github
/
portainer
mirror of https://github.com/portainer/portainer
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(sidebar): show authorized links [EE-3610] (#7152)

pull/7326/head
Chaim Lev-Ari 2022-07-22 04:14:31 +02:00 committed by GitHub
parent 005c48b1ad
commit 9a92b97b7e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 57 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
app/kubernetes/__module.js
View File

@ -322,8 +322,20 @@ angular.module('portainer.kubernetes', ['portainer.app', registriesModule, custo
}, },
}; };
const endpointKubernetesConfiguration = {
name: 'kubernetes.cluster.setup',
url: '/configure',
views: {
'content@': {
templateUrl: './views/configure/configure.html',
controller: 'KubernetesConfigureController',
controllerAs: 'ctrl',
},
},
};
const endpointKubernetesSecurityConstraint = { const endpointKubernetesSecurityConstraint = {
name: 'portainer.k8sendpoint.securityConstraint', name: 'kubernetes.cluster.securityConstraint',
url: '/securityConstraint', url: '/securityConstraint',
views: { views: {
'content@': { 'content@': {
@ -362,6 +374,7 @@ angular.module('portainer.kubernetes', ['portainer.app', registriesModule, custo
$stateRegistryProvider.register(volume); $stateRegistryProvider.register(volume);
$stateRegistryProvider.register(registries); $stateRegistryProvider.register(registries);
$stateRegistryProvider.register(registriesAccess); $stateRegistryProvider.register(registriesAccess);
$stateRegistryProvider.register(endpointKubernetesConfiguration);
$stateRegistryProvider.register(endpointKubernetesSecurityConstraint); $stateRegistryProvider.register(endpointKubernetesSecurityConstraint);
}, },
]); ]);

2
app/kubernetes/components/kube-services/kube-services-item/kube-services-item.html
View File

@ -2,7 +2,7 @@
<div ng-if="$ctrl.isAdmin()" class="small" ng-show="$ctrl.serviceType === $ctrl.KubernetesApplicationPublishingTypes.LOAD_BALANCER && !$ctrl.loadbalancerEnabled"> <div ng-if="$ctrl.isAdmin()" class="small" ng-show="$ctrl.serviceType === $ctrl.KubernetesApplicationPublishingTypes.LOAD_BALANCER && !$ctrl.loadbalancerEnabled">
<p style="margin-top: 10px"> <p style="margin-top: 10px">
<pr-icon icon="'alert-circle'" mode="'primary'" feather="true"></pr-icon> No Load balancer is available in this cluster, click <pr-icon icon="'alert-circle'" mode="'primary'" feather="true"></pr-icon> No Load balancer is available in this cluster, click
<a ui-sref="portainer.k8sendpoint.kubernetesConfig({id: $ctrl.state.endpointId})">here</a> to configure load balancer. <a ui-sref="kubernetes.cluster.setup">here</a> to configure load balancer.
</p> </p>
</div> </div>
<div ng-if="!$ctrl.isAdmin()" class="small" ng-show="$ctrl.serviceType === $ctrl.KubernetesApplicationPublishingTypes.LOAD_BALANCER && !$ctrl.loadbalancerEnabled"> <div ng-if="!$ctrl.isAdmin()" class="small" ng-show="$ctrl.serviceType === $ctrl.KubernetesApplicationPublishingTypes.LOAD_BALANCER && !$ctrl.loadbalancerEnabled">

2
app/kubernetes/components/kube-services/kube-services.html
View File

@ -56,7 +56,7 @@
<div ng-if="$ctrl.isAdmin()" class="small"> <div ng-if="$ctrl.isAdmin()" class="small">
<p style="margin-top: 10px"> <p style="margin-top: 10px">
<pr-icon icon="'alert-triangle'" mode="'warning'" feather="true"></pr-icon> Ingress is not configured in this namespace, select another namespace or click <pr-icon icon="'alert-triangle'" mode="'warning'" feather="true"></pr-icon> Ingress is not configured in this namespace, select another namespace or click
<a ui-sref="portainer.k8sendpoint.kubernetesConfig({id: $ctrl.state.endpointId})">here</a> to configure ingress. <a ui-sref="kubernetes.cluster.setup">here</a> to configure ingress.
</p> </p>
</div> </div>
<div ng-if="!$ctrl.isAdmin()" class="small"> <div ng-if="!$ctrl.isAdmin()" class="small">

