Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge in V2 master #1

Merged
merged 41 commits into from
Feb 16, 2018
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
41 commits
Select commit Hold shift + click to select a range
9507d39
Fix unregister endpoint
richard-cox Feb 9, 2018
b042d69
Non-magical fix
richard-cox Feb 9, 2018
b57d347
Merge branch 'v2-master' into fix-delete-endpoint
richard-cox Feb 9, 2018
d8c424a
Fix two spammy issues
richard-cox Feb 9, 2018
c4eaf23
Fix org/space shemas
richard-cox Feb 9, 2018
f8482ba
Add missing file
richard-cox Feb 9, 2018
424713c
Merge branch 'fix-org-space-schemas' into stepper-forms-lists
richard-cox Feb 9, 2018
fa47ff5
Common treatment of all input fields and spacing across steppers
richard-cox Feb 9, 2018
4b7c316
Ensure top level stepper form styles only apply to top level stopper …
richard-cox Feb 9, 2018
fa03267
Convert routes lists (app summary + map) to use local pagination
richard-cox Feb 12, 2018
e5cba86
Show smaller page sizes + ensure any default page size is valid
richard-cox Feb 12, 2018
c693428
Fix delete
richard-cox Feb 12, 2018
6192c7e
Create neater, smaller list header
richard-cox Feb 13, 2018
a87163f
Make the header more responsive
richard-cox Feb 13, 2018
ad4d25b
Lint fixes, fix list text when window width reduced
richard-cox Feb 13, 2018
4b4f1e7
Header colour when selected
richard-cox Feb 13, 2018
3e20eb0
Fix org/space shemas (#1601)
richard-cox Feb 14, 2018
f05b7b7
Merge branch 'v2-master' into stepper-forms-lists
richard-cox Feb 14, 2018
257f14d
Fixing application and endpoints view when no endpoints are attached …
KlapTrap Feb 15, 2018
84c515b
Merge pull request #1600 from cloudfoundry-incubator/fix-delete-endpoint
KlapTrap Feb 15, 2018
c585dec
Merge pull request #1604 from cloudfoundry-incubator/stepper-forms-lists
KlapTrap Feb 15, 2018
a6aae77
Merge branch 'v2-master' into routes-lists-as-local
richard-cox Feb 15, 2018
0913ee0
Fix standupdevenv
nwmac Feb 15, 2018
2a2dbc5
Merge branch 'routes-lists-as-local' into v2-master
richard-cox Feb 15, 2018
db75ea4
Merge branch 'v2-master' into list-header-changes
richard-cox Feb 15, 2018
a9415f1
Move migration file to correct dir
nwmac Feb 15, 2018
532c64b
Fix package name
nwmac Feb 15, 2018
4df4246
Fix schema
nwmac Feb 15, 2018
51fd317
Show application page promptly
richard-cox Feb 12, 2018
d4c886e
Ensure we always have an initial app state on app summary page
richard-cox Feb 15, 2018
c5ad971
Fetch app stats concurrent to application fetch, show uptime block on…
KlapTrap Feb 15, 2018
a9d6ab9
Only gate stats polling
richard-cox Feb 15, 2018
2cae535
Fix column count mismatch
nwmac Feb 15, 2018
063be6f
Styling tweeks
KlapTrap Feb 15, 2018
e583321
CC issues?
KlapTrap Feb 15, 2018
2d71777
Merge pull request #1616 from cloudfoundry-incubator/list-header-changes
KlapTrap Feb 15, 2018
2ea711a
Fix enum issue
Feb 15, 2018
7952462
Change name of backend builder image for v2 (#1585)
nwmac Feb 15, 2018
f9c1e2d
Merge branch 'v2-master' into auth
Feb 15, 2018
6f99a11
Merge pull request #1567 from cloudfoundry-incubator/auth
Feb 15, 2018
49d5ff4
Rough doc for cf user management
richard-cox Feb 14, 2018
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
# compiled output
/dist
.dist
/tmp
/out-tsc
/out
Expand Down Expand Up @@ -56,6 +57,8 @@ lib
tools/test-backend/config/mock.config.json
tools/.coverage-karma/
dev-certs/*
vendor/
**/vendor
**/*.so
.glide
tools/ssl
Expand Down
4 changes: 2 additions & 2 deletions deploy/build_portal_proxy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,9 @@ docker run -it \
-e USER_NAME=$(id -nu) \
-e USER_ID=$(id -u) \
-e GROUP_ID=$(id -g) \
--name console-proxy-builder \
--name stratos-jetstream-builder \
--volume $(pwd):/go/src/github.com/SUSE/stratos-ui \
splatform/stratos-proxy-builder:opensuse $*
splatform/stratos-jetstream-builder:opensuse $*

ret=$?
popd
Expand Down
4 changes: 2 additions & 2 deletions deploy/ci/tasks/stratos-ui/prep-proxy-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ platform: linux
image_resource:
type: docker-image
source:
repository: ci-registry.capbristol.com:5000/splatform/stratos-proxy-builder
repository: ci-registry.capbristol.com:5000/splatform/stratos-jetstream-builder
tag: "opensuse"
insecure_registries: [ "ci-registry.capbristol.com:5000" ]

