1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
5 import { Dispatch } from 'redux';
6 import { reset, startSubmit, stopSubmit, FormErrors, initialize } from 'redux-form';
7 import { bindDataExplorerActions } from "store/data-explorer/data-explorer-action";
8 import { dialogActions } from 'store/dialog/dialog-actions';
9 import { RootState } from 'store/store';
10 import { ServiceRepository } from 'services/services';
11 import { getResource } from 'store/resources/resources';
12 import { GroupResource, GroupClass } from 'models/group';
13 import { getCommonResourceServiceError, CommonResourceServiceError } from 'services/common-service/common-resource-service';
14 import { snackbarActions, SnackbarKind } from 'store/snackbar/snackbar-actions';
15 import { PermissionLevel } from 'models/permission';
16 import { PermissionService } from 'services/permission-service/permission-service';
17 import { FilterBuilder } from 'services/api/filter-builder';
18 import { ProjectUpdateFormDialogData, PROJECT_UPDATE_FORM_NAME } from 'store/projects/project-update-actions';
20 export const GROUPS_PANEL_ID = "groupsPanel";
22 export const GROUP_ATTRIBUTES_DIALOG = 'groupAttributesDialog';
23 export const GROUP_REMOVE_DIALOG = 'groupRemoveDialog';
25 export const GroupsPanelActions = bindDataExplorerActions(GROUPS_PANEL_ID);
27 export const loadGroupsPanel = () => GroupsPanelActions.REQUEST_ITEMS();
29 export const openCreateGroupDialog = () =>
30 (dispatch: Dispatch, getState: () => RootState) => {
31 dispatch(initialize(PROJECT_UPDATE_FORM_NAME, {}));
32 dispatch(dialogActions.OPEN_DIALOG({ id: PROJECT_UPDATE_FORM_NAME, data: {sourcePanel: GroupClass.ROLE, create: true} }));
35 export const openGroupAttributes = (uuid: string) =>
36 (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
37 const { resources } = getState();
38 const data = getResource<GroupResource>(uuid)(resources);
39 dispatch(dialogActions.OPEN_DIALOG({ id: GROUP_ATTRIBUTES_DIALOG, data }));
42 export const removeGroup = (uuid: string) =>
43 async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
44 dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removing ...', kind: SnackbarKind.INFO }));
45 await services.groupsService.delete(uuid);
46 dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removed.', hideDuration: 2000, kind: SnackbarKind.SUCCESS }));
47 dispatch<any>(loadGroupsPanel());
50 export const openRemoveGroupDialog = (uuid: string) =>
51 (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
52 dispatch(dialogActions.OPEN_DIALOG({
53 id: GROUP_REMOVE_DIALOG,
55 title: 'Remove group',
56 text: 'Are you sure you want to remove this group?',
57 confirmButtonLabel: 'Remove',
63 // Group edit dialog uses project update dialog with sourcePanel set to reload the appropriate parts
64 export const openGroupUpdateDialog = (resource: ProjectUpdateFormDialogData) =>
65 (dispatch: Dispatch, getState: () => RootState) => {
66 dispatch(initialize(PROJECT_UPDATE_FORM_NAME, resource));
67 dispatch(dialogActions.OPEN_DIALOG({ id: PROJECT_UPDATE_FORM_NAME, data: {sourcePanel: GroupClass.ROLE} }));
70 export const updateGroup = (project: ProjectUpdateFormDialogData) =>
71 async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
72 const uuid = project.uuid || '';
73 dispatch(startSubmit(PROJECT_UPDATE_FORM_NAME));
75 const updatedGroup = await services.groupsService.update(uuid, { name: project.name, description: project.description });
76 dispatch(GroupsPanelActions.REQUEST_ITEMS());
77 dispatch(reset(PROJECT_UPDATE_FORM_NAME));
78 dispatch(dialogActions.CLOSE_DIALOG({ id: PROJECT_UPDATE_FORM_NAME }));
81 dispatch(stopSubmit(PROJECT_UPDATE_FORM_NAME));
82 const error = getCommonResourceServiceError(e);
83 if (error === CommonResourceServiceError.UNIQUE_NAME_VIOLATION) {
84 dispatch(stopSubmit(PROJECT_UPDATE_FORM_NAME, { name: 'Group with the same name already exists.' } as FormErrors));
90 export const createGroup = ({ name, users = [], description }: ProjectUpdateFormDialogData) =>
91 async (dispatch: Dispatch, _: {}, { groupsService, permissionService }: ServiceRepository) => {
92 dispatch(startSubmit(PROJECT_UPDATE_FORM_NAME));
94 const newGroup = await groupsService.create({ name, description, groupClass: GroupClass.ROLE });
95 for (const user of users) {
96 await addGroupMember({
103 dispatch(dialogActions.CLOSE_DIALOG({ id: PROJECT_UPDATE_FORM_NAME }));
104 dispatch(reset(PROJECT_UPDATE_FORM_NAME));
105 dispatch(loadGroupsPanel());
106 dispatch(snackbarActions.OPEN_SNACKBAR({
107 message: `${newGroup.name} group has been created`,
108 kind: SnackbarKind.SUCCESS
112 const error = getCommonResourceServiceError(e);
113 if (error === CommonResourceServiceError.UNIQUE_NAME_VIOLATION) {
114 dispatch(stopSubmit(PROJECT_UPDATE_FORM_NAME, { name: 'Group with the same name already exists.' } as FormErrors));
120 interface AddGroupMemberArgs {
121 user: { uuid: string, name: string };
122 group: { uuid: string, name: string };
124 permissionService: PermissionService;
128 * Group membership is determined by whether the group has can_read permission on an object.
129 * If a group G can_read an object A, then we say A is a member of G.
131 * [Permission model docs](https://doc.arvados.org/api/permission-model.html)
133 export const addGroupMember = async ({ user, group, ...args }: AddGroupMemberArgs) => {
134 await createPermission({
137 permissionLevel: PermissionLevel.CAN_READ,
142 interface CreatePermissionLinkArgs {
143 head: { uuid: string, name: string };
144 tail: { uuid: string, name: string };
145 permissionLevel: PermissionLevel;
147 permissionService: PermissionService;
150 const createPermission = async ({ head, tail, permissionLevel, dispatch, permissionService }: CreatePermissionLinkArgs) => {
152 await permissionService.create({
155 name: permissionLevel,
158 dispatch(snackbarActions.OPEN_SNACKBAR({
159 message: `Could not add ${tail.name} -> ${head.name} relation`,
160 kind: SnackbarKind.ERROR,
165 interface DeleteGroupMemberArgs {
166 link: { uuid: string };
168 permissionService: PermissionService;
171 export const deleteGroupMember = async ({ link, ...args }: DeleteGroupMemberArgs) => {
172 await deletePermission({
178 interface DeletePermissionLinkArgs {
181 permissionService: PermissionService;
184 export const deletePermission = async ({ uuid, dispatch, permissionService }: DeletePermissionLinkArgs) => {
186 const permissionsResponse = await permissionService.list({
187 filters: new FilterBuilder()
188 .addEqual('uuid', uuid)
191 const [permission] = permissionsResponse.items;
193 await permissionService.delete(permission.uuid);
195 throw new Error('Permission not found');
198 dispatch(snackbarActions.OPEN_SNACKBAR({
199 message: `Could not delete ${uuid} permission`,
200 kind: SnackbarKind.ERROR,