NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Commitf6dfce0

committed

Use fine-grained permissions on settings page

Since in addition to deployment settings this page now also includesusers, audit logs, groups, and orgs.Since you might not be able to fetch deployment values, move all theloaders to the individual pages instead of in the wrapping layout.

1 parent402cd88 commitf6dfce0Copy full SHA for f6dfce0

File tree

15 files changed

+388

-146

lines changed

site/src
- api/queries
  - organizations.ts
- contexts/auth
  - permissions.tsx
- modules/dashboard/Navbar
  - Navbar.tsx
- pages
  - DeploySettingsPage
    - DeploySettingsLayout.tsx
    - ExternalAuthSettingsPage
      - ExternalAuthSettingsPage.tsx
    - GeneralSettingsPage
      - GeneralSettingsPage.tsx
    - NetworkSettingsPage
      - NetworkSettingsPage.tsx
    - ObservabilitySettingsPage
      - ObservabilitySettingsPage.tsx
    - SecuritySettingsPage
      - SecuritySettingsPage.tsx
    - UserAuthSettingsPage
      - UserAuthSettingsPage.tsx
  - ManagementSettingsPage
- testHelpers
  - entities.ts

15 files changed

+388

-146

lines changed

`‎site/src/api/queries/organizations.ts`

Lines changed: 35 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -117,13 +117,48 @@ export const organizationPermissions = (organizationId: string) => {`
`117`	`117`	`queryFn:()=>`
`118`	`118`	`API.checkAuthorization({`
`119`	`119`	`checks:{`
	`120`	`+viewUsers:{`
	`121`	`+object:{`
	`122`	`+resource_type:"user",`
	`123`	`+organization_id:organizationId,`
	`124`	`+},`
	`125`	`+action:"read",`
	`126`	`+},`
	`127`	`+editUsers:{`
	`128`	`+object:{`
	`129`	`+resource_type:"user",`
	`130`	`+organization_id:organizationId,`
	`131`	`+},`
	`132`	`+action:"update",`
	`133`	`+},`
`120`	`134`	`createGroup:{`
`121`	`135`	`object:{`
`122`	`136`	`resource_type:"group",`
`123`	`137`	`organization_id:organizationId,`
`124`	`138`	`},`
`125`	`139`	`action:"create",`
`126`	`140`	`},`
	`141`	`+viewGroups:{`
	`142`	`+object:{`
	`143`	`+resource_type:"group",`
	`144`	`+organization_id:organizationId,`
	`145`	`+},`
	`146`	`+action:"read",`
	`147`	`+},`
	`148`	`+editOrganization:{`
	`149`	`+object:{`
	`150`	`+resource_type:"organization",`
	`151`	`+organization_id:organizationId,`
	`152`	`+},`
	`153`	`+action:"update",`
	`154`	`+},`
	`155`	`+auditOrganization:{`
	`156`	`+object:{`
	`157`	`+resource_type:"audit_log",`
	`158`	`+organization_id:organizationId,`
	`159`	`+},`
	`160`	`+action:"read",`
	`161`	`+},`
`127`	`162`	`},`
`128`	`163`	`}),`
`129`	`164`	`};`