Expand All @@ -17,7 +17,7 @@ run:
- -exc
- |
cd stratos-ui
npm install --production
npm install
npm run build-backend
cd -
cp -r ./stratos-ui/outputs ./portal-proxy-output
Expand Down
2 changes: 1 addition & 1 deletion deploy/db/scripts/development.sh
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ echo "Checking database status."

# Run migrations
echo "Attempting database migrations."
./portal-proxy--env=mariadb-development up
./portal-proxy --env=mariadb-development up

# CHeck the status
echo "Checking database status."
Expand Down
4 changes: 2 additions & 2 deletions deploy/docker-compose/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -205,9 +205,9 @@ function buildProxy {
-e USER_NAME=$(id -nu) \
-e USER_ID=$(id -u) \
-e GROUP_ID=$(id -g) \
--name stratos-proxy-builder \
--name stratos-jetstream-builder \
--volume $(pwd):/go/src/github.com/SUSE/stratos-ui \
${DOCKER_REGISTRY}/${DOCKER_ORG}/stratos-proxy-builder:opensuse
${DOCKER_REGISTRY}/${DOCKER_ORG}/stratos-jetstream-builder:opensuse
popd > /dev/null 2>&1
popd > /dev/null 2>&1

Expand Down
12 changes: 6 additions & 6 deletions deploy/kubernetes/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -214,10 +214,10 @@ function buildProxy {
# Use the existing build container to compile the proxy executable, and leave
# it on the local filesystem.
echo
echo "-- Building the Console Proxy"
echo "-- Building the Stratos Backend"

echo
echo "-- Run the build container to build the Console backend"
echo "-- Run the build container to build the Stratos backend"

pushd ${STRATOS_UI_PATH} > /dev/null 2>&1
pushd $(git rev-parse --show-toplevel) > /dev/null 2>&1
Expand All @@ -229,9 +229,9 @@ function buildProxy {
-e USER_NAME=$(id -nu) \
-e USER_ID=$(id -u) \
-e GROUP_ID=$(id -g) \
--name stratos-proxy-builder \
--name stratos-jetstream-builder \
--volume $(pwd):/go/src/github.com/SUSE/stratos-ui \
${DOCKER_REGISTRY}/${DOCKER_ORG}/stratos-proxy-builder:${BASE_IMAGE_TAG}
${DOCKER_REGISTRY}/${DOCKER_ORG}/stratos-jetstream-builder:${BASE_IMAGE_TAG}
popd > /dev/null 2>&1
popd > /dev/null 2>&1

Expand All @@ -254,9 +254,9 @@ function buildPostflightJob {
-e USER_NAME=$(id -nu) \
-e USER_ID=$(id -u) \
-e GROUP_ID=$(id -g) \
--name stratos-proxy-builder \
--name stratos-jetstream-builder \
--volume $(pwd):/go/src/github.com/SUSE/stratos-ui \
${DOCKER_REGISTRY}/${DOCKER_ORG}/stratos-proxy-builder:${BASE_IMAGE_TAG}
${DOCKER_REGISTRY}/${DOCKER_ORG}/stratos-jetstream-builder:${BASE_IMAGE_TAG}
buildAndPublishImage stratos-postflight-job deploy/db/Dockerfile.k8s.postflight-job ${STRATOS_UI_PATH}
popd > /dev/null 2>&1

Expand Down
8 changes: 8 additions & 0 deletions deploy/stand-up-dev-env.sh
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,13 @@ function uaa_downloads {
./uaa/prepare.sh
}

function dev_certs {
CERTS_PATH="${PROG_DIR}/../dev-certs"
if [ ! -d "${CERTS_PATH}" ]; then
CERTS_PATH=${CERTS_PATH} ./tools/generate_cert.sh
fi
}

function build {
echo "===== Building the portal proxy"
export USER_ID=$(id -u)
Expand Down Expand Up @@ -131,6 +138,7 @@ if [ "$CLEAN" = true ] ; then
clean
fi
uaa_downloads
dev_certs
build
docker ps
popd
2 changes: 1 addition & 1 deletion deploy/stratos-base-images/build-base-images.sh
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ build_ui_base;
build_bk_base;
# Used for hosting nginx
build_nginx_base;
# Used for stratos-proxy-builder base
# Used for stratos-jetstream-builder base
build_bk_build_base;
# Used for building the backend
build_portal_proxy_builder;
Expand Down
2 changes: 1 addition & 1 deletion deploy/tools/build-push-proxy-builder-image.sh
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ else
echo " REGISTRY: ${DOCKER_REGISTRY}"
echo " ORG: ${DOCKER_ORG}"
fi
NAME=stratos-proxy-builder
NAME=stratos-jetstream-builder
TAG=${TAG:-opensuse}
BK_BUILD_BASE=${BK_BUILD_BASE:-splatform/stratos-bk-build-base:opensuse}

