Merge pull request #488 from leoendless/hotfix/roleDesc

fix: Fix preset roles description.
kubesphere · Jun 24, 2020 · 5a31e1d · 5a31e1d
2 parents 08e745b + 43e9abd
commit 5a31e1d
Show file tree

Hide file tree

Showing 18 changed files with 228 additions and 169 deletions.
diff --git a/server/config.yaml b/server/config.yaml
@@ -415,11 +415,11 @@ client:
     roles: [view, create, edit, delete]
 
   # preset infos
-  presetUsers: ['admin', 'sonarqube']
-  presetGlobalRoles: ['platform-admin']
-  presetClusterRoles: [cluster-admin, cluster-regular, workspaces-manager]
-  presetWorkspaceRoles: [workspace-admin, workspace-regular, workspace-viewer]
-  presetDevOpsRoles: [owner, maintainer, developer, reporter]
+  presetUsers: [admin, sonarqube]
+  presetGlobalRoles: [platform-admin, platform-regular, workspace-manager, user-manager]
+  presetClusterRoles: [cluster-admin, cluster-viewer]
+  presetWorkspaceRoles: [admin, regular, viewer, self-provisioner]
+  presetDevOpsRoles: [admin, operator, viewer]
   presetRoles: [admin, operator, viewer]
 
   # system annotations that need to be hidden for edit

diff --git a/src/actions/member.js b/src/actions/member.js
@@ -25,16 +25,7 @@ import DeleteModal from 'components/Modals/Delete'
 
 export default {
   'member.invite': {
-    on({
-      store,
-      cluster,
-      workspace,
-      namespace,
-      roleModule,
-      success,
-      devops,
-      ...props
-    }) {
+    on({ store, cluster, workspace, namespace, success, devops, ...props }) {
       const modal = Modal.open({
         onOk: data => {
           store

diff --git a/src/components/Modals/UserCreate/index.jsx b/src/components/Modals/UserCreate/index.jsx
@@ -50,10 +50,11 @@ export default class UserCreateModal extends Component {
   }
 
   state = {
-    formTemplate: Object.assign(
-      { apiVersion: 'iam.kubesphere.io/v1alpha2', kind: 'User' },
-      get(this.props, 'detail._originData', {})
-    ),
+    formTemplate: {
+      apiVersion: 'iam.kubesphere.io/v1alpha2',
+      kind: 'User',
+      ...get(this.props, 'detail._originData', {}),
+    },
   }
 
   globalRoleStore = new RoleStore('globalroles')
@@ -99,19 +100,12 @@ export default class UserCreateModal extends Component {
     })
   }
 
-  optionRenderer = option => {
-    let desc = get(option.item, 'description')
-    if (desc && globals.config.presetClusterRoles.includes(option.item.name)) {
-      desc = t(desc)
-    }
-
-    return (
-      <div className={styles.option}>
-        <div>{option.item.name}</div>
-        <p>{desc}</p>
-      </div>
-    )
-  }
+  optionRenderer = option => (
+    <div className={styles.option}>
+      <div>{option.item.name}</div>
+      <p>{option.item.description}</p>
+    </div>
+  )
 
