[v10] Add --request-id flag to connection instructions for Kubes an…

…d Databases (#1130) (#1163)

web/packages/teleport/src/Databases/ConnectDialog/ConnectDialog.story.tsx

@@ -32,3 +32,17 @@ export const Connect = () => (
     authType="local"
   />
 );
+
+export const ConnectWithRequestId = () => {
+  return (
+    <ConnectDialog
+      username="yassine"
+      dbName="aurora"
+      dbProtocol="postgres"
+      clusterId="im-a-cluster"
+      onClose={() => null}
+      authType="local"
+      accessRequestId="e1e8072c-1eb8-5df4-a7bd-b6863b19271c"
+    />
+  );
+};

web/packages/teleport/src/Databases/ConnectDialog/ConnectDialog.tsx

@@ -32,6 +32,7 @@ export default function ConnectDialog({
   dbName,
   onClose,
   authType,
+  accessRequestId,
 }: Props) {
   const { hostname, port } = window.document.location;
   const host = `${hostname}:${port || '443'}`;
@@ -41,6 +42,10 @@ export default function ConnectDialog({
       ? `tsh login --proxy=${host}`
       : `tsh login --proxy=${host} --auth=local --user=${username}`;
 
+  const requestIdFlag = accessRequestId
+    ? ` --request-id=${accessRequestId}`
+    : '';
+
   return (
     <Dialog
       dialogCss={() => ({
@@ -60,7 +65,7 @@ export default function ConnectDialog({
             Step 1
           </Text>
           {' - Login to Teleport'}
-          <TextSelectCopy mt="2" text={connectCmd} />
+          <TextSelectCopy mt="2" text={`${connectCmd}${requestIdFlag}`} />
         </Box>
         <Box mb={4}>
           <Text bold as="span">
@@ -82,6 +87,15 @@ export default function ConnectDialog({
             text={`tsh db connect [--db-user=<user>] [--db-name=<name>] ${dbName}`}
           />
         </Box>
+        {accessRequestId && (
+          <Box mb={4}>
+            <Text bold as="span">
+              Step 4 (Optional)
+            </Text>
+            {' - When finished, drop the assumed role'}
+            <TextSelectCopy mt="2" text={`tsh request drop`} />
+          </Box>
+        )}
         <Box>
           {`* Note: To connect with a GUI database client, see our `}
           <Link
@@ -109,4 +123,5 @@ export type Props = {
   username: string;
   clusterId: string;
   authType: AuthType;
+  accessRequestId?: string;
 };

web/packages/teleport/src/Databases/DatabaseList/DatabaseList.tsx

@@ -46,6 +46,7 @@ function DatabaseList(props: Props) {
     pathname,
     replaceHistory,
     onLabelClick,
+    accessRequestId,
   } = props;
 
   const [dbConnectInfo, setDbConnectInfo] = useState<{
@@ -118,6 +119,7 @@ function DatabaseList(props: Props) {
           dbProtocol={dbConnectInfo.protocol}
           onClose={() => setDbConnectInfo(null)}
           authType={authType}
+          accessRequestId={accessRequestId}
         />
       )}
     </>
@@ -166,6 +168,7 @@ type Props = {
   pathname: string;
   replaceHistory: (path: string) => void;
   onLabelClick: (label: AgentLabel) => void;
+  accessRequestId?: string;
 };
 
 export default DatabaseList;

web/packages/teleport/src/Databases/Databases.story.tsx

@@ -85,4 +85,5 @@ export const props: State = {
   replaceHistory: () => null,
   isSearchEmpty: false,
   onLabelClick: () => null,
+  accessRequestId: null,
 };

web/packages/teleport/src/Databases/Databases.tsx

@@ -65,6 +65,7 @@ export function Databases(props: State) {
     fetchStatus,
     isSearchEmpty,
     onLabelClick,
+    accessRequestId,
   } = props;
 
   const hasNoDatabases = results.databases.length === 0 && isSearchEmpty;
@@ -110,6 +111,7 @@ export function Databases(props: State) {
             pathname={pathname}
             replaceHistory={replaceHistory}
             onLabelClick={onLabelClick}
+            accessRequestId={accessRequestId}
           />
         </>
       )}

web/packages/teleport/src/Databases/useDatabases.ts

@@ -39,6 +39,7 @@ export default function useDatabases(ctx: Ctx) {
   const isEnterprise = ctx.isEnterprise;
   const version = ctx.storeUser.state.cluster.authVersion;
   const authType = ctx.storeUser.state.authType;
+  const accessRequestId = ctx.storeUser.getAccessRequestId();
   const [isAddDialogVisible, setIsAddDialogVisible] = useState(false);
   const [fetchStatus, setFetchStatus] = useState<FetchStatus>('');
   const [params, setParams] = useState<ResourceUrlQueryParams>({
@@ -178,6 +179,7 @@ export default function useDatabases(ctx: Ctx) {
     fetchStatus,
     isSearchEmpty,
     onLabelClick,
+    accessRequestId,
   };
 }
 

web/packages/teleport/src/Kubes/ConnectDialog/ConnectDialog.story.tsx

@@ -34,6 +34,19 @@ export const Local = () => {
   );
 };
 
