Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

To enable spaces in policy names #3482

Merged
merged 1 commit into from
Dec 5, 2024
Merged

Conversation

cniackz
Copy link
Collaborator

@cniackz cniackz commented Dec 2, 2024

Since mc allows them:

mc admin policy create play "1Password IT" mypolicy.json

@cniackz cniackz self-assigned this Dec 2, 2024
Copy link
Collaborator

@cesnietor cesnietor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cniackz PTAL at the validSave cause the validation you changed checks while typing but during save we run a different logic and the same validation is there.

 const validSave =
    policyName.trim() !== "" &&
    policyName.indexOf(" ") === -1 &&
    policyDefinition.trim() !== "";

@ramondeklein
Copy link
Collaborator

Shouldn't we change MinIO/STS instead, because policy names have the following limitation in AWS IAM (source):

Names of users, groups, roles, policies, instance profiles, server certificates, and paths must be alphanumeric, including the following common characters: plus (+), equals (=), comma (,), period (.), at (@), underscore (_), and hyphen (-).

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 3, 2024

@cesnietor, you were right—additional changes were needed for this to work completely. I have made all the necessary adjustments and tested them.

Screenshot 2024-12-03 at 9 41 29 AM

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 3, 2024

@ramondeklein, that’s a good question. Since this is already supported by mc, I’m unsure how to proceed. I’ve added @ramondeklein and @harshavardhana to help determine the best course of action.

@cniackz cniackz force-pushed the allow-spaces-in-policy branch from cacf53c to 56e5d1b Compare December 3, 2024 14:44
@ramondeklein
Copy link
Collaborator

It's hard to change now, because people may already use these names, so disallowing now is hard. We are S3 compatible, not IAM compatible, so deviating from AWS IAM isn't a real issue. Let's be practical and make sure we're compatible with our implementation.

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 3, 2024

Understood, @ramondeklein. I’ll leave this change up to you. Please approve and merge if you think it’s fine to proceed, or add any additional comments if you believe we shouldn’t or have a different perspective. Thanks!

Copy link
Collaborator

@ramondeklein ramondeklein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's bad to perform validations in the AIStor back-end. These checks should be done by MinIO itself.

@cesnietor
Copy link
Collaborator

@cniackz I can't create a new policy the Save button never gets enabled

How it looks:
Screenshot 2024-12-03 at 11 58 42 AM

How it should look when passing validations:
Screenshot 2024-12-03 at 11 59 21 AM

Copy link
Collaborator

@cesnietor cesnietor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also I noticed that we allow spaces after and before the policy, those I think we should remove.
Screenshot 2024-12-03 at 11 57 10 AM

I couldn't test if those are saved like that or we actually trimmed them (due to the error above) but worth considering. If we trim them after submitting then is fine.

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 4, 2024

Why it does not work for you?... I need time to figure this out as it worked for me, we can synch on this later 👍

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 4, 2024

@cesnietor, I’m still unsure why it’s not working for you. I retested everything from scratch and was able to create the policy with spaces in the name. Here’s the screenshot:

Screenshot 2024-12-04 at 10 00 14 AM

Would you mind pairing up this afternoon to look into this together? The steps I used for testing are documented in this wiki: How to test console UI.

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 4, 2024

Okay, I’ve made all the requested changes, and everything works as expected. Later today, I’ll pair with Nieto to review this and determine if anything else is missing.

cesnietor
cesnietor previously approved these changes Dec 4, 2024
@cesnietor
Copy link
Collaborator

tested works as expected.

@cesnietor cesnietor dismissed ramondeklein’s stale review December 4, 2024 21:39

this was addressed.

Copy link
Collaborator

@bexsoft bexsoft left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

bexsoft
bexsoft previously requested changes Dec 5, 2024
Copy link
Collaborator

@bexsoft bexsoft left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please help us to review

policy_test.go:237: 
        	Error Trace:	/home/runner/work/console/console/integration/policy_test.go:237
        	Error:      	Not equal: 
        	            	expected: 400
        	            	actual  : 201
        	Test:       	Test_AddPolicyAPI
        	Messages:   	Create Policy - Space in Name Failed

Seems like this test should be reworked, beside of that LGTM. Thank you very much

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 5, 2024

Sure Benjamin, let look into that test deeper

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 5, 2024

The issue at policy_test.go:237 comes from the Integration Tests with Latest Distributed MinIO (1.23.x)

Screenshot 2024-12-05 at 8 13 07 AM

I will re-run this test to ensure the failure is replicable. Simultaneously, I will create an empty PR to verify if the failure was introduced in this PR.

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 5, 2024

Haha, well, it’s obvious just by looking at the log:

=== NAME  Test_AddPolicyAPI
    policy_test.go:237: 
        	Error Trace:	/home/runner/work/console/console/integration/policy_test.go:237
        	Error:      	Not equal: 
        	            	expected: 400
        	            	actual  : 201
        	Test:       	Test_AddPolicyAPI
        	Messages:   	Create Policy - Space in Name Failed

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 5, 2024

Now waiting for the tests to complete. If everything passes, I’ll request another round of reviews to finalize this.

@cniackz
Copy link
Collaborator Author

cniackz commented Dec 5, 2024

Ok, @cesnietor and I have reviewed this test, and the failure is unrelated. Therefore, this PR is now ready for review:

Screenshot 2024-12-05 at 8 48 11 AM

@cesnietor cesnietor merged commit 5cf02ff into master Dec 5, 2024
29 of 30 checks passed
@cesnietor cesnietor deleted the allow-spaces-in-policy branch December 5, 2024 17:55
bexsoft pushed a commit to bexsoft/console that referenced this pull request Dec 12, 2024
fix-1

fix-2

fix-3

fix-4

fix-5

fix-6

fix-7

fix-8

fix-9

fix-10

Lint

fix.10

fix-11

removed more stuff

Fixed errors

fixes-12

display objects info

added types and initial top bar

Update Bar

Updated mds version

Update latest

More integration fixes

Update mds

more fixes

migrated to redux

types

Added missing components

more migrations

updates

tabs information

adjusts

arrow-positioning

fix select check

asdf

Updated delete modal

fix inspect modal

Update Retention modal

asdf

Update Legal Hold modal screen

Share mdoal fix

update preview

adjustments

more fixes

Delete Tag fix
bexsoft pushed a commit to bexsoft/console that referenced this pull request Dec 12, 2024
fix-1

fix-2

fix-3

fix-4

fix-5

fix-6

fix-7

fix-8

fix-9

fix-10

Lint

fix.10

fix-11

removed more stuff

Fixed errors

fixes-12

display objects info

added types and initial top bar

Update Bar

Updated mds version

Update latest

More integration fixes

Update mds

more fixes

migrated to redux

types

Added missing components

more migrations

updates

tabs information

adjusts

arrow-positioning

fix select check

asdf

Updated delete modal

fix inspect modal

Update Retention modal

asdf

Update Legal Hold modal screen

Share mdoal fix

update preview

adjustments

more fixes

Delete Tag fix
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants