feat(admin-ui): design the layout for api role management #327

GluuFederation · Dec 7, 2021 · c8fcaf6 · c8fcaf6
1 parent a3048ef
commit c8fcaf6
Show file tree

Hide file tree

Showing 3 changed files with 74 additions and 70 deletions.
diff --git a/app/utils/PermChecker.js b/app/utils/PermChecker.js
@@ -1,64 +1,73 @@
-export const ATTRIBUTE_READ = '/config/attributes.readonly'
-export const ATTRIBUTE_WRITE = '/config/attributes.write'
-export const ATTRIBUTE_DELETE = '/config/attributes.delete'
+export const BASE_URL = 'https://jans.io/oauth'
+export const ATTRIBUTE_READ = BASE_URL + '/config/attributes.readonly'
+export const ATTRIBUTE_WRITE = BASE_URL + '/config/attributes.write'
+export const ATTRIBUTE_DELETE = BASE_URL + '/config/attributes.delete'
 
-export const CLIENT_READ = '/config/openid/clients.readonly'
-export const CLIENT_WRITE = '/config/openid/clients.write'
-export const CLIENT_DELETE = '/config/openid/clients.delete'
+export const CLIENT_READ = BASE_URL + '/config/openid/clients.readonly'
+export const CLIENT_WRITE = BASE_URL + '/config/openid/clients.write'
+export const CLIENT_DELETE = BASE_URL + '/config/openid/clients.delete'
 
-export const SCOPE_READ = '/config/scopes.readonly'
-export const SCOPE_WRITE = '/config/scopes.write'
-export const SCOPE_DELETE = '/config/scopes.delete'
+export const ROLE_READ = 'https://jans.io/adminui/user/role.read'
+export const ROLE_WRITE = 'https://jans.io/adminui/user/role.write'
+export const ROLE_DELETE = 'https://jans.io/adminui/user/role.delete'
 
-export const SCRIPT_READ = '/config/scripts.readonly'
-export const SCRIPT_WRITE = '/config/scripts.write'
-export const SCRIPT_DELETE = '/config/scripts.delete'
+export const PERMISSION_READ = 'https://jans.io/adminui/user/permission.read'
+export const PERMISSION_WRITE = 'https://jans.io/adminui/user/permission.write'
+export const PERMISSION_DELETE =
+  'https://jans.io/adminui/user/permission.delete'
 
-export const SMTP_READ = '/config/smtp.readonly'
-export const SMTP_WRITE = '/config/smtp.write'
-export const SMTP_DELETE = '/config/smtp.delete'
+export const SCOPE_READ = BASE_URL + '/config/scopes.readonly'
+export const SCOPE_WRITE = BASE_URL + '/config/scopes.write'
+export const SCOPE_DELETE = BASE_URL + '/config/scopes.delete'
 
-export const ACR_READ = '/config/acrs.readonly'
-export const ACR_WRITE = '/config/acrs.write'
-export const ACR_DELETE = '/config/acrs.delete'
+export const SCRIPT_READ = BASE_URL + '/config/scripts.readonly'
+export const SCRIPT_WRITE = BASE_URL + '/config/scripts.write'
+export const SCRIPT_DELETE = BASE_URL + '/config/scripts.delete'
 
-export const LOGGING_READ = '/config/logging.readonly'
-export const LOGGING_WRITE = '/config/logging.write'
-export const LOGGING_DELETE = '/config/logging.delete'
+export const SMTP_READ = BASE_URL + '/config/smtp.readonly'
+export const SMTP_WRITE = BASE_URL + '/config/smtp.write'
+export const SMTP_DELETE = BASE_URL + '/config/smtp.delete'
 
-export const JWKS_READ = '/config/jwks.readonly'
-export const JWKS_WRITE = '/config/jwks.write'
-export const JWKS_DELETE = '/config/jwks.delete'
+export const ACR_READ = BASE_URL + '/config/acrs.readonly'
+export const ACR_WRITE = BASE_URL + '/config/acrs.write'
+export const ACR_DELETE = BASE_URL + '/config/acrs.delete'
 
-export const FIDO_READ = '/config/fido2.readonly'
-export const FIDO_WRITE = '/config/fido2.write'
-export const FIDO_DELETE = '/config/fido2.delete'
+export const LOGGING_READ = BASE_URL + '/config/logging.readonly'
+export const LOGGING_WRITE = BASE_URL + '/config/logging.write'
+export const LOGGING_DELETE = BASE_URL + '/config/logging.delete'
 
