Merge pull request #34 from KelvinTegelaar/dev

[pull] dev from KelvinTegelaar:dev
KelvinTegelaar · May 6, 2024 · cbae98b · cbae98b
2 parents b53f012 + 09c1e74
commit cbae98b
Show file tree

Hide file tree

Showing 3 changed files with 254 additions and 451 deletions.
diff --git a/src/views/cipp/Setup.jsx b/src/views/cipp/Setup.jsx
@@ -6,7 +6,11 @@ import { faCheck, faExclamationTriangle } from '@fortawesome/free-solid-svg-icon
 import { CippWizard } from 'src/components/layout'
 import PropTypes from 'prop-types'
 import { Condition, RFFCFormInput, RFFCFormRadio } from 'src/components/forms'
-import { useLazyGenericGetRequestQuery, useLazyGenericPostRequestQuery } from 'src/store/api/app'
+import {
+ useLazyExecPermissionsAccessCheckQuery,
+ useLazyGenericGetRequestQuery,
+ useLazyGenericPostRequestQuery,
+} from 'src/store/api/app'
 import { Link } from 'react-router-dom'
 
 function useInterval(callback, delay, state) {
@@ -50,6 +54,7 @@ Error.propTypes = {
 }
 
 const Setup = () => {
+ const [checkPermissions, permissionsResult] = useLazyExecPermissionsAccessCheckQuery()
  const [genericPostRequest, postResults] = useLazyGenericPostRequestQuery()
  const [genericGetRequest, getResults] = useLazyGenericGetRequestQuery()
  const onSubmit = (values) => {
@@ -88,7 +93,7 @@ const Setup = () => {
  { id: 1, text: 'Step 1 - First Login' },
  { id: 2, text: 'Step 2 - Creating Application & Approving Application' },
  { id: 3, text: 'Step 3 - Receiving Token' },
- { id: 4, text: 'Step 4 - Finishing Setup' },
+ { id: 4, text: 'Step 4 - Finishing Authentication Setup' },
  ]
  const RenderSteps = ({ currentStep = 0 }) => (
  <>
@@ -159,8 +164,8 @@ const Setup = () => {
  <CRow className="mb-3">
  <CCol md={6} className="mb-3">
  Click the buttons below to refresh your token.
- <br /> Remember to login under a account that has been added to the correct GDAP
- groups and the group 'AdminAgents'.
+ <br /> Remember to login under a service account that has been added to the correct
+ GDAP groups and the group 'AdminAgents'.
  <br />
  </CCol>
  {getResults.isUninitialized && genericGetRequest({ path: 'api/ExecListAppId' })}
@@ -184,8 +189,24 @@ const Setup = () => {
  <Condition when="SetupType" is="CreateSAM">
  <CRow>
  <p>
- Click the button below to start the setup wizard, remember to check the SAM Wizard
- documentation before starting the wizard.
+ Click the button below to start the setup wizard. You will need the following
+ prerequisites:
+ <li>
+ A CIPP Service Account. For more information on how to create a service account
+ click{' '}
+ <a
+ href="https://docs.cipp.app/setup/installation/samwizard"
+ rel="noreferrer"
+ target="_blank"
+ >
+ here
+ </a>
+ </li>
+ <li>(Temporary) Global Administrator permissions for the CIPP Service Account</li>
+ <li>
+ Multi-factor authentication enabled for the CIPP Service Account, with no trusted
+ locations or other exclusions.
+ </li>
  </p>
  <CCol md={12}>
  <Field
@@ -195,7 +216,7 @@ const Setup = () => {
  type="button"
  onClick={() => startCIPPSetup(true)}
  >
- Start Setup Wizard
+ {getResults.isFetching && <CSpinner size="sm" />} Start Setup Wizard
  </Field>
  </CCol>
  <hr className="my-4" />
@@ -222,12 +243,38 @@ const Setup = () => {
  )}
  </CCol>
  {getResults.data?.step === 5 && (
- <CCallout color="success">
- <FontAwesomeIcon icon={faCheck} color="success" />
- Setup complete. We suggest running a Permissions Check in our{' '}
- <Link to="/cipp/settings">Application Settings</Link> page.
- </CCallout>
+ <p>
+ {permissionsResult.isFetching && <CSpinner />} Authentication has been received.
+ Checking if all prerequisites are met to connect to your tenants.
+ {permissionsResult.isUninitialized && checkPermissions()}
+ </p>
  )}
+ <CRow>
+ {permissionsResult.data?.Results && (
+ <>
+ <CCol>
+ <CCallout color="success">
+ {permissionsResult.data.Results?.Messages && (
+ <>
+ {permissionsResult.data.Results?.Messages?.map((m, idx) => (
+ <div key={idx}>{m}</div>
+ ))}
+ </>
+ )}
+ </CCallout>
+ </CCol>
+ <CCol>
+ {permissionsResult.data.Results?.ErrorMessages?.length >= 1 && (
+ <CCallout color="danger">
+ {permissionsResult.data.Results?.ErrorMessages?.map((m, idx) => (
+ <div key={idx}>{m}</div>
+ ))}
+ </CCallout>
+ )}
+ </CCol>
+ </>
+ )}
+ </CRow>
  </CRow>
  </Condition>
  <Condition when="SetupType" is="ExistingSAM">