2
app/kubernetes/views/applications/create/createApplication.html
View File

@ -1033,7 +1033,7 @@
<p ng-if="!ctrl.isAdmin"> This feature is currently disabled and must be enabled by an administrator user. </p> <p ng-if="!ctrl.isAdmin"> This feature is currently disabled and must be enabled by an administrator user. </p>
<p ng-if="ctrl.isAdmin"> <p ng-if="ctrl.isAdmin">
Server metrics features must be enabled in the Server metrics features must be enabled in the
<a ui-sref="portainer.k8sendpoint.kubernetesConfig({id: ctrl.endpoint.Id})" class="ctrl.isAdmin">environment configuration view</a>. <a ui-sref="kubernetes.cluster.setup" class="ctrl.isAdmin">environment configuration view</a>.
</p> </p>
</div> </div>
</div> </div>

2
app/kubernetes/views/configure/configureController.js
View File

@ -269,7 +269,7 @@ class KubernetesConfigureController {
actionInProgress: false, actionInProgress: false,
displayConfigureClassPanel: {}, displayConfigureClassPanel: {},
viewReady: false, viewReady: false,
endpointId: this.$state.params.id, endpointId: this.$state.params.endpointId,
duplicates: { duplicates: {
ingressClasses: new KubernetesFormValidationReferences(), ingressClasses: new KubernetesFormValidationReferences(),
}, },

3
app/kubernetes/views/resource-pools/create/createResourcePool.html
View File

@ -186,8 +186,7 @@
<div class="form-group" ng-if="$ctrl.formValues.IngressClasses.length === 0"> <div class="form-group" ng-if="$ctrl.formValues.IngressClasses.length === 0">
<div class="col-sm-12 small text-muted"> <div class="col-sm-12 small text-muted">
The ingress feature must be enabled in the The ingress feature must be enabled in the
<a ui-sref="portainer.k8sendpoint.kubernetesConfig({id: $ctrl.endpoint.Id})">environment configuration view</a> to be able to register ingresses inside this <a ui-sref="kubernetes.cluster.setup">environment configuration view</a> to be able to register ingresses inside this namespace.
namespace.
</div> </div>
</div> </div>

3
app/kubernetes/views/resource-pools/edit/resourcePool.html
View File

@ -152,8 +152,7 @@
<div class="form-group" ng-if="ctrl.formValues.IngressClasses.length === 0"> <div class="form-group" ng-if="ctrl.formValues.IngressClasses.length === 0">
<div class="col-sm-12 small text-muted"> <div class="col-sm-12 small text-muted">
The ingress feature must be enabled in the The ingress feature must be enabled in the
<a ui-sref="portainer.k8sendpoint.kubernetesConfig({id: ctrl.endpoint.Id})">environment configuration view</a> to be able to register ingresses inside this <a ui-sref="kubernetes.cluster.setup">environment configuration view</a> to be able to register ingresses inside this namespace.
namespace.
</div> </div>
</div> </div>

19
app/portainer/__module.js
View File

@ -186,23 +186,6 @@ angular
}, },
}; };
var k8sendpoint = {
name: 'portainer.k8sendpoint',
url: '/:id',
};
const endpointKubernetesConfiguration = {
name: 'portainer.k8sendpoint.kubernetesConfig',
url: '/configure',
views: {
'content@': {
templateUrl: '../kubernetes/views/configure/configure.html',
controller: 'KubernetesConfigureController',
controllerAs: 'ctrl',
},
},
};
var edgeDeviceCreation = { var edgeDeviceCreation = {
name: 'portainer.endpoints.newEdgeDevice', name: 'portainer.endpoints.newEdgeDevice',
url: '/newEdgeDevice', url: '/newEdgeDevice',
@ -484,14 +467,12 @@ angular
$stateRegistryProvider.register(logout); $stateRegistryProvider.register(logout);
$stateRegistryProvider.register(endpoints); $stateRegistryProvider.register(endpoints);
$stateRegistryProvider.register(endpoint); $stateRegistryProvider.register(endpoint);
$stateRegistryProvider.register(k8sendpoint);
$stateRegistryProvider.register(endpointAccess); $stateRegistryProvider.register(endpointAccess);
$stateRegistryProvider.register(endpointKVM); $stateRegistryProvider.register(endpointKVM);
$stateRegistryProvider.register(edgeDeviceCreation); $stateRegistryProvider.register(edgeDeviceCreation);
$stateRegistryProvider.register(deviceImport); $stateRegistryProvider.register(deviceImport);
$stateRegistryProvider.register(addFDOProfile); $stateRegistryProvider.register(addFDOProfile);
$stateRegistryProvider.register(editFDOProfile); $stateRegistryProvider.register(editFDOProfile);
$stateRegistryProvider.register(endpointKubernetesConfiguration);
$stateRegistryProvider.register(groups); $stateRegistryProvider.register(groups);
$stateRegistryProvider.register(group); $stateRegistryProvider.register(group);
$stateRegistryProvider.register(groupAccess); $stateRegistryProvider.register(groupAccess);