-export const CACHE_READ = '/config/cache.readonly'
-export const CACHE_WRITE = '/config/cache.write'
-export const CACHE_DELETE = '/config/cache.delete'
+export const JWKS_READ = BASE_URL + '/config/jwks.readonly'
+export const JWKS_WRITE = BASE_URL + '/config/jwks.write'
+export const JWKS_DELETE = BASE_URL + '/config/jwks.delete'
 
-export const LDAP_READ = '/config/database/ldap.readonly'
-export const LDAP_WRITE = '/config/database/ldap.write'
-export const LDAP_DELETE = '/config/database/ldap.delete'
+export const FIDO_READ = BASE_URL + '/config/fido2.readonly'
+export const FIDO_WRITE = BASE_URL + '/config/fido2.write'
+export const FIDO_DELETE = BASE_URL + '/config/fido2.delete'
 
-export const COUCHBASE_READ = '/config/database/couchbase.readonly'
-export const COUCHBASE_WRITE = '/config/database/couchbase.write'
-export const COUCHBASE_DELETE = '/config/database/couchbase.delete'
+export const CACHE_READ = BASE_URL + '/config/cache.readonly'
+export const CACHE_WRITE = BASE_URL + '/config/cache.write'
+export const CACHE_DELETE = BASE_URL + '/config/cache.delete'
 
-export const SQL_READ = '/config/database/sql.readonly'
-export const SQL_WRITE = '/config/database/sql.write'
-export const SQL_DELETE = '/config/database/sql.delete'
+export const LDAP_READ = BASE_URL + '/config/database/ldap.readonly'
+export const LDAP_WRITE = BASE_URL + '/config/database/ldap.write'
+export const LDAP_DELETE = BASE_URL + '/config/database/ldap.delete'
 
-export const STAT_READ = '/config/stats.readonly'
-export const STAT_JANS_READ = 'jans_stat'
+export const COUCHBASE_READ = BASE_URL + '/config/database/couchbase.readonly'
+export const COUCHBASE_WRITE = BASE_URL + '/config/database/couchbase.write'
+export const COUCHBASE_DELETE = BASE_URL + '/config/database/couchbase.delete'
+
+export const SQL_READ = BASE_URL + '/config/database/sql.readonly'
+export const SQL_WRITE = BASE_URL + '/config/database/sql.write'
+export const SQL_DELETE = BASE_URL + '/config/database/sql.delete'
 
-const BASE_URL = 'https://jans.io/oauth'
+export const STAT_READ = BASE_URL + '/config/stats.readonly'
+export const STAT_JANS_READ = 'jans_stat'
 
 export const hasPermission = (scopes, scope) => {
-  const fullScope = BASE_URL + scope
+  console.log('============1 ' + JSON.stringify(scopes))
+  console.log('============2 ' + JSON.stringify(scope))
   if (scopes) {
-    return scopes.includes(fullScope, 0)
+    return scopes.includes(scope, 0)
   }
   return false
 }
@@ -69,24 +78,19 @@ export const buildPayload = (userAction, message, payload) => {
 }
 
 export const hasAny = (scopes, scope1, scope2, scope3) => {
-  const fullScope1 = BASE_URL + scope1
-  const fullScope2 = BASE_URL + scope2
-  const fullScope3 = BASE_URL + scope3
   if (scopes) {
     return (
-      scopes.includes(fullScope1, 0) ||
-      scopes.includes(fullScope2, 0) ||
-      scopes.includes(fullScope3, 0)
+      scopes.includes(scope1, 0) ||
+      scopes.includes(scope2, 0) ||
+      scopes.includes(scope3, 0)
     )
   }
   return false
 }
 
 export const hasBoth = (scopes, scope1, scope2) => {
-  const fullScope1 = BASE_URL + scope1
-  const fullScope2 = scope2
   if (scopes) {
-    return scopes.includes(fullScope1, 0) && scopes.includes(fullScope2, 0)
+    return scopes.includes(scope1, 0) && scopes.includes(scope2, 0)
   }
   return false
 }
diff --git a/plugins/admin/components/Permissions/UiPermListPage.js b/plugins/admin/components/Permissions/UiPermListPage.js
@@ -13,8 +13,8 @@ import { getPermissions } from '../../redux/actions/ApiPermissionActions'
 import {
   hasPermission,
   buildPayload,
-  SCRIPT_READ,
-  SCRIPT_WRITE,
+  PERMISSION_READ,
+  PERMISSION_WRITE,
 } from '../../../../app/utils/PermChecker'
 
 function UiPermListPage({ apiPerms, permissions, loading, dispatch }) {
@@ -28,38 +28,38 @@ function UiPermListPage({ apiPerms, permissions, loading, dispatch }) {
     dispatch(getPermissions(userAction))
   }, [])
 