   render() {
     const { store, detail, ...rest } = this.props

diff --git a/src/locales/en/role.js b/src/locales/en/role.js
@@ -91,46 +91,59 @@ export default {
   NODES_MANAGEMENT_DESC: 'Manage, enable and disable nodes; manage taints',
   CRD_MANAGEMENT_DESC: 'Manage, view, modify and delele cluster CRDs',
   COMPONENTS_MANAGEMENT_DESC: 'Manage cluster components',
-  CLUSTERS_VIEW_DESC: 'View all clusters and cluster resources within a platform',
-  CLUSTERS_MANAGEMENT_DESC: 'Create and delete clusters; manage resources in all clusters',
+  CLUSTERS_VIEW_DESC:
+    'View all clusters and cluster resources within a platform',
+  CLUSTERS_MANAGEMENT_DESC:
+    'Create and delete clusters; manage resources in all clusters',
   WORKSPACES_VIEW_DESC: 'View the current workspaces that users have access to',
   ROLES_VIEW_DESC: 'View the current roles in the platform',
   WORKSPACES_MANAGEMENT_DESC:
-  'Support workspace management, including adding/deleting/editing workspaces; view all workspaces in the platform',
-  USERS_MANAGEMENT_DESC: 'Support account management, including adding/deleting/updating account information',
-  ROLES_MANAGEMENT_DESC: 'Support account role management, including adding/deleting/updating account roles',
+    'Support workspace management, including adding/deleting/editing workspaces; view all workspaces in the platform',
+  USERS_MANAGEMENT_DESC:
+    'Support account management, including adding/deleting/updating account information',
+  ROLES_MANAGEMENT_DESC:
+    'Support account role management, including adding/deleting/updating account roles',
   APP_TEMPLATES_VIEW_DESC: 'View platform App Store',
   APP_TEMPLATES_MANAGEMENT_DESC:
-  'Manage App Store at platform level and responsible for unified lifecycle management of cloud native applications including their release, removal and review',
+    'Manage App Store at platform level and responsible for unified lifecycle management of cloud native applications including their release, removal and review',
   PLATFORM_SETTINGS_MANAGEMENT_DESC:
-  'Manage platform settings, such as customized platform information, log collection configuration and email notification',
-  ACCOUNT_ROLE_DESC: 'Account roles define the authorization an account has in the platform.',
-  ACCOUNT_ROLE_CREATE_DESC: 'Account roles define the authorization an account has in the platform.',
+    'Manage platform settings, such as customized platform information, log collection configuration and email notification',
+  ACCOUNT_ROLE_DESC:
+    'Account roles define the authorization an account has in the platform.',
+  ACCOUNT_ROLE_CREATE_DESC:
+    'Account roles define the authorization an account has in the platform.',
   PIPELINES_MANAGEMENT_DESC:
-  'Manage DevOps project pipeline, including creating, editing and deleting',
+    'Manage DevOps project pipeline, including creating, editing and deleting',
   PIPELINES_VIEW_DESC: 'View DevOps project pipeline and download artifacts',
   CREDENTIALS_MANAGEMENT_DESC:
-  'Manage project credentials, including creating, editing and deleting',
+    'Manage project credentials, including creating, editing and deleting',
   CREDENTIALS_VIEW_DESC: 'View and use credentials',
   DEVOPS_ROLES_VIEW_DESC: 'View DevOps project roles',
   DEVOPS_ROLES_MANAGEMENT_DESC:
-  'Create, edit and delete DevOps project roles (system preset roles cannot be deleted)',
+    'Create, edit and delete DevOps project roles (system preset roles cannot be deleted)',
   DEVOPS_MEMBERS_VIEW_DESC: 'View DevOps project members',
   DEVOPS_MEMBERS_MANAGEMENT_DESC: 'Invite/edit/remove DevOps project members',
