UI: Confirm Action as a popover #6741
Conversation
| min-width: 0; | ||
| padding: 0; | ||
| width: 2.5rem; | ||
| } |
There was a problem hiding this comment.
I think it might be good to introduce an "Icon button" style rather than do it this way, but this is an easy reset for now
| <CopyButton @clipboardText={{auth.currentToken}} class="link" @buttonType="button" @success={{action (set-flash-message 'Token copied!')}}> | ||
| Copy token | ||
| </CopyButton> | ||
| </li> |
There was a problem hiding this comment.
Gathering the "destructive actions" at the bottom of the list, so moving these up
| Delete role | ||
| </ConfirmAction> | ||
| {{/if}} | ||
| {{#if (or model.canUpdate model.canDelete)}} |
There was a problem hiding this comment.
Any idea why the Edit button isn't showing up with just {{#if model.canUpdate}}?
There was a problem hiding this comment.
Hmm it should - I think previously it had this because delete was on the edit page. I can take a look.
There was a problem hiding this comment.
Ok, it's because the model it's a capabilities object, and the actual attribute is canEdit, so just #if model.canEdit should work here - looks like that's true of other secret models too.
vault/ui/app/models/role-aws.js
Line 67 in d7e441a
joshuaogle
force-pushed
the
ui-confirm-action-popover
branch
from
4383495 to
c28d76b
Compare
| @buttonClasses="link is-destroy" | ||
| @onConfirmAction={{action "delete" item}} | ||
| @confirmTitle="Revoke this cert?" | ||
| @confirmMessage="This may affect access to Vault data." |
There was a problem hiding this comment.
This could be true, but we really don't have a way to tell what they're using the certs for (whether it's vault authentication or something else).
There was a problem hiding this comment.
How about something more generic like "Any services using this cert may be affected."?
I'm trying to give them an idea of the consequences, but certs are a tricky one
| @buttonClasses="button" | ||
| @onConfirmAction={{action "delete"}} | ||
| @confirmTitle="Revoke this cert?" | ||
| @confirmMessage="This may affect access to Vault data." |
There was a problem hiding this comment.
Same as above, we don't know how they're using the certs.
| <ConfirmAction | ||
| @buttonClasses="toolbar-link" | ||
| @confirmTitle="Rotate this key?" | ||
| @confirmMessage="After rotation, new plaintext requests will be encrypted with the new version of the key." |
There was a problem hiding this comment.
I don't think we want to mention encryption here because the key may not support encrypt / decrypt. Maybe "After rotation, all key actions will default to using the newest version of the key." ?
There was a problem hiding this comment.
I think this is the only one I copied word for word from the docs (https://www.vaultproject.io/api/secret/transit/index.html#rotate-key), but I do like the change better. I wonder if we should add that detail there then
| buttonClasses="link is-destroy" | ||
| onConfirmAction=(action "delete" item) | ||
| confirmMessage=(concat "Are you sure you want to delete " item.id "?") | ||
| showConfirm=(get this (concat "shouldDelete-" (dot-to-dash item.id))) |
| @@ -26,16 +26,5 @@ | |||
| Cancel | |||
| {{/secret-link}} | |||
| </div> | |||
| {{#if (and (eq mode 'edit') model.canDelete)}} | |||
There was a problem hiding this comment.
So no deletes currently happen on the edit page anymore, is that right?
There was a problem hiding this comment.
Yep, that's right. If there is a "show" page we should have it as a link there instead. We do still have a couple places that still need to be moved I think.
| assert.equal(currentRouteName(), 'vault.cluster.secrets.backend.edit', 'navs to the edit page'); | ||
|
|
||
| await editPage.deleteRole(); | ||
| await showPage.visit({ backend: path, id: 'role' }); |
There was a problem hiding this comment.
I think we should end up on the show page already here (but it probably doesn't hurt to explicitly nav there).
| * @property {String} [disabledMessage=Complete the form to complete this action] - The message to display when the button is disabled. | ||
| * | ||
| */ | ||
|
|
||
| export default Component.extend({ | ||
| tagName: 'span', |
There was a problem hiding this comment.
What do you think about doing tagName: '' and then moving all class and wrapping HTML to the template?
There was a problem hiding this comment.
I'd have to pass in the data-attributes explicitly like I did for ToolbarLink (until we can use ...attributes), right? Is that worth it?
There was a problem hiding this comment.
You should be able to use ...attributes with this one because it's not one of the built-in template helpers (link-to was the problem with the other one iirc). But up to you if you want to change it - when we move to glimmer components that will be the default way things work so more just trying to shift to that where we can.
joshuaogle
force-pushed
the
ui-confirm-action-popover
branch
from
ff880d0 to
9ed84e7
Compare
Background
Vault stores a lot of sensitive data, so it is generally good to warn a user when an action that they take might have serious consequences. We do this in the UI by giving the user some context around this action and having them confirm that they are sure.
Prior to Vault v1.2, this design was extremely simple, and appeared when the user clicks on a "Delete" button (or "Revoke", or anything similar) on a list row or anywhere else, such as a "show" page
Along come Toolbars
In Vault v1.2, we are introducing the concept of Toolbars to the UI. The Toolbar gives us a consistent way to present page-level actions, including ones that may require confirmation. Unfortunately, the old design for these confirmations doesn't work well with the limited space, so in the HashiCorp Design System we have created a more consistent and clear way to confirm these actions with users, called "Confirm Popovers".
This PR includes the new design for this component, which also gave us an opportunity to write new copy making the actions even clearer to the user. The default popover and copy looks like this:
Wherever we have clearer context we can provide the user, they would be more customized, like this:
Note: We plan to utilize a "sliding menu" similar to the Namespace Picker for use in dropdown menus, but because the default solution in this PR is still very usable, we will tackle that later.