X-Git-Url: https://git.arvados.org/arvados-workbench2.git/blobdiff_plain/b1b507febf56cb0622d3599ec68f276d9e0ce3d5..8d40870a23aa60855ed4b1a43a0186b7d50c0d7d:/src/store/groups-panel/groups-panel-actions.ts

diff --git a/src/store/groups-panel/groups-panel-actions.ts b/src/store/groups-panel/groups-panel-actions.ts
index 2787fc3b..099d046d 100644
--- a/src/store/groups-panel/groups-panel-actions.ts
+++ b/src/store/groups-panel/groups-panel-actions.ts
@@ -4,17 +4,18 @@
 
 import { Dispatch } from 'redux';
 import { reset, startSubmit, stopSubmit, FormErrors } from 'redux-form';
-import { bindDataExplorerActions } from "~/store/data-explorer/data-explorer-action";
-import { dialogActions } from '~/store/dialog/dialog-actions';
-import { Person } from '~/views-components/sharing-dialog/people-select';
-import { RootState } from '~/store/store';
-import { ServiceRepository } from '~/services/services';
-import { getResource } from '~/store/resources/resources';
-import { GroupResource } from '~/models/group';
-import { getCommonResourceServiceError, CommonResourceServiceError } from '~/services/common-service/common-resource-service';
-import { snackbarActions, SnackbarKind } from '~/store/snackbar/snackbar-actions';
-import { PermissionLevel, PermissionResource } from '~/models/permission';
-import { PermissionService } from '~/services/permission-service/permission-service';
+import { bindDataExplorerActions } from "store/data-explorer/data-explorer-action";
+import { dialogActions } from 'store/dialog/dialog-actions';
+import { Participant } from 'views-components/sharing-dialog/participant-select';
+import { RootState } from 'store/store';
+import { ServiceRepository } from 'services/services';
+import { getResource } from 'store/resources/resources';
+import { GroupResource, GroupClass } from 'models/group';
+import { getCommonResourceServiceError, CommonResourceServiceError } from 'services/common-service/common-resource-service';
+import { snackbarActions, SnackbarKind } from 'store/snackbar/snackbar-actions';
+import { PermissionLevel } from 'models/permission';
+import { PermissionService } from 'services/permission-service/permission-service';
+import { FilterBuilder } from 'services/api/filter-builder';
 
 export const GROUPS_PANEL_ID = "groupsPanel";
 export const CREATE_GROUP_DIALOG = "createGroupDialog";
@@ -23,8 +24,6 @@ export const CREATE_GROUP_NAME_FIELD_NAME = 'name';
 export const CREATE_GROUP_USERS_FIELD_NAME = 'users';
 export const GROUP_ATTRIBUTES_DIALOG = 'groupAttributesDialog';
 export const GROUP_REMOVE_DIALOG = 'groupRemoveDialog';
-export const MEMBER_ATTRIBUTES_DIALOG = 'memberAttributesDialog';
-export const MEMBER_REMOVE_DIALOG = 'memberRemoveDialog';
 
 export const GroupsPanelActions = bindDataExplorerActions(GROUPS_PANEL_ID);
 
@@ -43,16 +42,9 @@ export const openGroupAttributes = (uuid: string) =>
         dispatch(dialogActions.OPEN_DIALOG({ id: GROUP_ATTRIBUTES_DIALOG, data }));
     };
 
-export const openGroupMemberAttributes = (uuid: string) =>
-    (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
-        const { resources } = getState();
-        const data = getResource<PermissionResource>(uuid)(resources);
-        dispatch(dialogActions.OPEN_DIALOG({ id: MEMBER_ATTRIBUTES_DIALOG, data }));
-    };
-
 export const removeGroup = (uuid: string) =>
     async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
-        dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removing ...' }));
+        dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removing ...', kind: SnackbarKind.INFO }));
         await services.groupsService.delete(uuid);
         dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removed.', hideDuration: 2000, kind: SnackbarKind.SUCCESS }));
         dispatch<any>(loadGroupsPanel());
@@ -71,61 +63,24 @@ export const openRemoveGroupDialog = (uuid: string) =>
         }));
     };
 
-export const removeGroupMember = (uuid: string) =>
-    async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
-        dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removing ...' }));
-        await services.permissionService.delete(uuid);
-        dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'Removed.', hideDuration: 2000, kind: SnackbarKind.SUCCESS }));
-        dispatch<any>(loadGroupsPanel());
-    };
-
-export const openRemoveGroupMemberDialog = (uuid: string) =>
-    (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
-        dispatch(dialogActions.OPEN_DIALOG({
-            id: MEMBER_REMOVE_DIALOG,
-            data: {
-                title: 'Remove member',
-                text: 'Are you sure you want to remove this member from this group?',
-                confirmButtonLabel: 'Remove',
-                uuid
-            }
-        }));
-    };
-
 export interface CreateGroupFormData {
     [CREATE_GROUP_NAME_FIELD_NAME]: string;
-    [CREATE_GROUP_USERS_FIELD_NAME]?: Person[];
+    [CREATE_GROUP_USERS_FIELD_NAME]?: Participant[];
 }
 
