refactor: [M3-7687] - Linodes Restricted User Experience 2/2#10227
refactor: [M3-7687] - Linodes Restricted User Experience 2/2#10227jaalah-akamai merged 10 commits intolinode:developfrom
Conversation
jaalah-akamai
added
the
Restricted User Access
| children: string; | ||
| disabled?: boolean; | ||
| onClick: () => void; | ||
| tooltipText?: string; |
There was a problem hiding this comment.
These are conditional props to disable the empty state landing page button
| resourceType: 'Linodes', | ||
| })} | ||
| important | ||
| variant="warning" |
There was a problem hiding this comment.
New page level notice
| } | ||
| footer={ | ||
| <LinodeEntityDetailFooter | ||
| isLinodesReadOnly |
There was a problem hiding this comment.
New prop... rest of this file is unchanged
|
|
||
| return ( | ||
| <> | ||
| {disabled && <LinodePermissionsError />} |
There was a problem hiding this comment.
No longer need notice here - it's at page level (same with similar deletions)
|
|
||
| return ( | ||
| <> | ||
| {readOnly && <LinodePermissionsError />} |
There was a problem hiding this comment.
Removed notice and fragment - otherwise unchanged - no additions in this file
| > | ||
| <form onSubmit={formik.handleSubmit}> | ||
| {unauthorized && <LinodePermissionsError />} | ||
| {isLinodesReadOnly && <LinodePermissionsError />} |
There was a problem hiding this comment.
This is a drawer, so we're keeping the error notice.
packages/manager/src/features/Linodes/LinodesDetail/LinodeStorage/LinodeVolumes.tsx
Show resolved
Hide resolved
|
|
||
| const isLinodesReadOnly = | ||
| Boolean(profile.data?.restricted) && | ||
| !grants.data?.global?.['add_linodes']; |
There was a problem hiding this comment.
Class component 😢 Otherwise I'd use our hook.
| ); | ||
|
|
||
| return linodeGrants ? linodeGrants.permissions : 'read_write'; | ||
| }; |
jaalah-akamai
requested review from
hana-akamai and
jdamore-linode
and removed request for
a team
mjac0bs
left a comment
mjac0bs
left a comment
There was a problem hiding this comment.
Most everything looks to be disabled correctly.
I'm seeing the unit test failures on ImageAndPassword.test.tsx and I'm a bit confused why they're happening. It seems like that component is only used in the Create Disk Drawer, which isn't accessible to a restricted user because the Add a Disk button is disabled and you can't reach it by URL. It's complaining that it's getting the wrong error message.
|
|
|
Coverage Report: ✅ |
mjac0bs
left a comment
mjac0bs
left a comment
There was a problem hiding this comment.
Thanks for doing this, I know disabling everything can be tedious. Tests look good now; the one CI e2e failure looks unrelated on resize-volume.spec, which passes locally. Approving pending a couple minor things are addressed.
Here are the last things I found:
- Creating a linode from a backup allows you to select a linode and backup. The similiar clone flow disables the selections for the radio button and card.
- In the Create flow, Firewall selection dropdown is not disabled, which differs from other selections in the form (e.g. VPC).
- When a user has read/write privileges on Volumes but not linodes, they can attempt to attach or detach a linode from the volumes landing action menu and receive the following errors. Do we also want to disable those action menu items for those actions tied to another resource that is read only?
packages/manager/.changeset/pr-10227-tech-stories-1708986866364.md
Outdated
Show resolved
Hide resolved
| isLoading: userTagsLoading, | ||
| } = useTagSuggestions(!profile?.restricted); | ||
|
|
||
| const isLinodesReadOnly = useIsResourceRestricted({ |
There was a problem hiding this comment.
Can we consider naming this const/prop isLinodesGrantReadOnly throughout all of these files to make it more clear that that's what we're also checking to disable everything?
packages/manager/src/features/Linodes/LinodesDetail/LinodeStorage/LinodeVolumes.tsx
Show resolved
Hide resolved
…4.md Co-authored-by: Mariah Jacobs <114685994+mjac0bs@users.noreply.github.com>
|
I just have some tests to fix up, but thanks for those catches on this complex flow!
|
|
If you cannot add Linodes, it doesn't matter if you own the resource in this case, we'll just disable everything. |
hana-akamai
left a comment
hana-akamai
left a comment
There was a problem hiding this comment.
It seems that tags are incorrectly disabled for unrestricted accounts and r/w Linodes
hana-akamai
added
Approved
…eature/namespace-create * 'develop' of https://github.com/vrajesh73/manager: (89 commits) fix: [M3-7269] - Display parent email in user menu when no company name is available for restricted parent user (linode#10248) fix: [M3-7817] - Show correct status of Child Account Enabled column for parent users (linode#10233) upcoming: [M3-7616] - Add Placement Groups Events and Notifications (linode#10221) upcoming: [M3-7816-v2] - Adjust logic for when to show Switch Account button (linode#10266) fix: [M3-7831] - Persisting error messages in ACLB delete dialogs (linode#10254) upcoming: [M3-7842] - Update Assign Linode Drawer and improve query skipping (linode#10263) upcoming: [M3-7704] - Disable Cloning, Private IP, Backups for edge regions (linode#10222) test: Fix test flake for Images landing page test (linode#10267) fix: [M3-7824] - ACLB TCP Rule Creation and other fixes (linode#10264) refactor: [M3-7687] - Linodes Restricted User Experience 2/2 (linode#10227) test: Resolve OBJ create and delete E2E test flake (linode#10245) upcoming: [M3-7723] - Placement Group feature flag as object (linode#10256) chore(deps): Bump sanitize-html from 2.11.0 to 2.12.1 (linode#10247) change: [M3-7813] - Allow the disabling of the TypeToConfirm input (linode#10251) upcoming: [M3-7839] - Change Business Partner to Parent User (linode#10259) upcoming: [M3-7835] - Adjust user table column count (linode#10252) upcoming: [M3 7738] - Update Placement Group Create & Edit Drawers (linode#10205) refactor: [M3-7437] - Use `@lukemorales/query-key-factory` for Profile Queries (linode#10241) fix: React Query `updateInPaginatedStore` helper function not working as expected (linode#10249) test: [M3-7497] - Add tests for child user verification banner (linode#10204) ... # Conflicts: # packages/manager/src/MainContent.tsx # packages/manager/src/dev-tools/FeatureFlagTool.tsx
4 participants
Description 📝
Overall improvement to the Linode restricted experience. This PR disables lot's of buttons and fields that a user doesn't have access to.
Changes 🔄
add_linodesgrant, we disable create buttons. If you do have the grant, you will be able to initiate the creation of Linodes, as well as manage those you have personally established. However, restrictions may still apply for modifying of Linodes configured by the administrator.Target release date 🗓️
03/04/2024
Preview 📷
BEFORE
AFTER
How to test 🧪
Prerequisites
(How to setup test environment)
Read Onlyfor everythingReproduction steps
(How to reproduce the issue, if applicable)
Verification steps
(How to verify changes)
As an Author I have considered 🤔
Check all that apply