-  DEVOPS_SETTINGS_DESC: 'Manage DevOps project settings and edit DevOps project information',
+  DEVOPS_SETTINGS_DESC:
+    'Manage DevOps project settings and edit DevOps project information',
   CLUSTER_MEMBERS_MANAGEMENT_DESC: 'Invite/edit/remove cluster members',
   CLUSTER_MEMBERS_VIEW_DESC: 'View cluster members',
-  CLUSTER_ROLES_MANAGEMENT_DESC: 'Create, edit and delete cluster roles (system preset roles cannot be deleted)',
+  CLUSTER_ROLES_MANAGEMENT_DESC:
+    'Create, edit and delete cluster roles (system preset roles cannot be deleted)',
   CLUSTER_ROLES_VIEW_DESC: 'View cluster roles',
-  NETWORK_POLICIES_MANAGEMENT_DESC: 'Create/edit/delete cluster network policies',
+  NETWORK_POLICIES_MANAGEMENT_DESC:
+    'Create/edit/delete cluster network policies',
   NETWORK_POLICIES_VIEW_DESC: 'View cluster network policies',
   STORAGECLASSES_VIEW_DESC: 'View all storage classes in the cluster',
-  STORAGECLASSES_MANAGEMENT_DESC: 'Create/edit/delete storage classes and set the default storage class',
+  STORAGECLASSES_MANAGEMENT_DESC:
+    'Create/edit/delete storage classes and set the default storage class',
   VOLUME_SNAPSHOTS_VIEW_DESC: 'View all volume snapshots in the cluster',
   VOLUME_SNAPSHOTS_MANAGEMENT_DESC: 'Create/edit/delete volume snapshots',
-  CLUSTER_MONITORING_VIEW_DESC: 'View cluster physical resources and monitoring data of application resources',
-  APPLICATION_WORKLOADS_VIEW_DESC: 'View applications, services, workloads and tasks in the project',
-  APPLICATION_WORKLOADS_MANAGEMENT_DESC: 'Create, edit and delete applications, services, workloads and tasks in the project',
+  CLUSTER_MONITORING_VIEW_DESC:
+    'View cluster physical resources and monitoring data of application resources',
+  APPLICATION_WORKLOADS_VIEW_DESC:
+    'View applications, services, workloads and tasks in the project',
+  APPLICATION_WORKLOADS_MANAGEMENT_DESC:
+    'Create, edit and delete applications, services, workloads and tasks in the project',
   VOLUMES_VIEW_DESC: 'View project volumes',
   VOLUMES_MANAGEMENT_DESC: 'Create/edit/delete project volumes',
   SECRETS_VIEW_DESC: 'View project secrets',
@@ -141,24 +154,67 @@ export default {
   ALERTING_MESSAGES_VIEW_DESC: 'View alerting messages',
   ALERTING_MESSAGES_MANAGEMENT_DESC: 'Comment/delete alerting messages',
   PROJECT_ROLES_VIEW_DESC: 'View project roles',
-  PROJECT_ROLES_MANAGEMENT_DESC: 'Create, edit and delete project roles (system preset roles cannot be deleted)',
+  PROJECT_ROLES_MANAGEMENT_DESC:
+    'Create, edit and delete project roles (system preset roles cannot be deleted)',
   PROJECT_MEMBERS_VIEW_DESC: 'View project members',
   PROJECT_MEMBERS_MANAGEMENT_DESC: 'Invite/edit/remove project members',
-  PROJECT_SETTINGS_DESC: 'Manage project settings and edit project information, including Internet access, network policies, resource quota, and disk log collection and configuration',
-  PROJECTS_MANAGEMENT_DESC: 'Manage all projects in the workspace, including creating/editing/deleting projects',
-  PROJECTS_CREATE_DESC: 'Have the access to create projects and the project administrator has to be the creator',
+  PROJECT_SETTINGS_DESC:
+    'Manage project settings and edit project information, including Internet access, network policies, resource quota, and disk log collection and configuration',
+  PROJECTS_MANAGEMENT_DESC:
+    'Manage all projects in the workspace, including creating/editing/deleting projects',
+  PROJECTS_CREATE_DESC:
+    'Have the access to create projects and the project administrator has to be the creator',
