Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add maxmembers and self renew fields #2467

Merged
merged 1 commit into from
Dec 28, 2023
Merged

add maxmembers and self renew fields #2467

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
364 changes: 296 additions & 68 deletions ui/src/__tests__/components/settings/__snapshots__/SettingTable.test.js.snap
View file
Open in desktop

Large diffs are not rendered by default.

410 changes: 319 additions & 91 deletions ui/src/__tests__/pages/domain/[domain]/group/[group]/__snapshots__/settings.test.js.snap
View file
Open in desktop

Large diffs are not rendered by default.

438 changes: 333 additions & 105 deletions ui/src/__tests__/pages/domain/[domain]/role/[role]/__snapshots__/settings.test.js.snap
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion ui/src/__tests__/spec/tests/review.spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ describe('Review user journey', () => {

let domain = 'athenz.dev.functional-test';
let testDomain = await $(`a*=${domain}`);
let testRoleName = 'testrole';
let testRoleName = 'testrole2';
await browser.waitUntil(async () => await testDomain.isClickable());
await testDomain.click();

Expand Down
6 changes: 6 additions & 0 deletions ui/src/components/constants/constants.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -169,6 +169,12 @@ export const ADD_ROLE_REVIEW_DESC =
'Flag indicates whether or not role updates require another review and approval';
export const ADD_ROLE_SELF_SERVICE_DESC =
'Flag indicates whether or not role allows self service';
export const ADD_ROLE_SELF_RENEW_DESC =
'Flag indicates whether or not role allows self renew';
export const SELF_RENEW_MINS_DESC =
'Number of minutes members can renew their membership if self review option is enabled';
export const ADD_ROLE_MAX_MEMBERS_DESC =
'Maximum number of members allowed in the role';
export const ADD_ROLE_MEMBER_EXPIRY_DAYS_DESC =
'All user members in the role will have specified max expiry days';
export const ADD_ROLE_MEMBER_REVIEW_DAYS_DESC =
Expand Down
37 changes: 37 additions & 0 deletions ui/src/components/role/AddRoleAdvancedSettings.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,9 @@ import {
ADD_ROLE_AUDIT_ENABLED_TOOLTIP,
ADD_ROLE_DELETE_PROTECTION_DESC,
ADD_ROLE_DESCRIPTION,
ADD_ROLE_SELF_RENEW_DESC,
SELF_RENEW_MINS_DESC,
ADD_ROLE_MAX_MEMBERS_DESC,
} from '../constants/constants';
import SettingRow from '../settings/SettingRow';

Expand Down Expand Up @@ -131,6 +134,29 @@ export default class AddRoleAdvancedSettings extends React.Component {
userProfileLink={this.props.userProfileLink}
inModal={true}
/>,
<SettingRow
key={'setting-row-selfRenew'}
name='selfRenew'
label='Self-Renew'
type='switch'
desc={ADD_ROLE_SELF_RENEW_DESC}
onValueChange={this.advancedSettingsChanged}
value={this.props.role['selfRenew']}
userProfileLink={this.props.userProfileLink}
inModal={true}
/>,
<SettingRow
key={'setting-row-selfRenewMins'}
name='selfRenewMins'
label='Self Renew'
type='input'
desc={SELF_RENEW_MINS_DESC}
unit='Mins'
disabled={!this.props.role['selfRenew']}
onValueChange={this.advancedSettingsChanged}
userProfileLink={this.props.userProfileLink}
inModal={true}
/>,
<SettingRow
key={'setting-row-memberExpiryDays'}
name='memberExpiryDays'
Expand Down Expand Up @@ -253,6 +279,17 @@ export default class AddRoleAdvancedSettings extends React.Component {
userProfileLink={this.props.userProfileLink}
inModal={true}
/>,
<SettingRow
key={'setting-row-maxmembers'}
name='maxMembers'
label='Max Members'
type='input'
unit='Number'
desc={ADD_ROLE_MAX_MEMBERS_DESC}
onValueChange={this.advancedSettingsChanged}
userProfileLink={this.props.userProfileLink}
inModal={true}
/>,
];
}
}
1 change: 1 addition & 0 deletions ui/src/components/settings/SettingRow.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,7 @@ export default class SettingRow extends React.Component {
onChange={this.onTimeChange}
onKeyPress={this.numRestricted}
value={this.props.value}
disabled={this.props.disabled || false}
/>
</StyledDiv>
);
Expand Down
71 changes: 70 additions & 1 deletion ui/src/components/settings/SettingTable.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import {
ADD_GROUP_DELETE_PROTECTION_DESC,
ADD_ROLE_DELETE_PROTECTION_DESC,
MODAL_TIME_OUT,
SELF_RENEW_MINS_DESC,
} from '../constants/constants';
import { updateSettings } from '../../redux/thunks/collections';
import { connect } from 'react-redux';
Expand Down Expand Up @@ -134,6 +135,7 @@ class SettingTable extends React.Component {
Object.keys(collection.groupMembers).length !== 0,
deleteProtection: !!collection.deleteProtection,
selfServe: !!collection.selfServe,
selfRenew: !!collection.selfRenew,
memberExpiryDays:
collection.memberExpiryDays === undefined
? ''
Expand Down Expand Up @@ -178,6 +180,14 @@ class SettingTable extends React.Component {
collection.userAuthorityExpiration === undefined
? ''
: collection.userAuthorityExpiration.toString(),
maxMembers:
collection.maxMembers === undefined
? ''
: collection.maxMembers.toString(),
selfRenewMins:
collection.selfRenewMins === undefined
? ''
: collection.selfRenewMins.toString(),
};
return collectionDetails;
}
Expand Down Expand Up @@ -254,6 +264,10 @@ class SettingTable extends React.Component {
this.state.copyCollectionDetails.reviewEnabled;
collectionMeta.selfServe =
this.state.copyCollectionDetails.selfServe;
collectionMeta.selfRenew =
this.state.copyCollectionDetails.selfRenew;
collectionMeta.selfRenewMins =
this.state.copyCollectionDetails.selfRenewMins;
collectionMeta.memberExpiryDays =
this.state.copyCollectionDetails.memberExpiryDays;
collectionMeta.serviceExpiryDays =
Expand All @@ -264,6 +278,8 @@ class SettingTable extends React.Component {
this.state.copyCollectionDetails.userAuthorityExpiration;
collectionMeta.deleteProtection =
this.state.copyCollectionDetails.deleteProtection;
collectionMeta.maxMembers =
this.state.copyCollectionDetails.maxMembers;
} else if (this.props.category === 'domain') {
collectionMeta.memberExpiryDays =
this.state.copyCollectionDetails.memberExpiryDays;
Expand Down Expand Up @@ -437,6 +453,42 @@ class SettingTable extends React.Component {
/>
);

