From 09d4c8fd20d63b93cf4d14acf3de500e26a73b9b Mon Sep 17 00:00:00 2001 From: Peter Amstutz Date: Mon, 3 Apr 2023 17:16:04 -0400 Subject: [PATCH] 20085: Sharing dialog immediately saves changes Added ALL_USERS as a sharing level distinct from PUBLIC. Don't hide the all users / public link in the permission list. Switching between PUBLIC/ALL_USERS/SHARED/PRIVATE have clearly distinct actions. Arvados-DCO-1.1-Signed-off-by: Peter Amstutz --- src/common/config.ts | 572 +++++++++--------- .../sharing-dialog/sharing-dialog-actions.ts | 152 +++-- .../sharing-dialog/sharing-dialog-types.ts | 2 + .../workflow-panel/workflow-panel-actions.ts | 4 + .../sharing-dialog-component.tsx | 1 - .../sharing-dialog/sharing-dialog.tsx | 33 +- .../sharing-public-access-form-component.tsx | 17 +- .../sharing-public-access-form.tsx | 3 +- .../visibility-level-select.tsx | 10 +- 9 files changed, 420 insertions(+), 374 deletions(-) diff --git a/src/common/config.ts b/src/common/config.ts index 9b054282..fd8b75ce 100644 --- a/src/common/config.ts +++ b/src/common/config.ts @@ -5,12 +5,12 @@ import Axios from 'axios'; export const WORKBENCH_CONFIG_URL = - process.env.REACT_APP_ARVADOS_CONFIG_URL || '/config.json'; + process.env.REACT_APP_ARVADOS_CONFIG_URL || '/config.json'; interface WorkbenchConfig { - API_HOST: string; - VOCABULARY_URL?: string; - FILE_VIEWERS_CONFIG_URL?: string; + API_HOST: string; + VOCABULARY_URL?: string; + FILE_VIEWERS_CONFIG_URL?: string; } export interface ClusterConfigJSON { @@ -28,18 +28,42 @@ export interface ClusterConfigJSON { Scheme: string } }; - Mail?: { - SupportEmailAddress: string; - }; - Services: { - Controller: { - ExternalURL: string; + Mail?: { + SupportEmailAddress: string; }; - Workbench1: { - ExternalURL: string; - }; - Workbench2: { - ExternalURL: string; + Services: { + Controller: { + ExternalURL: string; + }; + Workbench1: { + ExternalURL: string; + }; + Workbench2: { + ExternalURL: string; + }; + Workbench: { + DisableSharingURLsUI: boolean; + ArvadosDocsite: string; + FileViewersConfigURL: string; + WelcomePageHTML: string; + InactivePageHTML: string; + SSHHelpPageHTML: string; + SSHHelpHostSuffix: string; + SiteName: string; + IdleTimeout: string; + }; + Websocket: { + ExternalURL: string; + }; + WebDAV: { + ExternalURL: string; + }; + WebDAVDownload: { + ExternalURL: string; + }; + WebShell: { + ExternalURL: string; + }; }; Workbench: { DisableSharingURLsUI: boolean; @@ -51,322 +75,304 @@ export interface ClusterConfigJSON { SSHHelpHostSuffix: string; SiteName: string; IdleTimeout: string; + BannerUUID: string; }; - Websocket: { - ExternalURL: string; - }; - WebDAV: { - ExternalURL: string; - }; - WebDAVDownload: { - ExternalURL: string; - }; - WebShell: { - ExternalURL: string; - }; - }; - Workbench: { - DisableSharingURLsUI: boolean; - ArvadosDocsite: string; - FileViewersConfigURL: string; - WelcomePageHTML: string; - InactivePageHTML: string; - SSHHelpPageHTML: string; - SSHHelpHostSuffix: string; - SiteName: string; - IdleTimeout: string; - BannerUUID: string; - }; - Login: { - LoginCluster: string; - Google: { - Enable: boolean; - }; - LDAP: { - Enable: boolean; - }; - OpenIDConnect: { - Enable: boolean; - }; - PAM: { - Enable: boolean; + Login: { + LoginCluster: string; + Google: { + Enable: boolean; + }; + LDAP: { + Enable: boolean; + }; + OpenIDConnect: { + Enable: boolean; + }; + PAM: { + Enable: boolean; + }; + SSO: { + Enable: boolean; + }; + Test: { + Enable: boolean; + }; }; - SSO: { - Enable: boolean; + Collections: { + ForwardSlashNameSubstitution: string; + ManagedProperties?: { + [key: string]: { + Function: string; + Value: string; + Protected?: boolean; + }; + }; + TrustAllContent: boolean; }; - Test: { - Enable: boolean; - }; - }; - Collections: { - ForwardSlashNameSubstitution: string; - ManagedProperties?: { - [key: string]: { - Function: string; - Value: string; - Protected?: boolean; - }; + Volumes: { + [key: string]: { + StorageClasses: { + [key: string]: boolean; + }; + }; }; - TrustAllContent: boolean; - }; - Volumes: { - [key: string]: { - StorageClasses: { - [key: string]: boolean; - }; + Users: { + AnonymousUserToken: string; }; - }; } export class Config { - baseUrl!: string; - keepWebServiceUrl!: string; - keepWebInlineServiceUrl!: string; - remoteHosts!: { - [key: string]: