Influxdata
/
chronograf
mirror of https://github.com/influxdata/chronograf.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

chore(ui): simplify and document functions

pull/5921/head
Pavel Zavora 2022-05-27 12:24:59 +02:00
parent bfb2fcdf1b
commit ed946aa3f7
6 changed files with 52 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ui/src/admin/containers/influxdb/UserPage.tsx
View File

@ -182,11 +182,11 @@ const UserPage = ({
} }
setRunning(true) setRunning(true)
try { try {
// append to existing all-scoped permissions in OSS, they manage administrator status
const permissions = toUserPermissions( const permissions = toUserPermissions(
user,
userDBPermissions, userDBPermissions,
changedPermissions, changedPermissions,
isEnterprise isEnterprise ? [] : user.permissions.filter(x => x.scope === 'all')
) )
await updatePermissionsAsync(user, permissions) await updatePermissionsAsync(user, permissions)
} finally { } finally {

5
ui/src/admin/containers/influxdb/util/allOrParticularSelection.ts
View File

@ -1,6 +1,7 @@
/** /**
* A function that ensures that when all ('*') option is selected, * AllOrParticularSelection function ensures that when all ('*') option is selected,
* particular options get de-selected and vice versa. * particular options are de-selected, and when a particular option is selected '*'
* option is deselected.
*/ */
export default function allOrParticularSelection( export default function allOrParticularSelection(
oldVals: string[], oldVals: string[],

8
ui/src/admin/containers/influxdb/util/computeUsersEffectiveDBPermissions.ts
View File

@ -1,9 +1,9 @@
import {User} from 'src/types/influxAdmin' import {User} from 'src/types/influxAdmin'
type UserDBPermissions = Array<Array<Record<string, boolean>>> /** Array of users, with Arrays of databases containing permission records (or record changes) */
type UsersDBPermissions = Array<Array<Record<string, boolean>>>
/** /**
* Creates aeffective permissions in array for every supplied user * Creates effective user permissions as a record
* contains an array for every supplied database with a record
* that contains permission names as keys and `true` values * that contains permission names as keys and `true` values
* for every assigned permission. * for every assigned permission.
* *
@ -14,7 +14,7 @@ type UserDBPermissions = Array<Array<Record<string, boolean>>>
export default function computeUsersEffectiveDBPermissions( export default function computeUsersEffectiveDBPermissions(
users: User[], users: User[],
dbNames: string[] dbNames: string[]
): UserDBPermissions { ): UsersDBPermissions {
return users.map(u => { return users.map(u => {
const permRecord = u.permissions.reduce((acc, userPerm) => { const permRecord = u.permissions.reduce((acc, userPerm) => {
if (userPerm.scope === 'all') { if (userPerm.scope === 'all') {

70
ui/src/admin/containers/influxdb/util/userPermissions.ts
View File

@ -1,15 +1,18 @@
import {User, UserPermission} from 'src/types/influxAdmin' import {User, UserPermission} from 'src/types/influxAdmin'
/** Record with database keys and values being a record of granted permissions or permission changes */
export type UserDBPermissions = Record<string, Record<string, boolean>>
/** /**
* Create a record of user's database permissions, separated by every database that * Create a record of user's database permissions, organized by every database that
* has some granted permissions. Enteprises * has some granted permissions.
* @param user infludb user * @param user infludb user
* @param isEnterprise signalize enteprise InfluxDB, where <ALL> databases is mapped to an extra `''` database. * @param isEnterprise enteprise InfluxDB flag means that <ALL>-scoped permissions are mapped to an extra `''` database.
*/ */
export function computeUserPermissions( export function computeUserPermissions(
user: User, user: User,
isEnterprise: boolean isEnterprise: boolean
): Record<string, Record<string, boolean>> { ): UserDBPermissions {
return user.permissions.reduce((acc, perm) => { return user.permissions.reduce((acc, perm) => {
if (!isEnterprise && perm.scope !== 'database') { if (!isEnterprise && perm.scope !== 'database') {
return acc // do not include all permissions in OSS, they have separate administration return acc // do not include all permissions in OSS, they have separate administration
@ -28,9 +31,9 @@ export function computeUserPermissions(
export function computeUserPermissionsChange( export function computeUserPermissionsChange(
db: string, db: string,
perm: string, perm: string,
userPermissions: Record<string, Record<string, boolean>>, userPermissions: UserDBPermissions,
changedPermissions: Record<string, Record<string, boolean>> changedPermissions: UserDBPermissions
): Record<string, Record<string, boolean>> | undefined { ): UserDBPermissions {
const origState = userPermissions[db]?.[perm] const origState = userPermissions[db]?.[perm]
const {[db]: changedDB, ...otherDBs} = changedPermissions const {[db]: changedDB, ...otherDBs} = changedPermissions
if (changedDB === undefined) { if (changedDB === undefined) {
@ -57,11 +60,13 @@ export function computeUserPermissionsChange(
return otherDBs return otherDBs
} }
/**
* Creates server's user permissions out of existing and changed user permissions.
*/
export function toUserPermissions( export function toUserPermissions(
user: User, userPermissions: UserDBPermissions,
userPermissions: Record<string, Record<string, boolean>>, changedPermissions: UserDBPermissions,
changedPermissions: Record<string, Record<string, boolean>>, appendAfter: UserPermission[] = []
isEnterprise: boolean
): UserPermission[] { ): UserPermission[] {
const newUserPermisssions = {...userPermissions} const newUserPermisssions = {...userPermissions}
Object.entries(changedPermissions).forEach(([db, perms]) => { Object.entries(changedPermissions).forEach(([db, perms]) => {
@ -74,28 +79,23 @@ export function toUserPermissions(
newUserPermisssions[db] = {...perms} newUserPermisssions[db] = {...perms}
} }
}) })
return Object.entries(newUserPermisssions).reduce( return Object.entries(newUserPermisssions).reduce((acc, [db, permRecord]) => {
(acc, [db, permRecord]) => { const allowed = Object.entries(permRecord).reduce(
const allowed = Object.entries(permRecord).reduce( (allowedAcc, [perm, use]) => {
(allowedAcc, [perm, use]) => { if (use) {
if (use) { allowedAcc.push(perm)
allowedAcc.push(perm) }
} return allowedAcc
return allowedAcc },
}, []
[] )
) if (allowed.length) {
if (allowed.length) { acc.push({
acc.push({ scope: db ? 'database' : 'all',
scope: db ? 'database' : 'all', name: db || undefined,
name: db || undefined, allowed,
allowed, })
}) }
} return acc
return acc }, appendAfter)
},
isEnterprise
? []
: (user.permissions || []).filter(x => x.scope !== 'database')
)
} }