16
app/portainer/hooks/useUser.tsx
View File

@ -47,6 +47,7 @@ export function useUser() {
export function useAuthorizations( export function useAuthorizations(
authorizations: string | string[], authorizations: string | string[],
forceEnvironmentId?: EnvironmentId,
adminOnlyCE = false adminOnlyCE = false
) { ) {
const { user } = useUser(); const { user } = useUser();
@ -58,7 +59,12 @@ export function useAuthorizations(
return false; return false;
} }
return hasAuthorizations(user, authorizations, endpointId, adminOnlyCE); return hasAuthorizations(
user,
authorizations,
forceEnvironmentId || endpointId,
adminOnlyCE
);
} }
export function isEnvironmentAdmin( export function isEnvironmentAdmin(
@ -114,15 +120,21 @@ export function hasAuthorizations(
interface AuthorizedProps { interface AuthorizedProps {
authorizations: string | string[]; authorizations: string | string[];
environmentId?: EnvironmentId;
adminOnlyCE?: boolean; adminOnlyCE?: boolean;
} }
export function Authorized({ export function Authorized({
authorizations, authorizations,
environmentId,
adminOnlyCE = false, adminOnlyCE = false,
children, children,
}: PropsWithChildren<AuthorizedProps>) { }: PropsWithChildren<AuthorizedProps>) {
const isAllowed = useAuthorizations(authorizations, adminOnlyCE); const isAllowed = useAuthorizations(
authorizations,
environmentId,
adminOnlyCE
);
return isAllowed ? <>{children}</> : null; return isAllowed ? <>{children}</> : null;
} }

4
app/portainer/views/endpoints/create/createEndpointController.js
View File

@ -168,7 +168,7 @@ angular
EndpointService.createLocalKubernetesEndpoint(name, tagIds) EndpointService.createLocalKubernetesEndpoint(name, tagIds)
.then(function success(result) { .then(function success(result) {
Notifications.success('Environment created', name); Notifications.success('Environment created', name);
$state.go('portainer.k8sendpoint.kubernetesConfig', { id: result.Id }); $state.go('kubernetes.cluster.setup', { endpoinId: result.Id });
}) })
.catch(function error(err) { .catch(function error(err) {
Notifications.error('Failure', err, 'Unable to create environment'); Notifications.error('Failure', err, 'Unable to create environment');
@ -282,7 +282,7 @@ angular
$state.go('portainer.endpoints.endpoint', { id: endpoint.Id }); $state.go('portainer.endpoints.endpoint', { id: endpoint.Id });
break; break;
case PortainerEndpointTypes.AgentOnKubernetesEnvironment: case PortainerEndpointTypes.AgentOnKubernetesEnvironment:
$state.go('portainer.k8sendpoint.kubernetesConfig', { id: endpoint.Id }); $state.go('kubernetes.cluster.setup', { endpoinId: endpoint.Id });
break; break;
default: default:
$state.go('portainer.endpoints', {}, { reload: true }); $state.go('portainer.endpoints', {}, { reload: true });

2
app/portainer/views/endpoints/edit/endpoint.html
View File

@ -79,7 +79,7 @@
<span class="small text-muted"> <span class="small text-muted">
<i class="fa fa-tools blue-icon" aria-hidden="true" style="margin-right: 2px"></i> <i class="fa fa-tools blue-icon" aria-hidden="true" style="margin-right: 2px"></i>
You should configure the features available in this Kubernetes environment in the You should configure the features available in this Kubernetes environment in the
<a ui-sref="portainer.k8sendpoint.kubernetesConfig({id: endpoint.Id})">Kubernetes configuration</a> view. <a ui-sref="kubernetes.cluster.setup({endpointId: endpoint.Id})">Kubernetes configuration</a> view.
</span> </span>
</information-panel> </information-panel>
</div> </div>