   PROJECTS_VIEW_DESC: 'View all projects in the workspace',
-  DEVOPS_MANAGEMENT_DESC: 'Manage all DevOps projects in the workspace, including creating/editing/deleting DevOps projects',
-  DEVOPS_CREATE_DESC: 'Have the access to create DevOps projects and the DevOps project administrator has to be the creator',
+  DEVOPS_MANAGEMENT_DESC:
+    'Manage all DevOps projects in the workspace, including creating/editing/deleting DevOps projects',
+  DEVOPS_CREATE_DESC:
+    'Have the access to create DevOps projects and the DevOps project administrator has to be the creator',
   DEVOPS_VIEW_DESC: 'View all DevOps projects in the workspace',
   USERS_VIEW_DESC: 'View users in the current platform',
   WORKSPACE_ROLES_VIEW_DESC: 'View workspace roles',
-  WORKSPACE_ROLES_MANAGEMENT_DESC: 'Create, edit and delete workspace roles (system preset roles cannot be deleted)',
+  WORKSPACE_ROLES_MANAGEMENT_DESC:
+    'Create, edit and delete workspace roles (system preset roles cannot be deleted)',
   WORKSPACE_MEMBERS_VIEW_DESC: 'View workspace members',
   WORKSPACE_MEMBERS_MANAGEMENT_DESC: 'Invite/edit/remove workspace members',
   WORKSPACE_APP_REPOS_VIEW_DESC: 'View app repository list ',
   WORKSPACE_APP_REPOS_MANAGEMENT_DESC: 'Create/edit/delete app repositories',
   WORKSPACE_APP_TEMPLATES_VIEW_DESC: 'View workspace app templates',
-  WORKSPACE_APP_TEMPLATES_MANAGEMENT_DESC: 'Upload/edit/delete workspace app templates; release/remove apps to App Store in the platform',
-  ROLE_PROJECTS_JOIN_TIP: 'Enter username or email address to invite users to the project',
+  WORKSPACE_APP_TEMPLATES_MANAGEMENT_DESC:
+    'Upload/edit/delete workspace app templates; release/remove apps to App Store in the platform',
+  ROLE_PROJECTS_JOIN_TIP:
+    'Enter username or email address to invite users to the project',
+
+  ROLE_PLATFORM_ADMIN: '平台管理员, 可以管理平台内的所有资源.',
+  ROLE_PLATFORM_REGULAR:
+    '平台普通用户, 在被邀请加入企业空间或集群之前没有任何资源操作权限。',
+  ROLE_USER_MANAGER: '平台用户管理员, 管理平台所有用户',
+  ROLE_WORKSPACE_MANAGER: '平台企业空间管理员, 管理平台所有企业空间',
+
+  ROLE_CLUSTER_ADMIN:
+    'Allows cluster-admin access to perform any action on any resource. It gives full control over all resources in the cluster and in all namespaces.',
+  ROLE_CLUSTER_VIEWER:
+    'Allows cluster-viwer to view all resources in the cluster.',
+
+  ROLE_WORKSPACE_ADMIN:
+    'Allows admin access to perform any action on any resource. It gives full control over all resources in the workspace.',
+  ROLE_WORKSPACE_REGULAR:
+    'Normal user in the workspace who can create namespace and DevOps project.',
+  ROLE_WORKSPACE_VIEWER:
+    'Allows viewer access to view all resources in the workspace.',
+  ROLE_WORKSPACE_SELF_PROVISIONER:
+    'Normal user in the workspace who can not create namespace and DevOps project.',
+
+  ROLE_PROJECT_ADMIN:
+    'Allows admin access to perform any action on any resource, it gives full control over every resource in the namespace.',
+  ROLE_PROJECT_REGULAR:
+    'The maintainer of the namespace who can manage resources other than users and roles in the namespace.',
+  ROLE_PROJECT_VIEWER:
+    'Allows viewer access to view all resources in the namespace.',
+
+  ROLE_DEVOPS_ADMIN:
+    'Allows admin access to perform any action on any resource, it gives full control over every resource in the devops.',
+  ROLE_DEVOPS_REGULAR:
+    'The maintainer of the namespace who can manage resources other than users and roles in the devops.',
+  ROLE_DEVOPS_VIEWER:
+    'Allows viewer access to view all resources in the devops.',
 }
diff --git a/src/locales/zh/role.js b/src/locales/zh/role.js
@@ -232,24 +232,30 @@ export default {
 