+export const LocalWithRequestId = () => {
+  return (
+    <Component
+      onClose={() => null}
+      username={'sam'}
+      authType={'local'}
+      kubeConnectName={'tele.logicoma.dev-prod'}
+      clusterId={'some-cluster-name'}
+      accessRequestId={'8289cdb1-385c-5b02-85f1-fa2a934b749f'}
+    />
+  );
+};
+
 export const Sso = () => {
   return (
     <Component

web/packages/teleport/src/Kubes/ConnectDialog/ConnectDialog.tsx

@@ -27,13 +27,24 @@ import TextSelectCopy from 'teleport/components/TextSelectCopy';
 import { AuthType } from 'teleport/services/user';
 
 function ConnectDialog(props: Props) {
-  const { onClose, username, authType, kubeConnectName, clusterId } = props;
+  const {
+    onClose,
+    username,
+    authType,
+    kubeConnectName,
+    clusterId,
+    accessRequestId,
+  } = props;
   const { hostname, port } = window.document.location;
   const host = `${hostname}:${port || '443'}`;
   const authSpec =
     authType === 'local' ? `--auth=${authType} --user=${username} ` : '';
   const text = `tsh login --proxy=${host} ${authSpec}${clusterId}`;
 
+  const requestIdFlag = accessRequestId
+    ? ` --request-id=${accessRequestId}`
+    : '';
+
   return (
     <Dialog
       dialogCss={dialogCss}
@@ -50,7 +61,7 @@ function ConnectDialog(props: Props) {
             Step 1
           </Text>
           {' - Login to Teleport'}
-          <TextSelectCopy mt="2" text={text} />
+          <TextSelectCopy mt="2" text={`${text}${requestIdFlag}`} />
         </Box>
         <Box mb={4}>
           <Text bold as="span">
@@ -77,6 +88,15 @@ function ConnectDialog(props: Props) {
           {' - Connect to the Kubernetes cluster'}
           <TextSelectCopy mt="2" text={`kubectl get pods`} />
         </Box>
+        {accessRequestId && (
+          <Box mb={1} mt={3}>
+            <Text bold as="span">
+              Step 4 (Optional)
+            </Text>
+            {' - When finished, drop the assumed role'}
+            <TextSelectCopy mt="2" text={`tsh request drop`} />
+          </Box>
+        )}
       </DialogContent>
       <DialogFooter>
         <ButtonSecondary onClick={onClose}>Close</ButtonSecondary>
@@ -91,6 +111,7 @@ type Props = {
   authType: AuthType;
   kubeConnectName: string;
   clusterId: string;
+  accessRequestId?: string;
 };
 
 const dialogCss = () => `

web/packages/teleport/src/Kubes/KubeList/KubeList.tsx

@@ -47,6 +47,7 @@ function KubeList(props: Props) {
     pathname,
     replaceHistory,
     onLabelClick,
+    accessRequestId,
   } = props;
 
   const [kubeConnectName, setKubeConnectName] = useState('');
@@ -105,6 +106,7 @@ function KubeList(props: Props) {
           authType={authType}
           kubeConnectName={kubeConnectName}
           clusterId={clusterId}
+          accessRequestId={accessRequestId}
         />
       )}
     </>
@@ -143,6 +145,7 @@ type Props = {
   pathname: string;
   replaceHistory: (path: string) => void;
   onLabelClick: (label: AgentLabel) => void;
+  accessRequestId?: string;
 };
 
 export default KubeList;

web/packages/teleport/src/Kubes/Kubes.story.tsx

@@ -82,4 +82,5 @@ export const props: State = {
   replaceHistory: () => null,
   isSearchEmpty: false,
   onLabelClick: () => null,
+  accessRequestId: null,
 };

web/packages/teleport/src/Kubes/Kubes.tsx

@@ -63,6 +63,7 @@ export function Kubes(props: State) {
     fetchStatus,
     isSearchEmpty,
     onLabelClick,
+    accessRequestId,
   } = props;
 
   const [showAddKube, setShowAddKube] = useState(false);
@@ -112,6 +113,7 @@ export function Kubes(props: State) {
             pathname={pathname}
             replaceHistory={replaceHistory}
             onLabelClick={onLabelClick}
+            accessRequestId={accessRequestId}
           />
         </>
       )}

web/packages/teleport/src/Kubes/useKubes.ts

@@ -35,6 +35,7 @@ export default function useKubes(ctx: TeleportContext) {
   const { search, pathname } = useLocation();
   const [startKeys, setStartKeys] = useState<string[]>([]);
   const canCreate = ctx.storeUser.getTokenAccess().create;
+  const accessRequestId = ctx.storeUser.getAccessRequestId();
   const { attempt, setAttempt } = useAttempt('processing');
   const [fetchStatus, setFetchStatus] = useState<FetchStatus>('');
   const [params, setParams] = useState<ResourceUrlQueryParams>({
@@ -160,6 +161,7 @@ export default function useKubes(ctx: TeleportContext) {
     fetchStatus,
     isSearchEmpty,
     onLabelClick,
+    accessRequestId,
   };
 }
 

web/packages/teleport/src/services/user/makeUserContext.ts

@@ -23,6 +23,7 @@ export default function makeUserContext(json: any): UserContext {
   json = json || {};
   const username = json.userName;
   const authType = json.authType;
+  const accessRequestId = json.accessRequestId;
 
   const cluster = makeCluster(json.cluster);
   const acl = makeAcl(json.userAcl);
@@ -36,6 +37,7 @@ export default function makeUserContext(json: any): UserContext {
     cluster,
     accessStrategy,
     accessCapabilities,
+    accessRequestId,
   };
 }
 

web/packages/teleport/src/services/user/types.ts

@@ -35,6 +35,8 @@ export interface UserContext {
   cluster: Cluster;
   accessStrategy: AccessStrategy;
   accessCapabilities: AccessCapabilities;
+  // accessRequestId is the ID of the access request from which additional roles to assume were obtained for the current session.
+  accessRequestId?: string;
 }
 
 export interface Access {

web/packages/teleport/src/stores/storeUserContext.ts

@@ -105,4 +105,8 @@ export default class StoreUserContext extends Store<UserContext> {
   getNodeAccess() {
     return this.state.acl.nodes;
   }
+
+  getAccessRequestId() {
+    return this.state.accessRequestId;
+  }
 }