Commit Graph

31 Commits

Author SHA1 Message Date
Phil Renaud 4f457fcc14 ability rename 2022-08-29 14:31:16 -04:00
Tim Gross f6836869c5
ui: fix ability checking when anon policy is missing namespace (#14144)
ACL Policies aren't required to have any `namespace` blocks, and this is
particularly common with the anonymous policy. If a user visits the web UI
without a token already in their local storage and the anonymous policy has no
`namespace` blocks, the UI will hit unhandled exceptions when rendering the
sidebar or jobs page.

Filter for the case where there's no `namespace` block.
2022-08-16 16:13:36 -04:00
Phil Renaud 894e61f4dd
[ui] Fixes a bug for first-time SecVars users on namespaces (#14067)
* Fixes a bug for first-time SecVars users on namespaces

* Namespace computed dep

* Namespace computed dep
2022-08-09 16:56:18 -04:00
Phil Renaud 4da169e155
[ui] "Can Read" checks on individual Secure Variables (#14020)
* Changelog and lintfix

* Changelog removed

* Forbidden state on individual variables

* CanRead checked on variable path links

* Mirage fixture with lesser secure variables access, temporary fix for * namespaces

* Read flow acceptance tests

* Unit tests for variable.canRead

* lintfix

* TODO squashed, thanks Jai

* explicitly link mirage fixture vars to jobs via namespace

* Typofix; delete to read

* Linking the original alloc

* Percy snapshots uniquely named

* Guarantee that the alloc we depend on has tasks within it

* Logging variables

* Trying to skip delete

* Now without create flow either

* Dedicated cluster fixture for testing variables

* Disambiguate percy calls
2022-08-09 13:17:55 -04:00
Jai 113466040f
refact: namespace glob matching (#14037)
* refact: allow namespace glob matching

* test:  namespace glob matching
2022-08-05 16:40:22 -04:00
Phil Renaud 4283608bbf
[ui] "can list variables" capability refactor (#13996)
* Check against all your policies' namespaces' secvars' paths' capabilities to see if you can list vars

* Changelog and lintfix

* Unit tests for list-vars

* Removed unused computed dep

* Changelog removed
2022-08-05 10:45:22 -04:00
Jai e9273cafed
add namespace to path matching algorithm (#13948)
* refact:  namespace should be bound property

* chore: pass bound namespace property in template

* chore: update tests to account for bound namespace refactoring

* test: add test coverage for factoring namespace in path matching algo
2022-08-01 15:33:47 -04:00
Jai b81adc6f69 ui: create variable permission logic (#13447)
* ui:  inject router service into Variable ability to compute path

* ui:  test create secure variable ability

* refact:  update templates to properly check create ability

* chore:  update token factory to enable 1 path to have create ability

* refact:  remove router service injection for path variable

* refact:  update mirage factory for edit and delete perms on  path for testing

* ui:  handle path matching (#13474)

* test:  write specifications for nearestPath computation

* ui:  write logic for getting all paths

* ui:  nearestPathMatching algorithm

* test:  nearestPathMatching algorithm test

* ui:  handle namespace filtering for capabilities check (#13475)

* ui: add namespace handling

* refact:  add logical OR operator to handle unstructured  object.

* ui:  acceptance test for create flow in secure variables (#13500)

* test:  write happy path test for creating variable

* refact:  add missing data-test attributes

* test:  sad path for disabled button

* fix:  move comment in  file

* test:  acceptance test for editing a variable (#13529)

* refact:  add data-test variable

* test:  happy path and sad path for edit flow

* refact:  update test language to say disabled

* ui:  glob matching algorithm (#13533)

* ui: compute length difference (#13542)

* ui: compute length difference

* refact:  use glob matching and sorting algos in `nearestMatchingPath` (#13544)

* refact:  use const in compute

* ui:  smallest difference logic

* refact:  use glob matching and sorting algo in _nearestPathPath helper

* ui:  add can edit to variable capabilities (#13545)

* ui:  create edit capabilities getter

* ui:  add ember-can check for edit button

* refact:  update test to mock edit capabilities in policy

* fix:  remove unused var

* Edit capabilities for variables depend on Create

Co-authored-by: Phil Renaud <phil@riotindustries.com>

Co-authored-by: Phil Renaud <phil@riotindustries.com>

Co-authored-by: Phil Renaud <phil@riotindustries.com>

* refact:  update token factory (#13596)

