mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding groups tab to Policy Details page (#837)

Browse Source 
* parent 58efbbbf60
author Adam Stafford <adam@minio.io> 1624473190 -0700
committer Adam Stafford <adam@minio.io> 1624569868 -0700

policy groups

* restoring old commit files

Co-authored-by: Adam Stafford <adam@minio.io>
Co-authored-by: Alex <33497058+bexsoft@users.noreply.github.com>
Co-authored-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>
This commit is contained in:
adfost
2021-06-28 12:53:29 -07:00
committed by GitHub
parent 9ec73260c9
commit 531d8a2f4e
9 changed files with 627 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
portal-ui/src/screens/Console/Policies/PolicyDetails.tsx
View File

@@ -166,6 +166,7 @@ const PolicyDetails = ({
const [selectedTab, setSelectedTab] = useState<number>(0);
const [policy, setPolicy] = useState<Policy | null>(null);
const [userList, setUserList] = useState<string[]>([]);
const [groupList, setGroupList] = useState<string[]>([]);
const [addLoading, setAddLoading] = useState<boolean>(false);
const [policyName, setPolicyName] = useState<string>(
match.params["policyName"]
@@ -174,6 +175,8 @@ const PolicyDetails = ({
const [loadingPolicy, setLoadingPolicy] = useState<boolean>(true);
const [filterUsers, setFilterUsers] = useState<string>("");
const [loadingUsers, setLoadingUsers] = useState<boolean>(true);
const [filterGroups, setFilterGroups] = useState<string>("");
const [loadingGroups, setLoadingGroups] = useState<boolean>(true);
const saveRecord = (event: React.FormEvent) => {
event.preventDefault();
@@ -211,6 +214,20 @@ const PolicyDetails = ({
});
}
};
const loadGroupsForPolicy = () => {
if (loadingGroups) {
api
.invoke("GET", `/api/v1/policies/${policyName}/groups`)
.then((result: any) => {
setGroupList(result);
setLoadingGroups(false);
})
.catch((err) => {
setErrorSnackMessage(err);
setLoadingGroups(false);
});
}
};
const loadPolicyDetails = () => {
if (loadingPolicy) {
api
@@ -234,16 +251,20 @@ const PolicyDetails = ({
if (loadingPolicy) {
loadPolicyDetails();
loadUsersForPolicy();
loadGroupsForPolicy();
}
}, [
policyName,
loadingPolicy,
loadingUsers,
loadingGroups,
setErrorSnackMessage,
setUserList,
setGroupList,
setPolicyDefinition,
setPolicy,
setLoadingUsers,
setLoadingGroups,
]);
const resetForm = () => {
@@ -262,6 +283,10 @@ const PolicyDetails = ({
elementItem.includes(filterUsers)
);
const filteredGroups = groupList.filter((elementItem) =>
elementItem.includes(filterGroups)
);
return (
<React.Fragment>
<PageHeader
@@ -287,6 +312,7 @@ const PolicyDetails = ({
>
<Tab label="Details" />
<Tab label="Users" />
<Tab label="Groups" />
</Tabs>
</Grid>
{selectedTab === 0 && (
@@ -374,6 +400,40 @@ const PolicyDetails = ({
/>
</Grid>
)}
{selectedTab === 2 && (
<Grid container>
<Grid item xs={12} className={classes.actionsTray}>
<TextField
placeholder="Search Groups"
className={classes.searchField}
id="search-resource"
label=""
onChange={(val) => {
setFilterGroups(val.target.value);
}}
InputProps={{
disableUnderline: true,
startAdornment: (
<InputAdornment position="start">
<SearchIcon />
</InputAdornment>
),
}}
/>
</Grid>
<Grid item xs={12} className={classes.actionsTray}>
<br />
</Grid>
<TableWrapper
itemActions={[]}
columns={[{ label: "Name", elementKey: "name" }]}
isLoading={loadingGroups}
records={filteredGroups}
entityName="Groups"
idField="name"
/>
</Grid>
)}
</Grid>
</React.Fragment>
);

