Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: [M3-8590] - Restrict access to Database Create page for restricted users #11137

Merged
merged 7 commits into from
Oct 28, 2024
Merged

fix: [M3-8590] - Restrict access to Database Create page for restricted users #11137

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
6b995c0
Restrict access to Database Create page for restricted users
zaenab-akamai Oct 22, 2024
423d681
updated DatabaseCreate tests
zaenab-akamai Oct 22, 2024
a1e05cc
Added notice for restricted users on Database Create page
zaenab-akamai Oct 23, 2024
8ed974b
Fixed merge conflict
zaenab-akamai Oct 23, 2024
b4d162b
Fix
zaenab-akamai Oct 23, 2024
cd1e6f0
Added changeset: Database create page form being enabled for restrict…
zaenab-akamai Oct 24, 2024
35ca7a5
Addressed PR comments
zaenab-akamai Oct 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
104 changes: 104 additions & 0 deletions packages/manager/src/features/Databases/DatabaseCreate/DatabaseCreate.test.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,18 @@ import DatabaseCreate from './DatabaseCreate';

const loadingTestId = 'circle-progress';

const queryMocks = vi.hoisted(() => ({
useProfile: vi.fn().mockReturnValue({ data: { restricted: false } }),
}));

vi.mock('src/queries/profile/profile', async () => {
const actual = await vi.importActual('src/queries/profile/profile');
return {
...actual,
useProfile: queryMocks.useProfile,
};
});

beforeAll(() => mockMatchMedia());

describe('Database Create', () => {
Expand Down Expand Up @@ -154,4 +166,96 @@ describe('Database Create', () => {
expect(nodeRadioBtns).toHaveTextContent('$100/month $0.15/hr');
expect(nodeRadioBtns).toHaveTextContent('$140/month $0.21/hr');
});

it('should have the "Create Database Cluster" button disabled for restricted users', async () => {
queryMocks.useProfile.mockReturnValue({ data: { restricted: true } });

const { findByText, getByTestId } = renderWithTheme(<DatabaseCreate />);

expect(getByTestId(loadingTestId)).toBeInTheDocument();

await waitForElementToBeRemoved(getByTestId(loadingTestId));
const createClusterButtonSpan = await findByText('Create Database Cluster');
const createClusterButton = createClusterButtonSpan.closest('button');

expect(createClusterButton).toBeInTheDocument();
expect(createClusterButton).toBeDisabled();
});

it('should disable form inputs for restricted users', async () => {
queryMocks.useProfile.mockReturnValue({ data: { restricted: true } });

const {
findAllByRole,
findAllByTestId,
findByPlaceholderText,
getByTestId,
} = renderWithTheme(<DatabaseCreate />);

expect(getByTestId(loadingTestId)).toBeInTheDocument();

await waitForElementToBeRemoved(getByTestId(loadingTestId));
const textInputs = await findAllByTestId('textfield-input');
textInputs.forEach((input: HTMLInputElement) => {
expect(input).toBeDisabled();
});

const dbEngineSelect = await findByPlaceholderText(
'Select a Database Engine'
);
expect(dbEngineSelect).toBeDisabled();
const regionSelect = await findByPlaceholderText('Select a Region');
expect(regionSelect).toBeDisabled();

const radioButtons = await findAllByRole('radio');
radioButtons.forEach((radioButton: HTMLElement) => {
expect(radioButton).toBeDisabled();
});
});

it('should have the "Create Database Cluster" button enabled for users with full access', async () => {
queryMocks.useProfile.mockReturnValue({ data: { restricted: false } });

const { findByText, getByTestId } = renderWithTheme(<DatabaseCreate />);

expect(getByTestId(loadingTestId)).toBeInTheDocument();

await waitForElementToBeRemoved(getByTestId(loadingTestId));
const createClusterButtonSpan = await findByText('Create Database Cluster');
const createClusterButton = createClusterButtonSpan.closest('button');

expect(createClusterButton).toBeInTheDocument();
expect(createClusterButton).toBeEnabled();
});

it('should enable form inputs for users with full access', async () => {
queryMocks.useProfile.mockReturnValue({ data: { restricted: false } });

const {
findAllByRole,
findAllByTestId,
findByPlaceholderText,
getByTestId,
} = renderWithTheme(<DatabaseCreate />);

expect(getByTestId(loadingTestId)).toBeInTheDocument();

await waitForElementToBeRemoved(getByTestId(loadingTestId));
const textInputs = await findAllByTestId('textfield-input');
textInputs.forEach((input: HTMLInputElement) => {
expect(input).toBeEnabled();
});

