diff --git a/ui/packages/consul-ui/app/components/topology-metrics/index.js b/ui/packages/consul-ui/app/components/topology-metrics/index.js
index 9d6c2c8d8..d7d17236f 100644
--- a/ui/packages/consul-ui/app/components/topology-metrics/index.js
+++ b/ui/packages/consul-ui/app/components/topology-metrics/index.js
@@ -69,9 +69,9 @@ export default class TopologyMetrics extends Component {
get upstreams() {
const upstreams = get(this.args.topology, 'Upstreams') || [];
const items = [...upstreams];
- const defaultAllow = get(this.args.topology, 'DefaultAllow');
- const wildcardIntention = get(this.args.topology, 'WildcardIntention');
- if (defaultAllow || wildcardIntention) {
+ const defaultACLPolicy = get(this.args.dc, 'DefaultACLPolicy');
+ const wildcardIntention = get(this.args.topology, 'wildcardIntention');
+ if (defaultACLPolicy === 'allow' || wildcardIntention) {
items.push({
Name: '* (All Services)',
Datacenter: '',
diff --git a/ui/packages/consul-ui/app/helpers/collapsible-notices.js b/ui/packages/consul-ui/app/helpers/collapsible-notices.js
new file mode 100644
index 000000000..e9e8925e2
--- /dev/null
+++ b/ui/packages/consul-ui/app/helpers/collapsible-notices.js
@@ -0,0 +1,9 @@
+import { helper } from '@ember/component/helper';
+
+export function collapsibleNotices(params, hash) {
+ // This filter will only return truthy items
+ const noticesCount = params.filter(Boolean).length;
+ return noticesCount > 2;
+}
+
+export default helper(collapsibleNotices);
diff --git a/ui/packages/consul-ui/app/models/topology.js b/ui/packages/consul-ui/app/models/topology.js
index 984663b64..e465a6268 100644
--- a/ui/packages/consul-ui/app/models/topology.js
+++ b/ui/packages/consul-ui/app/models/topology.js
@@ -14,8 +14,6 @@ export default class Topology extends Model {
@attr('string') Protocol;
@attr('boolean') FilteredByACLs;
@attr('boolean') TransparentProxy;
- @attr('boolean') DefaultAllow;
- @attr('boolean') WildcardIntention;
@attr() Upstreams; // Service[]
@attr() Downstreams; // Service[],
@attr() meta; // {}
@@ -33,14 +31,19 @@ export default class Topology extends Model {
return undefinedDownstream;
}
- @computed('FilteredByACL', 'DefaultAllow', 'WildcardIntention', 'notDefinedIntention')
- get collapsible() {
- if (this.DefaultAllow && this.FilteredByACLs && this.notDefinedIntention) {
- return true;
- } else if (this.WildcardIntention && this.FilteredByACLs && this.notDefinedIntention) {
- return true;
- }
+ @computed('Downstreams', 'Upstreams')
+ // A service has a wildcard intention if `Allowed == true` and `HasExact = false`
+ // The Permissive Intention notice appears if at least one upstream or downstream has
+ // a wildcard intention
+ get wildcardIntention() {
+ const downstreamWildcard =
+ this.Downstreams.filter(item => !item.Intention.HasExact && item.Intention.Allowed).length !==
+ 0;
- return false;
+ const upstreamWildcard =
+ this.Upstreams.filter(item => !item.Intention.HasExact && item.Intention.Allowed).length !==
+ 0;
+
+ return downstreamWildcard || upstreamWildcard;
}
}
diff --git a/ui/packages/consul-ui/app/templates/dc/services/show/topology.hbs b/ui/packages/consul-ui/app/templates/dc/services/show/topology.hbs
index 28fbe8af6..9a37e5a6f 100644
--- a/ui/packages/consul-ui/app/templates/dc/services/show/topology.hbs
+++ b/ui/packages/consul-ui/app/templates/dc/services/show/topology.hbs
@@ -27,7 +27,7 @@ as |route|>
loader.data
as |nspace dc items topology|}}
- {{#if (and (eq topology.Upstreams.length 0) (eq topology.Downstreams.length 0) (not topology.DefaultAllow) (not topology.WildcardIntention))}}
