mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upgrade dompurify to 3.2.4

Browse Source 
Allow console to recognize Delete*
This commit is contained in:
Allan Roger Reid
2025-02-18 16:41:10 -08:00
parent 31a5d640eb
commit 1df1bf34e0
7 changed files with 28 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@@ -64,7 +64,7 @@ swagger-console:
assets:
@(if [ -f "${NVM_DIR}/nvm.sh" ]; then \. "${NVM_DIR}/nvm.sh" && nvm install && nvm use && npm install -g yarn ; fi &&\
cd web-app; corepack enable; yarn install --prefer-offline; make build-static; yarn prettier --write . --loglevel warn; cd ..)
cd web-app; corepack enable; yarn install --prefer-offline; make build-static; yarn prettier --write . --log-level warn; cd ..)
test-integration:
@(docker stop pgsqlcontainer || true)

4
web-app/src/common/SecureComponent/__tests__/accessControl.test.ts
View File

@@ -176,7 +176,7 @@ test("Can delete an object inside a bucket prefix", () => {
"xref_cust_guid_actd-v1.jpg",
"test/digitalinsights/xref_cust_guid_actd-v1.jpg",
],
[IAM_SCOPES.S3_DELETE_OBJECT],
[IAM_SCOPES.S3_DELETE_OBJECT, IAM_SCOPES.S3_DELETE_ACTIONS],
),
).toBe(true);
});
@@ -186,7 +186,7 @@ test("Can't delete an object inside a bucket prefix", () => {
expect(
hasPermission(
["xref_cust_guid_actd-v1.jpg", "test/xref_cust_guid_actd-v1.jpg"],
[IAM_SCOPES.S3_DELETE_OBJECT],
[IAM_SCOPES.S3_DELETE_OBJECT, IAM_SCOPES.S3_DELETE_ACTIONS],
),
).toBe(false);
});

2
web-app/src/common/SecureComponent/permissions.ts
View File

@@ -30,6 +30,7 @@ export const IAM_SCOPES = {
S3_PUT_OBJECT: "s3:PutObject",
S3_GET_ACTIONS: "s3:Get*",
S3_PUT_ACTIONS: "s3:Put*",
S3_DELETE_ACTIONS: "s3:Delete*",
S3_GET_OBJECT_LEGAL_HOLD: "s3:GetObjectLegalHold",
S3_PUT_OBJECT_LEGAL_HOLD: "s3:PutObjectLegalHold",
S3_DELETE_OBJECT: "s3:DeleteObject",
@@ -197,6 +198,7 @@ export const IAM_PERMISSIONS = {
IAM_SCOPES.S3_PUT_OBJECT,
IAM_SCOPES.S3_PUT_ACTIONS,
IAM_SCOPES.S3_DELETE_OBJECT,
IAM_SCOPES.S3_DELETE_ACTIONS,
],
[IAM_ROLES.BUCKET_VIEWER]: [
IAM_SCOPES.S3_LIST_BUCKET,

4
web-app/src/screens/Console/Buckets/ListBuckets/Objects/ListObjects/ListObjects.tsx
View File

@@ -278,7 +278,7 @@ const ListObjects = () => {
]);
const canDelete = hasPermission(
[pathAsResourceInPolicy, ...sessionGrantWildCards],
[IAM_SCOPES.S3_DELETE_OBJECT],
[IAM_SCOPES.S3_DELETE_OBJECT, IAM_SCOPES.S3_DELETE_ACTIONS],
);
const canUpload =
hasPermission(
@@ -912,7 +912,7 @@ const ListObjects = () => {
tooltip: canDelete
? "Delete Selected Files"
: permissionTooltipHelper(
[IAM_SCOPES.S3_DELETE_OBJECT],
[IAM_SCOPES.S3_DELETE_OBJECT, IAM_SCOPES.S3_DELETE_ACTIONS],
"delete objects in this bucket",
),
},