* refact:  update rulesJSON in token factory to reflect schema update

* refact:  update capability names (#13597)

* refact:  update rules to match rulesJSON

* refact:  update create to write

* ui:  add `canDestroy` permissions (#13598)

* refact:  update rulesJSON in token factory to reflect schema update

* refact:  update rules to match rulesJSON

* refact:  update create to write

* ui:  add canDestroy capability

* test:  unit test for canDestroy

* ui:  add permission check to template

* test:  acceptance test for delete flow

* refact:  update test to use correct capability name

* refact:  update tests to reflect rulesJSON schema change

* ui:  update path matching logic to account for schema change (#13605)

* refact:  update path matching logic

* refact:  update tests to reflect rulesJSON change

Co-authored-by: Phil Renaud <phil@riotindustries.com>

Co-authored-by: Phil Renaud <phil@riotindustries.com>
2022-07-11 13:34:06 -04:00
Jai b2d703b53c dx: update `canCreate` logic and token generation for secure var dev environment (#13438)
* ui:  add logic for create permission computed property

* ui:  update token factory and variable ability to simulate create permissions for dev env
2022-07-11 13:34:06 -04:00
Phil Renaud a628e2969a Secure Variables UI: /variables/new and /variables/*path (#13069)
* variables.new initialized

* Hacky but savey

* Variable wildcard route and multiple creatable at a time

* multiple KVs per variable

* PR Prep cleanup and lintfix

* Delog

* Data mocking in mirage for variables

* Linting fixes

* Re-implement absent params

* Adapter and model tests

* Moves the path-as-id logic to a serializer instead of adapter

* Classic to serializer and lint cleanup

* Pluralized save button (#13140)

* Autofocus modifier and better Add More button UX (#13145)

* Secure Variables: show/hide functionality when adding new values (#13137)

* Flight Icons added and show hide functionality

* PR cleanup

* Linting cleanup

* Position of icon moved to the right of input

* PR feedback addressed

* Delete button and stylistic changes to show hide

* Hmm, eslint doesnt like jsdoc-usage as only reason for import

* More closely match the button styles and delete test

* Simplified new.js model

* Secure Variables: /variables/*path/edit route and functionality (#13170)

* Variable edit page init

* Significant change to where we house model methods

* Lintfix

* Edit a variable tests

* Remove redundant tests

* Asserts expected

* Mirage factory updated to reflect model state
2022-07-11 13:34:04 -04:00
Phil Renaud 7ddc4c8359 Secure Variables UI: Router setup and /variables/index route + guards (#12967)
* Route init

* Bones of a mirage-mocked secure variables policy

* Functinoing policy for list vars

* Delog and transition on route

* Basic guard test

* Page guard tests for secure variables

* Cleanup and unit tests for variables ability

* Linter cleanup

* Set expectations for test assertions

* PR feedback addressed

* Read label changed to View per suggestion
2022-07-11 13:34:03 -04:00
Phil Renaud 462c6653ac
[bugfix, ui] Allow running jobs from a namespace-limited token (#13659)
* Allow running jobs from a namespace-limited token

* qpNamespace cleanup

* Looks like parse can deal with a * namespace

* A little diff cleanup

* Defensive destructuring

* Removing accidental friendly-fire on can-scale

* Testfix: Job run buttons from jobs index

* Testfix: activeRegion job adapter string

* Testfix: unit tests for job abilities correctly reflect the any-namespace rule

* Testfix: job editor test looks for requests with namespace applied on plan
2022-07-11 12:33:17 -04:00
Jai Bhagat 52cf998e2c ui: fix remaining linting errors 2022-01-20 10:39:02 -05:00
Jai Bhagat 3a9057a89c ui: prettify js files 2022-01-20 09:54:56 -05:00
Jai Bhagat c4bc5ab352 ui: fix auto-fixable linting errors 2022-01-20 09:46:45 -05:00
Luiz Aoqui c7ae13a1f3
Fix ACL requirements for job details UI (#11672) 2022-01-12 21:26:02 -05:00
Nicholas Cioli 4d9fa38a5e
ui: add parameterized dispatch interface (#10675)
* ui: add parameterized dispatch interface

This commit adds a new interface for dispatching parameteried jobs, if
the user has the right permissions. The UI can be accessed by viewing a
parameterized job and clicking on the "Dispatch Job" button located in
the "Job Launches" section.

