Commit Graph

13 Commits (0e688e6f590f57cbec9150aba7906c87434de274)

Author SHA1 Message Date
John Cowen c6db97b666
UI: Removes success notification on faking a success response for `self` (#4906)
In order to continue supporting the legacy ACL system, we replace
the 500 error from a non-existent `self` endpoint with a response of a
`null` `AccessorID` - which makes sense (a null AccessorID means old
API)

We then redirect the user to the old ACL pages which then gives a 403
if their token was wrong which then redirects them back to the login page.

Due to the multiple redirects and not wanting to test the validity of the token
before redirecting (thus calling the same API endpoint twice), it is not
straightforwards to turn the 'faked' response from the `self` endpoint
into an error (flash messages are 'lost' through multiple redirects).

In order to make this a slightly better experience, you can now return a
`false` during execution of an action requiring success/failure
feedback, this essentially skips the notification, so if the action is
'successful' but you don't want to show the notification, you can. This
resolves showing a successful notification when the `self` endpoint
response is faked. The last part of the puzzle is to make sure that the
global 403 catching error in the application Route also produces an
erroneous notification.

Please note this can only happen with a ui client using the new ACL
system when communicating with a cluster using the old ACL system, and
only when you enter the wrong token.

Lastly, further acceptance tests have been added around this

This commit also adds functionality to avoid any possible double 
notification messages, to avoid UI overlapping
2018-11-07 15:57:41 +00:00
John Cowen f65f001675
UI: Catch 500 error on token endpoint and revert to legacy tokens (#4874)
In some circumstances a consul 1.4 client could be running in an
un-upgraded 1.3 or lower cluster. Currently this gives a 500 error on
the new ACL token endpoint. Here we catch this specific 500 error/message
and set the users AccessorID to null. Elsewhere in the frontend we use
this fact (AccessorID being null) to decide whether to present the
legacy or the new ACL UI to the user.

Also:
- Re-adds in most of the old style ACL acceptance tests, now that we are keeping the old style UI
- Restricts code editors to HCL only mode for all `Rules` editing (legacy/'half legacy'/new style)
- Adds a [Stop using] button to the old style ACL rows so its possible to logout.
- Updates copy and documentation links for the upgrade notices
2018-11-02 14:44:36 +00:00
John Cowen 7d89e519a2 UI: New ACLs (#4789)
UI to accompany the new ACLs APIs
2018-10-19 08:45:05 -07:00
John Cowen 40e71f1b91
UI: Simplify/refactor the actions/notification layer (#4572) + (#4573)
* Move notification texts to a slightly different layer (#4572)
* Further Simplify/refactor the actions/notification layer (#4573)

1. Move the 'with-feedback' actions to a 'with-blocking-action' mixin
which better describes what it does
2. Additional set of unit tests almost over the entire layer to prove
things work/add confidence for further changes

The multiple 'with-action' mixins used for every 'index/edit' combo are
now reduced down to only contain the functionality related to their
specific routes, i.e. where to redirect.

The actual functionality to block and carry out the action and then
notify are 'almost' split out so that their respective classes/objects do
one thing and one thing 'well'.

Mixins are chosen for the moment as the decoration approach used by
mixins feels better than multiple levels of inheritence, but I would
like to take this fuether in the future to a 'compositional' based
approach.

There is still possible further work to be done here, but I'm a lot
happier now this is reduced down into separate parts.
2018-08-29 19:14:31 +01:00
John Cowen 649d777714 Acceptance test for using tokens from listing and detail pages 2018-07-04 16:37:41 +01:00
John Cowen 701d6a3a72 Move deleting to a top level feature 2018-07-04 15:58:09 +01:00
John Cowen e0f7cdb128 Start purifying page objects 2018-07-04 15:06:20 +01:00
John Cowen b445df39bb Use html5 oninput instead of onkeyup for native textual inputs
This enables people to enter things using the mouse to paste for
example, plus possible other things.

As an aside it also answers my query regarding `fillIn` for testing,
nothing needs to be actually _typed_ anymore! Doh
2018-07-03 15:40:15 +01:00
John Cowen 6949b22d5f Sort ACL tokens by name 2018-06-19 10:51:31 +01:00
John Cowen 62a4c1098e Add test for not showing the delete button for the first acl...
Also, change the action group page objects to use data-test attributes
instead of last-child which isn't reliable (and stay consistent)
2018-06-14 15:01:54 +01:00
John Cowen e37136ecae Prevent being able to submit a create form with empty values 2018-06-12 11:24:36 +01:00
John Cowen 5e5fffe300 Add some delete testing to KV and ACL 2018-06-12 11:24:36 +01:00
John Cowen 17ebf96755 WIP: Feature/acceptance tests 2018-06-12 11:24:35 +01:00