UI: Fix enabling replication capabilities bug #28371
Conversation
github-actions
bot
added
the
hashicorp-contributed-pr
hellobontempo
added
backport/1.18.x
backport/ent/1.16.x+ent
|
Build Results: |
|
CI Results: |
| @@ -14,6 +13,23 @@ export default Route.extend(ClusterRoute, { | |||
| store: service(), | |||
| auth: service(), | |||
| router: service(), | |||
| capabilities: service(), | |||
There was a problem hiding this comment.
I thought about not using the new service here so that it more cleanly backported to older versions (this only exists in 1.18 so far), BUT the service is nice because we only make one request for all of these capabilities instead of a request for each path which I think is a win! 🙌
| if (this.modeSelection === 'dr') { | ||
| // returns canEnablePrimaryDr or canEnableSecondaryDr | ||
| return `canEnable${type}Dr`; | ||
| } | ||
| if (this.modeSelection === 'performance') { |
There was a problem hiding this comment.
I wanted to explicitly check for each mode instead of do a ternary statement since that'd mean if there wasn't a mode we'd fallback on a whichever was the falsy capability which didn't feel like the most stable thing to do.
| @@ -0,0 +1,3 @@ | |||
| ```release-note:bug | |||
| ui: Fix UI improperly checking capabilities for enabling performance and dr replication | |||
There was a problem hiding this comment.
This wording feels strange? Open to alternatives!
| * /> | ||
| * ``` | ||
| * | ||
| * @param {string} replicationMode - should be one of "dr" or "performance" |
There was a problem hiding this comment.
🔤 alphabetized 🤓
| const { cluster, replicationMode } = this.args; | ||
| let perm; | ||
| if (replicationMode === 'dr') { | ||
| // returns canEnablePrimaryDr or canEnableSecondaryDr |
There was a problem hiding this comment.
added these comments so future devs see they are used here if performing a global search for the capabilities defined in the route
vault/ui/lib/replication/addon/routes/application.js
Lines 57 to 60 in 6efc65a
| enablePath('performance', 'secondary'), | ||
| ]); | ||
| return { | ||
| canEnablePrimaryDr: perms[enablePath('dr', 'primary')].canUpdate, |
There was a problem hiding this comment.
originally I wrote all these variables as canEnableDrPrimary or canEnablePerformancePrimary but I found it easier to read with the type at the end and the cluster in the middle. Dr seemed to get lost in the middle there
hashishaw
deleted the
ui/VAULT-30458/fix-enabling-replication-capabilities-bug
branch
Description
A user with the policy below (which is used in this tutorial) was unable to enable replication in the GUI because the UI wasn't checking specifically for
/dr/or/performance/in the original capabilities check.Now type is included in the path passed to the capabilities endpoint which hides or shows "Enable" accordingly. If there's a problem reading capabilities, then the default is
truebecause the backend can be used as a fallback to gate a user who does not have the correct permissions.I will open a manual backport to address this fix in 1.16 and 1.17 because the capabilities service is new and was added in 1.18
📸 The left is before the fix, and on the right is after.
Both browsers the user is logged in with the policy below.
TODO only if you're a HashiCorp employee
to N, N-1, and N-2, using the
backport/ent/x.x.x+entlabels. If this PR is in the CE repo, you should only backport to N, using thebackport/x.x.xlabel, not the enterprise labels.of a public function, even if that change is in a CE file, double check that
applying the patch for this PR to the ENT repo and running tests doesn't
break any tests. Sometimes ENT only tests rely on public functions in CE
files.
in the PR description, commit message, or branch name.
description. Also, make sure the changelog is in this PR, not in your ENT PR.