`‎site/src/contexts/auth/permissions.tsx`

Lines changed: 30 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -6,10 +6,14 @@ export const checks = {`
`6`	`6`	`createAnyTemplate:"createAnyTemplate",`
`7`	`7`	`updateAllTemplates:"updateAllTemplates",`
`8`	`8`	`viewDeploymentValues:"viewDeploymentValues",`
	`9`	`+editDeploymentValues:"editDeploymentValues",`
`9`	`10`	`viewUpdateCheck:"viewUpdateCheck",`
`10`	`11`	`viewExternalAuthConfig:"viewExternalAuthConfig",`
`11`	`12`	`viewDeploymentStats:"viewDeploymentStats",`
`12`	`13`	`editWorkspaceProxies:"editWorkspaceProxies",`
	`14`	`+createOrganization:"createOrganization",`
	`15`	`+editAnyOrganization:"editAnyOrganization",`
	`16`	`+viewAnyGroup:"viewAnyGroup",`
`13`	`17`	`}asconst;`
`14`	`18`
`15`	`19`	`exportconstpermissionsToCheck={`
`@@ -57,6 +61,12 @@ export const permissionsToCheck = {`
`57`	`61`	`},`
`58`	`62`	`action:"read",`
`59`	`63`	`},`
	`64`	`+[checks.editDeploymentValues]:{`
	`65`	`+object:{`
	`66`	`+resource_type:"deployment_config",`
	`67`	`+},`
	`68`	`+action:"update",`
	`69`	`+},`
`60`	`70`	`[checks.viewUpdateCheck]:{`
`61`	`71`	`object:{`
`62`	`72`	`resource_type:"deployment_config",`
`@@ -81,6 +91,26 @@ export const permissionsToCheck = {`
`81`	`91`	`},`
`82`	`92`	`action:"create",`
`83`	`93`	`},`
	`94`	`+[checks.createOrganization]:{`
	`95`	`+object:{`
	`96`	`+resource_type:"organization",`
	`97`	`+},`
	`98`	`+action:"create",`
	`99`	`+},`
	`100`	`+[checks.editAnyOrganization]:{`
	`101`	`+object:{`
	`102`	`+resource_type:"organization",`
	`103`	`+any_org:true,`
	`104`	`+},`
	`105`	`+action:"update",`
	`106`	`+},`
	`107`	`+[checks.viewAnyGroup]:{`
	`108`	`+object:{`
	`109`	`+resource_type:"group",`
	`110`	`+org_id:"any",`
	`111`	`+},`
	`112`	`+action:"read",`
	`113`	`+},`
`84`	`114`	`}asconst;`
`85`	`115`
`86`	`116`	`exporttypePermissions=Record<keyoftypeofpermissionsToCheck,boolean>;`

`‎site/src/modules/dashboard/Navbar/Navbar.tsx`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,7 @@ export const Navbar: FC = () => {`
`19`	`19`	`featureVisibility.audit_log&&Boolean(permissions.viewAnyAuditLog);`
`20`	`20`	`constcanViewDeployment=Boolean(permissions.viewDeploymentValues);`
`21`	`21`	`constcanViewOrganizations=`
	`22`	`+Boolean(permissions.editAnyOrganization)&&`
`22`	`23`	`featureVisibility.multiple_organizations&&`
`23`	`24`	`experiments.includes("multi-organization");`
`24`	`25`	`constcanViewAllUsers=Boolean(permissions.viewAllUsers);`

`‎site/src/pages/DeploySettingsPage/DeploySettingsLayout.tsx`

Lines changed: 10 additions & 14 deletions

Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@ import { ManagementSettingsLayout } from "pages/ManagementSettingsPage/Managemen`
`14`	`14`	`import{Sidebar}from"./Sidebar";`
`15`	`15`
`16`	`16`	`typeDeploySettingsContextValue={`
`17`		`-deploymentValues:DeploymentConfig;`
	`17`	`+deploymentValues:DeploymentConfig\|undefined;`
`18`	`18`	`};`
`19`	`19`
`20`	`20`	`exportconstDeploySettingsContext=createContext<`
`@@ -55,19 +55,15 @@ const DeploySettingsLayoutInner: FC = () => {`
`55`	`55`	`<Stackcss={{padding:"48px 0"}}direction="row"spacing={6}>`
`56`	`56`	`<Sidebar/>`
`57`	`57`	`<maincss={{maxWidth:800,width:"100%"}}>`
`58`		`-{deploymentConfigQuery.data ?(`
`59`		`-<DeploySettingsContext.Provider`
`60`		`-value={{`
`61`		`-deploymentValues:deploymentConfigQuery.data,`
`62`		`-}}`
`63`		`->`
`64`		`-<Suspensefallback={<Loader/>}>`
`65`		`-<Outlet/>`
`66`		`-</Suspense>`
`67`		`-</DeploySettingsContext.Provider>`
`68`		`-) :(`
`69`		`-<Loader/>`
`70`		`-)}`
	`58`	`+<DeploySettingsContext.Provider`
	`59`	`+value={{`
	`60`	`+deploymentValues:deploymentConfigQuery.data,`
	`61`	`+}}`
	`62`	`+>`
	`63`	`+<Suspensefallback={<Loader/>}>`
	`64`	`+<Outlet/>`
	`65`	`+</Suspense>`
	`66`	`+</DeploySettingsContext.Provider>`
`71`	`67`	`</main>`
`72`	`68`	`</Stack>`
`73`	`69`	`</Margins>`