* fix failing lint test

* clean up dispatch and remove meta

This commit cleans up a few things that had typos and
inconsistent naming. In line with this, the custom
`meta` view was removed in favor of using the
included `AttributesTable`.

* ui: encode dispatch job payload and start adding tests

* ui: remove unused test imports

* ui: redesign job dispatch form

* ui: initial acceptance tests for dispatch job

* ui: generate parameterized job children with correct id format

* ui: fix job dispatch breadcrumb link

* ui: refactor job dispatch component into glimmer component and add form validation

* ui: remove unused CSS class

* ui: align job dispatch button

* ui: handle namespace-specific requests on job dispatch

* ui: rename payloadMissing to payloadHasError

* ui: don't re-fetch job spec on dispatch job

* ui: keep overview tab selected on job dispatch page

* ui: fix task and task-group linting

* ui: URL encode job id on dispatch job tests

* ui: fix error when job meta is null

* ui: handle job dispatch from adapter

* ui: add more tests for dispatch job page

* ui: add "job dispatch" capability check

* ui: update job dispatch from code review

Co-authored-by: Luiz Aoqui <luiz@hashicorp.com>
2021-07-20 18:27:41 -04:00
Michael Lange e8593ec1bb
ui: Update namespaces design (#10444)
This rethinks namespaces as a filter on list pages rather than a global setting.

The biggest net-new feature here is being able to select All (*) to list all jobs
or CSI volumes across namespaces.
2021-04-29 15:00:59 -05:00
Buck Doyle 8b5b2116ec
Fix job detail crash when recommendations off (#9269)
Without this, visiting any job detail page on Nomad OSS would crash with
an error like this:

Error: Ember Data Request GET
/v1/recommendations?job=ping%F0%9F%A5%B3&namespace=default returned a
404 Payload (text/xml)

The problem was twofold.

1. The recommendation ability didn’t include anything about checking
whether the feature was present. This adds a request to
/v1/operator/license on application load to determine which features are
present and store them in the system service. The ability now looks for
'Dynamic Application Sizing' in that feature list.

2. Second, I didn’t check permissions at all in the job-fetching or job
detail templates.
2020-11-06 08:21:38 -06:00
Michael Lange 148d4429cf Show a partial view notice when ACLs are enabled and the mgmt token isn't being used 2020-11-04 15:24:34 -08:00
Michael Lange 093a935a71 Update URL for namespace globbing 2020-11-04 15:23:47 -08:00
Buck Doyle 31b4ed7a6d
Add DAS UI code from enterprise (#9192)
This is a few combined iterations on the DAS feature.
2020-10-29 07:46:42 -05:00
Buck Doyle ca7c252a96
Add linting for classic decorator (#8182)
This completes an installation step I missed when making #8144 and
marks classes that are using the EmberObject APIs as classic.
2020-06-22 10:48:53 -05:00
Michael Lange 3b7b5f9649 Add canScale ability for jobs 2020-06-18 22:08:28 -07:00
Michael Lange da76edcabd Code review feedback 2020-06-17 14:56:16 -07:00
Michael Lange 58df659fdb Ability for agent:read 2020-06-16 10:23:36 -07:00
Buck Doyle 89136cbf6a Add massaged results of class codemod
Manual interventions:
• decorators on the same line for service and controller
  injections and most computed property macros
• preserving import order when possible, both per-line
  and intra-line
• moving new imports to the bottom
• removal of classic decorator for trivial cases
• conversion of init to constructor when appropriate
2020-06-10 16:18:42 -05:00
Buck Doyle c46d5517bb
Add ACL-checking to turn off exec button (#7919)
This closes #7453. It adds an abstraction to handle the common
needs of ability-determination.
2020-05-11 14:43:17 -05:00
Michael Lange 59897f9716 Handle the case where ACLs aren't enabled in abilities 2020-01-31 09:41:36 -08:00
Michael Lange 1fae4083eb Add an ability for client permissions 2020-01-30 21:29:19 -08:00
Buck Doyle 66ab14144a
ui: Change Run Job availability based on ACLs (#5944)
This builds on API changes in #6017 and #6021 to conditionally turn off the
“Run Job” button based on the current token’s capabilities, or the capabilities
of the anonymous policy if no token is present.

If you try to visit the job-run route directly, it redirects to the job list.
2020-01-20 14:57:01 -06:00