   'Unable to delete preset role': '无法删除预置角色',
 
-  'Allows cluster-admin access to perform any action on any resource. It gives full control over all resources in the cluster and in all namespaces.':
-    '集群管理员，可以管理集群中所有的资源。',
-  'Normal user in the cluster; there is no permission for any resource operations until the user with this role is invited to a workspace.':
-    '集群中的普通用户，在被邀请加入企业空间之前没有任何资源操作权限。',
-  'Allows workspace-manager access to manage all the workspaces in the cluster.':
-    '集群中企业空间管理员，可以管理集群中所有的企业空间。',
-  'Allows admin access to perform any action on any resource. It gives full control over all resources in the workspace.':
-    '企业空间管理员，可以管理企业空间下所有的资源。',
-  'Normal user in the workspace who can create namespace and DevOps project.':
-    '企业空间普通成员，可以在企业空间下创建工程和项目。',
-  'Allows viewer access to view all resources in the workspace.':
-    '企业空间的观察者，可以查看企业空间下所有的资源信息。',
-  'Allows admin access to perform any action on any resource. It gives full control over all resources in the namespace.':
-    '	项目管理员，可以管理项目下所有的资源。',
-  'The maintainer of the namespace who can manage resources other than users and roles in the namespace.':
-    '项目维护者，可以管理项目下除用户和角色之外的资源。',
-  'Allows viewer access to view all resources in the namespace.':
-    '项目观察者，可以查看项目下所有的资源。',
+  ROLE_PLATFORM_ADMIN: '平台管理员, 可以管理平台内的所有资源.',
+  ROLE_PLATFORM_REGULAR:
+    '平台普通用户, 在被邀请加入企业空间或集群之前没有任何资源操作权限。',
+  ROLE_USER_MANAGER: '平台用户管理员, 管理平台所有用户',
+  ROLE_WORKSPACE_MANAGER: '平台企业空间管理员, 管理平台所有企业空间',
+
+  ROLE_CLUSTER_ADMIN: '集群管理员，可以管理集群中所有的资源。',
+  ROLE_CLUSTER_VIEWER: '集群观察者，可以查看集群下所有的资源。',
+
+  ROLE_WORKSPACE_ADMIN: '企业空间管理员，可以管理企业空间下所有的资源。',
+  ROLE_WORKSPACE_REGULAR:
+    '企业空间普通成员，可以在企业空间下创建 DevOps 工程和项目。',
+  ROLE_WORKSPACE_VIEWER: '企业空间的观察者，可以查看企业空间下所有的资源信息。',
+  ROLE_WORKSPACE_SELF_PROVISIONER:
+    '企业空间普通成员，无法创建 DevOps 工程和项目。',
+
+  ROLE_PROJECT_ADMIN: '项目管理员，可以管理项目下所有的资源。',
+  ROLE_PROJECT_OPERATOR: '项目维护者，可以管理项目下除用户和角色之外的资源。',
+  ROLE_PROJECT_VIEWER: '项目观察者，可以查看项目下所有的资源。',
+
+  ROLE_DEVOPS_ADMIN: 'DevOps 工程管理员, 可以管理 DevOps 工程下所有的资源',
+  ROLE_DEVOPS_OPERATOR:
+    'DevOps 工程普通成员, 可以在 DevOps 工程下创建流水线凭证等.',
+  ROLE_DEVOPS_VIEWER: 'DevOps 工程观察者，可以查看 DevOps 工程下所有的资源。',
 