9
web-app/src/screens/Console/Buckets/ListBuckets/Objects/ListObjects/ObjectDetailPanel.tsx
View File

@@ -352,7 +352,7 @@ const ObjectDetailPanel = ({
]);
const canDelete = hasPermission(
[bucketName, currentItem, [bucketName, actualInfo.name].join("/")],
[IAM_SCOPES.S3_DELETE_OBJECT],
[IAM_SCOPES.S3_DELETE_OBJECT, IAM_SCOPES.S3_DELETE_ACTIONS],
);
let objectType: AllowedPreviews = previewObjectType(metaData, currentItem);
@@ -649,7 +649,7 @@ const ObjectDetailPanel = ({
canDelete
? ""
: permissionTooltipHelper(
[IAM_SCOPES.S3_DELETE_OBJECT],
[IAM_SCOPES.S3_DELETE_OBJECT, IAM_SCOPES.S3_DELETE_ACTIONS],
"delete this object",
)
}
@@ -665,7 +665,10 @@ const ObjectDetailPanel = ({
currentItem,
[bucketName, actualInfo.name].join("/"),
]}
scopes={[IAM_SCOPES.S3_DELETE_OBJECT]}
scopes={[
IAM_SCOPES.S3_DELETE_OBJECT,
IAM_SCOPES.S3_DELETE_ACTIONS,
]}
errorProps={{ disabled: true }}
>
<Button

5
web-app/src/screens/Console/Buckets/ListBuckets/Objects/ObjectDetails/TagsModal.tsx
View File

@@ -232,7 +232,10 @@ const AddTagModal = ({
return (
<SecureComponent
key={`chip-${index}`}
scopes={[IAM_SCOPES.S3_DELETE_OBJECT_TAGGING]}
scopes={[
IAM_SCOPES.S3_DELETE_OBJECT_TAGGING,
IAM_SCOPES.S3_DELETE_ACTIONS,
]}
resource={bucketName}
errorProps={{
deleteIcon: null,

17
web-app/yarn.lock
View File

@@ -3839,7 +3839,7 @@ __metadata:
languageName: node
linkType: hard
"@types/trusted-types@npm:^2.0.2":
"@types/trusted-types@npm:^2.0.2, @types/trusted-types@npm:^2.0.7":
version: 2.0.7
resolution: "@types/trusted-types@npm:2.0.7"
checksum: 10c0/4c4855f10de7c6c135e0d32ce462419d8abbbc33713b31d294596c0cc34ae1fa6112a2f9da729c8f7a20707782b0d69da3b1f8df6645b0366d08825ca1522e0c
@@ -7142,10 +7142,15 @@ __metadata:
languageName: node
linkType: hard
"dompurify@npm:^2.5.4":
version: 2.5.7
resolution: "dompurify@npm:2.5.7"
checksum: 10c0/23c4f737182fcf3e731e458c3930ef4d2916191e4180e1e345f153124dfa7ec117d2810af1754e8854c581131fc75dac914a8391183d1511852ef32b4055f711
"dompurify@npm:^3.2.4":
version: 3.2.4
resolution: "dompurify@npm:3.2.4"
dependencies:
"@types/trusted-types": "npm:^2.0.7"
dependenciesMeta:
"@types/trusted-types":
optional: true
checksum: 10c0/6be56810fb7ad2776155c8fc2967af5056783c030094362c7d0cf1ad13f2129cf922d8eefab528a34bdebfb98e2f44b306a983ab93aefb9d6f24c18a3d027a05
languageName: node
linkType: hard
@@ -11213,7 +11218,7 @@ __metadata:
btoa: "npm:^1.2.1"
canvg: "npm:^3.0.6"
core-js: "npm:^3.6.0"
dompurify: "npm:^2.5.4"
dompurify: "npm:^3.2.4"
fflate: "npm:^0.8.1"
html2canvas: "npm:^1.0.0-rc.5"
dependenciesMeta: