feat(web): support unauthenticated client access

This commit builds on top of the new privileged-based layered API access introduced in abd8f76. The commit reverts part of the changes introduced in 5552179 and builds upon the parts that remain. It is now (again) possible to access the client without being authenticated. The client works as it did before, all data is accessible and visible. However, when you open a task, it will now show you either the original "run" button, or – depending on your access level – a button informing you that you need to authenticate to run the task, or if you are already authenticated but lack sufficient privileges, it will inform you that you cannot run said task. The "Authentication Required" button can be clicked to show a more friendly inline login field, that doesn't cover the entire screen, and can be ignored if you are not interested in authenticating. All in all, this provides a _much_ friendlier user experience, while also allowing for more fine-grained access control. This closes #19, #21, and #39.
blendle · Jul 23, 2019 · bf9ffe4 · bf9ffe4
1 parent abd8f76
commit bf9ffe4
Show file tree

Hide file tree

Showing 20 changed files with 373 additions and 226 deletions.
diff --git a/src/web-client/queries/fetch_session_details.graphql b/src/web-client/queries/fetch_session_details.graphql
@@ -0,0 +1,5 @@
+query FetchSessionDetails {
+  session {
+    privileges
+  }
+}
diff --git a/src/web-client/queries/fetch_task_details.graphql b/src/web-client/queries/fetch_task_details.graphql
@@ -3,6 +3,7 @@ query FetchTaskDetails($id: ID!) {
     id
     name
     description
+    labels
 
     variables {
       key

diff --git a/src/web-client/queries/search_tasks.graphql b/src/web-client/queries/search_tasks.graphql
@@ -3,5 +3,6 @@ query SearchTasks($search: SearchTaskInput) {
     id
     name
     description
+    labels
   }
 }
diff --git a/src/web-client/src/app.rs b/src/web-client/src/app.rs
@@ -20,6 +20,9 @@ pub(crate) struct App<C = Controller> {
     /// The cookie service to modify cookie data.
     pub(crate) cookie: CookieService,
 
+    /// The authenticated session data, if any.
+    session: Rc<RefCell<Option<session::Session>>>,
+
     /// All tasks fetched since the start of the application session.
     ///
     /// This is purely meant for caching purposes, the source of truth lives on
@@ -41,6 +44,7 @@ impl<C> App<C> {
         Self {
             client,
             cookie,
+            session: Rc::default(),
             tasks: Rc::default(),
             stats: Rc::default(),
             _controller: PhantomData,
@@ -57,6 +61,11 @@ impl<C> App<C> {
         self.tasks.try_borrow_mut().map_err(|_| ())
     }
 
+    /// Get a reference-counted clone of the authenticated session, if any.
+    pub(crate) fn cloned_session(&self) -> Rc<RefCell<Option<session::Session>>> {
+        Rc::clone(&self.session)
+    }
+
     /// Get a reference-counted clone of the cached tasks.
     pub(crate) fn cloned_tasks(&self) -> Rc<RefCell<tasks::Tasks>> {
         Rc::clone(&self.tasks)
@@ -75,13 +84,6 @@ where
     fn render<'b>(&self, cx: &mut RenderContext<'b>) -> Node<'b> {
         use dodrio::builder::*;
 
-        // TODO: once we have actual session data to store, we should add an
-        // `Option<Session>` to the `App`, and trigger this route if that value
-        // is set to `None`, instead of reading the current path.
-        if let Some(Route::Login) = Route::active() {
-            return component::Login::<C>::new().render(cx);
-        }
-
         let stats = self.stats.try_borrow().unwrap_throw();
         let tasks = self.tasks().unwrap_throw();
         let filtered_tasks = tasks.filtered_tasks();
@@ -98,7 +100,10 @@ where
         let tasks = self.tasks().unwrap_throw();
 
         if let Some(task) = tasks.active_task() {
-            let task_details = component::TaskDetails::<C>::new(&*task);
+            let session = self.session.try_borrow().unwrap_throw();
+            let access_mode = task.run_access_mode(&*session);
+
+            let task_details = component::TaskDetails::<C>::new(&*task, access_mode);
             node = node.child(task_details.render(cx));
         };
 

diff --git a/src/web-client/src/component/login.rs b/src/web-client/src/component/login.rs
diff --git a/src/web-client/src/component/login.scss b/src/web-client/src/component/login.scss
diff --git a/src/web-client/src/component/mod.rs b/src/web-client/src/component/mod.rs
@@ -1,7 +1,6 @@
 //! The list of UI components used in the application.
 
 mod header;
-mod login;
 mod navbar;
 mod statistic;
 mod task_details;
@@ -10,7 +9,6 @@ mod tasks;
 mod variable;
 
 pub(crate) use header::Header;
-pub(crate) use login::Login;
 pub(crate) use navbar::Navbar;
 pub(crate) use statistic::Statistic;
 pub(crate) use task_details::TaskDetails;