Expand Down
83 changes: 83 additions & 0 deletions docs/planning/cf-user-management.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
# Cloud Foundry User Management

## Requirements

* View the organisation and space roles for all users
* Edit the organisation and space roles for a specific user
* Assign multiple organisation and/or space roles for multiple users

## V1

* Users tab + table at CF, organisation and space level
* CF level shows user _organisation_ roles for all organisations as pills
* Org level shows user _space_ roles for all spaces as pills
* Space level shows user _space_ roles for space as pills
* Table provided links to update roles
* 'Manage' a single user - pop up showing orgs/spaces (depending on level) roles. Allowed edit of all shown roles
* 'Change' multiple users - similar to manage, however no existing roles were shown. New selection _replaced_ existing roles
* 'Remove all' roles of selected users. These are specific to the level (cf - remove all orgs/spaces, org - remove all org/spaces, space - remove all space)
* All cf/org/space pages allow user to 'Assign' roles in a pop up
* pop up contains stepper, one stage to select user/s and another role/s
* can only assign roles to a single org and it's spaces
* no existing roles are shown

### V1 Issues

* Handling large amount of orgs or spaces
* Pill format to represent user roles lead to potentially large blobs of pills which were hard to extract information from but did show
the data in as small as possible area
* The Manage/Change popup didn't scale well at the CF level for lots of orgs or org level for lots of spaces
* Only showing org or space roles in the table can lead to confusion, for example user edits org roles at space level and no changes to table.
* Multiple ways to reach the same window (buttons above tables, row actions)
* Can only mass assign roles one org at a time
* No concept of inviting users
* Need to understand how this would work by supplying an email. API provides a way to create users with their UAA guid

## V2

### First pass implementation - Changes to V1

* 'Change' multiple user modal
* To be removed. The ability to 'reset' multiple users needs more work.
* 'Manage' single user modal
* Only allow edit of a single org and it's spaces in the 'Manage' pop up, as per the assign. This restricts functionality but presents the
information in a clearer way and scales much better for multiple orgs.
* Tidy the position of 'remove from org'
* Stretch - Remove the 'org user' and handle automatically in the background?
* 'Assign'
* Step 2 - Ensure consistent UX with 'Manage' or vice versa
* Users Tab/Table
* Show org and space columns for their roles. Relevant to level (cf - both, org - both, space - space only)
* Provide a way to collapse list of roles automatically when there's a large amount.
* Stretch - Provide a way to filter per role. This will allow user to quickly see who's, for instance, a manager.

### Second pass

* Invite/Create user
* Remove user
* Reset users roles

### Design input required pre release

* Validate first pass approach
* Review use case/possible solutions to update/reset multiple users roles
* Review use of pills in table
* Review second roles column in table
* Review Manage/Assign layout

## Similar Implementations

High level description of other CF UIs

* Management at org and space level
* Roughly table like views
* Each user listed in rows
* Org/Space roles as columns
* Editing a users roles by..
* a check box in the roles column (each change an individual api request at time of click)
* a pop up allowing edits to all org OR space roles for a specific row/user
* All edits are very specific to user
* Provide a way to invite new users by email address.
* Can specify what roles they have at invite time

>> Note .. There's no easy way to check user/s management at Cloud Foundry admin level, which is where some of the fun starts.
10 changes: 5 additions & 5 deletions src/backend/app-core/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -212,19 +212,19 @@ func (p *portalProxy) fetchToken(cnsiGUID string, c echo.Context) (*UAAResponse,
}

authTypeStr := c.FormValue("auth")
authType := interfaces.OAuth2
authType := interfaces.AuthTypeOAuth2
switch authTypeStr {
case "http":
authType = interfaces.HttpBasic
authType = interfaces.AuthTypeHttpBasic
default:
authType = interfaces.OAuth2
authType = interfaces.AuthTypeOAuth2
}

if authType == interfaces.OAuth2 {
if authType == interfaces.AuthTypeOAuth2 {
return p.fetchOAuth2Token(cnsiRecord, c)
}

if authType == interfaces.HttpBasic {
if authType == interfaces.AuthTypeHttpBasic {
return p.fetchHttpBasicToken(cnsiRecord, c)
}