diff --git a/src/views/cipp/app-settings/SettingsGeneral.jsx b/src/views/cipp/app-settings/SettingsGeneral.jsx
@@ -20,6 +20,7 @@ import {
  CListGroup,
  CListGroupItem,
  CRow,
+ CTable,
 } from '@coreui/react'
 import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'
 import { faCircleNotch } from '@fortawesome/free-solid-svg-icons'
@@ -29,6 +30,7 @@ import { CippTable } from 'src/components/tables/index.js'
 import { TenantSelectorMultiple } from 'src/components/utilities/index.js'
 import { SettingsGeneralRow } from 'src/views/cipp/app-settings/components/SettingsGeneralRow.jsx'
 import CippButtonCard from 'src/components/contentcards/CippButtonCard'
+import { ListGroupContentCard } from 'src/components/contentcards'
 
 /**
  * SettingsGeneral component.
@@ -139,72 +141,6 @@ export function SettingsGeneral() {
  checkAccess({ tenantDomains: AllTenantSelector })
  }
 
- function getTokenOffcanvasProps({ tokenResults }) {
- let tokenDetails = tokenResults.AccessTokenDetails
- let helpLinks = tokenResults.Links
- let tokenOffcanvasGroups = []
- if (tokenDetails?.Name !== '') {
- let tokenItems = []
- let tokenOffcanvasGroup = {}
- tokenItems.push({
- heading: 'User',
- content: tokenDetails?.Name,
- })
- tokenItems.push({
- heading: 'UPN',
- content: tokenDetails?.UserPrincipalName,
- })
- tokenItems.push({
- heading: 'App Registration',
- content: (
- <CLink
- href={`https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/Overview/appId/${tokenDetails?.AppId}/isMSAApp/`}
- target="_blank"
- >
- {tokenDetails?.AppName}
- </CLink>
- ),
- })
- tokenItems.push({
- heading: 'IP Address',
- content: tokenDetails?.IPAddress,
- })
- tokenItems.push({
- heading: 'Auth Methods',
- content: tokenDetails?.AuthMethods.join(', '),
- })
- tokenItems.push({
- heading: 'Tenant ID',
- content: tokenDetails?.TenantId,
- })
- tokenOffcanvasGroup.items = tokenItems
- tokenOffcanvasGroup.title = 'Claims'
- tokenOffcanvasGroups.push(tokenOffcanvasGroup)
- }
-
- if (helpLinks.length > 0) {
- let linkItems = []
- let linkItemGroup = {}
- helpLinks.map((link, idx) =>
- linkItems.push({
- heading: '',
- content: (
- <CLink href={link.Href} target="_blank" key={idx}>
- {link.Text}
- </CLink>
- ),
- }),
- )
- linkItemGroup.title = 'Help Links'
- linkItemGroup.items = linkItems
- if (linkItemGroup.items.length > 0) {
- tokenOffcanvasGroups.push(linkItemGroup)
- }
- }
-
- return tokenOffcanvasGroups
- }
-
  const tableProps = {
  pagination: false,
  actions: [
@@ -276,50 +212,79 @@ export function SettingsGeneral() {
  <>
  {permissionsResult.data.Results?.AccessTokenDetails?.Name !== '' && (
  <>
- <CButton className="mb-3" onClick={() => setTokenOffcanvasVisible(true)}>
