[App Search] Add roleHasScopedEngines helper + small roles/ cleanup
#94038
There are no files selected for viewing
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| import { Account } from '../../types'; | ||
|
|
||
| import { RoleTypes, AbilityTypes, Role } from './types'; | ||
|
|
||
| /** | ||
| * Transforms the `role` data we receive from the Enterprise Search | ||
| * server into a more convenient format for front-end use | ||
| */ | ||
| export const getRoleAbilities = (role: Account['role']): Role => { | ||
| // Role ability function helpers | ||
| const myRole = { | ||
| can: (action: AbilityTypes, subject: string): boolean => { | ||
| return ( | ||
| role?.ability?.manage?.includes(subject) || | ||
| (Array.isArray(role.ability[action]) && role.ability[action].includes(subject)) | ||
| ); | ||
| }, | ||
| }; | ||
|
|
||
| // Clone top-level role props, and move some props out of `ability` and into the top-level for convenience | ||
| const topLevelProps = { | ||
| id: role.id, | ||
| roleType: role.roleType as RoleTypes, | ||
| availableRoleTypes: role.ability.availableRoleTypes as RoleTypes[], | ||
| credentialTypes: role.ability.credentialTypes, | ||
| }; | ||
|
|
||
| // Ability shorthands (also in top level of role obj for convenience) | ||
| // Example usage: `const { myRole: { canViewSettings } } = useValues(AppLogic);` | ||
| const abilities = { | ||
| canAccessAllEngines: role.ability.accessAllEngines, | ||
| canViewMetaEngines: myRole.can('view', 'account_meta_engines'), | ||
| canViewAccountCredentials: myRole.can('view', 'account_credentials'), | ||
| canViewEngineAnalytics: myRole.can('view', 'engine_analytics'), | ||
| canViewEngineApiLogs: myRole.can('view', 'engine_api_logs'), | ||
| canViewEngineCrawler: myRole.can('view', 'engine_crawler'), | ||
| canViewEngineCredentials: myRole.can('view', 'engine_credentials'), | ||
| canViewEngineDocuments: myRole.can('view', 'engine_documents'), | ||
| canViewEngineSchema: myRole.can('view', 'engine_schema'), | ||
| canViewEngineQueryTester: myRole.can('view', 'engine_query_tester'), | ||
| canViewMetaEngineSourceEngines: myRole.can('view', 'meta_engine_source_engines'), | ||
| canViewSettings: myRole.can('view', 'account_settings'), | ||
| canViewRoleMappings: myRole.can('view', 'role_mappings'), | ||
| canManageEngines: myRole.can('manage', 'account_engines'), | ||
| canManageMetaEngines: myRole.can('manage', 'account_meta_engines'), | ||
| canManageLogSettings: myRole.can('manage', 'account_log_settings'), | ||
| canManageSettings: myRole.can('manage', 'account_settings'), | ||
| canManageEngineCrawler: myRole.can('manage', 'engine_crawler'), | ||
| canManageEngineDocuments: myRole.can('manage', 'engine_documents'), | ||
| canManageEngineSynonyms: myRole.can('manage', 'engine_synonyms'), | ||
| canManageEngineCredentials: myRole.can('manage', 'engine_credentials'), | ||
| canManageEngineCurations: myRole.can('manage', 'engine_curations'), | ||
| canManageEngineRelevanceTuning: myRole.can('manage', 'engine_relevance_tuning'), | ||
| canManageEngineResultSettings: myRole.can('manage', 'engine_result_settings'), | ||
| canManageEngineSchema: myRole.can('manage', 'engine_schema'), | ||
| canManageEngineSearchUi: myRole.can('manage', 'engine_reference_ui'), | ||
| canManageMetaEngineSourceEngines: myRole.can('manage', 'meta_engine_source_engines'), | ||
| }; | ||
|
|
||
| return Object.assign(myRole, topLevelProps, abilities); | ||
| }; | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
| @@ -0,0 +1,21 @@ | ||||||
| /* | ||||||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||||||
| * or more contributor license agreements. Licensed under the Elastic License | ||||||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||||||
| * 2.0. | ||||||
| */ | ||||||
|
|
||||||
| import { roleHasScopedEngines } from './'; | ||||||
|
|
||||||
| describe('roleHasScopedEngines()', () => { | ||||||
|
There was a problem hiding this comment. do not make this update for this PR, it's not worth running CI. Just noting that we usually don't add parens to the end of function names in describes.
