[Fix] Wrong permissions on edit CDB

public/controllers/management/components/management/management-main.js

@@ -22,6 +22,8 @@ import WzReporting from './reporting/reporting-main';
 import WzConfiguration from './configuration/configuration-main';
 import WzStatistics from './statistics/statistics-main';
 import { connect } from 'react-redux';
+import { clusterReq } from './configuration/utils/wz-fetch';
+import { updateClusterStatus } from '../../../../redux/actions/appStateActions';
 
 class WzManagementMain extends Component {
   constructor(props) {
@@ -37,6 +39,33 @@ class WzManagementMain extends Component {
     store.dispatch(updateRulesetSection(''));
   }
 
+  componentDidMount() {
+    this.isClusterOrManager();
+  }
+
+  isClusterOrManager = async () => {
+    try {
+      const clusterStatus = await clusterReq();
+      if (clusterStatus.data.data.enabled === 'yes' && clusterStatus.data.data.running === 'yes') {
+        this.props.updateClusterStatus({
+          status: true,
+          contextConfigServer: 'cluster',
+        });
+      } else {
+        this.props.updateClusterStatus({
+          status: false,
+          contextConfigServer: 'manager',
+        });
+      }
+    } catch (error) {
+      console.warn(`Error when try to get cluster status`, error);
+      this.props.updateClusterStatus({
+        status: false,
+        contextConfigServer: 'manager',
+      });
+    }
+  };
+
   render() {
     const { section } = this.props;
     const ruleset = ['ruleset', 'rules', 'decoders', 'lists'];
@@ -48,26 +77,24 @@ class WzManagementMain extends Component {
           (section === 'statistics' && <WzStatistics />) ||
           (section === 'logs' && <WzLogs />) ||
           (section === 'configuration' && <WzConfiguration {...this.props.configurationProps} />) ||
-          (ruleset.includes(section) && <WzRuleset />)
-        }
+          (ruleset.includes(section) && <WzRuleset clusterStatus={this.props.clusterStatus} />)}
       </Fragment>
     );
   }
 }
 
 function mapStateToProps(state) {
   return {
-    state: state.managementReducers
+    state: state.managementReducers,
+    clusterStatus: state.appStateReducers.clusterStatus,
   };
 }
 
-const mapDispatchToProps = dispatch => {
+const mapDispatchToProps = (dispatch) => {
   return {
-    updateRulesetSection: section => dispatch(updateRulesetSection(section))
+    updateRulesetSection: (section) => dispatch(updateRulesetSection(section)),
+    updateClusterStatus: (clusterStatus) => dispatch(updateClusterStatus(clusterStatus)),
   };
 };
 
-export default connect(
-  mapStateToProps,
-  mapDispatchToProps
-)(WzManagementMain);
+export default connect(mapStateToProps, mapDispatchToProps)(WzManagementMain);

public/controllers/management/components/management/ruleset/actions-buttons.js

@@ -11,7 +11,7 @@
  */
 import React, { Component, Fragment } from 'react';
 // Eui components
-import { EuiFlexItem, EuiButtonEmpty, EuiGlobalToastList } from '@elastic/eui';
+import { EuiFlexItem, EuiButtonEmpty } from '@elastic/eui';
 import { toastNotifications } from 'ui/notify';
 
 import { connect } from 'react-redux';
@@ -22,11 +22,10 @@ import {
   updteAddingRulesetFile,
   updateListContent,
   updateIsProcessing,
-  updatePageIndex
+  updatePageIndex,
 } from '../../../../../redux/actions/rulesetActions';
 
 import { WzRequest } from '../../../../../react-services/wz-request';
-import { ErrorHandler } from '../../../../../react-services/error-handler';
 import exportCsv from '../../../../../react-services/wz-csv';
 import { UploadFiles } from '../../upload-files';
 import columns from './utils/columns';
@@ -164,46 +163,134 @@ class WzRulesetActionButtons extends Component {
   render() {
     const { section, showingFiles } = this.props.state;
 