string; - }; - rootUrl!: string; - uuidPrefix!: string; - websocketUrl!: string; - workbenchUrl!: string; - workbench2Url!: string; - vocabularyUrl!: string; - fileViewersConfigUrl!: string; - loginCluster!: string; - clusterConfig!: ClusterConfigJSON; - apiRevision!: number; + baseUrl!: string; + keepWebServiceUrl!: string; + keepWebInlineServiceUrl!: string; + remoteHosts!: { + [key: string]: string; + }; + rootUrl!: string; + uuidPrefix!: string; + websocketUrl!: string; + workbenchUrl!: string; + workbench2Url!: string; + vocabularyUrl!: string; + fileViewersConfigUrl!: string; + loginCluster!: string; + clusterConfig!: ClusterConfigJSON; + apiRevision!: number; } export const buildConfig = (clusterConfig: ClusterConfigJSON): Config => { - const clusterConfigJSON = removeTrailingSlashes(clusterConfig); - const config = new Config(); - config.rootUrl = clusterConfigJSON.Services.Controller.ExternalURL; - config.baseUrl = `${config.rootUrl}/${ARVADOS_API_PATH}`; - config.uuidPrefix = clusterConfigJSON.ClusterID; - config.websocketUrl = clusterConfigJSON.Services.Websocket.ExternalURL; - config.workbench2Url = clusterConfigJSON.Services.Workbench2.ExternalURL; - config.workbenchUrl = clusterConfigJSON.Services.Workbench1.ExternalURL; - config.keepWebServiceUrl = - clusterConfigJSON.Services.WebDAVDownload.ExternalURL; - config.keepWebInlineServiceUrl = - clusterConfigJSON.Services.WebDAV.ExternalURL; - config.loginCluster = clusterConfigJSON.Login.LoginCluster; - config.clusterConfig = clusterConfigJSON; - config.apiRevision = 0; - mapRemoteHosts(clusterConfigJSON, config); - return config; + const clusterConfigJSON = removeTrailingSlashes(clusterConfig); + const config = new Config(); + config.rootUrl = clusterConfigJSON.Services.Controller.ExternalURL; + config.baseUrl = `${config.rootUrl}/${ARVADOS_API_PATH}`; + config.uuidPrefix = clusterConfigJSON.ClusterID; + config.websocketUrl = clusterConfigJSON.Services.Websocket.ExternalURL; + config.workbench2Url = clusterConfigJSON.Services.Workbench2.ExternalURL; + config.workbenchUrl = clusterConfigJSON.Services.Workbench1.ExternalURL; + config.keepWebServiceUrl = + clusterConfigJSON.Services.WebDAVDownload.ExternalURL; + config.keepWebInlineServiceUrl = + clusterConfigJSON.Services.WebDAV.ExternalURL; + config.loginCluster = clusterConfigJSON.Login.LoginCluster; + config.clusterConfig = clusterConfigJSON; + config.apiRevision = 0; + mapRemoteHosts(clusterConfigJSON, config); + return config; }; export const getStorageClasses = (config: Config): string[] => { - const classes: Set = new Set(['default']); - const volumes = config.clusterConfig.Volumes; - Object.keys(volumes).forEach((v) => { - Object.keys(volumes[v].StorageClasses || {}).forEach((sc) => { - if (volumes[v].StorageClasses[sc]) { - classes.add(sc); - } + const classes: Set = new Set(['default']); + const volumes = config.clusterConfig.Volumes; + Object.keys(volumes).forEach((v) => { + Object.keys(volumes[v].StorageClasses || {}).forEach((sc) => { + if (volumes[v].StorageClasses[sc]) { + classes.add(sc); + } + }); }); - }); - return Array.from(classes); + return Array.from(classes); }; const getApiRevision = async (apiUrl: string) => { - try { - const dd = (await Axios.get(`${apiUrl}/${DISCOVERY_DOC_PATH}`)).data; - return parseInt(dd.revision, 10) || 0; - } catch { - console.warn( - 'Unable to get API Revision number, defaulting to zero. Some features may not work properly.' - ); - return 0; - } + try { + const dd = (await Axios.get(`${apiUrl}/${DISCOVERY_DOC_PATH}`)).data; + return parseInt(dd.revision, 10) || 0; + } catch { + console.warn( + 'Unable to get API Revision number, defaulting to zero. Some features may not work properly.' + ); + return 0; + } }; const removeTrailingSlashes = ( - config: ClusterConfigJSON + config: ClusterConfigJSON ): ClusterConfigJSON => { - const svcs: any = {}; - Object.keys(config.Services).forEach((s) => { - svcs[s] = config.Services[s]; - if (svcs[s].hasOwnProperty('ExternalURL')) { - svcs[s].ExternalURL = svcs[s].ExternalURL.replace(/\/+$/, ''); - } - }); - return { ...config, Services: svcs }; + const svcs: any = {}; + Object.keys(config.Services).forEach((s) => { + svcs[s] = config.Services[s]; + if (svcs[s].hasOwnProperty('ExternalURL')) { + svcs[s].ExternalURL = svcs[s].ExternalURL.replace(/\/+$/, ''); + } + }); + return { ...config, Services: svcs }; }; export const fetchConfig = () => { - return Axios.get( - WORKBENCH_CONFIG_URL + '?nocache=' + new Date().getTime() - ) - .then((response) => response.data) - .catch(() => { - console.warn( - `There was an exception getting the Workbench config file at ${WORKBENCH_CONFIG_URL}. Using defaults instead.