   ACCOUNT_ROLE_DESC: '账号角色可以定义平台内的账号拥有的权限',
   ACCOUNT_ROLE_CREATE_DESC: '账号角色可以定义平台内的账号拥有的权限',

diff --git a/src/pages/access/containers/Roles/Detail/index.jsx b/src/pages/access/containers/Roles/Detail/index.jsx
@@ -19,7 +19,7 @@
 import React from 'react'
 import { toJS } from 'mobx'
 import { observer, inject } from 'mobx-react'
-import { get, isEmpty } from 'lodash'
+import { isEmpty } from 'lodash'
 import { Loading } from '@pitrix/lego-ui'
 
 import { getLocalTime, getDisplayName } from 'utils'
@@ -61,17 +61,6 @@ export default class RoleDetail extends React.Component {
     return this.props.rootStore.routing
   }
 
-  get detailDesc() {
-    const name = this.store.detail.name
-    const desc = get(this.store.detail, 'description')
-
-    if (globals.config.presetGlobalRoles.includes(name)) {
-      return t(desc)
-    }
-
-    return desc
-  }
-
   get showEdit() {
     const { name } = this.props.match.params
     return !globals.config.presetGlobalRoles.includes(name)
@@ -87,6 +76,7 @@ export default class RoleDetail extends React.Component {
       icon: 'pen',
       text: t('Edit Info'),
       action: 'edit',
+      show: this.showEdit,
       onClick: () =>
         this.trigger('resource.baseinfo.edit', {
           type: t(this.name),
@@ -154,7 +144,7 @@ export default class RoleDetail extends React.Component {
       module: this.module,
       authKey: this.authKey,
       name: getDisplayName(this.store.detail),
-      desc: this.detailDesc,
+      desc: this.store.detail.description,
       operations: this.getOperations(),
       attrs: this.getAttrs(),
       breadcrumbs: [

diff --git a/src/pages/access/containers/Roles/index.jsx b/src/pages/access/containers/Roles/index.jsx
@@ -18,7 +18,6 @@
 
 import React from 'react'
 import { toJS } from 'mobx'
-import { get } from 'lodash'
 
 import { Avatar } from 'components/Base'
 import Banner from 'components/Cards/Banner'
@@ -51,6 +50,7 @@ export default class Roles extends React.Component {
         icon: 'pen',
         text: t('Edit'),
         action: 'edit',
+        show: this.showAction,
         onClick: item =>
           trigger('resource.baseinfo.edit', {
             detail: item,
@@ -121,13 +121,6 @@ export default class Roles extends React.Component {
         dataIndex: 'description',
         isHideable: true,
         width: '55%',
-        render: (description, record) => {
-          const name = get(record, 'name')
-          if (description && globals.config.presetGlobalRoles.includes(name)) {
-            return t(description)
-          }
-          return description
-        },
       },
       {
         title: t('Created Time'),

diff --git a/src/pages/clusters/containers/Roles/Detail/index.jsx b/src/pages/clusters/containers/Roles/Detail/index.jsx
@@ -62,17 +62,6 @@ export default class RoleDetail extends React.Component {
     return this.props.rootStore.routing
   }
 
-  get detailDesc() {
-    const name = this.store.detail.name
-    const desc = get(this.store.detail, 'description')
-
-    if (globals.config.presetClusterRoles.includes(name)) {
-      return t(desc)
-    }
-
-    return desc
-  }
-
   get showEdit() {
     const { name } = this.props.match.params
     return !globals.config.presetClusterRoles.includes(name)
@@ -88,6 +77,7 @@ export default class RoleDetail extends React.Component {
       icon: 'pen',
       text: t('Edit Info'),
       action: 'edit',
+      show: this.showEdit,
       onClick: () =>
         this.trigger('resource.baseinfo.edit', {
           type: t(this.name),
@@ -156,7 +146,7 @@ export default class RoleDetail extends React.Component {
       module: this.module,
       authKey: this.authKey,
       name: get(this.store.detail, 'name'),
-      desc: this.detailDesc,
+      desc: this.store.detail.description,
       operations: this.getOperations(),
       attrs: this.getAttrs(),
       breadcrumbs: [