const dbEngineSelect = await findByPlaceholderText(
'Select a Database Engine'
);
expect(dbEngineSelect).toBeEnabled();
const regionSelect = await findByPlaceholderText('Select a Region');
expect(regionSelect).toBeEnabled();

const radioButtons = await findAllByRole('radio');
radioButtons.forEach((radioButton: HTMLElement) => {
expect(radioButton).toBeEnabled();
});
});
});
28 changes: 27 additions & 1 deletion packages/manager/src/features/Databases/DatabaseCreate/DatabaseCreate.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,15 @@ import { RegionSelect } from 'src/components/RegionSelect/RegionSelect';
import { RegionHelperText } from 'src/components/SelectRegionPanel/RegionHelperText';
import { TextField } from 'src/components/TextField';
import { Typography } from 'src/components/Typography';
import { getRestrictedResourceText } from 'src/features/Account/utils';
import { PlansPanel } from 'src/features/components/PlansPanel/PlansPanel';
import { EngineOption } from 'src/features/Databases/DatabaseCreate/EngineOption';
import { DatabaseLogo } from 'src/features/Databases/DatabaseLanding/DatabaseLogo';
import { databaseEngineMap } from 'src/features/Databases/DatabaseLanding/DatabaseRow';
import { useIsDatabasesEnabled } from 'src/features/Databases/utilities';
import { enforceIPMasks } from 'src/features/Firewalls/FirewallDetail/Rules/FirewallRuleDrawer.utils';
import { typeLabelDetails } from 'src/features/Linodes/presentation';
import { useRestrictedGlobalGrantCheck } from 'src/hooks/useRestrictedGlobalGrantCheck';
import {
useCreateDatabaseMutation,
useDatabaseEnginesQuery,
Expand All @@ -48,6 +50,8 @@ import { getSelectedOptionFromGroupedOptions } from 'src/utilities/getSelectedOp
import { validateIPs } from 'src/utilities/ipUtils';
import { scrollErrorIntoViewV2 } from 'src/utilities/scrollErrorIntoViewV2';

import { DatabaseCreateAccessControls } from './DatabaseCreateAccessControls';

import type {
ClusterSize,
ComprehensiveReplicationType,
Expand All @@ -62,7 +66,6 @@ import type { Theme } from '@mui/material/styles';
import type { Item } from 'src/components/EnhancedSelect/Select';
import type { PlanSelectionType } from 'src/features/components/PlansPanel/types';
import type { ExtendedIP } from 'src/utilities/ipUtils';
import { DatabaseCreateAccessControls } from './DatabaseCreateAccessControls';

const useStyles = makeStyles()((theme: Theme) => ({
btnCtn: {
Expand Down Expand Up @@ -197,6 +200,9 @@ const DatabaseCreate = () => {
const { classes } = useStyles();
const history = useHistory();
const { isDatabasesV2Beta, isDatabasesV2Enabled } = useIsDatabasesEnabled();
const isRestricted = useRestrictedGlobalGrantCheck({
globalGrantType: 'add_databases',
});

const {
data: regionsData,
Expand Down Expand Up @@ -510,6 +516,17 @@ const DatabaseCreate = () => {
}}
title="Create"
/>
{isRestricted && (
<Notice
text={getRestrictedResourceText({
action: 'create',
resourceType: 'Databases',
})}
important
spacingTop={16}
variant="error"
/>
)}
<Paper>
{createError && (
<Notice variant="error">
Expand All @@ -523,6 +540,7 @@ const DatabaseCreate = () => {
<Typography variant="h2">Name Your Cluster</Typography>
<TextField
data-qa-label-input
disabled={isRestricted}
errorText={errors.label}
label="Cluster Label"
onChange={(e) => setFieldValue('label', e.target.value)}
Expand All @@ -544,6 +562,7 @@ const DatabaseCreate = () => {
)}
className={classes.engineSelect}
components={{ Option: EngineOption, SingleValue: _SingleValue }}
disabled={isRestricted}
errorText={errors.engine}
isClearable={false}
label="Database Engine"
Expand All @@ -555,6 +574,7 @@ const DatabaseCreate = () => {
<RegionSelect
currentCapability="Managed Databases"
disableClearable
disabled={isRestricted}
errorText={errors.region}
onChange={(e, region) => setFieldValue('region', region.id)}
regions={regionsData}
Expand All @@ -570,6 +590,8 @@ const DatabaseCreate = () => {
}}
className={classes.selectPlanPanel}
data-qa-select-plan
disabled={isRestricted}
disabledTabs={isRestricted ? ['shared', 'dedicated'] : []}
Copy link
Contributor

@dwiley-akamai dwiley-akamai Oct 23, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would be in favor in getting right of this line, right now there's odd behavior where you can click "Premium CPU" as a restricted user but not be able to click back to the "Dedicated CPU" tab.

