Allow for specifying roles when making Resource Access Requests (#1321)

gravitational · Dec 9, 2022 · 83f5e17 · 83f5e17
1 parent b3accec
commit 83f5e17
Show file tree

Hide file tree

Showing 11 changed files with 273 additions and 22 deletions.
diff --git a/web/packages/design/src/Checkbox/Checkbox.story.tsx b/web/packages/design/src/Checkbox/Checkbox.story.tsx
@@ -0,0 +1,42 @@
+/*
+Copyright 2022 Gravitational, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import React from 'react';
+
+import { Box } from 'design';
+
+import { CheckboxWrapper, CheckboxInput } from './Checkbox';
+
+export default {
+  title: 'Design/Checkbox',
+};
+
+export const Checkbox = () => (
+  <Box>
+    <CheckboxWrapper key={1}>
+      <CheckboxInput type="checkbox" name="input1" id={'input1'} />
+      Input 1
+    </CheckboxWrapper>
+    <CheckboxWrapper key={2}>
+      <CheckboxInput type="checkbox" name="input2" id={'input2'} />
+      Input 2
+    </CheckboxWrapper>
+    <CheckboxWrapper key={3}>
+      <CheckboxInput type="checkbox" name="input3" id={'input3'} />
+      Input 3
+    </CheckboxWrapper>
+  </Box>
+);
diff --git a/web/packages/design/src/Checkbox/Checkbox.tsx b/web/packages/design/src/Checkbox/Checkbox.tsx
@@ -0,0 +1,42 @@
+/**
+ * Copyright 2022 Gravitational, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import styled from 'styled-components';
+
+import { Flex } from 'design';
+
+export const CheckboxWrapper = styled(Flex)`
+  padding: 8px;
+  margin-bottom: 4px;
+  width: 300px;
+  align-items: center;
+  border: 1px solid ${props => props.theme.colors.primary.light};
+  border-radius: 8px;
+
+  &.disabled {
+    pointer-events: none;
+    opacity: 0.5;
+  }
+`;
+
+export const CheckboxInput = styled.input`
+  margin-right: 10px;
+  accent-color: ${props => props.theme.colors.secondary.main};
+
+  &:hover {
+    cursor: pointer;
+  }
+`;
diff --git a/web/packages/design/src/Checkbox/index.ts b/web/packages/design/src/Checkbox/index.ts
@@ -0,0 +1,17 @@
+/**
+ * Copyright 2022 Gravitational, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+export { CheckboxInput, CheckboxWrapper } from './Checkbox';
diff --git a/web/packages/teleterm/src/services/tshd/createClient.ts b/web/packages/teleterm/src/services/tshd/createClient.ts
@@ -334,19 +334,29 @@ export default function createClient(
       });
     },
 
-    async getRequestableRoles(clusterUri: string) {
-      const req = new api.GetRequestableRolesRequest().setClusterUri(
-        clusterUri
+    async getRequestableRoles(params: types.GetRequestableRolesParams) {
+      const req = new api.GetRequestableRolesRequest()
+        .setClusterUri(params.rootClusterUri)
+        .setResourceIdsList(
+          params.resourceIds.map(({ id, clusterName, kind }) => {
+            const resourceId = new ResourceID();
+            resourceId.setName(id);
+            resourceId.setClusterName(clusterName);
+            resourceId.setKind(kind);
+            return resourceId;
+          })
+        );
+      return new Promise<types.GetRequestableRolesResponse>(
+        (resolve, reject) => {
+          tshd.getRequestableRoles(req, (err, response) => {
+            if (err) {
+              reject(err);
+            } else {
+              resolve(response.toObject());
+            }
+          });
+        }
       );
-      return new Promise<string[]>((resolve, reject) => {
-        tshd.getRequestableRoles(req, (err, response) => {
-          if (err) {
-            reject(err);
-          } else {
-            resolve(response.toObject().rolesList);
-          }
-        });
-      });
     },
 
     async addRootCluster(addr: string) {

diff --git a/web/packages/teleterm/src/services/tshd/fixtures/mocks.ts b/web/packages/teleterm/src/services/tshd/fixtures/mocks.ts
@@ -8,6 +8,7 @@ import {
   Gateway,
   GetDatabasesResponse,
   GetKubesResponse,
+  GetRequestableRolesParams,
   GetServersResponse,
   Kube,
   LoginLocalParams,
@@ -19,6 +20,7 @@ import {
   TshAbortController,
   TshAbortSignal,
   TshClient,
+  GetRequestableRolesResponse,
 } from '../types';
 import { AccessRequest } from '../v1/access_request_pb';
 
@@ -32,7 +34,9 @@ export class MockTshClient implements TshClient {
   getDatabases: (params: ServerSideParams) => Promise<GetDatabasesResponse>;
   listDatabaseUsers: (dbUri: string) => Promise<string[]>;
   getAllServers: (clusterUri: string) => Promise<Server[]>;
-  getRequestableRoles: (clusterUri: string) => Promise<string[]>;
+  getRequestableRoles: (
+    params: GetRequestableRolesParams
+  ) => Promise<GetRequestableRolesResponse>;
   getServers: (params: ServerSideParams) => Promise<GetServersResponse>;
   assumeRole: (
     clusterUri: string,

diff --git a/web/packages/teleterm/src/services/tshd/types.ts b/web/packages/teleterm/src/services/tshd/types.ts
@@ -26,6 +26,8 @@ export type AccessRequestReview = apiAccessRequest.AccessRequestReview.AsObject;
 export type GetServersResponse = apiService.GetServersResponse.AsObject;
 export type GetDatabasesResponse = apiService.GetDatabasesResponse.AsObject;
 export type GetKubesResponse = apiService.GetKubesResponse.AsObject;
+export type GetRequestableRolesResponse =
+  apiService.GetRequestableRolesResponse.AsObject;
 // Available types are listed here:
 // https://github.com/gravitational/teleport/blob/v9.0.3/lib/defaults/defaults.go#L513-L530
 //
@@ -84,7 +86,9 @@ export type TshClient = {
     requestIds: string[],
     dropIds: string[]
   ) => Promise<void>;
-  getRequestableRoles: (clusterUri: string) => Promise<string[]>;
+  getRequestableRoles: (
+    params: GetRequestableRolesParams
+  ) => Promise<GetRequestableRolesResponse>;
   getServers: (params: ServerSideParams) => Promise<GetServersResponse>;
   getAccessRequests: (clusterUri: string) => Promise<AccessRequest[]>;
   getAccessRequest: (
@@ -197,6 +201,11 @@ export type CreateAccessRequestParams = {
   resourceIds: { kind: ResourceKind; clusterName: string; id: string }[];
 };
 
+export type GetRequestableRolesParams = {
+  rootClusterUri: string;
+  resourceIds?: { kind: ResourceKind; clusterName: string; id: string }[];
+};
+
 export type AssumedRequest = {
   id: string;
   expires: Date;

diff --git a/web/packages/teleterm/src/services/tshd/v1/service_pb.d.ts b/web/packages/teleterm/src/services/tshd/v1/service_pb.d.ts