36
restapi/admin_policies.go
View File

@@ -89,6 +89,13 @@ func registersPoliciesHandler(api *operations.ConsoleAPI) {
}
return admin_api.NewListUsersForPolicyOK().WithPayload(policyUsersResponse)
})
api.AdminAPIListGroupsForPolicyHandler = admin_api.ListGroupsForPolicyHandlerFunc(func(params admin_api.ListGroupsForPolicyParams, session *models.Principal) middleware.Responder {
policyGroupsResponse, err := getListGroupsForPolicyResponse(session, params.Policy)
if err != nil {
return admin_api.NewListGroupsForPolicyDefault(int(err.Code)).WithPayload(err)
}
return admin_api.NewListGroupsForPolicyOK().WithPayload(policyGroupsResponse)
})
}
func getListPoliciesWithBucketResponse(session *models.Principal, bucket string) (*models.ListPoliciesResponse, *models.Error) {
@@ -220,6 +227,35 @@ func getListUsersForPolicyResponse(session *models.Principal, policy string) ([]
return filteredUsers, nil
}
func getListGroupsForPolicyResponse(session *models.Principal, policy string) ([]string, *models.Error) {
ctx := context.Background()
mAdmin, err := newAdminClient(session)
if err != nil {
return nil, prepareError(err)
}
// create a minioClient interface implementation
// defining the client to be used
adminClient := adminClient{client: mAdmin}
groups, err := adminClient.listGroups(ctx)
if err != nil {
return nil, prepareError(err)
}
var filteredGroups []string
for _, group := range groups {
info, err := groupInfo(ctx, adminClient, group)
if err != nil {
LogError("unable to fetch group info %s: %v", group, err)
}
if info.Policy == policy {
filteredGroups = append(filteredGroups, group)
}
}
sort.Strings(filteredGroups)
return filteredGroups, nil
}
// removePolicy() calls MinIO server to remove a policy based on name.
func removePolicy(ctx context.Context, client MinioAdmin, name string) error {
err := client.removePolicy(ctx, name)

68
restapi/embedded_spec.go
View File

@@ -3387,6 +3387,40 @@ func init() {
}
}
},
"/policies/{policy}/groups": {
"get": {
"tags": [
"AdminAPI"
],
"summary": "List Groups for a Policy",
"operationId": "ListGroupsForPolicy",
"parameters": [
{
"type": "string",
"name": "policy",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/policies/{policy}/users": {
"get": {
"tags": [
@@ -11191,6 +11225,40 @@ func init() {
}
}
},
"/policies/{policy}/groups": {
"get": {
"tags": [
"AdminAPI"
],
"summary": "List Groups for a Policy",
"operationId": "ListGroupsForPolicy",
"parameters": [
{
"type": "string",
"name": "policy",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/policies/{policy}/users": {
"get": {
"tags": [

88
restapi/operations/admin_api/list_groups_for_policy.go Normal file
View File

@@ -0,0 +1,88 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2021 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// ListGroupsForPolicyHandlerFunc turns a function with the right signature into a list groups for policy handler
type ListGroupsForPolicyHandlerFunc func(ListGroupsForPolicyParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn ListGroupsForPolicyHandlerFunc) Handle(params ListGroupsForPolicyParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// ListGroupsForPolicyHandler interface for that can handle valid list groups for policy params
type ListGroupsForPolicyHandler interface {
Handle(ListGroupsForPolicyParams, *models.Principal) middleware.Responder
}
// NewListGroupsForPolicy creates a new http.Handler for the list groups for policy operation
func NewListGroupsForPolicy(ctx *middleware.Context, handler ListGroupsForPolicyHandler) *ListGroupsForPolicy {
return &ListGroupsForPolicy{Context: ctx, Handler: handler}
}
/* ListGroupsForPolicy swagger:route GET /policies/{policy}/groups AdminAPI listGroupsForPolicy
List Groups for a Policy
*/
type ListGroupsForPolicy struct {
Context *middleware.Context
Handler ListGroupsForPolicyHandler
}
func (o *ListGroupsForPolicy) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
*r = *rCtx
}
var Params = NewListGroupsForPolicyParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
*r = *aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