` - ); - return Promise.resolve(getDefaultConfig()); - }) - .then((workbenchConfig) => { - if (workbenchConfig.API_HOST === undefined) { - throw new Error( - `Unable to start Workbench. API_HOST is undefined in ${WORKBENCH_CONFIG_URL} or the environment.` - ); - } - return Axios.get( - getClusterConfigURL(workbenchConfig.API_HOST) - ).then(async (response) => { - const apiRevision = await getApiRevision( - response.data.Services.Controller.ExternalURL.replace(/\/+$/, '') - ); - const config = { ...buildConfig(response.data), apiRevision }; - const warnLocalConfig = (varName: string) => - console.warn( - `A value for ${varName} was found in ${WORKBENCH_CONFIG_URL}. To use the Arvados centralized configuration instead, \ + return Axios.get( + WORKBENCH_CONFIG_URL + '?nocache=' + new Date().getTime() + ) + .then((response) => response.data) + .catch(() => { + console.warn( + `There was an exception getting the Workbench config file at ${WORKBENCH_CONFIG_URL}. Using defaults instead.` + ); + return Promise.resolve(getDefaultConfig()); + }) + .then((workbenchConfig) => { + if (workbenchConfig.API_HOST === undefined) { + throw new Error( + `Unable to start Workbench. API_HOST is undefined in ${WORKBENCH_CONFIG_URL} or the environment.` + ); + } + return Axios.get( + getClusterConfigURL(workbenchConfig.API_HOST) + ).then(async (response) => { + const apiRevision = await getApiRevision( + response.data.Services.Controller.ExternalURL.replace(/\/+$/, '') + ); + const config = { ...buildConfig(response.data), apiRevision }; + const warnLocalConfig = (varName: string) => + console.warn( + `A value for ${varName} was found in ${WORKBENCH_CONFIG_URL}. To use the Arvados centralized configuration instead, \ remove the entire ${varName} entry from ${WORKBENCH_CONFIG_URL}` - ); + ); - // Check if the workbench config has an entry for vocabulary and file viewer URLs - // If so, use these values (even if it is an empty string), but print a console warning. - // Otherwise, use the cluster config. - let fileViewerConfigUrl; - if (workbenchConfig.FILE_VIEWERS_CONFIG_URL !== undefined) { - warnLocalConfig('FILE_VIEWERS_CONFIG_URL'); - fileViewerConfigUrl = workbenchConfig.FILE_VIEWERS_CONFIG_URL; - } else { - fileViewerConfigUrl = - config.clusterConfig.Workbench.FileViewersConfigURL || - '/file-viewers-example.json'; - } - config.fileViewersConfigUrl = fileViewerConfigUrl; + // Check if the workbench config has an entry for vocabulary and file viewer URLs + // If so, use these values (even if it is an empty string), but print a console warning. + // Otherwise, use the cluster config. + let fileViewerConfigUrl; + if (workbenchConfig.FILE_VIEWERS_CONFIG_URL !== undefined) { + warnLocalConfig('FILE_VIEWERS_CONFIG_URL'); + fileViewerConfigUrl = workbenchConfig.FILE_VIEWERS_CONFIG_URL; + } else { + fileViewerConfigUrl = + config.clusterConfig.Workbench.FileViewersConfigURL || + '/file-viewers-example.json'; + } + config.fileViewersConfigUrl = fileViewerConfigUrl; - if (workbenchConfig.VOCABULARY_URL !== undefined) { - console.warn( - `A value for VOCABULARY_URL was found in ${WORKBENCH_CONFIG_URL}. It will be ignored as the cluster already provides its own endpoint, you can safely remove it.` - ); - } - config.vocabularyUrl = getVocabularyURL(workbenchConfig.API_HOST); + if (workbenchConfig.VOCABULARY_URL !== undefined) { + console.warn( + `A value for VOCABULARY_URL was found in ${WORKBENCH_CONFIG_URL}. It will be ignored as the cluster already provides its own endpoint, you can safely remove it.