`‎site/src/pages/DeploySettingsPage/ExternalAuthSettingsPage/ExternalAuthSettingsPage.tsx`

Lines changed: 6 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`importtype{FC}from"react";`
`2`	`2`	`import{Helmet}from"react-helmet-async";`
	`3`	`+import{Loader}from"components/Loader/Loader";`
`3`	`4`	`import{pageTitle}from"utils/page";`
`4`	`5`	`import{useDeploySettings}from"../DeploySettingsLayout";`
`5`	`6`	`import{ExternalAuthSettingsPageView}from"./ExternalAuthSettingsPageView";`
`@@ -13,7 +14,11 @@ const ExternalAuthSettingsPage: FC = () => {`
`13`	`14`	`<title>{pageTitle("External Authentication Settings")}</title>`
`14`	`15`	`</Helmet>`
`15`	`16`
`16`		`-<ExternalAuthSettingsPageViewconfig={deploymentValues.config}/>`
	`17`	`+{deploymentValues ?(`
	`18`	`+<ExternalAuthSettingsPageViewconfig={deploymentValues.config}/>`
	`19`	`+) :(`
	`20`	`+<Loader/>`
	`21`	`+)}`
`17`	`22`	`</>`
`18`	`23`	`);`
`19`	`24`	`};`

`‎site/src/pages/DeploySettingsPage/GeneralSettingsPage/GeneralSettingsPage.tsx`

Lines changed: 13 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,7 @@ import { useQuery } from "react-query";`
`4`	`4`	`import{deploymentDAUs}from"api/queries/deployment";`
`5`	`5`	`import{entitlements}from"api/queries/entitlements";`
`6`	`6`	`import{availableExperiments,experiments}from"api/queries/experiments";`
	`7`	`+import{Loader}from"components/Loader/Loader";`
`7`	`8`	`import{useEmbeddedMetadata}from"hooks/useEmbeddedMetadata";`
`8`	`9`	`import{pageTitle}from"utils/page";`
`9`	`10`	`import{useDeploySettings}from"../DeploySettingsLayout";`
`@@ -29,14 +30,18 @@ const GeneralSettingsPage: FC = () => {`
`29`	`30`	`<Helmet>`
`30`	`31`	`<title>{pageTitle("General Settings")}</title>`
`31`	`32`	`</Helmet>`
`32`		`-<GeneralSettingsPageView`
`33`		`-deploymentOptions={deploymentValues.options}`
`34`		`-deploymentDAUs={deploymentDAUsQuery.data}`
`35`		`-deploymentDAUsError={deploymentDAUsQuery.error}`
`36`		`-entitlements={entitlementsQuery.data}`
`37`		`-invalidExperiments={invalidExperiments}`
`38`		`-safeExperiments={safeExperiments}`
`39`		`-/>`
	`33`	`+{deploymentValues ?(`
	`34`	`+<GeneralSettingsPageView`
	`35`	`+deploymentOptions={deploymentValues.options}`
	`36`	`+deploymentDAUs={deploymentDAUsQuery.data}`
	`37`	`+deploymentDAUsError={deploymentDAUsQuery.error}`
	`38`	`+entitlements={entitlementsQuery.data}`
	`39`	`+invalidExperiments={invalidExperiments}`
	`40`	`+safeExperiments={safeExperiments}`
	`41`	`+/>`
	`42`	`+) :(`
	`43`	`+<Loader/>`
	`44`	`+)}`
`40`	`45`	`</>`
`41`	`46`	`);`
`42`	`47`	`};`