+ {{#if (and (eq topology.Upstreams.length 0) (eq topology.Downstreams.length 0) (not-eq dc.DefaultACLPolicy 'allow') (not topology.wildcardIntention))}}
@@ -46,84 +46,47 @@ as |nspace dc items topology|}}
{{else}}
- {{#if topology.collapsible}}
-
- {{#if topology.FilteredByACLs}}
-
- {{/if}}
- {{#if topology.DefaultAllow}}
-
- {{/if}}
- {{#if topology.WildcardIntention}}
-
- {{/if}}
- {{#if topology.notDefinedIntention}}
-
- {{/if}}
-
- {{else}}
- {{#if topology.FilteredByACLs}}
-
- {{/if}}
- {{#if topology.DefaultAllow}}
-
- {{/if}}
- {{#if topology.WildcardIntention}}
-
- {{/if}}
- {{#if topology.notDefinedIntention}}
-
- {{/if}}
- {{/if}}
+ {{#let (collapsible-notices topology.FilteredByACLs (eq dc.DefaultACLPolicy 'allow') topology.wildcardIntention topology.notDefinedIntention) as |collapsible| }}
+
+ {{#if topology.FilteredByACLs}}
+
+ {{/if}}
+ {{#if (eq dc.DefaultACLPolicy 'allow')}}
+
+ {{/if}}
+ {{#if topology.wildcardIntention}}
+
+ {{/if}}
+ {{#if topology.notDefinedIntention}}
+
+ {{/if}}
+
+ {{/let}}
{
diff --git a/ui/packages/consul-ui/tests/acceptance/dc/services/show/topology/tproxy.feature b/ui/packages/consul-ui/tests/acceptance/dc/services/show/topology/tproxy.feature
index 741de618c..270d46d6a 100644
--- a/ui/packages/consul-ui/tests/acceptance/dc/services/show/topology/tproxy.feature
+++ b/ui/packages/consul-ui/tests/acceptance/dc/services/show/topology/tproxy.feature
@@ -18,14 +18,25 @@ Feature: dc / services / show / topology / tproxy
Name: web
Kind: ~
---
- Scenario: Deafult allow is set to true
+ Scenario: Default allow is set to true
Given 1 topology model from yaml
---
FilteredByACLs: false
TransparentProxy: false
- DefaultAllow: true
- WildcardIntention: false
+ Downstreams:
+ - Name: db-1
+ Namespace: default
+ Datacenter: datacenter
+ Intention:
+ Allowed: false
+ Upstreams:
+ - Name: db-2
+ Namespace: default
+ Datacenter: datacenter
+ Intention:
+ Allowed: false
---
+ And the default ACL policy is "allow"
When I visit the service page for yaml
---
dc: datacenter
@@ -33,13 +44,24 @@ Feature: dc / services / show / topology / tproxy
---
Then the url should be /datacenter/services/web/topology
And I see the tabs.topologyTab.defaultAllowNotice object
- Scenario: WildcardIntetions and FilteredByACLs are set to true
+ Scenario: A Downstream service has a wildcard intention
Given 1 topology model from yaml
---
FilteredByACLs: true
TransparentProxy: false
- DefaultAllow: false
- WildcardIntention: true
+ Downstreams:
+ - Name: db-1
+ Namespace: default
+ Datacenter: datacenter
+ Intention:
+ Allowed: true
+ HasExact: false
+ Upstreams:
+ - Name: db-2
+ Namespace: default
+ Datacenter: datacenter
+ Intention:
+ Allowed: false
---
When I visit the service page for yaml
---
diff --git a/ui/packages/consul-ui/tests/steps/doubles/model.js b/ui/packages/consul-ui/tests/steps/doubles/model.js
index 68277239c..65b11a114 100644
--- a/ui/packages/consul-ui/tests/steps/doubles/model.js
+++ b/ui/packages/consul-ui/tests/steps/doubles/model.js
@@ -38,6 +38,9 @@ export default function(scenario, create, set, win = window, doc = document) {
.given(['ACLs are disabled'], function() {
doc.cookie = `CONSUL_ACLS_ENABLE=0`;
})
+ .given(['the default ACL policy is "$policy"'], function(policy) {
+ set('CONSUL_ACL_POLICY', policy);
+ })
.given(['a "$value" metrics provider'], function(value) {
doc.cookie = `CONSUL_METRICS_PROXY_ENABLE=1`;
doc.cookie = `CONSUL_METRICS_PROVIDER=${value}`;