` + ); + } + config.vocabularyUrl = getVocabularyURL(workbenchConfig.API_HOST); - return { config, apiHost: workbenchConfig.API_HOST }; - }); - }); + return { config, apiHost: workbenchConfig.API_HOST }; + }); + }); }; // Maps remote cluster hosts and removes the default RemoteCluster entry export const mapRemoteHosts = ( - clusterConfigJSON: ClusterConfigJSON, - config: Config + clusterConfigJSON: ClusterConfigJSON, + config: Config ) => { - config.remoteHosts = {}; - Object.keys(clusterConfigJSON.RemoteClusters).forEach((k) => { - config.remoteHosts[k] = clusterConfigJSON.RemoteClusters[k].Host; - }); - delete config.remoteHosts['*']; + config.remoteHosts = {}; + Object.keys(clusterConfigJSON.RemoteClusters).forEach((k) => { + config.remoteHosts[k] = clusterConfigJSON.RemoteClusters[k].Host; + }); + delete config.remoteHosts['*']; }; export const mockClusterConfigJSON = ( - config: Partial + config: Partial ): ClusterConfigJSON => ({ - API: { - UnfreezeProjectRequiresAdmin: false, - MaxItemsPerResponse: 1000, - }, - ClusterID: '', - RemoteClusters: {}, - Services: { - Controller: { ExternalURL: '' }, - Workbench1: { ExternalURL: '' }, - Workbench2: { ExternalURL: '' }, - Websocket: { ExternalURL: '' }, - WebDAV: { ExternalURL: '' }, - WebDAVDownload: { ExternalURL: '' }, - WebShell: { ExternalURL: '' }, - Workbench: { - DisableSharingURLsUI: false, - ArvadosDocsite: "", - FileViewersConfigURL: "", - WelcomePageHTML: "", - InactivePageHTML: "", - SSHHelpPageHTML: "", - SSHHelpHostSuffix: "", - SiteName: "", - IdleTimeout: "0s" - }, - }, - Workbench: { - DisableSharingURLsUI: false, - ArvadosDocsite: '', - FileViewersConfigURL: '', - WelcomePageHTML: '', - InactivePageHTML: '', - SSHHelpPageHTML: '', - SSHHelpHostSuffix: '', - SiteName: '', - IdleTimeout: '0s', - BannerUUID: "" - }, - Login: { - LoginCluster: '', - Google: { - Enable: false, + API: { + UnfreezeProjectRequiresAdmin: false, + MaxItemsPerResponse: 1000, }, - LDAP: { - Enable: false, + ClusterID: '', + RemoteClusters: {}, + Services: { + Controller: { ExternalURL: '' }, + Workbench1: { ExternalURL: '' }, + Workbench2: { ExternalURL: '' }, + Websocket: { ExternalURL: '' }, + WebDAV: { ExternalURL: '' }, + WebDAVDownload: { ExternalURL: '' }, + WebShell: { ExternalURL: '' }, + Workbench: { + DisableSharingURLsUI: false, + ArvadosDocsite: "", + FileViewersConfigURL: "", + WelcomePageHTML: "", + InactivePageHTML: "", + SSHHelpPageHTML: "", + SSHHelpHostSuffix: "", + SiteName: "", + IdleTimeout: "0s" + }, }, - OpenIDConnect: { - Enable: false, + Workbench: { + DisableSharingURLsUI: false, + ArvadosDocsite: '', + FileViewersConfigURL: '', + WelcomePageHTML: '', + InactivePageHTML: '', + SSHHelpPageHTML: '', + SSHHelpHostSuffix: '', + SiteName: '', + IdleTimeout: '0s', + BannerUUID: "" }, - PAM: { - Enable: false, + Login: { + LoginCluster: '', + Google: { + Enable: false, + }, + LDAP: { + Enable: false, + }, + OpenIDConnect: { + Enable: false, + }, + PAM: { + Enable: false, + }, + SSO: { + Enable: false, + }, + Test: { + Enable: false, + }, }, - SSO: { - Enable: false, + Collections: { + ForwardSlashNameSubstitution: '', + TrustAllContent: false, }, - Test: { - Enable: false, + Volumes: {}, + Users: { + AnonymousUserToken: "" }, - }, - Collections: { - ForwardSlashNameSubstitution: '', - TrustAllContent: false, - }, - Volumes: {}, - ...config, + ...config, }); export const mockConfig = (config: Partial): Config => ({ - baseUrl: '', - keepWebServiceUrl: '', - keepWebInlineServiceUrl: '', - remoteHosts: {}, - rootUrl: '', - uuidPrefix: '', - websocketUrl: '', - workbenchUrl: '', - workbench2Url: '', - vocabularyUrl: '', - fileViewersConfigUrl: '', - loginCluster: '', - clusterConfig: mockClusterConfigJSON({}), - apiRevision: 0, - ...config, + baseUrl: '', + keepWebServiceUrl: '', + keepWebInlineServiceUrl: '', + remoteHosts: {}, + rootUrl: '', + uuidPrefix: '', + websocketUrl: '', + workbenchUrl: '', + workbench2Url: '', + vocabularyUrl: '', + fileViewersConfigUrl: '', + loginCluster: '', + clusterConfig: mockClusterConfigJSON({}), + apiRevision: 0, + ...config, }); const getDefaultConfig = (): WorkbenchConfig => { - let apiHost = ''; - const envHost = process.env.REACT_APP_ARVADOS_API_HOST; - if (envHost !== undefined) { - console.warn(`Using default API host ${envHost}.`); - apiHost = envHost; - } else { - console.warn( - `No API host was found in the environment. Workbench may not be able to communicate with Arvados components.` - ); - } - return { - API_HOST: apiHost, - VOCABULARY_URL: undefined, - FILE_VIEWERS_CONFIG_URL: undefined, - }; + let apiHost = ''; + const envHost = process.env.REACT_APP_ARVADOS_API_HOST; + if (envHost !