+    const getPermissionsFiles = () => {
+      const permissions = [
+        {
+          action: `cluster:status`,
+          resource: `*:*:*`,
+        },
+      ];
+
+      if (((this.props || {}).clusterStatus || {}).contextConfigServer === 'cluster') {
+        permissions.push(
+          {
+            action: `cluster:upload_file`,
+            resource: `node:id:*`,
+          },
+          {
+            action: `cluster:read`,
+            resource: `node:id:*`,
+          },
+          {
+            action: `cluster:read_file`,
+            resource: `node:id:*&file:path:*`,
+          }
+        );
+      } else {
+        permissions.push(
+          {
+            action: `manager:upload_file`,
+            resource: `file:path:/etc/${section}`,
+          },
+          {
+            action: `manager:read`,
+            resource: `file:path:/etc/${section}`,
+          },
+          {
+            action: `manager:read_file`,
+            resource: `file:path:/etc/${section}`,
+          }
+        );
+      }
+
+      return permissions;
+    };
+
     // Export button
     const exportButton = (
-      <EuiButtonEmpty
+      <WzButtonPermissions
+        buttonType="empty"
+        permissions={getPermissionsFiles()}
         iconType="exportAction"
+        iconSide="left"
         onClick={async () => await this.generateCsv()}
-        isLoading={this.state.generatingCsv}
       >
         Export formatted
-      </EuiButtonEmpty>
+      </WzButtonPermissions>
     );
 
     // Add new rule button
     const addNewRuleButton = (
       <WzButtonPermissions
-        permissions={[{action: 'manager:upload_file', resource: `file:path:/etc/${section}`}]}
-        buttonType='empty'
+        permissions={getPermissionsFiles()}
+        buttonType="empty"
         iconType="plusInCircle"
         onClick={() =>
           this.props.updteAddingRulesetFile({
             name: '',
             content: '<!-- Modify it at your will. -->',
-            path: `etc/${section}`
+            path: `etc/${section}`,
           })
         }
       >
         {`Add new ${section} file`}
       </WzButtonPermissions>
     );
 
+    const getPermissionsNewFileCDB = () => {
+      const permissions = [
+        {
+          action: `cluster:status`,
+          resource: `*:*:*`,
+        },
+      ];
+
+      if (((this.props || {}).clusterStatus || {}).contextConfigServer === 'cluster') {
+        permissions.push(
+          {
+            action: `cluster:upload_file`,
+            resource: `node:id:*`,
+          },
+          {
+            action: `cluster:read`,
+            resource: `node:id:*`,
+          },
+          {
+            action: `cluster:read_file`,
+            resource: `node:id:*&file:path:*`,
+          }
+        );
+      } else {
+        permissions.push(
+          {
+            action: `manager:read_file`,
+            resource: `file:path:/etc/${section}`,
+          },
+          {
+            action: `manager:read`,
+            resource: `*:*:*`,
+          },
+          {
+            action: `manager:upload_file`,
+            resource: `file:path:/etc/${section}`,
+          }
+        );
+      }
+
+      return permissions;
+    };
+
     //Add new CDB list button
     const addNewCdbListButton = (
       <WzButtonPermissions
-        buttonType='empty'
-        permissions={[{action: 'manager:upload_file', resource: 'file:path:/etc/lists/files'}]}
+        buttonType="empty"
+        permissions={getPermissionsNewFileCDB()}
         iconType="plusInCircle"
         onClick={() =>
           this.props.updateListContent({
             name: false,
             content: '',
-            path: 'etc/lists'
+            path: 'etc/lists',
           })
         }
       >
@@ -214,8 +301,8 @@ class WzRulesetActionButtons extends Component {
     // Manage files
     const manageFiles = (
       <WzButtonPermissions
-        buttonType='empty'
-        permissions={[{action: 'manager:upload_file', resource: `file:path:/etc/${section}`}]}
+        buttonType="empty"
+        permissions={getPermissionsFiles()}
         iconType={showingFiles ? 'apmTrace' : 'folderClosed'}
         onClick={async () => await this.toggleFiles()}
       >
@@ -252,6 +339,7 @@ class WzRulesetActionButtons extends Component {
         {(section === 'lists' || showingFiles) && (
           <EuiFlexItem grow={false}>
             <UploadFiles
+              clusterStatus={this.props.clusterStatus}
               msg={section}
               path={`etc/${section}`}
               upload={uploadFile}

public/controllers/management/components/management/ruleset/list-editor.js

@@ -151,8 +151,7 @@ class WzListEditor extends Component {
       }
       await this.rulesetHandler.sendCdbList(name, path, raw, overwrite, addingNew);
       if (!addingNew) {
-        const result = await this.rulesetHandler.getCdbList(`${path}/${name}`);
-        const file = { name: name, content: result, path: path };
+        const file = { name: name, content: raw, path: path };
         this.props.updateListContent(file);
         this.setState({ showWarningRestart: true });
         this.showToast(
@@ -317,7 +316,15 @@ class WzListEditor extends Component {
 
