1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
5 import { Dispatch } from 'redux';
6 import { reset, startSubmit, stopSubmit, FormErrors, initialize } from 'redux-form';
7 import { bindDataExplorerActions } from "store/data-explorer/data-explorer-action";
8 import { dialogActions } from 'store/dialog/dialog-actions';
9 import { Participant } from 'views-components/sharing-dialog/participant-select';
10 import { RootState } from 'store/store';
11 import { ServiceRepository } from 'services/services';
12 import { getResource } from 'store/resources/resources';
13 import { GroupResource, GroupClass } from 'models/group';
14 import { getCommonResourceServiceError, CommonResourceServiceError } from 'services/common-service/common-resource-service';
15 import { snackbarActions, SnackbarKind } from 'store/snackbar/snackbar-actions';
16 import { PermissionLevel } from 'models/permission';
17 import { PermissionService } from 'services/permission-service/permission-service';
18 import { FilterBuilder } from 'services/api/filter-builder';
19 import { ProjectUpdateFormDialogData, PROJECT_UPDATE_FORM_NAME } from 'store/projects/project-update-actions';
21 export const GROUPS_PANEL_ID = "groupsPanel";
23 export const GROUP_ATTRIBUTES_DIALOG = 'groupAttributesDialog';
24 export const GROUP_REMOVE_DIALOG = 'groupRemoveDialog';
26 export const GroupsPanelActions = bindDataExplorerActions(GROUPS_PANEL_ID);
28 export const loadGroupsPanel = () => GroupsPanelActions.REQUEST_ITEMS();
30 export const openCreateGroupDialog = () =>
31 (dispatch: Dispatch, getState: () => RootState) => {
32 dispatch(initialize(PROJECT_UPDATE_FORM_NAME, {}));
33 dispatch(dialogActions.OPEN_DIALOG({ id: PROJECT_UPDATE_FORM_NAME, data: {sourcePanel: GroupClass.ROLE, showUsersField: true} }));
36 export const openGroupAttributes = (uuid: string) =>
37 (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
38 const { resources } = getState();
39 const data = getResource<GroupResource>(uuid)(resources);
40 dispatch(dialogActions.OPEN_DIALOG({ id: GROUP_ATTRIBUTES_DIALOG, data }));
43 export const removeGroup = (uuid: string) =>
44 async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
45 dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removing ...', kind: SnackbarKind.INFO }));
46 await services.groupsService.delete(uuid);
47 dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removed.', hideDuration: 2000, kind: SnackbarKind.SUCCESS }));
48 dispatch<any>(loadGroupsPanel());
51 export const openRemoveGroupDialog = (uuid: string) =>
52 (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
53 dispatch(dialogActions.OPEN_DIALOG({
54 id: GROUP_REMOVE_DIALOG,
56 title: 'Remove group',
57 text: 'Are you sure you want to remove this group?',
58 confirmButtonLabel: 'Remove',
64 // Group edit dialog uses project update dialog with sourcePanel set to reload the appropriate parts
65 export const openGroupUpdateDialog = (resource: ProjectUpdateFormDialogData) =>
66 (dispatch: Dispatch, getState: () => RootState) => {
67 dispatch(initialize(PROJECT_UPDATE_FORM_NAME, resource));
68 dispatch(dialogActions.OPEN_DIALOG({ id: PROJECT_UPDATE_FORM_NAME, data: {sourcePanel: GroupClass.ROLE} }));
71 export const updateGroup = (project: ProjectUpdateFormDialogData) =>
72 async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
73 const uuid = project.uuid || '';
74 dispatch(startSubmit(PROJECT_UPDATE_FORM_NAME));
76 const updatedGroup = await services.groupsService.update(uuid, { name: project.name, description: project.description });
77 dispatch(GroupsPanelActions.REQUEST_ITEMS());
78 dispatch(reset(PROJECT_UPDATE_FORM_NAME));
79 dispatch(dialogActions.CLOSE_DIALOG({ id: PROJECT_UPDATE_FORM_NAME }));
82 dispatch(stopSubmit(PROJECT_UPDATE_FORM_NAME));
83 const error = getCommonResourceServiceError(e);
84 if (error === CommonResourceServiceError.UNIQUE_NAME_VIOLATION) {
85 dispatch(stopSubmit(PROJECT_UPDATE_FORM_NAME, { name: 'Group with the same name already exists.' } as FormErrors));
91 export const createGroup = ({ name, users = [], description }: ProjectUpdateFormDialogData) =>
92 async (dispatch: Dispatch, _: {}, { groupsService, permissionService }: ServiceRepository) => {
93 dispatch(startSubmit(PROJECT_UPDATE_FORM_NAME));
95 const newGroup = await groupsService.create({ name, description, groupClass: GroupClass.ROLE });
96 for (const user of users) {
97 await addGroupMember({
104 dispatch(dialogActions.CLOSE_DIALOG({ id: PROJECT_UPDATE_FORM_NAME }));
105 dispatch(reset(PROJECT_UPDATE_FORM_NAME));
106 dispatch(loadGroupsPanel());
107 dispatch(snackbarActions.OPEN_SNACKBAR({
108 message: `${newGroup.name} group has been created`,
109 kind: SnackbarKind.SUCCESS
113 const error = getCommonResourceServiceError(e);
114 if (error === CommonResourceServiceError.UNIQUE_NAME_VIOLATION) {
115 dispatch(stopSubmit(PROJECT_UPDATE_FORM_NAME, { name: 'Group with the same name already exists.' } as FormErrors));
121 interface AddGroupMemberArgs {
122 user: { uuid: string, name: string };
123 group: { uuid: string, name: string };
125 permissionService: PermissionService;
129 * Group membership is determined by whether the group has can_read permission on an object.
130 * If a group G can_read an object A, then we say A is a member of G.
132 * [Permission model docs](https://doc.arvados.org/api/permission-model.html)
134 export const addGroupMember = async ({ user, group, ...args }: AddGroupMemberArgs) => {
135 await createPermission({
138 permissionLevel: PermissionLevel.CAN_READ,
143 interface CreatePermissionLinkArgs {
144 head: { uuid: string, name: string };
145 tail: { uuid: string, name: string };
146 permissionLevel: PermissionLevel;
148 permissionService: PermissionService;
151 const createPermission = async ({ head, tail, permissionLevel, dispatch, permissionService }: CreatePermissionLinkArgs) => {
153 await permissionService.create({
156 name: permissionLevel,
159 dispatch(snackbarActions.OPEN_SNACKBAR({
160 message: `Could not add ${tail.name} -> ${head.name} relation`,
161 kind: SnackbarKind.ERROR,
166 interface DeleteGroupMemberArgs {
167 link: { uuid: string };
169 permissionService: PermissionService;
172 export const deleteGroupMember = async ({ link, ...args }: DeleteGroupMemberArgs) => {
173 await deletePermission({
179 interface DeletePermissionLinkArgs {
182 permissionService: PermissionService;
185 export const deletePermission = async ({ uuid, dispatch, permissionService }: DeletePermissionLinkArgs) => {
187 const permissionsResponse = await permissionService.list({
188 filters: new FilterBuilder()
189 .addEqual('uuid', uuid)
192 const [permission] = permissionsResponse.items;
194 await permissionService.delete(permission.uuid);
196 throw new Error('Permission not found');
199 dispatch(snackbarActions.OPEN_SNACKBAR({
200 message: `Could not delete ${uuid} permission`,
201 kind: SnackbarKind.ERROR,