src/store/groups-panel/groups-panel-actions.ts

   1 // Copyright (C) The Arvados Authors. All rights reserved.
   2 //
   3 // SPDX-License-Identifier: AGPL-3.0
   4
   5 import { Dispatch } from 'redux';
   6 import { reset, startSubmit, stopSubmit, FormErrors, initialize } from 'redux-form';
   7 import { bindDataExplorerActions } from "store/data-explorer/data-explorer-action";
   8 import { dialogActions } from 'store/dialog/dialog-actions';
   9 import { RootState } from 'store/store';
  10 import { ServiceRepository } from 'services/services';
  11 import { getResource } from 'store/resources/resources';
  12 import { GroupResource, GroupClass } from 'models/group';
  13 import { getCommonResourceServiceError, CommonResourceServiceError } from 'services/common-service/common-resource-service';
  14 import { snackbarActions, SnackbarKind } from 'store/snackbar/snackbar-actions';
  15 import { PermissionLevel } from 'models/permission';
  16 import { PermissionService } from 'services/permission-service/permission-service';
  17 import { FilterBuilder } from 'services/api/filter-builder';
  18 import { ProjectUpdateFormDialogData, PROJECT_UPDATE_FORM_NAME } from 'store/projects/project-update-actions';
  19
  20 export const GROUPS_PANEL_ID = "groupsPanel";
  21
  22 export const GROUP_ATTRIBUTES_DIALOG = 'groupAttributesDialog';
  23 export const GROUP_REMOVE_DIALOG = 'groupRemoveDialog';
  24
  25 export const GroupsPanelActions = bindDataExplorerActions(GROUPS_PANEL_ID);
  26
  27 export const loadGroupsPanel = () => GroupsPanelActions.REQUEST_ITEMS();
  28
  29 export const openCreateGroupDialog = () =>
  30     (dispatch: Dispatch, getState: () => RootState) => {
  31         dispatch(initialize(PROJECT_UPDATE_FORM_NAME, {}));
  32         dispatch(dialogActions.OPEN_DIALOG({ id: PROJECT_UPDATE_FORM_NAME, data: {sourcePanel: GroupClass.ROLE, create: true} }));
  33     };
  34
  35 export const openGroupAttributes = (uuid: string) =>
  36     (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
  37         const { resources } = getState();
  38         const data = getResource<GroupResource>(uuid)(resources);
  39         dispatch(dialogActions.OPEN_DIALOG({ id: GROUP_ATTRIBUTES_DIALOG, data }));
  40     };
  41
  42 export const removeGroup = (uuid: string) =>
  43     async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
  44         dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removing ...', kind: SnackbarKind.INFO }));
  45         await services.groupsService.delete(uuid);
  46         dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removed.', hideDuration: 2000, kind: SnackbarKind.SUCCESS }));
  47         dispatch<any>(loadGroupsPanel());
  48     };
  49
  50 export const openRemoveGroupDialog = (uuid: string) =>
  51     (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
  52         dispatch(dialogActions.OPEN_DIALOG({
  53             id: GROUP_REMOVE_DIALOG,
  54             data: {
  55                 title: 'Remove group',
  56                 text: 'Are you sure you want to remove this group?',
  57                 confirmButtonLabel: 'Remove',
  58                 uuid
  59             }
  60         }));
  61     };
  62
  63 // Group edit dialog uses project update dialog with sourcePanel set to reload the appropriate parts
  64 export const openGroupUpdateDialog = (resource: ProjectUpdateFormDialogData) =>
  65     (dispatch: Dispatch, getState: () => RootState) => {
  66         dispatch(initialize(PROJECT_UPDATE_FORM_NAME, resource));
  67         dispatch(dialogActions.OPEN_DIALOG({ id: PROJECT_UPDATE_FORM_NAME, data: {sourcePanel: GroupClass.ROLE} }));
  68     };
  69
  70 export const updateGroup = (project: ProjectUpdateFormDialogData) =>
  71     async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
  72         const uuid = project.uuid || '';
  73         dispatch(startSubmit(PROJECT_UPDATE_FORM_NAME));
  74         try {
  75             const updatedGroup = await services.groupsService.update(uuid, { name: project.name, description: project.description });
  76             dispatch(GroupsPanelActions.REQUEST_ITEMS());
  77             dispatch(reset(PROJECT_UPDATE_FORM_NAME));
  78             dispatch(dialogActions.CLOSE_DIALOG({ id: PROJECT_UPDATE_FORM_NAME }));
  79             return updatedGroup;
  80         } catch (e) {
  81             dispatch(stopSubmit(PROJECT_UPDATE_FORM_NAME));
  82             const error = getCommonResourceServiceError(e);
  83             if (error === CommonResourceServiceError.UNIQUE_NAME_VIOLATION) {
