ui: Show the correct 'ACLs Disabled' page when ACLs are disabled (#10604)
Adds 'can access ACLs' which means one of two things 1. When ACLs are disabled I can access the 'please enable ACLs' page 2. When ACLs are enabled, its the same as canRead
This commit is contained in:
parent
398db1339b
commit
af0e6be943
|
@ -0,0 +1,3 @@
|
|||
```release-note:bug
|
||||
ui: Show ACLs disabled page at Tokens page instead of 403 error when ACLs are disabled
|
||||
```
|
|
@ -6,6 +6,12 @@ export default class ACLAbility extends BaseAbility {
|
|||
|
||||
resource = 'acl';
|
||||
segmented = false;
|
||||
// Access is very similar to read, but when ACLs are disabled you still need
|
||||
// access to ACLs in order to see the ACLs disabled page, which is accessing
|
||||
// the ACLs area, but without read
|
||||
get canAccess() {
|
||||
return this.env.var('CONSUL_ACLS_ENABLED') ? this.canRead : true;
|
||||
}
|
||||
|
||||
get canRead() {
|
||||
return this.env.var('CONSUL_ACLS_ENABLED') && super.canRead;
|
||||
|
|
|
@ -88,7 +88,7 @@
|
|||
</header>
|
||||
<div>
|
||||
{{#if (not enabled) }}
|
||||
<EmptyState>
|
||||
<EmptyState data-test-acls-disabled>
|
||||
<BlockSlot @name="header">
|
||||
<h2>Welcome to ACLs</h2>
|
||||
</BlockSlot>
|
||||
|
|
|
@ -130,7 +130,7 @@ export const routes = {
|
|||
acls: {
|
||||
_options: {
|
||||
path: '/acls',
|
||||
abilities: ['read acls'],
|
||||
abilities: ['access acls'],
|
||||
},
|
||||
edit: {
|
||||
_options: { path: '/:id' },
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
@setupApplicationTest
|
||||
Feature: dc / acls / access: ACLs Access
|
||||
Scenario: ACLs are disabled
|
||||
Given ACLs are disabled
|
||||
And 1 datacenter model with the value "dc-1"
|
||||
When I visit the tokens page for yaml
|
||||
---
|
||||
dc: dc-1
|
||||
---
|
||||
Then the url should be /dc-1/acls/tokens
|
||||
And I see the "[data-test-acls-disabled]" element
|
|
@ -0,0 +1,10 @@
|
|||
import steps from '../../steps';
|
||||
|
||||
// step definitions that are shared between features should be moved to the
|
||||
// tests/acceptance/steps/steps.js file
|
||||
|
||||
export default function(assert) {
|
||||
return steps(assert).then('I should find a file', function() {
|
||||
assert.ok(true, this.step);
|
||||
});
|
||||
}
|
|
@ -1,8 +1,10 @@
|
|||
export default function(type, value) {
|
||||
export default function(type, value, doc = document) {
|
||||
const obj = {};
|
||||
if (type !== '*') {
|
||||
let key = '';
|
||||
if (!doc.cookie.includes('CONSUL_ACLS_ENABLE=0')) {
|
||||
obj['CONSUL_ACLS_ENABLE'] = 1;
|
||||
}
|
||||
switch (type) {
|
||||
case 'dc':
|
||||
key = 'CONSUL_DATACENTER_COUNT';
|
||||
|
@ -22,7 +24,6 @@ export default function(type, value) {
|
|||
break;
|
||||
case 'acl':
|
||||
key = 'CONSUL_ACL_COUNT';
|
||||
obj['CONSUL_ACLS_ENABLE'] = 1;
|
||||
break;
|
||||
case 'session':
|
||||
key = 'CONSUL_SESSION_COUNT';
|
||||
|
@ -32,19 +33,15 @@ export default function(type, value) {
|
|||
break;
|
||||
case 'policy':
|
||||
key = 'CONSUL_POLICY_COUNT';
|
||||
obj['CONSUL_ACLS_ENABLE'] = 1;
|
||||
break;
|
||||
case 'role':
|
||||
key = 'CONSUL_ROLE_COUNT';
|
||||
obj['CONSUL_ACLS_ENABLE'] = 1;
|
||||
break;
|
||||
case 'token':
|
||||
key = 'CONSUL_TOKEN_COUNT';
|
||||
obj['CONSUL_ACLS_ENABLE'] = 1;
|
||||
break;
|
||||
case 'authMethod':
|
||||
key = 'CONSUL_AUTH_METHOD_COUNT';
|
||||
obj['CONSUL_ACLS_ENABLE'] = 1;
|
||||
break;
|
||||
case 'nspace':
|
||||
key = 'CONSUL_NSPACE_COUNT';
|
||||
|
|
|
@ -29,6 +29,9 @@ export default function(scenario, create, set, win = window, doc = document) {
|
|||
.given(['the local datacenter is "$value"'], function(value) {
|
||||
doc.cookie = `CONSUL_DATACENTER_LOCAL=${value}`;
|
||||
})
|
||||
.given(['ACLs are disabled'], function() {
|
||||
doc.cookie = `CONSUL_ACLS_ENABLE=0`;
|
||||
})
|
||||
.given(['permissions from yaml\n$yaml'], function(data) {
|
||||
Object.entries(data).forEach(([key, value]) => {
|
||||
const resource = `CONSUL_RESOURCE_${key.toUpperCase()}`;
|
||||
|
|
Loading…
Reference in New Issue