     const saveButton = (
       <WzButtonPermissions
-        permissions={[{action: 'manager:upload_file', resource: `file:path:${path}/${name}`}]}
+        permissions={[
+          {
+            action: `${((this.props || {}).clusterStatus || {}).contextConfigServer}:upload_file`,
+            resource:
+              ((this.props || {}).clusterStatus || {}).contextConfigServer === 'cluster'
+                ? 'node:id:*'
+                : `file:path:${path}/${name}`,
+          },
+        ]}
         fill
         isDisabled={items.length === 0}
         iconType="save"
@@ -333,7 +340,17 @@ class WzListEditor extends Component {
         {!this.state.isPopoverOpen && (
           <EuiFlexItem grow={false}>
             <WzButtonPermissions
-              permissions={[{action: 'manager:upload_file', resource: `file:path:${path}/${name}`}]}
+              permissions={[
+                {
+                  action: `${
+                    ((this.props || {}).clusterStatus || {}).contextConfigServer
+                  }:upload_file`,
+                  resource:
+                    ((this.props || {}).clusterStatus || {}).contextConfigServer === 'cluster'
+                      ? 'node:id:*'
+                      : `file:path:${path}/${name}`,
+                },
+              ]}
               iconType="plusInCircle"
               onClick={() => this.openAddEntry()}
             >
@@ -496,7 +513,17 @@ class WzListEditor extends Component {
                   buttonType='icon'
                   aria-label="Edit content"
                   iconType="pencil"
-                  permissions={[{action: 'manager:upload_file', resource: `file:path:${path}/${fileName}`}]}
+                  permissions={[
+                    {
+                      action: `${
+                        ((this.props || {}).clusterStatus || {}).contextConfigServer
+                      }:upload_file`,
+                      resource:
+                        ((this.props || {}).clusterStatus || {}).contextConfigServer === 'cluster'
+                          ? 'node:id:*'
+                          : `file:path:${path}/${fileName}`,
+                    },
+                  ]}
                   tooltip={{position: 'top', content: `Edit ${item.key}`}}
                   onClick={() => {
                     this.setState({
@@ -510,7 +537,17 @@ class WzListEditor extends Component {
                   buttonType='icon'
                   aria-label="Remove content"
                   iconType="trash"
-                  permissions={[{action: 'manager:upload_file', resource: `file:path:${path}/${fileName}`}]}
+                  permissions={[
+                    {
+                      action: `${
+                        ((this.props || {}).clusterStatus || {}).contextConfigServer
+                      }:upload_file`,
+                      resource:
+                        ((this.props || {}).clusterStatus || {}).contextConfigServer === 'cluster'
+                          ? 'node:id:*'
+                          : `file:path:${path}/${fileName}`,
+                    },
+                  ]}
                   tooltip={{position: 'top', content: `Remove ${item.key}`}}
                   onClick={() => this.deleteItem(item.key)}
                   color="danger"

public/controllers/management/components/management/ruleset/main-ruleset.js

@@ -70,9 +70,9 @@ export default class WzRuleset extends Component {
       <WzReduxProvider>
         {(ruleInfo && <WzRuleInfo />) ||
           (decoderInfo && <WzDecoderInfo />) ||
-          (listInfo && <WzListEditor />) ||
-          ((fileContent || addingRulesetFile) && <WzRulesetEditor />) || (
-            <WzRulesetOverview />
+          (listInfo && <WzListEditor clusterStatus={this.props.clusterStatus} />) ||
+          ((fileContent || addingRulesetFile) && <WzRulesetEditor clusterStatus={this.props.clusterStatus}/>) || (
+            <WzRulesetOverview clusterStatus={this.props.clusterStatus} />
           )}
       </WzReduxProvider>
     );

public/controllers/management/components/management/ruleset/ruleset-overview.js

@@ -48,7 +48,7 @@ class WzRulesetOverview extends Component {
               </EuiTitle>
             </EuiFlexItem>
             <EuiFlexItem></EuiFlexItem>
-            <WzRulesetActionButtons />
+            <WzRulesetActionButtons clusterStatus={this.props.clusterStatus} />
           </EuiFlexGroup>
           <EuiFlexGroup>
             <EuiFlexItem>
@@ -60,7 +60,11 @@ class WzRulesetOverview extends Component {
           <WzRulesetSearchBar />
           <EuiFlexGroup>
             <EuiFlexItem>
-              <WzRulesetTable request={section} updateTotalItems={(totalItems) => this.setState({totalItems})} />
+              <WzRulesetTable
+                clusterStatus={this.props.clusterStatus}
+                request={section}
+                updateTotalItems={(totalItems) => this.setState({ totalItems })}
+              />
             </EuiFlexItem>
           </EuiFlexGroup>
         </EuiPanel>