== undefined) { + console.warn(`Using default API host ${envHost}.`); + apiHost = envHost; + } else { + console.warn( + `No API host was found in the environment. Workbench may not be able to communicate with Arvados components.` + ); + } + return { + API_HOST: apiHost, + VOCABULARY_URL: undefined, + FILE_VIEWERS_CONFIG_URL: undefined, + }; }; export const ARVADOS_API_PATH = 'arvados/v1'; @@ -374,6 +380,6 @@ export const CLUSTER_CONFIG_PATH = 'arvados/v1/config'; export const VOCABULARY_PATH = 'arvados/v1/vocabulary'; export const DISCOVERY_DOC_PATH = 'discovery/v1/apis/arvados/v1/rest'; export const getClusterConfigURL = (apiHost: string) => - `https://${apiHost}/${CLUSTER_CONFIG_PATH}?nocache=${new Date().getTime()}`; + `https://${apiHost}/${CLUSTER_CONFIG_PATH}?nocache=${new Date().getTime()}`; export const getVocabularyURL = (apiHost: string) => - `https://${apiHost}/${VOCABULARY_PATH}?nocache=${new Date().getTime()}`; + `https://${apiHost}/${VOCABULARY_PATH}?nocache=${new Date().getTime()}`; diff --git a/src/store/sharing-dialog/sharing-dialog-actions.ts b/src/store/sharing-dialog/sharing-dialog-actions.ts index c0fdeda5..c998e767 100644 --- a/src/store/sharing-dialog/sharing-dialog-actions.ts +++ b/src/store/sharing-dialog/sharing-dialog-actions.ts @@ -31,12 +31,12 @@ import { ResourceObjectType } from "models/resource"; import { resourcesActions } from "store/resources/resources-actions"; -import { getPublicGroupUuid } from "store/workflow-panel/workflow-panel-actions"; +import { getPublicGroupUuid, getAllUsersGroupUuid } from "store/workflow-panel/workflow-panel-actions"; import { getSharingPublicAccessFormData } from './sharing-dialog-types'; export const openSharingDialog = (resourceUuid: string, refresh?: () => void) => (dispatch: Dispatch) => { - dispatch(dialogActions.OPEN_DIALOG({ id: SHARING_DIALOG_NAME, data: {resourceUuid, refresh} })); + dispatch(dialogActions.OPEN_DIALOG({ id: SHARING_DIALOG_NAME, data: { resourceUuid, refresh } })); dispatch(loadSharingDialog); }; @@ -49,8 +49,8 @@ export const connectSharingDialogProgress = withProgress(SHARING_DIALOG_NAME); export const saveSharingDialogChanges = async (dispatch: Dispatch, getState: () => RootState) => { dispatch(progressIndicatorActions.START_WORKING(SHARING_DIALOG_NAME)); - await dispatch(savePublicPermissionChanges); await dispatch(saveManagementChanges); + await dispatch(savePublicPermissionChanges); await dispatch(sendInvitations); dispatch(reset(SHARING_INVITATION_FORM_NAME)); await dispatch(loadSharingDialog); @@ -133,7 +133,8 @@ const loadSharingDialog = async (dispatch: Dispatch, getState: () => RootState, dispatch(snackbarActions.OPEN_SNACKBAR({ message: 'You do not have access to share this item', hideDuration: 2000, - kind: SnackbarKind.ERROR })); + kind: SnackbarKind.ERROR + })); dispatch(dialogActions.CLOSE_DIALOG({ id: SHARING_DIALOG_NAME })); } finally { dispatch(progressIndicatorActions.STOP_WORKING(SHARING_DIALOG_NAME)); @@ -143,64 +144,86 @@ const loadSharingDialog = async (dispatch: Dispatch, getState: () => RootState, export const initializeManagementForm = async (dispatch: Dispatch, getState: () => RootState, { userService, groupsService, permissionService }: ServiceRepository) => { - const dialog = getDialog(getState().dialog, SHARING_DIALOG_NAME); - if (!dialog) { - return; - } - dispatch(progressIndicatorActions.START_WORKING(SHARING_DIALOG_NAME)); - const resourceUuid = dialog?.data.resourceUuid; - const { items: permissionLinks } = await permissionService.listResourcePermissions(resourceUuid); - dispatch(initializePublicAccessForm(permissionLinks)); - const filters = new FilterBuilder() - .addIn('uuid', Array.from(new Set(permissionLinks.map(({ tailUuid }) => tailUuid)))) - .getFilters(); - - const { items: users } = await userService.list({ filters, count: "none", limit: 1000 }); - const { items: groups } = await groupsService.list({ filters, count: "none", limit: 1000 }); + const dialog = getDialog(getState().dialog, SHARING_DIALOG_NAME); + if (!dialog) { + return; + } + dispatch(progressIndicatorActions.START_WORKING(SHARING_DIALOG_NAME)); + const resourceUuid = dialog?.data.resourceUuid; + const { items: permissionLinks } = await permissionService.listResourcePermissions(resourceUuid); + dispatch(initializePublicAccessForm(permissionLinks)); + const filters = new FilterBuilder() + .addIn('uuid', Array.from(new Set(permissionLinks.map(({ tailUuid }) => tailUuid)))) + .getFilters(); - const getEmail = (tailUuid: string) => { - const user = users.find(({ uuid }) => uuid === tailUuid); - const group = groups.find(({ uuid }) => uuid === tailUuid); - return user - ? user.email - : group - ? group.name - : tailUuid; - }; + const { items: users } = await userService.list({ filters, count: "none", limit: 1000 }); + const { items: groups } = await groupsService.list({ filters, count: "none", limit: 1000 }); - const managementPermissions = permissionLinks - .filter(item => - item.tailUuid !