Add permissions check to show/hide activate button #26840
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
the
hashicorp-contributed-pr
|
Build Results: |
|
CI Results: |
Monkeychip
commented
May 6, 2024
| @@ -71,11 +75,14 @@ export default class SyncSecretsDestinationsPageComponent extends Component<Args | |||
| @task | |||
| @waitFor | |||
| *onFeatureConfirm() { | |||
There was a problem hiding this comment.
These changes below are a mix of issues from merging in main and a miss on my end of another PR into this side branch that mis-handled the namespace header in this post. The changes restore to what it should be, however we will do extensive testing with the backend to make sure the contract on namespaces is correct.
Monkeychip
commented
May 6, 2024
| } | ||
|
|
||
| export default class SyncSecretsDestinationsPageComponent extends Component<Args> { | ||
| @service declare readonly flashMessages: FlashMessageService; | ||
| @service declare readonly store: StoreService; | ||
| @service declare readonly router: RouterService; | ||
| @service declare readonly version: VersionService; | ||
| @service declare readonly flags: FlagsService; |
There was a problem hiding this comment.
flag service is used in the hbs file
Monkeychip
merged commit 7b28bed
into
ui/VAULT-25468/enable-secrets-sync-hvd
22 of 23 checks passed
Monkeychip
added a commit
that referenced
this pull request
May 9, 2024
* Allow Managed clusters to see Secrets Sync Overview and Sidebar nav (#26649) * update badge text and allow hvd on secrets sync views * update logic in Secrets Sync overview and cta for hvd. * spacing * rearrange based on pr feedback * fix return on badgeText and cluster nav test * fix landing cta tests * update test to reflect new changes * moved call to feature-flags from application route to the service to match patterns * add managed test coverage on overview component test and remove premium feature so cta message appplies to both managed and non-managed clusters * missed service name and unskip admin test * clean up * fix tests * flags test fix * Rename isManaged and managedNamespaceRoot (#26697) * renames * lowercase HVD to match * missed some * test failure * [Secrets Sync] enable access to Sync clients page for HVD clusters (#26713) * feat: split client counts navbar into separate component * acceptance/clients/counts/overview-test: remove tests now covered by int tests * clients counts route: rename isSecretsSyncActivated to showSecretsSync * sync clients page: show unactivated state unless sync client history or feature is activated * client counts navbar: show sync tab only if client history or is /able to be/ activated * clients overview page: only show sync charts if activated * fix: rename isManaged to isHvd * acceptance/counts/overview-test: add HVD tests * acceptance/counts/overview-test: clean up unused cruft * aceptance/clients/counts/overview-test: ensure we dont get false negatives * chore: move Clients::Error to Clients::Counts::Error * chore: calculate showSecretSync in page component instead of route * chore: add copyright headers * acceptance/clients/counts/overview-test: stub activated flags to fix test * [Secrets sync] update sync test selectors (#26824) * acceptance/clients/counts/overview-test: use imported test selectors * general-selectors: add missing emptyStateSubtitle property * acceptance/clients/counts/sync: nest tests in top level module for easier test runs * Add permissions check to show/hide activate button (#26840) * add permissions check to flags service and consume in overview template * add back missing refresh * fix test failures * add test coverage * clean up * address flaky test * grr * address test failures * add changelog * try to fix test failure only on gh * fix fetch to match previous implementation of feature-flags * fix failing test * update comment --------- Co-authored-by: Noelle Daley <[email protected]> Co-authored-by: [email protected] <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a permissions check inside the
flags.jsservice, using thelazy-capabilitiesmacro. While this is the first use case of a permissions check inside a service it made sense. The prevalent pattern is to check capabilities inside the model. But this one endpoint is a POST with no data returned or used on it, so adding a model/adapter/serializer is not necessary.No permissions to POST to
sys/activation-flags/secrets-sync/activateWith permissions to POST
Same view as before