let selfRenewDesc =
'Flag indicates whether or not ' +
this.props.category +
' allows self Renew';
(this.props.category === 'role' || this.props.category === 'group') &&
rows.push(
<StyledSettingRow
key={'setting-row-selfRenew'}
domain={this.props.domain}
name='selfRenew'
label='Self-Renew'
type='switch'
desc={selfRenewDesc}
value={this.state.copyCollectionDetails.selfRenew}
onValueChange={this.onValueChange}
_csrf={this.props._csrf}
/>
);

(this.props.category === 'role' || this.props.category === 'group') &&
rows.push(
<StyledSettingRow
key={'setting-row-selfRenewMins'}
domain={this.props.domain}
name='selfRenewMins'
label='Self Renew'
type='input'
unit='Mins'
desc={SELF_RENEW_MINS_DESC}
value={this.state.copyCollectionDetails.selfRenewMins}
disabled={!this.state.copyCollectionDetails.selfRenew}
onValueChange={this.onValueChange}
_csrf={this.props._csrf}
/>
);

rows.push(
<StyledSettingRow
key={'setting-row-memberExpiryDays'}
Expand Down Expand Up @@ -649,7 +701,24 @@ class SettingTable extends React.Component {
/>
);

rows.push();
(this.props.category === 'role' || this.props.category === 'group') &&
rows.push(
<StyledSettingRow
key={'setting-row-maxmembers'}
domain={this.props.domain}
name='maxMembers'
label='Max Members'
type='input'
unit='Number'
desc={
'Maximum number of members allowed in the ' +
this.props.category
}
value={this.state.copyCollectionDetails.maxMembers}
onValueChange={this.onValueChange}
_csrf={this.props._csrf}
/>
);

