||||
const [pagination, setPagination] = useState(null);
|
||||
|
||||
const { targetUris } = useUriListForPermissions();
|
||||
const permissionRequestData: PermissionsToCheck = {
|
||||
[targetUris.authenticationListPath]: ['GET'],
|
||||
[targetUris.secretListPath]: ['GET'],
|
||||
};
|
||||
const { ability, permissionsLoaded } = usePermissionFetcher(
|
||||
permissionRequestData
|
||||
);
|
||||
|
||||
useEffect(() => {
|
||||
const setSecretsFromResult = (result: any) => {
|
||||
setSecrets(result.results);
|
||||
setPagination(result.pagination);
|
||||
};
|
||||
if (permissionsLoaded) {
|
||||
if (
|
||||
!ability.can('GET', targetUris.secretListPath) &&
|
||||
ability.can('GET', targetUris.authenticationListPath)
|
||||
) {
|
||||
navigate('/admin/configuration/authentications');
|
||||
} else {
|
||||
const { page, perPage } = getPageInfoFromSearchParams(searchParams);
|
||||
HttpService.makeCallToBackend({
|
||||
path: `/secrets?per_page=${perPage}&page=${page}`,
|
||||
successCallback: setSecretsFromResult,
|
||||
});
|
||||
}, [searchParams]);
|
||||
}
|
||||
}
|
||||
}, [
|
||||
searchParams,
|
||||
permissionsLoaded,
|
||||
ability,
|
||||
navigate,
|
||||
targetUris.authenticationListPath,
|
||||
targetUris.secretListPath,
|
||||
]);
|
||||
|
||||
const reloadSecrets = (_result: any) => {
|
||||
window.location.reload();
|
||||
|
|
Loading…
Reference in New Issue