6
app/portainer/views/init/endpoint/initEndpointController.js
View File

@ -94,7 +94,7 @@ class InitEndpointController {
try { try {
this.state.actionInProgress = true; this.state.actionInProgress = true;
const endpoint = await this.EndpointService.createLocalKubernetesEndpoint(); const endpoint = await this.EndpointService.createLocalKubernetesEndpoint();
this.$state.go('portainer.k8sendpoint.kubernetesConfig', { id: endpoint.Id }); this.$state.go('kubernetes.cluster.setup', { endpointId: endpoint.Id });
} catch (err) { } catch (err) {
this.Notifications.error('Failure', err, 'Unable to connect to the Kubernetes environment'); this.Notifications.error('Failure', err, 'Unable to connect to the Kubernetes environment');
} finally { } finally {
@ -130,8 +130,8 @@ class InitEndpointController {
null, null,
null null
); );
const routeName = endpoint.Type === PortainerEndpointTypes.AgentOnKubernetesEnvironment ? 'portainer.k8sendpoint.kubernetesConfig' : 'portainer.home'; const routeName = endpoint.Type === PortainerEndpointTypes.AgentOnKubernetesEnvironment ? 'kubernetes.cluster.setup' : 'portainer.home';
this.$state.go(routeName, { id: endpoint.Id }); this.$state.go(routeName, { endpointId: endpoint.Id });
} catch (err) { } catch (err) {
this.Notifications.error('Failure', err, 'Unable to connect to the Docker environment'); this.Notifications.error('Failure', err, 'Unable to connect to the Docker environment');
} finally { } finally {

1
app/react/sidebar/DockerSidebar.tsx
View File

@ -180,6 +180,7 @@ export function DockerSidebar({ environmentId, environment }: Props) {
<Authorized <Authorized
authorizations="PortainerEndpointUpdateSettings" authorizations="PortainerEndpointUpdateSettings"
adminOnlyCE adminOnlyCE
environmentId={environmentId}
> >
<SidebarItem <SidebarItem
to="docker.featuresConfiguration" to="docker.featuresConfiguration"

21
app/react/sidebar/KubernetesSidebar/KubernetesSidebar.tsx
View File

@ -47,7 +47,10 @@ export function KubernetesSidebar({ environmentId }: Props) {
data-cy="k8sSidebar-namespaces" data-cy="k8sSidebar-namespaces"
/> />
<Authorized authorizations="HelmInstallChart"> <Authorized
authorizations="HelmInstallChart"
environmentId={environmentId}
>
<SidebarItem <SidebarItem
to="kubernetes.templates.helm" to="kubernetes.templates.helm"
params={{ endpointId: environmentId }} params={{ endpointId: environmentId }}
@ -86,18 +89,26 @@ export function KubernetesSidebar({ environmentId }: Props) {
params={{ endpointId: environmentId }} params={{ endpointId: environmentId }}
data-cy="k8sSidebar-cluster" data-cy="k8sSidebar-cluster"
> >
<Authorized authorizations="K8sClusterSetupRW" adminOnlyCE> <Authorized
authorizations="K8sClusterSetupRW"
adminOnlyCE
environmentId={environmentId}
>
<SidebarItem <SidebarItem
to="portainer.k8sendpoint.kubernetesConfig" to="kubernetes.cluster.setup"
params={{ id: environmentId }} params={{ id: environmentId }}
label="Setup" label="Setup"
data-cy="k8sSidebar-setup" data-cy="k8sSidebar-setup"
/> />
</Authorized> </Authorized>
<Authorized authorizations="K8sClusterSetupRW" adminOnlyCE> <Authorized
authorizations="K8sClusterSetupRW"
adminOnlyCE
environmentId={environmentId}
>
<SidebarItem <SidebarItem
to="portainer.k8sendpoint.securityConstraint" to="kubernetes.cluster.securityConstraint"
params={{ id: environmentId }} params={{ id: environmentId }}
label="Security constraints" label="Security constraints"
data-cy="k8sSidebar-securityConstraints" data-cy="k8sSidebar-securityConstraints"