-
Notifications
You must be signed in to change notification settings - Fork 167
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Show alert when external route is set while token is not set for model server #1862
Show alert when external route is set while token is not set for model server #1862
Conversation
@vconzola Can you check the UI changes above? |
@DaoDaoNoCode Just to be clear, for the project admin (first screenshot) the Require token auth checkbox is auto-selected when the user selects to enable external routes, and the warning is only displayed when the Require token auth checkbox is then unchecked. Is that correct? For the second use case, project user with edit permissions, looks correct. As soon as the Enable external routes checkbox is checked, then display the warnings. |
@vconzola Currently it's not, the required token will not be auto-checked together along with the external route checked, if that's the case you are expecting, I could make the change. |
a92be74
to
76c33c9
Compare
@vconzola Here is the latest flow: Screen.Recording.2023-09-26.at.10.18.31.AM.mov |
@DaoDaoNoCode The video shows the flow as I would expect it. So lgtm. |
Yes, the message should appear regardless wether the user is admin or not, cause the security risk (non authenticated requests) is there for everyone, so yes, this seems great, I'll take a look later to review it. |
76c33c9
to
1c91c51
Compare
/hold @DaoDaoNoCode the issue is a story -- you'll want to target this to the feature branch |
/unhold |
1c91c51
to
0370c9b
Compare
@DaoDaoNoCode I think the changes (warning and popover) look fine. But I do have a couple questions:
|
@vconzola Good question.
|
Yes, we had this discussion ages ago in a UX Meeting, maybe an admin/project owner wants to first enable the tokens to set up the model server, but keep the route internal AND after some tests or something make the model server public
|
Great, then I think no more changes need to be made to this PR and it's ready to get reviewed! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lucferbux The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
101411f
into
opendatahub-io:f/model-serving
Closes #1582
Closes #1581
Description
Added the alert as the description in the issue.
One thing that needs to be noted is that the regular user with edit permission cannot enable the token, so the alert will show as soon as the user enables the external route.Found issue #1581 and also updated it here because they are tightly related, the user with edit permission cannot change the external route enablement anymore, and added a popover to explain that.
As the project admin:
As the project user with edit access:
How Has This Been Tested?
Test Impact
Added integration test to test all the situations where the alert is visible/hidden.
Request review criteria:
Self checklist (all need to be checked):
If you have UI changes:
After the PR is posted & before it merges:
main