- Details
- </CButton>
- <CippListOffcanvas
- title="Details"
- placement="end"
- visible={tokenOffcanvasVisible}
- groups={getTokenOffcanvasProps({
- tokenResults: permissionsResult.data.Results,
- })}
- hideFunction={() => setTokenOffcanvasVisible(false)}
- />
+ <CTable>
+ <thead>
+ <tr>
+ <th>Authentication User</th>
+ <th>Authentication IP</th>
+ <th>Application</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>
+ {permissionsResult.data.Results?.AccessTokenDetails?.UserPrincipalName}
+ </td>
+ <td>{permissionsResult.data.Results?.AccessTokenDetails?.IPAddress}</td>
+ <td>
+ <a
+ target="_blank"
+ href={`https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/Overview/appId/${permissionsResult.data.Results?.AccessTokenDetails?.AppId}/isMSAApp/`}
+ rel="noreferrer"
+ >
+ Link
+ </a>
+ </td>
+ </tr>
+ </tbody>
+ </CTable>
  </>
  )}
- <CCallout
- color={permissionsResult.data.Results?.Success === true ? 'success' : 'danger'}
- >
- {permissionsResult.data.Results?.Messages && (
- <>
- {permissionsResult.data.Results?.Messages?.map((m, idx) => (
- <div key={idx}>{m}</div>
- ))}
- </>
- )}
- {permissionsResult.data.Results?.MissingPermissions.length > 0 && (
- <>
- Your Secure Application Model is missing the following permissions. See the
- documentation on how to add permissions{' '}
- <a
- target="_blank"
- rel="noreferrer"
- href="https://docs.cipp.app/setup/installation/permissions#manual-permissions"
- >
- here
- </a>
- .
- <CListGroup flush>
- {permissionsResult.data.Results?.MissingPermissions?.map((r, index) => (
- <CListGroupItem key={index}>{r}</CListGroupItem>
- ))}
- </CListGroup>
- </>
- )}
- </CCallout>
+ <CRow>
+ <CCol>
+ <CCallout color="success">
+ {permissionsResult.data.Results?.Messages && (
+ <>
+ {permissionsResult.data.Results?.Messages?.map((m, idx) => (
+ <div key={idx}>{m}</div>
+ ))}
+ </>
+ )}
+ </CCallout>
+ </CCol>
+ <CCol>
+ {permissionsResult.data.Results?.ErrorMessages?.length >= 1 && (
+ <CCallout color="danger">
+ <>
+ {permissionsResult.data.Results?.ErrorMessages?.map((m, idx) => (
+ <div key={idx}>{m}</div>
+ ))}
+ </>
+ {permissionsResult.data.Results?.MissingPermissions.length > 0 && (
+ <>
+ Your Secure Application Model is missing the following permissions. See
+ the documentation on how to add permissions{' '}
+ <a
+ target="_blank"
+ rel="noreferrer"
+ href="https://docs.cipp.app/setup/installation/permissions#manual-permissions"
+ >
+ here
+ </a>
+ .
+ <CListGroup flush>
+ {permissionsResult.data.Results?.MissingPermissions?.map(
+ (r, index) => (
+ <CListGroupItem key={index}>{r}</CListGroupItem>
+ ),
+ )}
+ </CListGroup>
+ </>
+ )}
+ </CCallout>
+ )}
+ </CCol>
+ </CRow>
  </>
  )}
  </CippButtonCard>