== getPublicGroupUuid(getState())) - .map(({ tailUuid, name, uuid }) => ({ - email: getEmail(tailUuid), - permissions: name as PermissionLevel, - permissionUuid: uuid, - })); + const getEmail = (tailUuid: string) => { + const user = users.find(({ uuid }) => uuid === tailUuid); + const group = groups.find(({ uuid }) => uuid === tailUuid); + return user + ? user.email + : group + ? group.name + : tailUuid; + }; - const managementFormData: SharingManagementFormData = { - permissions: managementPermissions, - initialPermissions: managementPermissions, - }; + const managementPermissions = permissionLinks + .map(({ tailUuid, name, uuid }) => ({ + email: getEmail(tailUuid), + permissions: name as PermissionLevel, + permissionUuid: uuid, + })); - dispatch(initialize(SHARING_MANAGEMENT_FORM_NAME, managementFormData)); - dispatch(progressIndicatorActions.STOP_WORKING(SHARING_DIALOG_NAME)); + const managementFormData: SharingManagementFormData = { + permissions: managementPermissions, + initialPermissions: managementPermissions, }; + dispatch(initialize(SHARING_MANAGEMENT_FORM_NAME, managementFormData)); + dispatch(progressIndicatorActions.STOP_WORKING(SHARING_DIALOG_NAME)); +}; + const initializePublicAccessForm = (permissionLinks: PermissionResource[]) => - (dispatch: Dispatch, getState: () => RootState, ) => { + (dispatch: Dispatch, getState: () => RootState,) => { + + const state = getState(); + const [publicPermission] = permissionLinks - .filter(item => item.tailUuid === getPublicGroupUuid(getState())); - const publicAccessFormData: SharingPublicAccessFormData = publicPermission - ? { + .filter(item => item.tailUuid === getPublicGroupUuid(state)); + + const [allUsersPermission] = permissionLinks + .filter(item => item.tailUuid === getAllUsersGroupUuid(state)); + + let publicAccessFormData: SharingPublicAccessFormData; + + if (publicPermission) { + publicAccessFormData = { visibility: VisibilityLevel.PUBLIC, - permissionUuid: publicPermission.uuid, - } - : { - visibility: permissionLinks.length > 0 - ? VisibilityLevel.SHARED - : VisibilityLevel.PRIVATE, - permissionUuid: '', + initialVisibility: VisibilityLevel.PUBLIC, + permissionUuid: publicPermission.uuid }; + } else if (allUsersPermission) { + publicAccessFormData = { + visibility: VisibilityLevel.ALL_USERS, + initialVisibility: VisibilityLevel.ALL_USERS, + permissionUuid: allUsersPermission.uuid + }; + } else if (permissionLinks.length > 0) { + publicAccessFormData = { + visibility: VisibilityLevel.SHARED, + initialVisibility: VisibilityLevel.SHARED, + permissionUuid: '' + }; + } else { + publicAccessFormData = { + visibility: VisibilityLevel.PRIVATE, + initialVisibility: VisibilityLevel.PRIVATE, + permissionUuid: '' + }; + } + dispatch(initialize(SHARING_PUBLIC_ACCESS_FORM_NAME, publicAccessFormData)); }; @@ -209,15 +232,20 @@ const savePublicPermissionChanges = async (_: Dispatch, getState: () => RootStat const { user } = state.auth; const dialog = getDialog(state.dialog, SHARING_DIALOG_NAME); if (dialog && user) { - const { permissionUuid, visibility } = getSharingPublicAccessFormData(state); - if (permissionUuid) { - if (visibility === VisibilityLevel.PUBLIC) { - await permissionService.update(permissionUuid, { - name: PermissionLevel.CAN_READ - }); - } else { - await permissionService.delete(permissionUuid); - } + const { permissionUuid, visibility, initialVisibility } = getSharingPublicAccessFormData(state); + // If visibility level changed, delete the previous link to public/all users. + // On PRIVATE this link will be deleted by saveManagementChanges + // so don't double delete (which would show an error dialog). + if (permissionUuid !