88
restapi/operations/admin_api/list_groups_for_policy_parameters.go Normal file
View File

@@ -0,0 +1,88 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2021 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime/middleware"
"github.com/go-openapi/strfmt"
)
// NewListGroupsForPolicyParams creates a new ListGroupsForPolicyParams object
//
// There are no default values defined in the spec.
func NewListGroupsForPolicyParams() ListGroupsForPolicyParams {
return ListGroupsForPolicyParams{}
}
// ListGroupsForPolicyParams contains all the bound params for the list groups for policy operation
// typically these are obtained from a http.Request
//
// swagger:parameters ListGroupsForPolicy
type ListGroupsForPolicyParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
/*
Required: true
In: path
*/
Policy string
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewListGroupsForPolicyParams() beforehand.
func (o *ListGroupsForPolicyParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
rPolicy, rhkPolicy, _ := route.Params.GetOK("policy")
if err := o.bindPolicy(rPolicy, rhkPolicy, route.Formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
// bindPolicy binds and validates parameter Policy from path.
func (o *ListGroupsForPolicyParams) bindPolicy(rawData []string, hasKey bool, formats strfmt.Registry) error {
var raw string
if len(rawData) > 0 {
raw = rawData[len(rawData)-1]
}
// Required: true
// Parameter is provided by construction from the route
o.Policy = raw
return nil
}

136
restapi/operations/admin_api/list_groups_for_policy_responses.go Normal file
View File

@@ -0,0 +1,136 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2021 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// ListGroupsForPolicyOKCode is the HTTP code returned for type ListGroupsForPolicyOK
const ListGroupsForPolicyOKCode int = 200
/*ListGroupsForPolicyOK A successful response.
swagger:response listGroupsForPolicyOK
*/
type ListGroupsForPolicyOK struct {
/*
In: Body
*/
Payload []string `json:"body,omitempty"`
}
// NewListGroupsForPolicyOK creates ListGroupsForPolicyOK with default headers values
func NewListGroupsForPolicyOK() *ListGroupsForPolicyOK {
return &ListGroupsForPolicyOK{}
}
// WithPayload adds the payload to the list groups for policy o k response
func (o *ListGroupsForPolicyOK) WithPayload(payload []string) *ListGroupsForPolicyOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the list groups for policy o k response
func (o *ListGroupsForPolicyOK) SetPayload(payload []string) {
o.Payload = payload
}
// WriteResponse to the client
func (o *ListGroupsForPolicyOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
payload := o.Payload
if payload == nil {
// return empty array
payload = make([]string, 0, 50)
}
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
/*ListGroupsForPolicyDefault Generic error response.
swagger:response listGroupsForPolicyDefault
*/
type ListGroupsForPolicyDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewListGroupsForPolicyDefault creates ListGroupsForPolicyDefault with default headers values
func NewListGroupsForPolicyDefault(code int) *ListGroupsForPolicyDefault {
if code <= 0 {
code = 500
}
return &ListGroupsForPolicyDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the list groups for policy default response
func (o *ListGroupsForPolicyDefault) WithStatusCode(code int) *ListGroupsForPolicyDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the list groups for policy default response
func (o *ListGroupsForPolicyDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the list groups for policy default response
func (o *ListGroupsForPolicyDefault) WithPayload(payload *models.Error) *ListGroupsForPolicyDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the list groups for policy default response
func (o *ListGroupsForPolicyDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *ListGroupsForPolicyDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

116
restapi/operations/admin_api/list_groups_for_policy_urlbuilder.go Normal file
View File