return this.props.isLoading.length !== 0 ? (
<ReduxPageLoader message={'Loading setting'} />
Expand Down
65 changes: 58 additions & 7 deletions ui/src/config/zms.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,13 @@
"pattern": "([a-zA-Z0-9_][a-zA-Z0-9_-]*,)*[a-zA-Z0-9_][a-zA-Z0-9_-]*"
}
},
{
"StringTypeDef": {
"type": "String",
"name": "TagKey",
"pattern": "([a-zA-Z0-9_][a-zA-Z0-9_-]*[:\\.])*[a-zA-Z0-9_][a-zA-Z0-9_-]*"
}
},
{
"StringTypeDef": {
"type": "String",
Expand Down Expand Up @@ -335,7 +342,7 @@
"optional": true,
"comment": "key-value pair tags, tag might contain multiple values",
"items": "TagValueList",
"keys": "CompoundName"
"keys": "TagKey"
},
{
"name": "businessService",
Expand All @@ -360,6 +367,14 @@
"type": "Int32",
"optional": true,
"comment": "features enabled per domain (system attribute)"
},
{
"name": "contacts",
"type": "Map",
"optional": true,
"comment": "list of domain contacts (PE-Owner, Product-Owner, etc), each type can have a single value",
"items": "String",
"keys": "SimpleName"
}
],
"closed": false
Expand Down Expand Up @@ -733,7 +748,7 @@
"optional": true,
"comment": "key-value pair tags, tag might contain multiple values",
"items": "TagValueList",
"keys": "CompoundName"
"keys": "TagKey"
},
{
"name": "description",
Expand All @@ -760,6 +775,24 @@
"type": "Timestamp",
"optional": true,
"comment": "last review timestamp of the role"
},
{
"name": "selfRenew",
"type": "Bool",
"optional": true,
"comment": "Flag indicates whether to allow expired members to renew their membership"
},
{
"name": "selfRenewMins",
"type": "Int32",
"optional": true,
"comment": "Number of minutes members can renew their membership if self review option is enabled"
},
{
"name": "maxMembers",
"type": "Int32",
"optional": true,
"comment": "Maximum number of members allowed in the group"
}
],
"closed": false
Expand Down Expand Up @@ -1268,7 +1301,7 @@
"optional": true,
"comment": "key-value pair tags, tag might contain multiple values",
"items": "TagValueList",
"keys": "CompoundName"
"keys": "TagKey"
}
],
"closed": false
Expand Down Expand Up @@ -1403,7 +1436,7 @@
"optional": true,
"comment": "key-value pair tags, tag might contain multiple values",
"items": "TagValueList",
"keys": "CompoundName"
"keys": "TagKey"
}
],
"closed": false
Expand Down Expand Up @@ -2231,7 +2264,7 @@
"optional": true,
"comment": "key-value pair tags, tag might contain multiple values",
"items": "TagValueList",
"keys": "CompoundName"
"keys": "TagKey"
},
{
"name": "auditEnabled",
Expand All @@ -2252,6 +2285,24 @@
"type": "Timestamp",
"optional": true,
"comment": "last review timestamp of the group"
},
{
"name": "selfRenew",
"type": "Bool",
"optional": true,
"comment": "Flag indicates whether to allow expired members to renew their membership"
},
{
"name": "selfRenewMins",
"type": "Int32",
"optional": true,
"comment": "Number of minutes members can renew their membership if self review option is enabled"
},
{
"name": "maxMembers",
"type": "Int32",
"optional": true,
"comment": "Maximum number of members allowed in the group"
}
],
"closed": false
Expand Down Expand Up @@ -5880,7 +5931,7 @@
"type": "Membership",
"method": "PUT",
"path": "/domain/{domainName}/role/{roleName}/member/{memberName}",
"comment": "Add the specified user to the role's member list. If the role is neither auditEnabled nor selfserve, then it will use authorize (\"update\", \"{domainName}:role.{roleName}\") or (\"update_members\", \"{domainName}:role.{roleName}\"). This only allows access to members and not role attributes. otherwise membership will be sent for approval to either designated delegates ( in case of auditEnabled roles ) or to domain admins ( in case of selfserve roles )",
"comment": "Add the specified user to the role's member list. If the role is selfRenewEnabled, then an existing member may extend their expiration time by the configured number of minutes (selfRenewMins) by calling this API regardless or not the user is expired or active. If the role is neither auditEnabled nor selfserve, then it will use authorize (\"update\", \"{domainName}:role.{roleName}\") or (\"update_members\", \"{domainName}:role.{roleName}\"). This only allows access to members and not role attributes. otherwise membership will be sent for approval to either designated delegates ( in case of auditEnabled roles ) or to domain admins ( in case of selfserve roles )",
"inputs": [
{
"name": "domainName",
Expand Down Expand Up @@ -6815,7 +6866,7 @@
"type": "GroupMembership",
"method": "PUT",
"path": "/domain/{domainName}/group/{groupName}/member/{memberName}",
"comment": "Add the specified user to the group's member list. If the group is neither auditEnabled nor selfserve, then it will use authorize (\"update\", \"{domainName}:group.{groupName}\") otherwise membership will be sent for approval to either designated delegates ( in case of auditEnabled groups ) or to domain admins ( in case of selfserve groups )",
"comment": "Add the specified user to the group's member list. If the group is selfRenewEnabled, then an existing member may extend their expiration time by the configured number of minutes (selfRenewMins) by calling this API regardless or not the user is expired or active. If the group is neither auditEnabled nor selfserve, then it will use authorize (\"update\", \"{domainName}:group.{groupName}\") otherwise membership will be sent for approval to either designated delegates ( in case of auditEnabled groups ) or to domain admins ( in case of selfserve groups )",
"inputs": [
{
"name": "domainName",
Expand Down