== "" && visibility !== initialVisibility && visibility !== VisibilityLevel.PRIVATE) { + await permissionService.delete(permissionUuid); + } + if (visibility === VisibilityLevel.ALL_USERS) { + await permissionService.create({ + ownerUuid: user.uuid, + headUuid: dialog.data.resourceUuid, + tailUuid: getAllUsersGroupUuid(state), + name: PermissionLevel.CAN_READ, + }); } else if (visibility === VisibilityLevel.PUBLIC) { await permissionService.create({ ownerUuid: user.uuid, @@ -264,7 +292,7 @@ const sendInvitations = async (_: Dispatch, getState: () => RootState, { permiss tailUuid: invitee.uuid, name: invitations.permissions })); - const changes = data.map( invitation => permissionService.create(invitation)); + const changes = data.map(invitation => permissionService.create(invitation)); await Promise.all(changes); } }; diff --git a/src/store/sharing-dialog/sharing-dialog-types.ts b/src/store/sharing-dialog/sharing-dialog-types.ts index 67da4b21..2f452b45 100644 --- a/src/store/sharing-dialog/sharing-dialog-types.ts +++ b/src/store/sharing-dialog/sharing-dialog-types.ts @@ -14,11 +14,13 @@ export const SHARING_INVITATION_FORM_NAME = 'SHARING_INVITATION_FORM_NAME'; export enum VisibilityLevel { PRIVATE = 'Private', SHARED = 'Shared', + ALL_USERS = 'All user accounts', PUBLIC = 'Public', } export interface SharingPublicAccessFormData { visibility: VisibilityLevel; + initialVisibility: VisibilityLevel; permissionUuid: string; } diff --git a/src/store/workflow-panel/workflow-panel-actions.ts b/src/store/workflow-panel/workflow-panel-actions.ts index 66a15a9e..eab16882 100644 --- a/src/store/workflow-panel/workflow-panel-actions.ts +++ b/src/store/workflow-panel/workflow-panel-actions.ts @@ -103,6 +103,10 @@ export const getPublicGroupUuid = (state: RootState) => { const prefix = state.auth.localCluster; return `${prefix}-j7d0g-anonymouspublic`; }; +export const getAllUsersGroupUuid = (state: RootState) => { + const prefix = state.auth.localCluster; + return `${prefix}-j7d0g-fffffffffffffff`; +}; export const showWorkflowDetails = (uuid: string) => propertiesActions.SET_PROPERTY({ key: WORKFLOW_PANEL_DETAILS_UUID, value: uuid }); diff --git a/src/views-components/sharing-dialog/sharing-dialog-component.tsx b/src/views-components/sharing-dialog/sharing-dialog-component.tsx index 0cc9fc90..ac1ebde1 100644 --- a/src/views-components/sharing-dialog/sharing-dialog-component.tsx +++ b/src/views-components/sharing-dialog/sharing-dialog-component.tsx @@ -72,7 +72,6 @@ export default (props: SharingDialogComponentProps) => { const [tabNr, setTabNr] = React.useState(SharingDialogTab.PERMISSIONS); const [expDate, setExpDate] = React.useState(); const [withExpiration, setWithExpiration] = React.useState(false); - const [permissionsCount, setPermissionsCount] = React.useState(0); // Sets up the dialog depending on the resource type if (!showTabs && tabNr !== SharingDialogTab.PERMISSIONS) { diff --git a/src/views-components/sharing-dialog/sharing-dialog.tsx b/src/views-components/sharing-dialog/sharing-dialog.tsx index 283f1a67..1c9e4d03 100644 --- a/src/views-components/sharing-dialog/sharing-dialog.tsx +++ b/src/views-components/sharing-dialog/sharing-dialog.tsx @@ -41,21 +41,21 @@ const mapStateToProps = (state: RootState, { working, ...props }: Props): Sharin const sharedResourceUuid = dialog?.data.resourceUuid || ''; const sharingURLsDisabled = state.auth.config.clusterConfig.Workbench.DisableSharingURLsUI; return ({ - ...props, - permissions: sharingManagementFormSelector(state, 'permissions'), - saveEnabled: hasChanges(state), - loading: working, - sharedResourceUuid, - sharingURLsDisabled, - sharingURLsNr: !sharingURLsDisabled - ? (filterResources( (resource: ApiClientAuthorization) => - resource.kind === ResourceKind.API_CLIENT_AUTHORIZATION && - resource.scopes.includes(`GET /arvados/v1/collections/${sharedResourceUuid}`) && - resource.scopes.includes(`GET /arvados/v1/collections/${sharedResourceUuid}/`) && - resource.scopes.includes('GET /arvados/v1/keep_services/accessible') - )(state.resources) as ApiClientAuthorization[]).length - : 0, - privateAccess: getSharingPublicAccessFormData(state)?.visibility === VisibilityLevel.PRIVATE, + ...props, + permissions: sharingManagementFormSelector(state, 'permissions'), + saveEnabled: hasChanges(state), + loading: