Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add permissions check to show/hide activate button #26840

Conversation

Monkeychip
Copy link
Contributor

This PR adds a permissions check inside the flags.js service, using the lazy-capabilities macro. While this is the first use case of a permissions check inside a service it made sense. The prevalent pattern is to check capabilities inside the model. But this one endpoint is a POST with no data returned or used on it, so adding a model/adapter/serializer is not necessary.

No permissions to POST to sys/activation-flags/secrets-sync/activate
image (1)

With permissions to POST
Same view as before
image (2)

@Monkeychip Monkeychip added this to the 1.17.0-rc milestone May 6, 2024
@Monkeychip Monkeychip requested a review from a team as a code owner May 6, 2024 16:03
@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label May 6, 2024
Copy link

github-actions bot commented May 6, 2024

Build Results:
All builds succeeded! ✅

Copy link

github-actions bot commented May 6, 2024

CI Results:
All Go tests succeeded! ✅

@@ -71,11 +75,14 @@ export default class SyncSecretsDestinationsPageComponent extends Component<Args
@task
@waitFor
*onFeatureConfirm() {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes below are a mix of issues from merging in main and a miss on my end of another PR into this side branch that mis-handled the namespace header in this post. The changes restore to what it should be, however we will do extensive testing with the backend to make sure the contract on namespaces is correct.

}

export default class SyncSecretsDestinationsPageComponent extends Component<Args> {
@service declare readonly flashMessages: FlashMessageService;
@service declare readonly store: StoreService;
@service declare readonly router: RouterService;
@service declare readonly version: VersionService;
@service declare readonly flags: FlagsService;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

flag service is used in the hbs file

Copy link
Contributor

@hashishaw hashishaw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Monkeychip Monkeychip merged commit 7b28bed into ui/VAULT-25468/enable-secrets-sync-hvd May 6, 2024
22 of 23 checks passed
@Monkeychip Monkeychip deleted the ui/VAULT-26745/permissions-on-activate-button-2 branch May 6, 2024 22:19
Monkeychip added a commit that referenced this pull request May 9, 2024
* Allow Managed clusters to see Secrets Sync Overview and Sidebar nav (#26649)

* update badge text and allow hvd on secrets sync views

* update logic in Secrets Sync overview and cta for hvd.

* spacing

* rearrange based on pr feedback

* fix return on badgeText and cluster nav test

* fix landing cta tests

* update test to reflect new changes

* moved call to feature-flags from application route to the service to match patterns

* add managed test coverage on overview component test and remove premium feature so cta message appplies to both managed and non-managed clusters

* missed service name and unskip admin test

* clean up

* fix tests

* flags test fix

* Rename isManaged and managedNamespaceRoot (#26697)

* renames

* lowercase HVD to match

* missed some

* test failure

* [Secrets Sync] enable access to Sync clients page for HVD clusters (#26713)

* feat: split client counts navbar into separate component

* acceptance/clients/counts/overview-test: remove tests now covered by int tests

* clients counts route: rename isSecretsSyncActivated to showSecretsSync

* sync clients page: show unactivated state unless sync client history or feature is activated

* client counts navbar: show sync tab only if client history or is /able to be/ activated

* clients overview page: only show sync charts if activated

* fix: rename isManaged to isHvd

* acceptance/counts/overview-test: add HVD tests

* acceptance/counts/overview-test: clean up unused cruft

* aceptance/clients/counts/overview-test: ensure we dont get false negatives

* chore: move Clients::Error to Clients::Counts::Error

* chore: calculate showSecretSync in page component instead of route

* chore: add copyright headers

* acceptance/clients/counts/overview-test: stub activated flags to fix test

* [Secrets sync] update sync test selectors (#26824)

* acceptance/clients/counts/overview-test: use imported test selectors

* general-selectors: add missing emptyStateSubtitle property

* acceptance/clients/counts/sync: nest tests in top level module for easier test runs

* Add permissions check to show/hide activate button (#26840)

* add permissions check to flags service and consume in overview template

* add back missing refresh

* fix test failures

* add test coverage

* clean up

* address flaky test

* grr

* address test failures

* add changelog

* try to fix test failure only on gh

* fix fetch to match previous implementation of feature-flags

* fix failing test

* update comment

---------

Co-authored-by: Noelle Daley <noelledaley@users.noreply.github.com>
Co-authored-by: clairebontempo@gmail.com <clairebontempo@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed pr/no-changelog ui
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants