import { GroupResource } from '~/models/group';
import { getCommonResourceServiceError, CommonResourceServiceError } from '~/services/common-service/common-resource-service';
import { snackbarActions, SnackbarKind } from '~/store/snackbar/snackbar-actions';
-import { PermissionLevel, PermissionResource } from '~/models/permission';
+import { PermissionLevel } from '~/models/permission';
import { PermissionService } from '~/services/permission-service/permission-service';
import { FilterBuilder } from '~/services/api/filter-builder';
export const removeGroup = (uuid: string) =>
async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
- dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removing ...' }));
+ dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removing ...', kind: SnackbarKind.INFO }));
await services.groupsService.delete(uuid);
dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removed.', hideDuration: 2000, kind: SnackbarKind.SUCCESS }));
dispatch<any>(loadGroupsPanel());
export const createGroup = ({ name, users = [] }: CreateGroupFormData) =>
async (dispatch: Dispatch, _: {}, { groupsService, permissionService }: ServiceRepository) => {
-
dispatch(startSubmit(CREATE_GROUP_FORM));
-
try {
-
const newGroup = await groupsService.create({ name });
-
for (const user of users) {
-
await addGroupMember({
user,
group: newGroup,
dispatch,
permissionService,
});
-
}
-
dispatch(dialogActions.CLOSE_DIALOG({ id: CREATE_GROUP_DIALOG }));
dispatch(reset(CREATE_GROUP_FORM));
dispatch(loadGroupsPanel());
message: `${newGroup.name} group has been created`,
kind: SnackbarKind.SUCCESS
}));
-
return newGroup;
-
} catch (e) {
-
const error = getCommonResourceServiceError(e);
- if (error === CommonResourceServiceError.UNIQUE_VIOLATION) {
+ if (error === CommonResourceServiceError.UNIQUE_NAME_VIOLATION) {
dispatch(stopSubmit(CREATE_GROUP_FORM, { name: 'Group with the same name already exists.' } as FormErrors));
}
-
return;
-
}
};
-interface DeleteGroupMemberArgs {
- user: { uuid: string, name: string };
- group: { uuid: string, name: string };
- dispatch: Dispatch;
- permissionService: PermissionService;
-}
-
-export const deleteGroupMember = async ({ user, group, ...args }: DeleteGroupMemberArgs) => {
-
- await deletePermission({
- tail: user,
- head: group,
- ...args,
- });
-
- await deletePermission({
- tail: group,
- head: user,
- ...args,
- });
-
-};
-
interface AddGroupMemberArgs {
user: { uuid: string, name: string };
group: { uuid: string, name: string };
permissionService: PermissionService;
}
+/**
+ * Group membership is determined by whether the group has can_read permission on an object.
+ * If a group G can_read an object A, then we say A is a member of G.
+ *
+ * [Permission model docs](https://doc.arvados.org/api/permission-model.html)
+ */
export const addGroupMember = async ({ user, group, ...args }: AddGroupMemberArgs) => {
-
-
-
- await createPermission({
- head: { ...group },
- tail: { ...user },
- permissionLevel: PermissionLevel.CAN_MANAGE,
- ...args,
- });
-
await createPermission({
head: { ...user },
tail: { ...group },
permissionLevel: PermissionLevel.CAN_READ,
...args,
});
-
};
interface CreatePermissionLinkArgs {
}
const createPermission = async ({ head, tail, permissionLevel, dispatch, permissionService }: CreatePermissionLinkArgs) => {
-
try {
-
await permissionService.create({
tailUuid: tail.uuid,
headUuid: head.uuid,
name: permissionLevel,
});
-
} catch (e) {
-
dispatch(snackbarActions.OPEN_SNACKBAR({
message: `Could not add ${tail.name} -> ${head.name} relation`,
kind: SnackbarKind.ERROR,
}));
-
}
+};
+interface DeleteGroupMemberArgs {
+ user: { uuid: string, name: string };
+ group: { uuid: string, name: string };
+ dispatch: Dispatch;
+ permissionService: PermissionService;
+}
+
+export const deleteGroupMember = async ({ user, group, ...args }: DeleteGroupMemberArgs) => {
+ await deletePermission({
+ tail: group,
+ head: user,
+ ...args,
+ });
};
interface DeletePermissionLinkArgs {
}
export const deletePermission = async ({ head, tail, dispatch, permissionService }: DeletePermissionLinkArgs) => {
-
try {
-
const permissionsResponse = await permissionService.list({
-
filters: new FilterBuilder()
- .addEqual('tailUuid', tail.uuid)
- .addEqual('headUuid', head.uuid)
+ .addEqual('tail_uuid', tail.uuid)
+ .addEqual('head_uuid', head.uuid)
.getFilters()
-
});
-
const [permission] = permissionsResponse.items;
-
if (permission) {
-
await permissionService.delete(permission.uuid);
-
} else {
-
throw new Error('Permission not found');
-
}
-
-
} catch (e) {
-
dispatch(snackbarActions.OPEN_SNACKBAR({
message: `Could not delete ${tail.name} -> ${head.name} relation`,
kind: SnackbarKind.ERROR,
}));
-
}
-
};
\ No newline at end of file
projects / arvados-workbench2.git / blobdiff