 export const createGroup = ({ name, users = [] }: CreateGroupFormData) =>
     async (dispatch: Dispatch, _: {}, { groupsService, permissionService }: ServiceRepository) => {
-
         dispatch(startSubmit(CREATE_GROUP_FORM));
-
         try {
-
-            const newGroup = await groupsService.create({ name });
-
+            const newGroup = await groupsService.create({ name, groupClass: GroupClass.ROLE });
             for (const user of users) {
-
-                await createPermissionLink({
-                    head: { ...newGroup },
-                    tail: { ...user },
-                    permissionLevel: PermissionLevel.CAN_READ,
+                await addGroupMember({
+                    user,
+                    group: newGroup,
                     dispatch,
                     permissionService,
                 });
-
-                await createPermissionLink({
-                    head: { ...user },
-                    tail: { ...newGroup },
-                    permissionLevel: PermissionLevel.CAN_READ,
-                    dispatch,
-                    permissionService,
-                });
-
             }
-
             dispatch(dialogActions.CLOSE_DIALOG({ id: CREATE_GROUP_DIALOG }));
             dispatch(reset(CREATE_GROUP_FORM));
             dispatch(loadGroupsPanel());
@@ -133,21 +88,37 @@ export const createGroup = ({ name, users = [] }: CreateGroupFormData) =>
                 message: `${newGroup.name} group has been created`,
                 kind: SnackbarKind.SUCCESS
             }));
-
             return newGroup;
-
         } catch (e) {
-
             const error = getCommonResourceServiceError(e);
-            if (error === CommonResourceServiceError.UNIQUE_VIOLATION) {
+            if (error === CommonResourceServiceError.UNIQUE_NAME_VIOLATION) {
                 dispatch(stopSubmit(CREATE_GROUP_FORM, { name: 'Group with the same name already exists.' } as FormErrors));
             }
-
             return;
-
         }
     };
 
+interface AddGroupMemberArgs {
+    user: { uuid: string, name: string };
+    group: { uuid: string, name: string };
+    dispatch: Dispatch;
+    permissionService: PermissionService;
+}
+
+/**
+ * Group membership is determined by whether the group has can_read permission on an object.
+ * If a group G can_read an object A, then we say A is a member of G.
+ *
+ * [Permission model docs](https://doc.arvados.org/api/permission-model.html)
+ */
+export const addGroupMember = async ({ user, group, ...args }: AddGroupMemberArgs) => {
+    await createPermission({
+        head: { ...group },
+        tail: { ...user },
+        permissionLevel: PermissionLevel.CAN_READ,
+        ...args,
+    });
+};
 
 interface CreatePermissionLinkArgs {
     head: { uuid: string, name: string };
@@ -157,23 +128,57 @@ interface CreatePermissionLinkArgs {
     permissionService: PermissionService;
 }
 
-const createPermissionLink = async ({ head, tail, permissionLevel, dispatch, permissionService }: CreatePermissionLinkArgs) => {
-
+const createPermission = async ({ head, tail, permissionLevel, dispatch, permissionService }: CreatePermissionLinkArgs) => {
     try {
-
         await permissionService.create({
             tailUuid: tail.uuid,
             headUuid: head.uuid,
             name: permissionLevel,
         });
-
     } catch (e) {
-
         dispatch(snackbarActions.OPEN_SNACKBAR({
             message: `Could not add ${tail.name} -> ${head.name} relation`,
             kind: SnackbarKind.ERROR,
         }));
-
     }
+};
+
+interface DeleteGroupMemberArgs {
+    link: { uuid: string };
+    dispatch: Dispatch;
+    permissionService: PermissionService;
+}
+
+export const deleteGroupMember = async ({ link, ...args }: DeleteGroupMemberArgs) => {
+    await deletePermission({
+        uuid: link.uuid,
+        ...args,
+    });
+};
+
+interface DeletePermissionLinkArgs {
+    uuid: string;
+    dispatch: Dispatch;
+    permissionService: PermissionService;
+}
 
-};
\ No newline at end of file
+export const deletePermission = async ({ uuid, dispatch, permissionService }: DeletePermissionLinkArgs) => {
+    try {
+        const permissionsResponse = await permissionService.list({
+            filters: new FilterBuilder()
+                .addEqual('uuid', uuid)
+                .getFilters()
+        });
+        const [permission] = permissionsResponse.items;
+        if (permission) {
+            await permissionService.delete(permission.uuid);
+        } else {
+            throw new Error('Permission not found');
+        }
+    } catch (e) {
+        dispatch(snackbarActions.OPEN_SNACKBAR({
+            message: `Could not delete ${uuid} permission`,
+            kind: SnackbarKind.ERROR,
+        }));
+    }
+};