-  if (hasPermission(permissions, SCRIPT_READ)) {
-    myActions.push((rowData) => ({
+  if (hasPermission(permissions, PERMISSION_READ)) {
+    myActions.push((aRow) => ({
       icon: 'visibility',
       iconProps: {
         color: 'primary',
-        id: 'viewRole' + rowData.inum,
+        id: 'viewRole' + aRow.inum,
       },
       tooltip: `${t('messages.view_role_details')}`,
-      onClick: (e, rowData) => handleGoToRoleEditPage(rowData, true),
+      onClick: (e, v) => handleGoToPermissionEditPage(v, true),
       disabled: false,
     }))
   }
 
-  if (hasPermission(permissions, SCRIPT_WRITE)) {
+  if (hasPermission(permissions, PERMISSION_WRITE)) {
     myActions.push((rowD) => ({
       icon: 'edit',
       iconProps: {
         color: 'primary',
         id: 'editRole' + rowD.inum,
       },
       tooltip: `${t('messages.edit_role')}`,
-      onClick: (e, entry) => handleGoToRoleEditPage(entry, false),
+      onClick: (e, entry) => handleGoToPermissionEditPage(entry, false),
       disabled: false,
     }))
   }
-  if (hasPermission(permissions, SCRIPT_WRITE)) {
+  if (hasPermission(permissions, PERMISSION_WRITE)) {
     myActions.push({
       icon: 'add',
       tooltip: `${t('messages.add_role')}`,
       iconProps: { color: 'primary' },
       isFreeAction: true,
-      onClick: () => handleGoToRoleAddPage(),
+      onClick: () => handleGoToPermissionAddPage(),
     })
   }
 
@@ -69,7 +69,7 @@ function UiPermListPage({ apiPerms, permissions, loading, dispatch }) {
       <CardBody>
         <FormGroup row />
         <FormGroup row />
-        <GluuViewWrapper canShow={hasPermission(permissions, SCRIPT_READ)}>
+        <GluuViewWrapper canShow={hasPermission(permissions, PERMISSION_READ)}>
           <MaterialTable
             components={{
               Container: (props) => <Paper {...props} elevation={0} />,

diff --git a/plugins/admin/components/Roles/UiRoleListPage.js b/plugins/admin/components/Roles/UiRoleListPage.js
@@ -13,8 +13,8 @@ import { getRoles } from '../../redux/actions/ApiRoleActions'
 import {
   hasPermission,
   buildPayload,
-  SCRIPT_READ,
-  SCRIPT_WRITE,
+  ROLE_READ,
+  ROLE_WRITE,
 } from '../../../../app/utils/PermChecker'
 
 function UiRoleListPage({ apiRoles, permissions, loading, dispatch }) {
@@ -28,7 +28,7 @@ function UiRoleListPage({ apiRoles, permissions, loading, dispatch }) {
     dispatch(getRoles(userAction))
   }, [])
 
-  if (hasPermission(permissions, SCRIPT_READ)) {
+  if (hasPermission(permissions, ROLE_READ)) {
     myActions.push((rowData) => ({
       icon: 'visibility',
       iconProps: {
@@ -41,7 +41,7 @@ function UiRoleListPage({ apiRoles, permissions, loading, dispatch }) {
     }))
   }
 
-  if (hasPermission(permissions, SCRIPT_WRITE)) {
+  if (hasPermission(permissions, ROLE_WRITE)) {
     myActions.push((rowData) => ({
       icon: 'edit',
       iconProps: {
@@ -53,7 +53,7 @@ function UiRoleListPage({ apiRoles, permissions, loading, dispatch }) {
       disabled: false,
     }))
   }
-  if (hasPermission(permissions, SCRIPT_WRITE)) {
+  if (hasPermission(permissions, ROLE_WRITE)) {
     myActions.push({
       icon: 'add',
       tooltip: `${t('messages.add_role')}`,
@@ -69,7 +69,7 @@ function UiRoleListPage({ apiRoles, permissions, loading, dispatch }) {
       <CardBody>
         <FormGroup row />
         <FormGroup row />
-        <GluuViewWrapper canShow={hasPermission(permissions, SCRIPT_READ)}>
+        <GluuViewWrapper canShow={hasPermission(permissions, ROLE_READ)}>
           <MaterialTable
             components={{
               Container: (props) => <Paper {...props} elevation={0} />,