Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add access check before deleting model server #1752

Merged
merged 1 commit into from
Sep 7, 2023
Merged

Add access check before deleting model server #1752

merged 1 commit into from
Sep 7, 2023

Conversation

DaoDaoNoCode
Copy link
Member

@DaoDaoNoCode DaoDaoNoCode commented Sep 5, 2023
edited by christianvogt

Closes #1320

Description

Use useAccessCheck hook to check whether the user has access to delete the RoleBinding in the namespace, if not, hide the Delete model server dropdown item.

How Has This Been Tested?

  1. Create a project as user A
  2. Create a model server as user A
  3. Grant edit permission to user B (user B needs to be a regular user, and cannot be a cluster admin or dashboard admin)
  4. Impersonate user B, go to the project, see the dropdown of the model server
  5. The Delete model server button should be invisible

Test Impact

N/A

Request review criteria:

Self checklist (all need to be checked):

  • The developer has manually tested the changes and verified that the changes work
  • Commits have been squashed into descriptive, self-contained units of work (e.g. 'WIP' and 'Implements feedback' style messages have been removed)
  • Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
  • The developer has added tests or explained why testing cannot be added (unit tests & storybook for related changes)

If you have UI changes:

  • Included any necessary screenshots or gifs if it was a UI change.
  • Included tags to the UX team if it was a UI/UX change (find relevant UX in the SMEs section).

After the PR is posted & before it merges:

  • The developer has tested their solution on a cluster by using the image produced by the PR to main

@openshift-ci openshift-ci bot requested a review from pnaik1 September 5, 2023 17:54
manaswinidas
manaswinidas approved these changes Sep 6, 2023
View reviewed changes
Copy link
Contributor

@manaswinidas manaswinidas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

Tested. Works fine for me.

@openshift-ci openshift-ci bot added the lgtm label Sep 6, 2023
@christianvogt
Copy link
Contributor

cc @kywalker-rh

Edit access:
image

Admin access:
image

@christianvogt
Copy link
Contributor

Changes lgtm

@kywalker-rh
Copy link

cc @vconzola

@andrewballantyne andrewballantyne added the pr/no-tests-allowed Added by an official approver - this PR is allowed no tests. Omitted, a test must accompany the PR label Sep 7, 2023
lucferbux
lucferbux approved these changes Sep 7, 2023
View reviewed changes
Copy link
Contributor

@lucferbux lucferbux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
Approving this, since it's the outcome of a discussion we had in a previous UX Meeting.
#1320 (comment)

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Sep 7, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lucferbux, manaswinidas

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved label Sep 7, 2023
@openshift-merge-robot openshift-merge-robot merged commit c8d2074 into opendatahub-io:main Sep 7, 2023
6 checks passed
@vconzola
Copy link

vconzola commented Sep 7, 2023

I'll throw my LGTM in here too, even though it's already merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lucferbux lucferbux lucferbux approved these changes

@manaswinidas manaswinidas manaswinidas approved these changes

@pnaik1 pnaik1 Awaiting requested review from pnaik1

Assignees

@lucferbux lucferbux

@manaswinidas manaswinidas

Labels
approved lgtm pr/no-tests-allowed Added by an official approver - this PR is allowed no tests. Omitted, a test must accompany the PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug]: RoleBinding deletion API call fails when a user with Edit permission deletes the model server
8 participants
@DaoDaoNoCode @christianvogt @kywalker-rh @vconzola @lucferbux @manaswinidas @andrewballantyne @openshift-merge-robot