ui: Remove KV pre-flight auth check (#11968)

* ui: Don't even ask whether we are authorized for a KV...

...just let the actual API tell us in the response, thin-client style.

* Add some similar commenting for previous PRs related to this problem
This commit is contained in:
John Cowen 2022-01-07 19:26:54 +00:00 committed by GitHub
parent 514e24ba9f
commit dfc0f0e40c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 31 additions and 13 deletions

3
.changelog/11968.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
ui: Temporarily remove KV pre-flight check for KV list permissions
```

View File

@ -10,6 +10,12 @@ export default class KVAbility extends BaseAbility {
} }
return resources; return resources;
} }
/**/
// Temporarily revert to pre-1.10 UI functionality by overwriting frontend
// permissions. These are used to hide certain UI elements, but they are
// still enforced on the backend.
// This temporary measure should be removed again once https://github.com/hashicorp/consul/issues/11098
// has been resolved
get canRead() { get canRead() {
return true; return true;
} }
@ -21,4 +27,5 @@ export default class KVAbility extends BaseAbility {
get canWrite() { get canWrite() {
return true; return true;
} }
/**/
} }

View File

@ -2,7 +2,7 @@ import RepositoryService from 'consul-ui/services/repository';
import isFolder from 'consul-ui/utils/isFolder'; import isFolder from 'consul-ui/utils/isFolder';
import { get } from '@ember/object'; import { get } from '@ember/object';
import { PRIMARY_KEY } from 'consul-ui/models/kv'; import { PRIMARY_KEY } from 'consul-ui/models/kv';
import { ACCESS_LIST } from 'consul-ui/abilities/base'; // import { ACCESS_LIST } from 'consul-ui/abilities/base';
import dataSource from 'consul-ui/decorators/data-source'; import dataSource from 'consul-ui/decorators/data-source';
const modelName = 'kv'; const modelName = 'kv';
@ -54,21 +54,29 @@ export default class KvService extends RepositoryService {
// this one only gives you keys // this one only gives you keys
// https://www.consul.io/api/kv.html // https://www.consul.io/api/kv.html
@dataSource('/:partition/:ns/:dc/kvs/:id') @dataSource('/:partition/:ns/:dc/kvs/:id')
findAllBySlug(params, configuration = {}) { async findAllBySlug(params, configuration = {}) {
params.separator = '/'; params.separator = '/';
if (params.id === '/') { if (params.id === '/') {
params.id = ''; params.id = '';
} }
return this.authorizeBySlug(
async () => { /**/
// Temporarily revert to pre-1.10 UI functionality by not pre-checking backend
// permissions.
// This temporary measure should be removed again once https://github.com/hashicorp/consul/issues/11098
// has been resolved
// return this.authorizeBySlug(
// async () => {
let items = await this.findAll(...arguments); let items = await this.findAll(...arguments);
const meta = items.meta; const meta = items.meta;
items = items.filter(item => params.id !== get(item, 'Key')); items = items.filter(item => params.id !== get(item, 'Key'));
items.meta = meta; items.meta = meta;
return items; return items;
}, // },
ACCESS_LIST, // ACCESS_LIST,
params // params
); // );
/**/
} }
} }