  84                 dispatch(stopSubmit(PROJECT_UPDATE_FORM_NAME, { name: 'Group with the same name already exists.' } as FormErrors));
  85             }
  86             return ;
  87         }
  88     };
  89
  90 export const createGroup = ({ name, users = [], description }: ProjectUpdateFormDialogData) =>
  91     async (dispatch: Dispatch, _: {}, { groupsService, permissionService }: ServiceRepository) => {
  92         dispatch(startSubmit(PROJECT_UPDATE_FORM_NAME));
  93         try {
  94             const newGroup = await groupsService.create({ name, description, groupClass: GroupClass.ROLE });
  95             for (const user of users) {
  96                 await addGroupMember({
  97                     user,
  98                     group: newGroup,
  99                     dispatch,
 100                     permissionService,
 101                 });
 102             }
 103             dispatch(dialogActions.CLOSE_DIALOG({ id: PROJECT_UPDATE_FORM_NAME }));
 104             dispatch(reset(PROJECT_UPDATE_FORM_NAME));
 105             dispatch(loadGroupsPanel());
 106             dispatch(snackbarActions.OPEN_SNACKBAR({
 107                 message: `${newGroup.name} group has been created`,
 108                 kind: SnackbarKind.SUCCESS
 109             }));
 110             return newGroup;
 111         } catch (e) {
 112             const error = getCommonResourceServiceError(e);
 113             if (error === CommonResourceServiceError.UNIQUE_NAME_VIOLATION) {
 114                 dispatch(stopSubmit(PROJECT_UPDATE_FORM_NAME, { name: 'Group with the same name already exists.' } as FormErrors));
 115             }
 116             return;
 117         }
 118     };
 119
 120 interface AddGroupMemberArgs {
 121     user: { uuid: string, name: string };
 122     group: { uuid: string, name: string };
 123     dispatch: Dispatch;
 124     permissionService: PermissionService;
 125 }
 126
 127 /**
 128  * Group membership is determined by whether the group has can_read permission on an object.
 129  * If a group G can_read an object A, then we say A is a member of G.
 130  *
 131  * [Permission model docs](https://doc.arvados.org/api/permission-model.html)
 132  */
 133 export const addGroupMember = async ({ user, group, ...args }: AddGroupMemberArgs) => {
 134     await createPermission({
 135         head: { ...group },
 136         tail: { ...user },
 137         permissionLevel: PermissionLevel.CAN_READ,
 138         ...args,
 139     });
 140 };
 141
 142 interface CreatePermissionLinkArgs {
 143     head: { uuid: string, name: string };
 144     tail: { uuid: string, name: string };
 145     permissionLevel: PermissionLevel;
 146     dispatch: Dispatch;
 147     permissionService: PermissionService;
 148 }
 149
 150 const createPermission = async ({ head, tail, permissionLevel, dispatch, permissionService }: CreatePermissionLinkArgs) => {
 151     try {
 152         await permissionService.create({
 153             tailUuid: tail.uuid,
 154             headUuid: head.uuid,
 155             name: permissionLevel,
 156         });
 157     } catch (e) {
 158         dispatch(snackbarActions.OPEN_SNACKBAR({
 159             message: `Could not add ${tail.name} -> ${head.name} relation`,
 160             kind: SnackbarKind.ERROR,
 161         }));
 162     }
 163 };
 164
 165 interface DeleteGroupMemberArgs {
 166     link: { uuid: string };
 167     dispatch: Dispatch;
 168     permissionService: PermissionService;
 169 }
 170
 171 export const deleteGroupMember = async ({ link, ...args }: DeleteGroupMemberArgs) => {
 172     await deletePermission({
 173         uuid: link.uuid,
 174         ...args,
 175     });
 176 };
 177
 178 interface DeletePermissionLinkArgs {
 179     uuid: string;
 180     dispatch: Dispatch;
 181     permissionService: PermissionService;
 182 }
 183
 184 export const deletePermission = async ({ uuid, dispatch, permissionService }: DeletePermissionLinkArgs) => {
 185     try {
 186         const permissionsResponse = await permissionService.list({
 187             filters: new FilterBuilder()
 188                 .addEqual('uuid', uuid)
 189                 .getFilters()
 190         });
 191         const [permission] = permissionsResponse.items;
 192         if (permission) {
 193             await permissionService.delete(permission.uuid);
 194         } else {
 195             throw new Error('Permission not found');
 196         }
 197     } catch (e) {
 198         dispatch(snackbarActions.OPEN_SNACKBAR({
 199             message: `Could not delete ${uuid} permission`,
 200             kind: SnackbarKind.ERROR,
 201         }));
 202     }
 203 };