From 88362810a9a8ffff37d2763c94add4200f902038 Mon Sep 17 00:00:00 2001 From: Christopher Kolstad Date: Fri, 19 Jan 2024 14:00:17 +0100 Subject: [PATCH] task: Make project permissions more fine grained Connected to [#5932](https://github.com/Unleash/unleash/pull/5932) - This starts using the new permissions in addition to the old UPDATE_PROJECT permission. That way, if you're happy with UPDATE_PROJECT, you don't need to change. However, you can now add more fine grained permissions for both READ and WRITE operations. --- .../common/PermissionSwitch/PermissionSwitch.tsx | 2 +- .../ChangeRequestConfiguration.tsx | 4 ++-- .../ChangeRequestConfiguration/ChangeRequestTable.tsx | 5 +++-- .../ProjectDefaultStrategySettings.tsx | 4 ++-- .../ProjectSettings/Settings/EditProject/EditProject.tsx | 4 ++-- .../Settings/EditProject/UpdateProject.tsx | 4 ++-- .../Project/ProjectSettings/Settings/Settings.tsx | 4 ++-- .../component/project/ProjectAccess/ProjectAccess.tsx | 4 ++-- .../ProjectAccessTable/ProjectAccessTable.tsx | 8 ++++---- .../component/providers/AccessProvider/permissions.ts | 9 +++++++++ 10 files changed, 29 insertions(+), 19 deletions(-) diff --git a/frontend/src/component/common/PermissionSwitch/PermissionSwitch.tsx b/frontend/src/component/common/PermissionSwitch/PermissionSwitch.tsx index 220811de2031..d2b22b1a0e91 100644 --- a/frontend/src/component/common/PermissionSwitch/PermissionSwitch.tsx +++ b/frontend/src/component/common/PermissionSwitch/PermissionSwitch.tsx @@ -8,7 +8,7 @@ import { } from 'hooks/useHasAccess'; interface IPermissionSwitchProps extends SwitchProps { - permission: string; + permission: string | string[]; tooltip?: string; onChange?: (e: React.ChangeEvent) => void; disabled?: boolean; diff --git a/frontend/src/component/project/Project/ProjectSettings/ChangeRequestConfiguration/ChangeRequestConfiguration.tsx b/frontend/src/component/project/Project/ProjectSettings/ChangeRequestConfiguration/ChangeRequestConfiguration.tsx index e3c856662e87..f758db055e90 100644 --- a/frontend/src/component/project/Project/ProjectSettings/ChangeRequestConfiguration/ChangeRequestConfiguration.tsx +++ b/frontend/src/component/project/Project/ProjectSettings/ChangeRequestConfiguration/ChangeRequestConfiguration.tsx @@ -4,7 +4,7 @@ import useUiConfig from 'hooks/api/getters/useUiConfig/useUiConfig'; import { Alert } from '@mui/material'; import { PageHeader } from 'component/common/PageHeader/PageHeader'; import AccessContext from 'contexts/AccessContext'; -import { UPDATE_PROJECT } from 'component/providers/AccessProvider/permissions'; +import {PROJECT_CHANGE_REQUEST_READ, UPDATE_PROJECT} from 'component/providers/AccessProvider/permissions'; import { useRequiredPathParam } from 'hooks/useRequiredPathParam'; import { usePageTitle } from 'hooks/usePageTitle'; import { useProjectNameOrId } from 'hooks/api/getters/useProject/useProject'; @@ -36,7 +36,7 @@ export const ChangeRequestConfiguration = () => { ); } - if (!hasAccess(UPDATE_PROJECT, projectId)) { + if (!hasAccess([UPDATE_PROJECT, PROJECT_CHANGE_REQUEST_READ], projectId)) { return ( } diff --git a/frontend/src/component/project/Project/ProjectSettings/ChangeRequestConfiguration/ChangeRequestTable.tsx b/frontend/src/component/project/Project/ProjectSettings/ChangeRequestConfiguration/ChangeRequestTable.tsx index e7ead42d2b71..6b3dcc7c4ec3 100644 --- a/frontend/src/component/project/Project/ProjectSettings/ChangeRequestConfiguration/ChangeRequestTable.tsx +++ b/frontend/src/component/project/Project/ProjectSettings/ChangeRequestConfiguration/ChangeRequestTable.tsx @@ -30,6 +30,7 @@ import { KeyboardArrowDownOutlined } from '@mui/icons-material'; import { useTheme } from '@mui/material/styles'; import AccessContext from 'contexts/AccessContext'; import { usePlausibleTracker } from 'hooks/usePlausibleTracker'; +import {PROJECT_CHANGE_REQUEST_WRITE} from "../../../../providers/AccessProvider/permissions"; const StyledBox = styled(Box)(({ theme }) => ({ padding: theme.spacing(1), @@ -159,7 +160,7 @@ export const ChangeRequestTable: VFC = () => { }} disabled={ !hasAccess( - UPDATE_PROJECT, + [UPDATE_PROJECT, PROJECT_CHANGE_REQUEST_WRITE], projectId, ) } @@ -188,7 +189,7 @@ export const ChangeRequestTable: VFC = () => { { const navigate = useNavigate(); usePageTitle(`Project default strategy configuration – ${projectName}`); - if (!hasAccess(UPDATE_PROJECT, projectId)) { + if (!hasAccess([UPDATE_PROJECT, PROJECT_DEFAULT_STRATEGY_READ], projectId)) { return ( } diff --git a/frontend/src/component/project/Project/ProjectSettings/Settings/EditProject/EditProject.tsx b/frontend/src/component/project/Project/ProjectSettings/Settings/EditProject/EditProject.tsx index 4b8ebe137bc4..c3adc59b020e 100644 --- a/frontend/src/component/project/Project/ProjectSettings/Settings/EditProject/EditProject.tsx +++ b/frontend/src/component/project/Project/ProjectSettings/Settings/EditProject/EditProject.tsx @@ -1,4 +1,4 @@ -import { UPDATE_PROJECT } from 'component/providers/AccessProvider/permissions'; +import {PROJECT_SETTINGS_WRITE, UPDATE_PROJECT} from 'component/providers/AccessProvider/permissions'; import useProject from 'hooks/api/getters/useProject/useProject'; import useUiConfig from 'hooks/api/getters/useUiConfig/useUiConfig'; import { useRequiredPathParam } from 'hooks/useRequiredPathParam'; @@ -26,7 +26,7 @@ const EditProject = () => { return null; } - const accessDeniedAlert = !hasAccess(UPDATE_PROJECT, id) && ( + const accessDeniedAlert = !hasAccess([UPDATE_PROJECT, PROJECT_SETTINGS_WRITE], id) && ( You do not have the required permissions to edit this project. diff --git a/frontend/src/component/project/Project/ProjectSettings/Settings/EditProject/UpdateProject.tsx b/frontend/src/component/project/Project/ProjectSettings/Settings/EditProject/UpdateProject.tsx index 0d7302e0503d..eb8f2eb82452 100644 --- a/frontend/src/component/project/Project/ProjectSettings/Settings/EditProject/UpdateProject.tsx +++ b/frontend/src/component/project/Project/ProjectSettings/Settings/EditProject/UpdateProject.tsx @@ -1,7 +1,7 @@ import FormTemplate from 'component/common/FormTemplate/FormTemplate'; import ProjectForm from '../../../ProjectForm/ProjectForm'; import PermissionButton from 'component/common/PermissionButton/PermissionButton'; -import { UPDATE_PROJECT } from 'component/providers/AccessProvider/permissions'; +import {PROJECT_SETTINGS_WRITE, UPDATE_PROJECT} from 'component/providers/AccessProvider/permissions'; import useProjectForm, { DEFAULT_PROJECT_STICKINESS, } from '../../../hooks/useProjectForm'; @@ -138,7 +138,7 @@ export const UpdateProject = ({ project }: IUpdateProject) => { > diff --git a/frontend/src/component/project/Project/ProjectSettings/Settings/Settings.tsx b/frontend/src/component/project/Project/ProjectSettings/Settings/Settings.tsx index 6a2cbae9d97a..f5d97789fa8a 100644 --- a/frontend/src/component/project/Project/ProjectSettings/Settings/Settings.tsx +++ b/frontend/src/component/project/Project/ProjectSettings/Settings/Settings.tsx @@ -3,7 +3,7 @@ import { PageContent } from 'component/common/PageContent/PageContent'; import { Alert } from '@mui/material'; import { PageHeader } from 'component/common/PageHeader/PageHeader'; import AccessContext from 'contexts/AccessContext'; -import { UPDATE_PROJECT } from 'component/providers/AccessProvider/permissions'; +import {PROJECT_SETTINGS_READ, UPDATE_PROJECT} from 'component/providers/AccessProvider/permissions'; import { useRequiredPathParam } from 'hooks/useRequiredPathParam'; import { usePageTitle } from 'hooks/usePageTitle'; import EditProject from './EditProject/EditProject'; @@ -29,7 +29,7 @@ export const Settings = () => { ); } - if (!hasAccess(UPDATE_PROJECT, projectId)) { + if (!hasAccess([UPDATE_PROJECT, PROJECT_SETTINGS_READ], projectId)) { return ( }> diff --git a/frontend/src/component/project/ProjectAccess/ProjectAccess.tsx b/frontend/src/component/project/ProjectAccess/ProjectAccess.tsx index 41f28d241a7d..e3cd059887f1 100644 --- a/frontend/src/component/project/ProjectAccess/ProjectAccess.tsx +++ b/frontend/src/component/project/ProjectAccess/ProjectAccess.tsx @@ -4,7 +4,7 @@ import useUiConfig from 'hooks/api/getters/useUiConfig/useUiConfig'; import { Alert } from '@mui/material'; import { PageHeader } from 'component/common/PageHeader/PageHeader'; import AccessContext from 'contexts/AccessContext'; -import { UPDATE_PROJECT } from 'component/providers/AccessProvider/permissions'; +import {PROJECT_USER_ACCESS_READ, UPDATE_PROJECT} from 'component/providers/AccessProvider/permissions'; import { useRequiredPathParam } from 'hooks/useRequiredPathParam'; import { usePageTitle } from 'hooks/usePageTitle'; import { ProjectAccessTable } from 'component/project/ProjectAccess/ProjectAccessTable/ProjectAccessTable'; @@ -29,7 +29,7 @@ export const ProjectAccess = () => { ); } - if (!hasAccess(UPDATE_PROJECT, projectId)) { + if (!hasAccess([UPDATE_PROJECT, PROJECT_USER_ACCESS_READ], projectId)) { return ( }> diff --git a/frontend/src/component/project/ProjectAccess/ProjectAccessTable/ProjectAccessTable.tsx b/frontend/src/component/project/ProjectAccess/ProjectAccessTable/ProjectAccessTable.tsx index 4374a8dd5817..daccd2f4cf73 100644 --- a/frontend/src/component/project/ProjectAccess/ProjectAccessTable/ProjectAccessTable.tsx +++ b/frontend/src/component/project/ProjectAccess/ProjectAccessTable/ProjectAccessTable.tsx @@ -9,7 +9,7 @@ import useProjectAccess, { IProjectAccess, } from 'hooks/api/getters/useProjectAccess/useProjectAccess'; import PermissionIconButton from 'component/common/PermissionIconButton/PermissionIconButton'; -import { UPDATE_PROJECT } from 'component/providers/AccessProvider/permissions'; +import {PROJECT_USER_ACCESS_WRITE, UPDATE_PROJECT} from 'component/providers/AccessProvider/permissions'; import { TextCell } from 'component/common/Table/cells/TextCell/TextCell'; import { ActionCell } from 'component/common/Table/cells/ActionCell/ActionCell'; import { SearchHighlightProvider } from 'component/common/Table/SearchHighlightContext/SearchHighlightContext'; @@ -212,7 +212,7 @@ export const ProjectAccessTable: VFC = () => { { { setSelectedRow(row); @@ -411,7 +411,7 @@ export const ProjectAccessTable: VFC = () => { onClick={() => navigate('create')} maxWidth='700px' Icon={Add} - permission={UPDATE_PROJECT} + permission={[UPDATE_PROJECT, PROJECT_USER_ACCESS_WRITE]} projectId={projectId} data-testid={PA_ASSIGN_BUTTON_ID} > diff --git a/frontend/src/component/providers/AccessProvider/permissions.ts b/frontend/src/component/providers/AccessProvider/permissions.ts index b4db6fd53047..08a081e98a7f 100644 --- a/frontend/src/component/providers/AccessProvider/permissions.ts +++ b/frontend/src/component/providers/AccessProvider/permissions.ts @@ -39,3 +39,12 @@ export const READ_PROJECT_API_TOKEN = 'READ_PROJECT_API_TOKEN'; export const CREATE_PROJECT_API_TOKEN = 'CREATE_PROJECT_API_TOKEN'; export const DELETE_PROJECT_API_TOKEN = 'DELETE_PROJECT_API_TOKEN'; export const UPDATE_PROJECT_SEGMENT = 'UPDATE_PROJECT_SEGMENT'; + +export const PROJECT_USER_ACCESS_READ = 'PROJECT_USER_ACCESS_READ'; +export const PROJECT_DEFAULT_STRATEGY_READ = 'PROJECT_DEFAULT_STRATEGY_READ'; +export const PROJECT_CHANGE_REQUEST_READ = 'PROJECT_CHANGE_REQUEST_READ'; +export const PROJECT_SETTINGS_READ = 'PROJECT_SETTINGS_READ'; +export const PROJECT_USER_ACCESS_WRITE = 'PROJECT_USER_ACCESS_WRITE'; +export const PROJECT_DEFAULT_STRATEGY_WRITE = 'PROJECT_DEFAULT_STRATEGY_WRITE'; +export const PROJECT_CHANGE_REQUEST_WRITE = 'PROJECT_CHANGE_REQUEST_WRITE'; +export const PROJECT_SETTINGS_WRITE = 'PROJECT_SETTINGS_WRITE';