Skip to content

Commit

Permalink
Merge pull request #2790 from richard-cox/remove-non-resource-urls-na…
Browse files Browse the repository at this point in the history 
…mespaced-2.5.8

[2.5.8] Improve Role Required Indicators/Validation
  • Loading branch information
@richard-cox
richard-cox authored Apr 21, 2021
2 parents d8ef0cb + 92c6610 commit 854548f
Show file tree
Hide file tree
Showing 6 changed files with 50 additions and 32 deletions.
4 changes: 3 additions & 1 deletion assets/translations/en-us.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3139,7 +3139,9 @@ validation:
roleTemplate:
roleTemplateRules:
missingVerb: You must specify at least one verb for each resource grant
missingResource: You must specify at least one Resource, Non-Resource URL or API Group for each resource grant
missingResource: You must specify a Resource for each resource grant
missingApiGroup: You must specify an API Group for each resource grant
missingOneResource: You must specify at least one Resource, Non-Resource URL or API Group for each resource grant
service:
externalName:
none: External Name is required on an ExternalName Service.
Expand Down
35 changes: 24 additions & 11 deletions components/auth/RoleDetailEdit.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,9 @@ export default {
doneLocationOverride() {
return this.value.listLocation;
},
ruleClass() {
return `col ${ this.isNamespaced ? 'span-4' : 'span-3' }`;
},
// Detail View
rules() {
return this.createRules(this.value);
Expand Down Expand Up @@ -374,23 +377,29 @@ export default {
>
<template #column-headers>
<div class="column-headers row">
<div class="col span-3">
<label class="text-label">{{ t('rbac.roletemplate.tabs.grantResources.tableHeaders.verbs') }}</label>
<div :class="ruleClass">
<label class="text-label">{{ t('rbac.roletemplate.tabs.grantResources.tableHeaders.verbs') }}
<span class="required">*</span>
</label>
</div>
<div class="col span-3">
<label class="text-label">{{ t('rbac.roletemplate.tabs.grantResources.tableHeaders.resources') }}</label>
<div :class="ruleClass">
<label class="text-label">{{ t('rbac.roletemplate.tabs.grantResources.tableHeaders.resources') }}
<span v-if="isNamespaced" class="required">*</span>
</label>
</div>
<div class="col span-3">
<div v-if="!isNamespaced" :class="ruleClass">
<label class="text-label">{{ t('rbac.roletemplate.tabs.grantResources.tableHeaders.nonResourceUrls') }}</label>
</div>
<div class="col span-3">
<label class="text-label">{{ t('rbac.roletemplate.tabs.grantResources.tableHeaders.apiGroups') }}</label>
<div :class="ruleClass">
<label class="text-label">{{ t('rbac.roletemplate.tabs.grantResources.tableHeaders.apiGroups') }}
<span v-if="isNamespaced" class="required">*</span>
</label>
</div>
</div>
</template>
<template #columns="props">
<div class="columns row">
<div class="col span-3">
<div :class="ruleClass">
<Select
:value="props.row.value.verbs"
class="lg"
Expand All @@ -402,7 +411,7 @@ export default {
@input="updateSelectValue(props.row.value, 'verbs', $event)"
/>
</div>
<div class="col span-3">
<div :class="ruleClass">
<Select
:value="getRule('resources', props.row.value)"
:options="resourceOptions"
Expand All @@ -412,14 +421,14 @@ export default {
@input="setRule('resources', props.row.value, $event)"
/>
</div>
<div class="col span-3">
<div v-if="!isNamespaced" :class="ruleClass">
<LabeledInput
:value="getRule('nonResourceURLs', props.row.value)"
:mode="mode"
@input="setRule('nonResourceURLs', props.row.value, $event)"
/>
</div>
<div class="col span-3">
<div :class="ruleClass">
<LabeledInput
:value="getRule('apiGroups', props.row.value)"
:mode="mode"
Expand Down Expand Up @@ -466,6 +475,10 @@ export default {
</template>
<style lang="scss" scoped>
.required {
color: var(--error);
}
::v-deep {
.column-headers {
margin-right: 75px;
Expand Down
10 changes: 2 additions & 8 deletions models/management.cattle.io.globalrole.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import { CATTLE_API_GROUP, SUBTYPE_MAPPING } from '@/models/management.cattle.io
import { uniq } from '@/utils/array';
import Vue from 'vue';
import { get } from '@/utils/object';
import Role from './rbac.authorization.k8s.io.role';

const BASE = 'user-base';
const USER = 'user';
Expand All @@ -14,14 +15,7 @@ const GLOBAL = SUBTYPE_MAPPING.GLOBAL.key;

export default {
customValidationRules() {
return [
{
path: 'rules',
validators: ['roleTemplateRules'],
nullable: false,
type: 'array',
},
];
return Role.customValidationRules();
},

details() {
Expand Down
10 changes: 2 additions & 8 deletions models/management.cattle.io.roletemplate.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import { uniq } from '@/utils/array';
import Vue from 'vue';
import { get } from '@/utils/object';
import { DESCRIPTION } from '@/config/labels-annotations';
import Role from './rbac.authorization.k8s.io.role';

export const CATTLE_API_GROUP = '.cattle.io';

Expand Down Expand Up @@ -56,14 +57,7 @@ export const VERBS = [

export default {
customValidationRules() {
return [
{
path: 'rules',
validators: ['roleTemplateRules'],
nullable: false,
type: 'array',
},
];
return Role.customValidationRules();
},

details() {
Expand Down
9 changes: 8 additions & 1 deletion models/rbac.authorization.k8s.io.role.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,16 @@ import { uniq } from '@/utils/array';
export default {
customValidationRules() {
return [
{
path: 'name',
translationKey: 'nameNsDescription.name.label',
required: true,
nullable: false,
type: 'string',
},
{
path: 'rules',
validators: ['roleTemplateRules'],
validators: [`roleTemplateRules:${ this.type }`],
nullable: false,
type: 'array',
},
Expand Down
14 changes: 11 additions & 3 deletions utils/validators/role-template.js
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,19 @@
import { RBAC } from '@/config/types';
import isEmpty from 'lodash/isEmpty';

export function roleTemplateRules(rules = [], getters, errors, validatorArgs) {
export function roleTemplateRules(rules = [], getters, errors, validatorArgs = []) {
if (rules.some(rule => isEmpty(rule.verbs))) {
errors.push(getters['i18n/t']('validation.roleTemplate.roleTemplateRules.missingVerb'));
}

if (rules.some(rule => isEmpty(rule.resources) && isEmpty(rule.nonResourceURLs) && isEmpty(rule.apiGroups))) {
errors.push(getters['i18n/t']('validation.roleTemplate.roleTemplateRules.missingResource'));
if (validatorArgs[0] === RBAC.ROLE) {
if (rules.some(rule => isEmpty(rule.resources))) {
errors.push(getters['i18n/t']('validation.roleTemplate.roleTemplateRules.missingResource'));
}
if (rules.some(rule => isEmpty(rule.apiGroups))) {
errors.push(getters['i18n/t']('validation.roleTemplate.roleTemplateRules.missingApiGroup'));
}
} else if (rules.some(rule => isEmpty(rule.resources) && isEmpty(rule.nonResourceURLs) && isEmpty(rule.apiGroups))) {
errors.push(getters['i18n/t']('validation.roleTemplate.roleTemplateRules.missingOneResource'));
}
}

0 comments on commit 854548f

Please sign in to comment.