diff --git a/app/react/docker/containers/CreateView/CreateView.tsx b/app/react/docker/containers/CreateView/CreateView.tsx index bd8fcc751..c9ec67698 100644 --- a/app/react/docker/containers/CreateView/CreateView.tsx +++ b/app/react/docker/containers/CreateView/CreateView.tsx @@ -49,7 +49,7 @@ function CreateForm() { const router = useRouter(); const { trackEvent } = useAnalytics(); const isAdminQuery = useIsEdgeAdmin(); - const isEnvironmentAdmin = useIsEnvironmentAdmin(); + const { authorized: isEnvironmentAdmin } = useIsEnvironmentAdmin(); const [isDockerhubRateLimited, setIsDockerhubRateLimited] = useState(false); const mutation = useCreateOrReplaceMutation(); diff --git a/app/react/docker/containers/CreateView/InnerForm.tsx b/app/react/docker/containers/CreateView/InnerForm.tsx index df7184cb8..0c208902e 100644 --- a/app/react/docker/containers/CreateView/InnerForm.tsx +++ b/app/react/docker/containers/CreateView/InnerForm.tsx @@ -41,7 +41,7 @@ export function InnerForm({ const environmentId = useEnvironmentId(); const [tab, setTab] = useState('commands'); const apiVersion = useApiVersion(environmentId); - const isEnvironmentAdmin = useIsEnvironmentAdmin(); + const isEnvironmentAdminQuery = useIsEnvironmentAdmin(); const envQuery = useCurrentEnvironment(); if (!envQuery.data) { @@ -102,7 +102,7 @@ export function InnerForm({ } errors={errors.volumes} allowBindMounts={ - isEnvironmentAdmin.authorized || + isEnvironmentAdminQuery.authorized || environment.SecuritySettings .allowBindMountsForRegularUsers } @@ -166,18 +166,18 @@ export function InnerForm({ setFieldValue(`resources.${field}`, value) } allowPrivilegedMode={ - isEnvironmentAdmin.authorized || + isEnvironmentAdminQuery.authorized || environment.SecuritySettings .allowPrivilegedModeForRegularUsers } isDevicesFieldVisible={ - isEnvironmentAdmin.authorized || + isEnvironmentAdminQuery.authorized || environment.SecuritySettings .allowDeviceMappingForRegularUsers } isInitFieldVisible={apiVersion >= 1.37} isSysctlFieldVisible={ - isEnvironmentAdmin.authorized || + isEnvironmentAdminQuery.authorized || environment.SecuritySettings .allowSysctlSettingForRegularUsers } diff --git a/app/react/docker/containers/ItemView/ContainerNetworksDatatable/ConnectNetworkForm.tsx b/app/react/docker/containers/ItemView/ContainerNetworksDatatable/ConnectNetworkForm.tsx index 4a0dfda26..4b6da4c9b 100644 --- a/app/react/docker/containers/ItemView/ContainerNetworksDatatable/ConnectNetworkForm.tsx +++ b/app/react/docker/containers/ItemView/ContainerNetworksDatatable/ConnectNetworkForm.tsx @@ -25,7 +25,7 @@ export function ConnectNetworkForm({ selectedNetworks: string[]; }) { const environmentId = useEnvironmentId(); - const authorized = useAuthorizations('DockerNetworkConnect'); + const { authorized } = useAuthorizations('DockerNetworkConnect'); const connectMutation = useConnectContainerMutation(environmentId); const router = useRouter(); if (!authorized) { diff --git a/app/react/docker/containers/ListView/ContainersDatatable/ContainersDatatableActions.tsx b/app/react/docker/containers/ListView/ContainersDatatable/ContainersDatatableActions.tsx index 05c0b8814..360cc333f 100644 --- a/app/react/docker/containers/ListView/ContainersDatatable/ContainersDatatableActions.tsx +++ b/app/react/docker/containers/ListView/ContainersDatatable/ContainersDatatableActions.tsx @@ -68,7 +68,7 @@ export function ContainersDatatableActions({ ].includes(item.Status) ); - const isAuthorized = useAuthorizations([ + const { authorized } = useAuthorizations([ 'DockerContainerStart', 'DockerContainerStop', 'DockerContainerKill', @@ -81,12 +81,12 @@ export function ContainersDatatableActions({ const router = useRouter(); - if (!isAuthorized) { + if (!authorized) { return null; } return ( - <> +