`‎site/src/pages/DeploySettingsPage/NetworkSettingsPage/NetworkSettingsPage.tsx`

Lines changed: 6 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`importtype{FC}from"react";`
`2`	`2`	`import{Helmet}from"react-helmet-async";`
	`3`	`+import{Loader}from"components/Loader/Loader";`
`3`	`4`	`import{pageTitle}from"utils/page";`
`4`	`5`	`import{useDeploySettings}from"../DeploySettingsLayout";`
`5`	`6`	`import{NetworkSettingsPageView}from"./NetworkSettingsPageView";`
`@@ -13,7 +14,11 @@ const NetworkSettingsPage: FC = () => {`
`13`	`14`	`<title>{pageTitle("Network Settings")}</title>`
`14`	`15`	`</Helmet>`
`15`	`16`
`16`		`-<NetworkSettingsPageViewoptions={deploymentValues.options}/>`
	`17`	`+{deploymentValues ?(`
	`18`	`+<NetworkSettingsPageViewoptions={deploymentValues.options}/>`
	`19`	`+) :(`
	`20`	`+<Loader/>`
	`21`	`+)}`
`17`	`22`	`</>`
`18`	`23`	`);`
`19`	`24`	`};`

`‎site/src/pages/DeploySettingsPage/ObservabilitySettingsPage/ObservabilitySettingsPage.tsx`

Lines changed: 9 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`importtype{FC}from"react";`
`2`	`2`	`import{Helmet}from"react-helmet-async";`
	`3`	`+import{Loader}from"components/Loader/Loader";`
`3`	`4`	`import{useDashboard}from"modules/dashboard/useDashboard";`
`4`	`5`	`import{pageTitle}from"utils/page";`
`5`	`6`	`import{useDeploySettings}from"../DeploySettingsLayout";`
`@@ -15,10 +16,14 @@ const ObservabilitySettingsPage: FC = () => {`
`15`	`16`	`<title>{pageTitle("Observability Settings")}</title>`
`16`	`17`	`</Helmet>`
`17`	`18`
`18`		`-<ObservabilitySettingsPageView`
`19`		`-options={deploymentValues.options}`
`20`		`-featureAuditLogEnabled={entitlements.features["audit_log"].enabled}`
`21`		`-/>`
	`19`	`+{deploymentValues ?(`
	`20`	`+<ObservabilitySettingsPageView`
	`21`	`+options={deploymentValues.options}`
	`22`	`+featureAuditLogEnabled={entitlements.features["audit_log"].enabled}`
	`23`	`+/>`
	`24`	`+) :(`
	`25`	`+<Loader/>`
	`26`	`+)}`
`22`	`27`	`</>`
`23`	`28`	`);`
`24`	`29`	`};`

`‎site/src/pages/DeploySettingsPage/SecuritySettingsPage/SecuritySettingsPage.tsx`

