the old permissions validating was somewhat dumb in its checking, only looking
for local names of roles. This updates the check to loop through all the roles
and fetch there rules upon which we check for the existance of certain rules and
targets.
This also includes fixes for some broken links which happened as apart of the
previous change to this area.
This also fixes a broken translation
rancher/rancher#24341
rancher/rancher#23452
expose link-to new-group route
Translations change and move static property (convention)
Refactor form-global-roles
Refactor such that user and group are optional parameters. Adds
groupPrincipalId. Destructure smarter so that users are not required for the
mapper function to work. Move bindings to own init. Refactor make to recognize
groups. Translations changes.
Add cru-group-account component
This component does not actually create a group but a global-role-binding with a
groupPrincipalId instead of a userId. Perhaps cru-global-role-binding would work
but in the future this component can and probably will be adapted to create
local groups as well, so the name would fit. At that point the component could
also be refactored to work for the add user page because at that point pretty
much doing the same thing but that is not with-in the scope of this change.
Currently the componet is expected to be used with an auth provider that
supports groups which is why it does not also create the group. This should be
taken into consideration if we ever update this to work with local groups.
Translations changes.
formatting
wip
Add tab nav template only component
rename users index route -> users & add groups route
get groups from grb list and build groupPrincipal list
Add role binding to the fetched group principal
Add account-group-row component and define table row views
global role binding with group edit page
Fix transitionTo in cancel and doneSaving -> cru-group-account
translations
Add initialPrincipal param to input-identity to allow use on edit
reduce duplicate principal calls and display on groups list page
fix role links types from account-group-row
add group delete functionality
translations and bulk action fix
sort global role names in modal and row
delete GRB modal translations
move users route to security-> users, break out groups route security
remove unneeded component
Live update fixes
translation fix
fix broken link to old accounts route
remove unneeded props, angle bracket components, general cleanup
lint fixes
Change add group button
Add warning on add group for non-local auth only and translations
Remove warning from delete group modal and change translations
re-org form-global-roles display
breaks the display out into base|user-custom|additional roles
adds back in details & descriptions
fixes role ids in translations file
When global roles were added the front end had to make some assumptions for
non-admin users to ensure the user had login access. This role used to be hidden
but was made visible by default. With this exposed we now check before save if
the user has some kind of login access and throw an error if not. We also no
longer need to hide the custom roles which allows new user default roles to be
displayed without all the crazy logic to decide which mode to show. The old
login-access read only param was removed; This used to map to user-base and we
only displayed it because the role was hidden.
rancher/rancher#23644
Westly Wright
loganhz
Vincent Fiduccia