Expand Down
Original file line number Diff line number Diff line change
@@ -1,21 +1,23 @@
package main
package datastore

import (
"database/sql"
"fmt"
)

func Up_20171108102900(txn *sql.Tx) {

createTokens := "ALTER TABLE tokens "
createTokens += "ADD auth_type VARCHAR(255) DEFAULT \"OAuth2\", "
createTokens += "ADD meta_data TEXT "
createTokens += ";"
func (s *StratosMigrations) Up_20171108102900(txn *sql.Tx) {

createTokens := "ALTER TABLE tokens ADD auth_type VARCHAR(255) DEFAULT \"OAuth2\""
_, err := txn.Exec(createTokens)
if err != nil {
fmt.Printf("Failed to migrate due to: %v", err)
}

createTokens = "ALTER TABLE tokens ADD meta_data TEXT"
_, err = txn.Exec(createTokens)
if err != nil {
fmt.Printf("Failed to migrate due to: %v", err)
}
}

func Down_20171108102900(txn *sql.Tx) {
Expand Down
8 changes: 3 additions & 5 deletions src/backend/app-core/repository/interfaces/structs.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,9 @@ type CNSIRecord struct {
SkipSSLValidation bool `json:"skip_ssl_validation"`
}

type AuthType string

const (
OAuth2 AuthType = "OAuth2"
HttpBasic AuthType = "HttpBasic"
AuthTypeOAuth2 = "OAuth2"
AuthTypeHttpBasic = "HttpBasic"
)

//TODO this could be moved back to tokens subpackage, and extensions could import it?
Expand All @@ -44,7 +42,7 @@ type TokenRecord struct {
RefreshToken string
TokenExpiry int64
Disconnected bool
AuthType AuthType
AuthType string
Metadata string
}

Expand Down
8 changes: 4 additions & 4 deletions src/backend/app-core/repository/tokens/pgsql_tokens.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,8 @@ var insertCNSIToken = `INSERT INTO tokens (cnsi_guid, user_guid, token_type, aut
VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)`

var updateCNSIToken = `UPDATE tokens
SET auth_token = $1, refresh_token = $2, token_expiry = $3, disconnected = $4
WHERE cnsi_guid = $5 AND user_guid = $6 AND token_type = $7 AND auth_type = $7 AND meta_data = $8`
SET auth_token = $1, refresh_token = $2, token_expiry = $3, disconnected = $4, meta_data = $5,
WHERE cnsi_guid = $6 AND user_guid = $7 AND token_type = $8 AND auth_type = $9`

var deleteCNSIToken = `DELETE FROM tokens
WHERE token_type = 'cnsi' AND cnsi_guid = $1 AND user_guid = $2`
Expand Down Expand Up @@ -238,7 +238,7 @@ func (p *PgsqlTokenRepository) SaveCNSIToken(cnsiGUID string, userGUID string, t
case 0:

if _, insertErr := p.db.Exec(insertCNSIToken, cnsiGUID, userGUID, "cnsi", ciphertextAuthToken,
ciphertextRefreshToken, tr.TokenExpiry, tr.Disconnected, tr.AuthType, tr.AuthType, tr.Metadata); insertErr != nil {
ciphertextRefreshToken, tr.TokenExpiry, tr.Disconnected, tr.AuthType, tr.Metadata); insertErr != nil {

msg := "Unable to INSERT CNSI token: %v"
log.Printf(msg, insertErr)
Expand All @@ -251,7 +251,7 @@ func (p *PgsqlTokenRepository) SaveCNSIToken(cnsiGUID string, userGUID string, t

log.Println("Existing CNSI token found - attempting update.")
result, err := p.db.Exec(updateCNSIToken, ciphertextAuthToken, ciphertextRefreshToken, tr.TokenExpiry,
tr.Disconnected, cnsiGUID, userGUID, "cnsi", tr.AuthType, tr.Metadata)
tr.Disconnected, tr.Metadata, cnsiGUID, userGUID, "cnsi", tr.AuthType)
if err != nil {
msg := "Unable to UPDATE CNSI token: %v"
log.Printf(msg, err)
Expand Down
2 changes: 1 addition & 1 deletion src/frontend/app/core/entity-service.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { Store } from '@ngrx/store';
import { denormalize, Schema } from 'normalizr';
import { tag } from 'rxjs-spy/operators/tag';
import { interval } from 'rxjs/observable/interval';
import { filter, map, publishReplay, refCount, shareReplay, tap, withLatestFrom, share } from 'rxjs/operators';
import { filter, map, shareReplay, tap, withLatestFrom, share } from 'rxjs/operators';
import { Observable } from 'rxjs/Rx';

import { AppState } from '../store/app-state';
Expand Down
Loading