Lines changed: 11 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`importtype{FC}from"react";`
`2`	`2`	`import{Helmet}from"react-helmet-async";`
	`3`	`+import{Loader}from"components/Loader/Loader";`
`3`	`4`	`import{useDashboard}from"modules/dashboard/useDashboard";`
`4`	`5`	`import{pageTitle}from"utils/page";`
`5`	`6`	`import{useDeploySettings}from"../DeploySettingsLayout";`
`@@ -15,12 +16,16 @@ const SecuritySettingsPage: FC = () => {`
`15`	`16`	`<title>{pageTitle("Security Settings")}</title>`
`16`	`17`	`</Helmet>`
`17`	`18`
`18`		`-<SecuritySettingsPageView`
`19`		`-options={deploymentValues.options}`
`20`		`-featureBrowserOnlyEnabled={`
`21`		`-entitlements.features["browser_only"].enabled`
`22`		`-}`
`23`		`-/>`
	`19`	`+{deploymentValues ?(`
	`20`	`+<SecuritySettingsPageView`
	`21`	`+options={deploymentValues.options}`
	`22`	`+featureBrowserOnlyEnabled={`
	`23`	`+entitlements.features["browser_only"].enabled`
	`24`	`+}`
	`25`	`+/>`
	`26`	`+) :(`
	`27`	`+<Loader/>`
	`28`	`+)}`
`24`	`29`	`</>`
`25`	`30`	`);`
`26`	`31`	`};`

`‎site/src/pages/DeploySettingsPage/UserAuthSettingsPage/UserAuthSettingsPage.tsx`

Lines changed: 6 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`importtype{FC}from"react";`
`2`	`2`	`import{Helmet}from"react-helmet-async";`
	`3`	`+import{Loader}from"components/Loader/Loader";`
`3`	`4`	`import{pageTitle}from"utils/page";`
`4`	`5`	`import{useDeploySettings}from"../DeploySettingsLayout";`
`5`	`6`	`import{UserAuthSettingsPageView}from"./UserAuthSettingsPageView";`
`@@ -13,7 +14,11 @@ const UserAuthSettingsPage: FC = () => {`
`13`	`14`	`<title>{pageTitle("User Authentication Settings")}</title>`
`14`	`15`	`</Helmet>`
`15`	`16`
`16`		`-<UserAuthSettingsPageViewoptions={deploymentValues.options}/>`
	`17`	`+{deploymentValues ?(`
	`18`	`+<UserAuthSettingsPageViewoptions={deploymentValues.options}/>`
	`19`	`+) :(`
	`20`	`+<Loader/>`
	`21`	`+)}`
`17`	`22`	`</>`
`18`	`23`	`);`
`19`	`24`	`};`

