feat: [UIE-8934] - IAM RBAC: add a permission check for linode storage tab

[aaleksee-akamai]

Description 📝

Implement the new RBAC permission hook in Linodes storage tab

Changes 🔄

1. Permissions Refactor
   Replaced usage of useRestrictedGlobalGrantCheck and related grant checks with a new usePermissions hook throughout Linodes storage tab
   All permission checks for adding, renamimg, resizing, cloning, and deleting linode disks now use the new usePermissions API, improving consistency and maintainability.

2. Test Coverage
   Added new tests for permission-based UI states:
   Tests for enabling/disabling the "Add A Disk" button based on user permissions.
   Added tests for the LinodeDiskActionMenu to verify that action items are enabled/disabled according to permissions.

3. Files Affected:

LinodeDisks.tsx + LinodeDisks.test.tsx
LinodeDiskActionMenu.tsx + LinodeDiskActionMenu.test.tsx

Target release date 🗓️

July 15th

Preview 📷

Before	After

How to test 🧪

Prerequisites

(How to setup test environment)

• devcloud IAM account or local devenv setup or mock data
• Mock data + turn Legacy MSW on + use Custom Profile preset and make it a Restricted account:

  http.get('*/iam/users/:username/permissions/:entity_type/:entity_id', () => {
    return HttpResponse.json([
      'update_linode_disk',
      'resize_linode_disk',
      'delete_linode_disk',
      'clone_linode',
    ]);
  }),

Verification steps

(How to verify changes)

• Confirm the buttons are disabled according the grant model with IAM is off, and according to the RBAC model when IAM is on.

Author Checklists

As an Author, to speed up the review process, I considered 🤔

👀 Doing a self review
❔ Our contribution guidelines
🤏 Splitting feature into small PRs
➕ Adding a changeset
🧪 Providing/improving test coverage
🔐 Removing all sensitive information from the code and PR description
🚩 Using a feature flag to protect the release
👣 Providing comprehensive reproduction steps
📑 Providing or updating our documentation
🕛 Scheduling a pair reviewing session
📱 Providing mobile support
♿ Providing accessibility support

• I have read and considered all applicable items listed above.

As an Author, before moving this PR from Draft to Open, I confirmed ✅

• All unit tests are passing
• TypeScript compilation succeeded without errors
• Code passes all linting rules

[cpathipa]

@aaleksee-akamai Shows new UI when the flag is off

[aaleksee-akamai]

@aaleksee-akamai Shows new UI when the flag is off

you mean moving the buttons into the action menu? if so, it's correct

[aaleksee-akamai]

@jdamore-linode hi! I've been trying to fix these tests, and it seems I still have a problem with it. Could you help me out or point the direction? Thanks!

[cpathipa]

@aaleksee-akamai Shows new UI when the flag is off

you mean moving the buttons into the action menu? if so, it's correct

When the flag is off it should be old UI right ?

[jdamore-linode]

@cpathipa this seems consistent with the other IAM PRs: Firewalls and Configurations, for example, both moved the table row buttons into the action menu and that change was not behind a feature flag in either of those cases 👍.

@aaleksee-akamai taking a look!

[jdamore-linode]

Hey @aaleksee-akamai, just a heads up that I pushed a couple small changes that will hopefully get the tests passing 👍 you were on the right track! I just moved some of the action menu item interactions outside of the Cypress .within(() => { ... }) blocks since those menus technically exist elsewhere in the DOM.

[linode-gh-bot]

Cloud Manager UI test results

🔺 1 failing test on test run #4 ↗︎

❌ Failing	✅ Passing	↪️ Skipped	🕐 Duration
1 Failing	673 Passing	5 Skipped	117m 27s

Details

Failing Tests
	Spec	Test
❌	access-key.e2e.spec.ts	Cloud Manager Cypress Tests→object storage access key end-to-end tests » object storage access key end-to-end tests

Troubleshooting

Use this command to re-run the failing tests:

pnpm cy:run -s "cypress/e2e/core/objectStorage/access-key.e2e.spec.ts"

[mjac0bs]

Confirmed that grants are used when the IAM feature flag is disabled and permissions are used when IAM is enabled.

Confirmed having the entity permissions enables the buttons with the feature flag on, otherwise buttons are disabled. (Except Create Disk Image, noted in comment.)

[jaalah-akamai]

access-key.e2e.spec.ts passes the majority of the time locally - seems to be flaky with regarding:

- cluster is not valid (field 'cluster')
- region is required (field 'region')