working, + sharedResourceUuid, + sharingURLsDisabled, + sharingURLsNr: !sharingURLsDisabled + ? (filterResources((resource: ApiClientAuthorization) => + resource.kind === ResourceKind.API_CLIENT_AUTHORIZATION && + resource.scopes.includes(`GET /arvados/v1/collections/${sharedResourceUuid}`) && + resource.scopes.includes(`GET /arvados/v1/collections/${sharedResourceUuid}/`) && + resource.scopes.includes('GET /arvados/v1/keep_services/accessible') + )(state.resources) as ApiClientAuthorization[]).length + : 0, + privateAccess: getSharingPublicAccessFormData(state)?.visibility === VisibilityLevel.PRIVATE, }) }; @@ -63,7 +63,7 @@ const mapDispatchToProps = (dispatch: Dispatch, { ...props }: Props): SharingDia ...props, onClose: props.closeDialog, onSave: () => { - dispatch(saveSharingDialogChanges); + setTimeout(() => dispatch(saveSharingDialogChanges), 0); }, onCreateSharingToken: (d: Date) => () => { dispatch(createSharingToken(d)); @@ -78,4 +78,3 @@ export const SharingDialog = compose( connectSharingDialogProgress, connect(mapStateToProps, mapDispatchToProps) )(SharingDialogComponent); - diff --git a/src/views-components/sharing-dialog/sharing-public-access-form-component.tsx b/src/views-components/sharing-dialog/sharing-public-access-form-component.tsx index 37b3d376..a9c9d6fc 100644 --- a/src/views-components/sharing-dialog/sharing-public-access-form-component.tsx +++ b/src/views-components/sharing-dialog/sharing-public-access-form-component.tsx @@ -18,11 +18,12 @@ const sharingPublicAccessStyles: StyleRulesCallback<'root'> = theme => ({ interface AccessProps { visibility: VisibilityLevel; + includePublic: boolean; onSave: () => void; } const SharingPublicAccessForm = withStyles(sharingPublicAccessStyles)( - ({ classes, visibility, onSave }: WithStyles<'root'> & AccessProps) => + ({ classes, visibility, includePublic, onSave }: WithStyles<'root'> & AccessProps) => <> @@ -32,7 +33,7 @@ const SharingPublicAccessForm = withStyles(sharingPublicAccessStyles)( - + name='visibility' component={VisibilityLevelSelectComponent} includePublic={includePublic} onChange={onSave} /> @@ -41,7 +42,9 @@ const SharingPublicAccessForm = withStyles(sharingPublicAccessStyles)( const renderVisibilityInfo = (visibility: VisibilityLevel) => { switch (visibility) { case VisibilityLevel.PUBLIC: - return 'Anyone can access'; + return 'Anyone on the Internet can access'; + case VisibilityLevel.ALL_USERS: + return 'All users on this cluster can access'; case VisibilityLevel.SHARED: return 'Specific people can access'; case VisibilityLevel.PRIVATE: @@ -51,10 +54,10 @@ const renderVisibilityInfo = (visibility: VisibilityLevel) => { } }; -const SharingPublicAccessFormComponent = ({ visibility, onSave }: AccessProps) => - ; +const SharingPublicAccessFormComponent = ({ visibility, includePublic, onSave }: AccessProps) => + ; export default SharingPublicAccessFormComponent; -const VisibilityLevelSelectComponent = ({ input }: WrappedFieldProps) => - ; +const VisibilityLevelSelectComponent = ({ input, includePublic }: { includePublic: boolean } & WrappedFieldProps) => + ; diff --git a/src/views-components/sharing-dialog/sharing-public-access-form.tsx b/src/views-components/sharing-dialog/sharing-public-access-form.tsx index f95ff297..eb337c38 100644 --- a/src/views-components/sharing-dialog/sharing-public-access-form.tsx +++ b/src/views-components/sharing-dialog/sharing-public-access-form.tsx @@ -21,7 +21,8 @@ export const SharingPublicAccessForm = compose( connect( (state: RootState) => { const { visibility } = getSharingPublicAccessFormData(state) || { visibility: VisibilityLevel.PRIVATE }; - return { visibility }; + const includePublic = state.auth.config.clusterConfig.Users.AnonymousUserToken.length > 0; + return { visibility, includePublic }; } ) )(SharingPublicAccessFormComponent); diff --git a/src/views-components/sharing-dialog/visibility-level-select.tsx b/src/views-components/sharing-dialog/visibility-level-select.tsx index 434b8f51..c869e739 100644 --- a/src/views-components/sharing-dialog/visibility-level-select.tsx +++ b/src/views-components/sharing-dialog/visibility-level-select.tsx @@ -21,13 +21,16 @@ const VisibilityLevelSelectStyles: StyleRulesCallback) => + ({ classes, ...props }: { includePublic: boolean } & SelectProps & WithStyles) =>