`‎site/src/pages/ManagementSettingsPage/ManagementSettingsLayout.tsx`

Lines changed: 34 additions & 27 deletions

Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ import { DeploySettingsContext } from "../DeploySettingsPage/DeploySettingsLayou`
`16`	`16`	`import{Sidebar}from"./Sidebar";`
`17`	`17`
`18`	`18`	`typeOrganizationSettingsContextValue={`
`19`		`-organizations:Organization[];`
	`19`	`+organizations:Organization[]\|undefined;`
`20`	`20`	`};`
`21`	`21`
`22`	`22`	`constOrganizationSettingsContext=createContext<`
`@@ -37,7 +37,14 @@ export const ManagementSettingsLayout: FC = () => {`
`37`	`37`	`const{ permissions}=useAuthenticated();`
`38`	`38`	`const{ experiments}=useDashboard();`
`39`	`39`	`constfeats=useFeatureVisibility();`
`40`		`-constdeploymentConfigQuery=useQuery(deploymentConfig());`
	`40`	`+constdeploymentConfigQuery=useQuery({`
	`41`	`+ ...deploymentConfig(),`
	`42`	`+// TODO: This is probably normally fine because we will not show links to`
	`43`	`+// pages that need this data, but if you manually visit the page you`
	`44`	`+// will see an endless loader when maybe we should show a "permission`
	`45`	`+// denied" error or at least a 404 instead.`
	`46`	`+enabled:permissions.viewDeploymentValues,`
	`47`	`+});`
`41`	`48`	`constorganizationsQuery=useQuery(organizations());`
`42`	`49`
`43`	`50`	`constcanViewOrganizations=`
`@@ -47,34 +54,34 @@ export const ManagementSettingsLayout: FC = () => {`
`47`	`54`	`return<NotFoundPage/>;`
`48`	`55`	`}`
`49`	`56`
	`57`	`+// The deployment settings page also contains users, audit logs, groups and`
	`58`	`+// organizations, so this page must be visible if you can see any of these.`
	`59`	`+constcanViewDeploymentSettingsPage=`
	`60`	`+permissions.viewDeploymentValues\|\|`
	`61`	`+permissions.viewAllUsers\|\|`
	`62`	`+permissions.editAnyOrganization\|\|`
	`63`	`+permissions.viewAnyAuditLog;`
	`64`	`+`
`50`	`65`	`return(`
`51`		`-<RequirePermissionisFeatureVisible={permissions.viewDeploymentValues}>`
	`66`	`+<RequirePermissionisFeatureVisible={canViewDeploymentSettingsPage}>`
`52`	`67`	`<Margins>`
`53`	`68`	`<Stackcss={{padding:"48px 0"}}direction="row"spacing={6}>`
`54`		`-{organizationsQuery.data ?(`
`55`		`-<OrganizationSettingsContext.Provider`
`56`		`-value={{organizations:organizationsQuery.data}}`
`57`		`->`
`58`		`-<Sidebar/>`
`59`		`-<maincss={{width:"100%"}}>`
`60`		`-{deploymentConfigQuery.data ?(`
`61`		`-<DeploySettingsContext.Provider`
`62`		`-value={{`
`63`		`-deploymentValues:deploymentConfigQuery.data,`
`64`		`-}}`
`65`		`->`
`66`		`-<Suspensefallback={<Loader/>}>`
`67`		`-<Outlet/>`
`68`		`-</Suspense>`
`69`		`-</DeploySettingsContext.Provider>`
`70`		`-) :(`
`71`		`-<Loader/>`
`72`		`-)}`
`73`		`-</main>`
`74`		`-</OrganizationSettingsContext.Provider>`
`75`		`-) :(`
`76`		`-<Loader/>`
`77`		`-)}`
	`69`	`+<OrganizationSettingsContext.Provider`
	`70`	`+value={{organizations:organizationsQuery.data}}`
	`71`	`+>`
	`72`	`+<Sidebar/>`
	`73`	`+<maincss={{width:"100%"}}>`
	`74`	`+<DeploySettingsContext.Provider`
	`75`	`+value={{`
	`76`	`+deploymentValues:deploymentConfigQuery.data,`
	`77`	`+}}`
	`78`	`+>`
	`79`	`+<Suspensefallback={<Loader/>}>`
	`80`	`+<Outlet/>`
	`81`	`+</Suspense>`
	`82`	`+</DeploySettingsContext.Provider>`
	`83`	`+</main>`
	`84`	`+</OrganizationSettingsContext.Provider>`
`78`	`85`	`</Stack>`
`79`	`86`	`</Margins>`
`80`	`87`	`</RequirePermission>`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitf6dfce0

File tree

15 files changed

15 files changed

`‎site/src/api/queries/organizations.ts`

`‎site/src/contexts/auth/permissions.tsx`

`‎site/src/modules/dashboard/Navbar/Navbar.tsx`

`‎site/src/pages/DeploySettingsPage/DeploySettingsLayout.tsx`

`‎site/src/pages/DeploySettingsPage/ExternalAuthSettingsPage/ExternalAuthSettingsPage.tsx`

`‎site/src/pages/DeploySettingsPage/GeneralSettingsPage/GeneralSettingsPage.tsx`

`‎site/src/pages/DeploySettingsPage/NetworkSettingsPage/NetworkSettingsPage.tsx`

`‎site/src/pages/DeploySettingsPage/ObservabilitySettingsPage/ObservabilitySettingsPage.tsx`

`‎site/src/pages/DeploySettingsPage/SecuritySettingsPage/SecuritySettingsPage.tsx`

`‎site/src/pages/DeploySettingsPage/UserAuthSettingsPage/UserAuthSettingsPage.tsx`

`‎site/src/pages/ManagementSettingsPage/ManagementSettingsLayout.tsx`

0 commit comments