Suggested change
There was a problem hiding this comment. haha thanks Jason, I was totally about to smash commit suggestion before seeing the do not (italics totally worked). This is an accidental copypaste carry over from
There was a problem hiding this comment. @scottybollinger if you're down, feel free to make Jason's suggested copy change in a future role mappings PR! |
||||||
| it('returns false for owner and admin roles', () => { | ||||||
| expect(roleHasScopedEngines('owner')).toEqual(false); | ||||||
| expect(roleHasScopedEngines('admin')).toEqual(false); | ||||||
| }); | ||||||
|
|
||||||
| it('returns true for dev, editor, and analyst roles', () => { | ||||||
| expect(roleHasScopedEngines('dev')).toEqual(true); | ||||||
| expect(roleHasScopedEngines('editor')).toEqual(true); | ||||||
| expect(roleHasScopedEngines('analyst')).toEqual(true); | ||||||
| }); | ||||||
| }); | ||||||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| import { RoleTypes } from './types'; | ||
|
|
||
| /** | ||
| * Small utility helper for determining if a given role can have scoped engines | ||
| */ | ||
| export const roleHasScopedEngines = (roleType: RoleTypes): boolean => { | ||
| const unscopedRoles = ['dev', 'editor', 'analyst']; | ||
| return unscopedRoles.includes(roleType); | ||
| }; | ||
|
Comment on lines
+13
to
+16
There was a problem hiding this comment. This is the main new added utility/functionality (ported over from https://github.com/elastic/ent-search/blob/master/app/javascript/app_search/classes.ts#L10-L13) |
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| import { RoleMapping } from '../../../shared/types'; | ||
| import { Engine } from '../../components/engine/types'; | ||
|
|
||
| export type RoleTypes = 'owner' | 'admin' | 'dev' | 'editor' | 'analyst'; | ||
| export type AbilityTypes = 'manage' | 'edit' | 'view'; | ||
|
|
||
| export interface Role { | ||
| id: string; | ||
| roleType: RoleTypes; | ||
| availableRoleTypes: RoleTypes[]; | ||
| credentialTypes: string[]; | ||
| canAccessAllEngines: boolean; | ||
| can(action: AbilityTypes, subject: string): boolean; | ||
| canViewMetaEngines: boolean; | ||
| canViewAccountCredentials: boolean; | ||
| canViewEngineAnalytics: boolean; | ||
| canViewEngineApiLogs: boolean; | ||
| canViewEngineCrawler: boolean; | ||
| canViewEngineCredentials: boolean; | ||
| canViewEngineDocuments: boolean; | ||
| canViewEngineSchema: boolean; | ||
| canViewEngineQueryTester: boolean; | ||
| canViewMetaEngineSourceEngines: boolean; | ||
| canViewSettings: boolean; | ||
| canViewRoleMappings: boolean; | ||
| canManageEngines: boolean; | ||
| canManageMetaEngines: boolean; | ||
| canManageLogSettings: boolean; | ||
| canManageSettings: boolean; | ||
| canManageEngineCrawler: boolean; | ||
| canManageEngineDocuments: boolean; | ||
| canManageEngineSynonyms: boolean; | ||
| canManageEngineCredentials: boolean; | ||
| canManageEngineCurations: boolean; | ||
| canManageEngineRelevanceTuning: boolean; | ||
| canManageEngineResultSettings: boolean; | ||
| canManageEngineSchema: boolean; | ||
| canManageEngineSearchUi: boolean; | ||
| canManageMetaEngineSourceEngines: boolean; | ||
| } | ||
|
|
||
| export interface ASRoleMapping extends RoleMapping { | ||
| accessAllEngines: boolean; | ||
| engines: Engine[]; | ||
| toolTip?: { | ||
| content: string; | ||
| }; | ||
| } |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This fn is the exact same as before, I just moved the type definitions out into
types.ts. The types are also the same as before