Even without this line, a restricted user wouldn't be able to select a plan, and the only way they'd even be able to reach the page is by navigating to it directly.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated

error={errors.type}
handleTabChange={handleTabChange}
header="Choose a Plan"
Expand Down Expand Up @@ -599,11 +621,13 @@ const DatabaseCreate = () => {
);
}}
data-testid="database-nodes"
disabled={isRestricted}
>
{errors.cluster_size ? (
<Notice text={errors.cluster_size} variant="error" />
) : null}
<RadioGroup
aria-disabled={isRestricted}
style={{ marginBottom: 0, marginTop: 0 }}
value={values.cluster_size}
>
Expand All @@ -622,6 +646,7 @@ const DatabaseCreate = () => {
</Grid>
<Divider spacingBottom={12} spacingTop={26} />
<DatabaseCreateAccessControls
disabled={isRestricted}
errors={ipErrorsFromAPI}
ips={values.allow_list}
onBlur={handleIPBlur}
Expand All @@ -636,6 +661,7 @@ const DatabaseCreate = () => {
<Button
buttonType="primary"
className={classes.createBtn}
disabled={isRestricted}
loading={isSubmitting}
type="submit"
>
Expand Down
27 changes: 17 additions & 10 deletions packages/manager/src/features/Databases/DatabaseCreate/DatabaseCreateAccessControls.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
import type { APIError } from '@linode/api-v4/lib/types';
import { Theme } from '@mui/material/styles';
import Grid from '@mui/material/Unstable_Grid2';
import * as React from 'react';
import { ChangeEvent, useState } from 'react';
import { makeStyles } from 'tss-react/mui';

import { FormControlLabel } from 'src/components/FormControlLabel';
import { Link } from 'src/components/Link';
import { MultipleIPInput } from 'src/components/MultipleIPInput/MultipleIPInput';
Expand All @@ -11,36 +12,39 @@ import { Radio } from 'src/components/Radio/Radio';
import { RadioGroup } from 'src/components/RadioGroup';
import { Typography } from 'src/components/Typography';
import { ExtendedIP, ipFieldPlaceholder } from 'src/utilities/ipUtils';
import { makeStyles } from 'tss-react/mui';

import { useIsDatabasesEnabled } from '../utilities';

import type { APIError } from '@linode/api-v4/lib/types';

const useStyles = makeStyles()((theme: Theme) => ({
header: {
marginBottom: theme.spacing(0.5),
},
subHeader: {
marginTop: theme.spacing(2),
},
container: {
marginTop: theme.spacing(3),
maxWidth: 450,
},
header: {
marginBottom: theme.spacing(0.5),
},
multipleIPInput: {
marginLeft: theme.spacing(4),
},
subHeader: {
marginTop: theme.spacing(2),
},
}));

export type AccessOption = 'specific' | 'none';

interface Props {
disabled?: boolean;
errors?: APIError[];
ips: ExtendedIP[];
onBlur: (ips: ExtendedIP[]) => void;
onChange: (ips: ExtendedIP[]) => void;
}

export const DatabaseCreateAccessControls = (props: Props) => {
const { errors, ips, onBlur, onChange } = props;
const { disabled = false, errors, ips, onBlur, onChange } = props;
const { classes } = useStyles();
const [accessOption, setAccessOption] = useState<AccessOption>('specific');
const { isDatabasesV2GA } = useIsDatabasesEnabled();
Expand Down Expand Up @@ -110,12 +114,13 @@ export const DatabaseCreateAccessControls = (props: Props) => {
<FormControlLabel
control={<Radio />}
data-qa-dbaas-radio="Specific"
disabled={disabled}
label="Specific Access (recommended)"
value="specific"
/>
<MultipleIPInput
className={classes.multipleIPInput}
disabled={accessOption === 'none'}
disabled={accessOption === 'none' || disabled}
ips={ips}
onBlur={onBlur}
onChange={onChange}
Expand All @@ -125,12 +130,14 @@ export const DatabaseCreateAccessControls = (props: Props) => {
<FormControlLabel
control={<Radio />}
data-qa-dbaas-radio="None"
disabled={disabled}
label="No Access (Deny connections from all IP addresses)"
value="none"
/>
</RadioGroup>
) : (
<MultipleIPInput
disabled={disabled}
ips={ips}
onBlur={onBlur}
onChange={onChange}
Expand Down