); function onStartClick(selectedItems: DockerContainer[]) { diff --git a/app/react/docker/containers/ListView/ContainersDatatable/columns/quick-actions.tsx b/app/react/docker/containers/ListView/ContainersDatatable/columns/quick-actions.tsx index 795d9c1ea..63054fcd2 100644 --- a/app/react/docker/containers/ListView/ContainersDatatable/columns/quick-actions.tsx +++ b/app/react/docker/containers/ListView/ContainersDatatable/columns/quick-actions.tsx @@ -38,7 +38,7 @@ function QuickActionsCell({ wrapperState.showQuickActionLogs || wrapperState.showQuickActionStats; - const isAuthorized = useAuthorizations([ + const { authorized } = useAuthorizations([ 'DockerContainerStats', 'DockerContainerLogs', 'DockerExecStart', @@ -47,7 +47,7 @@ function QuickActionsCell({ 'DockerTaskLogs', ]); - if (!someOn || !isAuthorized) { + if (!someOn || !authorized) { return null; } diff --git a/app/react/docker/stacks/ListView/StacksDatatable/StacksDatatable.tsx b/app/react/docker/stacks/ListView/StacksDatatable/StacksDatatable.tsx index c73befaa2..1406c1a52 100644 --- a/app/react/docker/stacks/ListView/StacksDatatable/StacksDatatable.tsx +++ b/app/react/docker/stacks/ListView/StacksDatatable/StacksDatatable.tsx @@ -35,7 +35,7 @@ export function StacksDatatable({ const tableState = useTableState(settingsStore, tableKey); useRepeater(tableState.autoRefreshRate, onReload); const isAdminQuery = useIsEdgeAdmin(); - const canManageStacks = useAuthorizations([ + const { authorized: canManageStacks } = useAuthorizations([ 'PortainerStackCreate', 'PortainerStackDelete', ]); @@ -58,7 +58,7 @@ export function StacksDatatable({ columns={columns} dataset={dataset} isRowSelectable={({ original: item }) => - allowSelection(item, isAdminQuery.isAdmin, canManageStacks.authorized) + allowSelection(item, isAdminQuery.isAdmin, canManageStacks) } getRowId={(item) => item.Id.toString()} initialTableState={{ diff --git a/app/react/hooks/useUser.tsx b/app/react/hooks/useUser.tsx index 99e552b8c..ceac5a7ce 100644 --- a/app/react/hooks/useUser.tsx +++ b/app/react/hooks/useUser.tsx @@ -177,13 +177,13 @@ export function Authorized({ children, childrenUnauthorized = null, }: PropsWithChildren) { - const isAllowed = useAuthorizations( + const { authorized } = useAuthorizations( authorizations, environmentId, adminOnlyCE ); - return isAllowed ? <>{children} : <>{childrenUnauthorized}; + return authorized ? <>{children} : <>{childrenUnauthorized}; } interface UserProviderProps { diff --git a/app/react/kubernetes/applications/DetailsView/PlacementsDatatable/PlacementsDatatableSubRow.tsx b/app/react/kubernetes/applications/DetailsView/PlacementsDatatable/PlacementsDatatableSubRow.tsx index 70aae1669..e6b2e5bf5 100644 --- a/app/react/kubernetes/applications/DetailsView/PlacementsDatatable/PlacementsDatatableSubRow.tsx +++ b/app/react/kubernetes/applications/DetailsView/PlacementsDatatable/PlacementsDatatableSubRow.tsx @@ -13,7 +13,7 @@ interface SubRowProps { } export function SubRow({ node, cellCount }: SubRowProps) { - const authorized = useAuthorizations( + const { authorized } = useAuthorizations( 'K8sApplicationErrorDetailsR', undefined, true diff --git a/app/react/kubernetes/applications/ListView/ApplicationsStacksDatatable/ApplicationsStacksDatatable.tsx b/app/react/kubernetes/applications/ListView/ApplicationsStacksDatatable/ApplicationsStacksDatatable.tsx index 613b6eafe..37ce44942 100644 --- a/app/react/kubernetes/applications/ListView/ApplicationsStacksDatatable/ApplicationsStacksDatatable.tsx +++ b/app/react/kubernetes/applications/ListView/ApplicationsStacksDatatable/ApplicationsStacksDatatable.tsx @@ -53,7 +53,7 @@ export function ApplicationsStacksDatatable({ // eslint-disable-next-line react-hooks/exhaustive-deps }, [showSystem]); - const authorized = useAuthorizations('K8sApplicationsW'); + const { authorized } = useAuthorizations('K8sApplicationsW'); useRepeater(tableState.autoRefreshRate, onRefresh); return ( diff --git a/app/react/kubernetes/applications/components/EditYamlFormSection.tsx b/app/react/kubernetes/applications/components/EditYamlFormSection.tsx index e3800a5a4..889788769 100644 --- a/app/react/kubernetes/applications/components/EditYamlFormSection.tsx +++ b/app/react/kubernetes/applications/components/EditYamlFormSection.tsx @@ -22,7 +22,7 @@ export function EditYamlFormSection({ const environmentId = useEnvironmentId(); const { data: deploymentOptions } = useEnvironmentDeploymentOptions(environmentId); - const roleHasAuth = useAuthorizations('K8sYAMLW'); + const { authorized: roleHasAuth } = useAuthorizations('K8sYAMLW'); const isAllowedToEdit = roleHasAuth && !deploymentOptions?.hideWebEditor; const formId = 'kubernetes-deploy-editor'; diff --git a/app/react/kubernetes/configs/ListView/ConfigMapsDatatable/ConfigMapsDatatable.tsx b/app/react/kubernetes/configs/ListView/ConfigMapsDatatable/ConfigMapsDatatable.tsx index 63f8a63d1..961661870 100644 --- a/app/react/kubernetes/configs/ListView/ConfigMapsDatatable/ConfigMapsDatatable.tsx +++ b/app/react/kubernetes/configs/ListView/ConfigMapsDatatable/ConfigMapsDatatable.tsx @@ -34,8 +34,9 @@ const settingsStore = createStore(storageKey); export function ConfigMapsDatatable() { const tableState = useTableState(settingsStore, storageKey); - const readOnly = !useAuthorizations(['K8sConfigMapsW']); - const canAccessSystemResources = useAuthorizations( + const { authorized: canWrite } = useAuthorizations(['K8sConfigMapsW']); + const readOnly = !canWrite; + const { authorized: canAccessSystemResources } = useAuthorizations( 'K8sAccessSystemNamespaces' ); diff --git a/app/react/kubernetes/configs/ListView/SecretsDatatable/SecretsDatatable.tsx b/app/react/kubernetes/configs/ListView/SecretsDatatable/SecretsDatatable.tsx index df939d561..7f0699f9d 100644 --- a/app/react/kubernetes/configs/ListView/SecretsDatatable/SecretsDatatable.tsx +++ b/app/react/kubernetes/configs/ListView/SecretsDatatable/SecretsDatatable.tsx @@ -34,8 +34,9 @@ const settingsStore = createStore(storageKey); export function SecretsDatatable() { const tableState = useTableState(settingsStore, storageKey); - const readOnly = !useAuthorizations(['K8sSecretsW']); - const canAccessSystemResources = useAuthorizations( + const { authorized: canWrite } = useAuthorizations(['K8sSecretsW']); + const readOnly = !canWrite; + const { authorized: canAccessSystemResources } = useAuthorizations( 'K8sAccessSystemNamespaces' ); diff --git a/app/react/kubernetes/ingresses/CreateIngressView/CreateIngressView.tsx