2
ui/test/admin/containers/influxdb/util/allOrParticularSelection.test.ts
View File

@ -1,5 +1,5 @@
import subject from 'src/admin/containers/influxdb/util/allOrParticularSelection' import subject from 'src/admin/containers/influxdb/util/allOrParticularSelection'
describe('admin/containers/influxdb/util/computeUserDBPermissions', () => { describe('admin/containers/influxdb/util/allOrParticularSelection', () => {
it('keeps simple changes as-is', () => { it('keeps simple changes as-is', () => {
expect(subject([], [])).toEqual([]) expect(subject([], [])).toEqual([])
expect(subject([], ['*'])).toEqual(['*']) expect(subject([], ['*'])).toEqual(['*'])

30
ui/test/admin/containers/influxdb/util/userPermissions.test.ts
View File

@ -3,7 +3,7 @@ import {
computeUserPermissionsChange, computeUserPermissionsChange,
toUserPermissions, toUserPermissions,
} from 'src/admin/containers/influxdb/util/userPermissions' } from 'src/admin/containers/influxdb/util/userPermissions'
import {User, UserPermission} from 'src/types/influxAdmin' import {UserPermission} from 'src/types/influxAdmin'
describe('admin/containers/influxdb/util/userPermissions', () => { describe('admin/containers/influxdb/util/userPermissions', () => {
describe('computeUserDBPermissions', () => { describe('computeUserDBPermissions', () => {
it('computes no permissions', () => { it('computes no permissions', () => {
@ -140,23 +140,12 @@ describe('admin/containers/influxdb/util/userPermissions', () => {
scope, scope,
allowed: (allowed || []).sort(), allowed: (allowed || []).sort(),
})) }))
const user: User = {
name: 'tod',
roles: [],
permissions: [
{scope: 'database', name: 'db1', allowed: ['READ']},
{scope: 'all', allowed: ['ALL']},
],
}
it('changes permissions in OSS', () => { it('changes permissions in OSS', () => {
expect( expect(
sorted( sorted(
toUserPermissions( toUserPermissions({db1: {READ: true}}, {db2: {WRITE: true}}, [
user, {scope: 'all', allowed: ['ALL']},
{db1: {READ: true}}, ])
{db2: {WRITE: true}},
false
)
) )
).toEqual([ ).toEqual([
{scope: 'all', allowed: ['ALL']}, {scope: 'all', allowed: ['ALL']},
@ -168,10 +157,9 @@ describe('admin/containers/influxdb/util/userPermissions', () => {
expect( expect(
sorted( sorted(
toUserPermissions( toUserPermissions(
user,
{db1: {READ: true}}, {db1: {READ: true}},
{db1: {READ: false}, db2: {READ: true}}, {db1: {READ: false}, db2: {READ: true}},
false [{scope: 'all', allowed: ['ALL']}]
) )
) )
).toEqual([ ).toEqual([
@ -183,10 +171,8 @@ describe('admin/containers/influxdb/util/userPermissions', () => {
expect( expect(
sorted( sorted(
toUserPermissions( toUserPermissions(
user,
{db1: {READ: true}}, {db1: {READ: true}},
{db2: {WRITE: true}, '': {Other: true}}, {db2: {WRITE: true}, '': {Other: true}}
true
) )
) )
).toEqual([ ).toEqual([
@ -199,10 +185,8 @@ describe('admin/containers/influxdb/util/userPermissions', () => {
expect( expect(
sorted( sorted(
toUserPermissions( toUserPermissions(
user,
{db1: {READ: true, WRITE: true}, '': {Other: true}}, {db1: {READ: true, WRITE: true}, '': {Other: true}},
{db1: {WRITE: false}, '': {Other: false}, db3: {Other: true}}, {db1: {WRITE: false}, '': {Other: false}, db3: {Other: true}}
true
) )
) )
).toEqual([ ).toEqual([