Influxdata
/
chronograf
mirror of https://github.com/influxdata/chronograf.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

feat(ui): reuse permission logic

pull/5923/head
Pavel Zavora 2022-05-31 15:15:44 +02:00
parent eb472573f2
commit e9f4b2a437
3 changed files with 39 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ui/src/admin/containers/influxdb/UserPage.tsx
View File

@ -20,10 +20,10 @@ import {useEffect} from 'react'
import {useCallback} from 'react'
import {PERMISSIONS} from 'src/shared/constants'
import {
computeUserPermissions,
computeUserPermissionsChange,
computePermissions,
computePermissionsChange,
toUserPermissions,
} from './util/userPermissions'
} from './util/permissions'
const FAKE_USER: User = {
name: '',
@ -150,7 +150,7 @@ const UserPage = ({
() => [
serverPermissions.find(x => x.scope === 'database')?.allowed || [],
serverPermissions.find(x => x.scope === 'all')?.allowed || [],
computeUserPermissions(user, isEnterprise),
computePermissions(user, isEnterprise),
],
[serverPermissions, user, isEnterprise]
)
@ -165,7 +165,7 @@ const UserPage = ({
const db = (e.target as HTMLElement).dataset.db
const perm = (e.target as HTMLElement).dataset.perm
setChangedPermissions(
computeUserPermissionsChange(
computePermissionsChange(
db,
perm,
userDBPermissions,

30
ui/src/admin/containers/influxdb/util/userPermissions.ts → ui/src/admin/containers/influxdb/util/permissions.ts
View File

@ -1,17 +1,17 @@
import {User, UserPermission} from 'src/types/influxAdmin'
import {User, UserPermission, UserRole} from 'src/types/influxAdmin'
/** Record with databases as keys and values being a record of granted permissions or permission changes */
export type UserDBPermissions = Record<string, Record<string, boolean>>
export type PerDBPermissions = Record<string, Record<string, boolean>>
/**
* ComputeUserPermissions creates a record of user's database permissions.
* @param user infludb user
* ComputePermissions creates a record of permissions per database.
* @param entity infludb user or role
* @param isEnterprise enteprise InfluxDB flag means that all-scoped permissions are mapped to an extra '' database.
*/
export function computeUserPermissions(
user: User,
export function computePermissions(
user: User | UserRole,
isEnterprise: boolean
): UserDBPermissions {
): PerDBPermissions {
return user.permissions.reduce((acc, perm) => {
if (!isEnterprise && perm.scope !== 'database') {
return acc // do not include all permissions in OSS, they have separate administration
@ -24,16 +24,16 @@ export function computeUserPermissions(
}
/**
* ComputeUserPermissionsChange computes changes in user permissions
* for a specific db and permission, having original user permission
* ComputePermissionsChange computes changes in permissions
* after toggling a specific db and permission, having original user permission
* and a set of already performed changes.
*/
export function computeUserPermissionsChange(
export function computePermissionsChange(
db: string,
perm: string,
userPermissions: UserDBPermissions,
changedPermissions: UserDBPermissions
): UserDBPermissions {
userPermissions: PerDBPermissions,
changedPermissions: PerDBPermissions
): PerDBPermissions {
const origState = userPermissions[db]?.[perm]
const {[db]: changedDB, ...otherDBs} = changedPermissions
if (changedDB === undefined) {
@ -66,8 +66,8 @@ export function computeUserPermissionsChange(
* appended to supplied user permissions.
*/
export function toUserPermissions(
userPermissions: UserDBPermissions,
changedPermissions: UserDBPermissions,
userPermissions: PerDBPermissions,
changedPermissions: PerDBPermissions,
appendAfter: UserPermission[] = []
): UserPermission[] {
const newUserPermisssions = {...userPermissions}

44
ui/test/admin/containers/influxdb/util/userPermissions.test.ts → ui/test/admin/containers/influxdb/util/permissions.test.ts
View File

@ -1,19 +1,19 @@
import {
computeUserPermissions,
computeUserPermissionsChange,
computePermissions,
computePermissionsChange,
toUserPermissions,
} from 'src/admin/containers/influxdb/util/userPermissions'
} from 'src/admin/containers/influxdb/util/permissions'
import {User, UserPermission} from 'src/types/influxAdmin'
const redundantUserProperties: Pick<User, 'roles' | 'links'> = {
roles: [],
links: {self: ''},
}
describe('admin/containers/influxdb/util/userPermissions', () => {
describe('admin/containers/influxdb/util/permissions', () => {
describe('computeUserDBPermissions', () => {
it('computes no permissions', () => {
;[true, false].forEach(isEnterprise =>
expect(
computeUserPermissions(
computePermissions(
{
name: 'a',
permissions: [],
@ -26,7 +26,7 @@ describe('admin/containers/influxdb/util/userPermissions', () => {
})
it('includes only database permissions for OSS', () => {
expect(
computeUserPermissions(
computePermissions(
{
name: 'a',
permissions: [
@ -42,7 +42,7 @@ describe('admin/containers/influxdb/util/userPermissions', () => {
})
it('includes extra database for Enterprise all-scoped permissions', () => {
expect(
computeUserPermissions(
computePermissions(
{
name: 'a',
permissions: [
@ -60,66 +60,60 @@ describe('admin/containers/influxdb/util/userPermissions', () => {
describe('computeUserPermissionsChange', () => {
const userPerms = {db1: {Write: true}}
it('toggles new db permission', () => {
expect(
computeUserPermissionsChange('db2', 'Read', userPerms, {})
).toEqual({
expect(computePermissionsChange('db2', 'Read', userPerms, {})).toEqual({
db2: {Read: true},
})
expect(
computeUserPermissionsChange('db2', 'Read', userPerms, {
computePermissionsChange('db2', 'Read', userPerms, {
db2: {Read: true},
})
).toEqual({})
expect(
computeUserPermissionsChange('db2', 'Read', userPerms, {db3: {A: true}})
computePermissionsChange('db2', 'Read', userPerms, {db3: {A: true}})
).toEqual({
db2: {Read: true},
db3: {A: true},
})
expect(
computeUserPermissionsChange('db2', 'Read', userPerms, {
computePermissionsChange('db2', 'Read', userPerms, {
db2: {Read: true},
db3: {A: true},
})
).toEqual({db3: {A: true}})
})
it('toggles existing db new permission', () => {
expect(
computeUserPermissionsChange('db1', 'Read', userPerms, {})
).toEqual({
expect(computePermissionsChange('db1', 'Read', userPerms, {})).toEqual({
db1: {Read: true},
})
expect(
computeUserPermissionsChange('db1', 'Read', userPerms, {
computePermissionsChange('db1', 'Read', userPerms, {
db1: {Read: true},
})
).toEqual({})
expect(
computeUserPermissionsChange('db1', 'Read', userPerms, {db3: {A: true}})
computePermissionsChange('db1', 'Read', userPerms, {db3: {A: true}})
).toEqual({
db1: {Read: true},
db3: {A: true},
})
expect(
computeUserPermissionsChange('db1', 'Read', userPerms, {
computePermissionsChange('db1', 'Read', userPerms, {
db1: {Read: true},
db3: {A: true},
})
).toEqual({db3: {A: true}})
})
it('toggles existing db existing permission', () => {
expect(
computeUserPermissionsChange('db1', 'Write', userPerms, {})
).toEqual({
expect(computePermissionsChange('db1', 'Write', userPerms, {})).toEqual({
db1: {Write: false},
})
expect(
computeUserPermissionsChange('db1', 'Write', userPerms, {
computePermissionsChange('db1', 'Write', userPerms, {
db1: {Write: false},
})
).toEqual({})
expect(
computeUserPermissionsChange('db1', 'Write', userPerms, {
computePermissionsChange('db1', 'Write', userPerms, {
db3: {A: true},
})
).toEqual({
@ -127,7 +121,7 @@ describe('admin/containers/influxdb/util/userPermissions', () => {
db3: {A: true},
})
expect(
computeUserPermissionsChange('db1', 'Write', userPerms, {
computePermissionsChange('db1', 'Write', userPerms, {
db1: {Write: false},
db3: {A: true},
})