b/app/react/kubernetes/ingresses/CreateIngressView/CreateIngressView.tsx index dc8067a7f..a83556038 100644 --- a/app/react/kubernetes/ingresses/CreateIngressView/CreateIngressView.tsx +++ b/app/react/kubernetes/ingresses/CreateIngressView/CreateIngressView.tsx @@ -43,19 +43,21 @@ import { export function CreateIngressView() { const environmentId = useEnvironmentId(); const { params } = useCurrentStateAndParams(); - const isAuthorisedToAddEdit = useAuthorizations(['K8sIngressesW']); + const { authorized: isAuthorizedToAddEdit } = useAuthorizations([ + 'K8sIngressesW', + ]); const router = useRouter(); const isEdit = !!params.namespace; useEffect(() => { - if (!isAuthorisedToAddEdit) { + if (!isAuthorizedToAddEdit) { const message = `Not authorized to ${isEdit ? 'edit' : 'add'} ingresses`; notifyError('Error', new Error(message)); router.stateService.go('kubernetes.ingresses'); } // eslint-disable-next-line react-hooks/exhaustive-deps - }, [isAuthorisedToAddEdit, isEdit]); + }, [isAuthorizedToAddEdit, isEdit]); const [namespace, setNamespace] = useState(params.namespace || ''); const [ingressRule, setIngressRule] = useState({} as Rule); diff --git a/app/react/kubernetes/ingresses/IngressDatatable/IngressDatatable.tsx b/app/react/kubernetes/ingresses/IngressDatatable/IngressDatatable.tsx index 925116f40..6e9496f94 100644 --- a/app/react/kubernetes/ingresses/IngressDatatable/IngressDatatable.tsx +++ b/app/react/kubernetes/ingresses/IngressDatatable/IngressDatatable.tsx @@ -36,7 +36,7 @@ export function IngressDatatable() { const tableState = useTableState(settingsStore, storageKey); const environmentId = useEnvironmentId(); - const canAccessSystemResources = useAuthorizations( + const { authorized: canAccessSystemResources } = useAuthorizations( 'K8sAccessSystemNamespaces' ); const { data: namespaces, ...namespacesQuery } = @@ -147,7 +147,8 @@ export function IngressDatatable() { } function useCheckboxes() { - return !useAuthorizations(['K8sIngressesW']); + const { authorized } = useAuthorizations(['K8sIngressesW']); + return !authorized; } async function handleRemoveClick(ingresses: SelectedIngress[]) { diff --git a/app/react/kubernetes/services/ServicesView/ServicesDatatable/ServicesDatatable.tsx b/app/react/kubernetes/services/ServicesView/ServicesDatatable/ServicesDatatable.tsx index 25ad14305..fe3389ba1 100644 --- a/app/react/kubernetes/services/ServicesView/ServicesDatatable/ServicesDatatable.tsx +++ b/app/react/kubernetes/services/ServicesView/ServicesDatatable/ServicesDatatable.tsx @@ -45,8 +45,9 @@ export function ServicesDatatable() { } ); - const readOnly = !useAuthorizations(['K8sServiceW']); - const canAccessSystemResources = useAuthorizations( + const { authorized: canWrite } = useAuthorizations(['K8sServiceW']); + const readOnly = !canWrite; + const { authorized: canAccessSystemResources } = useAuthorizations( 'K8sAccessSystemNamespaces' ); diff --git a/app/react/sidebar/DockerSidebar.tsx b/app/react/sidebar/DockerSidebar.tsx index 1e0ad5d2d..6762dec75 100644 --- a/app/react/sidebar/DockerSidebar.tsx +++ b/app/react/sidebar/DockerSidebar.tsx @@ -30,7 +30,9 @@ interface Props { } export function DockerSidebar({ environmentId, environment }: Props) { - const isEnvironmentAdmin = useIsEnvironmentAdmin({ adminOnlyCE: true }); + const { authorized: isEnvironmentAdmin } = useIsEnvironmentAdmin({ + adminOnlyCE: true, + }); const areStacksVisible = isEnvironmentAdmin ||