From: Lucas Di Pentima <lucas@di-pentima.com.ar>
Date: Wed, 17 Feb 2021 18:48:32 +0000 (-0300)
Subject: 16848: Avoids showing API errors when the extra token creation fails.
X-Git-Tag: 2.1.2.1~10^2~14
X-Git-Url: https://git.arvados.org/arvados-workbench2.git/commitdiff_plain/1d7fbccb64462c349ea223df3ac02817ba60bfe1

16848: Avoids showing API errors when the extra token creation fails.

If the cluster's config API.TokenLifetime isn't zero, creating new tokens
isn't allowed. From wb2's side, there's no way to know in advance if this
will be allowed so this commit avoids showing the error on app's bootup
and shows a warning message on the UI when the user tries to do it manually.

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas@di-pentima.com.ar>
---

diff --git a/src/models/api-client-authorization.ts b/src/models/api-client-authorization.ts
index 01a92017..739485c5 100644
--- a/src/models/api-client-authorization.ts
+++ b/src/models/api-client-authorization.ts
@@ -18,4 +18,7 @@ export interface ApiClientAuthorization extends Resource {
     ownerUuid: string;
     defaultOwnerUuid: string;
     scopes: string[];
-}
\ No newline at end of file
+}
+
+export const getTokenV2 = (aca: ApiClientAuthorization): string =>
+    `v2/${aca.uuid}/${aca.apiToken}`;
\ No newline at end of file
diff --git a/src/services/common-service/common-service.ts b/src/services/common-service/common-service.ts
index 8e00c4ad..48fcb06d 100644
--- a/src/services/common-service/common-service.ts
+++ b/src/services/common-service/common-service.ts
@@ -88,11 +88,13 @@ export class CommonService<T> {
             });
     }
 
-    create(data?: Partial<T>) {
+    create(data?: Partial<T>, showErrors?: boolean) {
         return CommonService.defaultResponse(
             this.serverApi
                 .post<T>(this.resourceType, data && CommonService.mapKeys(_.snakeCase)(data)),
-            this.actions
+            this.actions,
+            true, // mapKeys
+            showErrors
         );
     }
 
diff --git a/src/store/auth/auth-action.ts b/src/store/auth/auth-action.ts
index 04d1287a..49a82b95 100644
--- a/src/store/auth/auth-action.ts
+++ b/src/store/auth/auth-action.ts
@@ -16,6 +16,7 @@ import { cancelLinking } from '~/store/link-account-panel/link-account-panel-act
 import { progressIndicatorActions } from "~/store/progress-indicator/progress-indicator-actions";
 import { WORKBENCH_LOADING_SCREEN } from '~/store/workbench/workbench-actions';
 import { addRemoteConfig } from './auth-action-session';
+import { getTokenV2 } from '~/models/api-client-authorization';
 
 export const authActions = unionize({
     LOGIN: {},
@@ -100,11 +101,14 @@ export const getNewExtraToken = () =>
         const user = getState().auth.user;
         if (user === undefined) { return; }
         try {
-            const aca = await services.apiClientAuthorizationService.create();
-            const newExtraToken = `v2/${aca.uuid}/${aca.apiToken}`;
+            // Do not show errors on the create call, cluster security configuration may not
+            // allow token creation and there's no way to know that from workbench2 side in advance.
+            const client = await services.apiClientAuthorizationService.create(undefined, false);
+            const newExtraToken = getTokenV2(client);
             dispatch(authActions.SET_EXTRA_TOKEN({ extraToken: newExtraToken }));
             return newExtraToken;
         } catch {
+            console.warn("Cannot create new tokens with the current token, probably because of cluster's security settings.");
             return;
         }
     };
diff --git a/src/store/users/users-actions.ts b/src/store/users/users-actions.ts
index 8f696fa2..26b8810c 100644
--- a/src/store/users/users-actions.ts
+++ b/src/store/users/users-actions.ts
@@ -14,6 +14,7 @@ import { UserResource } from "~/models/user";
 import { getResource } from '~/store/resources/resources';
 import { navigateTo, navigateToUsers, navigateToRootProject } from "~/store/navigation/navigation-action";
 import { authActions } from '~/store/auth/auth-action';
+import { getTokenV2 } from "~/models/api-client-authorization";
 
 export const USERS_PANEL_ID = 'usersPanel';
 export const USER_ATTRIBUTES_DIALOG = 'userAttributesDialog';
@@ -62,7 +63,7 @@ export const loginAs = (uuid: string) =>
         const data = getResource<UserResource>(uuid)(resources);
         const client = await services.apiClientAuthorizationService.create({ ownerUuid: uuid });
         if (data) {
-            dispatch<any>(authActions.INIT_USER({ user: data, token: `v2/${client.uuid}/${client.apiToken}` }));
+            dispatch<any>(authActions.INIT_USER({ user: data, token: getTokenV2(client) }));
             location.reload();
             dispatch<any>(navigateToRootProject);
         }
diff --git a/src/views-components/token-dialog/token-dialog.tsx b/src/views-components/token-dialog/token-dialog.tsx
index ed155541..063bb2a5 100644
--- a/src/views-components/token-dialog/token-dialog.tsx
+++ b/src/views-components/token-dialog/token-dialog.tsx
@@ -73,6 +73,12 @@ export class TokenDialogComponent extends React.Component<TokenDialogProps> {
                 hideDuration: 2000,
                 kind: SnackbarKind.SUCCESS
             }));
+        } else {
+            this.props.dispatch(snackbarActions.OPEN_SNACKBAR({
+                message: 'Creating new tokens is not allowed',
+                hideDuration: 2000,
+                kind: SnackbarKind.WARNING
+            }));
         }
     }