@@ -0,0 +1,116 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2021 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
"strings"
)
// ListGroupsForPolicyURL generates an URL for the list groups for policy operation
type ListGroupsForPolicyURL struct {
Policy string
_basePath string
// avoid unkeyed usage
_ struct{}
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *ListGroupsForPolicyURL) WithBasePath(bp string) *ListGroupsForPolicyURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *ListGroupsForPolicyURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *ListGroupsForPolicyURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/policies/{policy}/groups"
policy := o.Policy
if policy != "" {
_path = strings.Replace(_path, "{policy}", policy, -1)
} else {
return nil, errors.New("policy is required on ListGroupsForPolicyURL")
}
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *ListGroupsForPolicyURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *ListGroupsForPolicyURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *ListGroupsForPolicyURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on ListGroupsForPolicyURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on ListGroupsForPolicyURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *ListGroupsForPolicyURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

12
restapi/operations/console_api.go
View File

@@ -252,6 +252,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
AdminAPIListGroupsHandler: admin_api.ListGroupsHandlerFunc(func(params admin_api.ListGroupsParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation admin_api.ListGroups has not yet been implemented")
}),
AdminAPIListGroupsForPolicyHandler: admin_api.ListGroupsForPolicyHandlerFunc(func(params admin_api.ListGroupsForPolicyParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation admin_api.ListGroupsForPolicy has not yet been implemented")
}),
OperatorAPIListNodeLabelsHandler: operator_api.ListNodeLabelsHandlerFunc(func(params operator_api.ListNodeLabelsParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation operator_api.ListNodeLabels has not yet been implemented")
}),
@@ -611,6 +614,8 @@ type ConsoleAPI struct {
UserAPIListExternalBucketsHandler user_api.ListExternalBucketsHandler
// AdminAPIListGroupsHandler sets the operation handler for the list groups operation
AdminAPIListGroupsHandler admin_api.ListGroupsHandler
// AdminAPIListGroupsForPolicyHandler sets the operation handler for the list groups for policy operation
AdminAPIListGroupsForPolicyHandler admin_api.ListGroupsForPolicyHandler
// OperatorAPIListNodeLabelsHandler sets the operation handler for the list node labels operation
OperatorAPIListNodeLabelsHandler operator_api.ListNodeLabelsHandler
// UserAPIListObjectsHandler sets the operation handler for the list objects operation
@@ -1004,6 +1009,9 @@ func (o *ConsoleAPI) Validate() error {
if o.AdminAPIListGroupsHandler == nil {
unregistered = append(unregistered, "admin_api.ListGroupsHandler")
}
if o.AdminAPIListGroupsForPolicyHandler == nil {
unregistered = append(unregistered, "admin_api.ListGroupsForPolicyHandler")
}
if o.OperatorAPIListNodeLabelsHandler == nil {
unregistered = append(unregistered, "operator_api.ListNodeLabelsHandler")
}
@@ -1537,6 +1545,10 @@ func (o *ConsoleAPI) initHandlerCache() {
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/policies/{policy}/groups"] = admin_api.NewListGroupsForPolicy(o.context, o.AdminAPIListGroupsForPolicyHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/nodes/labels"] = operator_api.NewListNodeLabels(o.context, o.OperatorAPIListNodeLabelsHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)

23
swagger.yml
View File

@@ -1487,6 +1487,29 @@ paths:
tags:
- AdminAPI
/policies/{policy}/groups:
get:
summary: List Groups for a Policy
operationId: ListGroupsForPolicy
parameters:
- name: policy
in: path
required: true
type: string
responses:
200:
description: A successful response.
schema:
type: array
items:
type: string
default:
description: Generic error response.
schema:
$ref: "#/definitions/error"
tags:
- AdminAPI
/bucket-policy/{bucket}:
get:
summary: List Policies With Given Bucket