Uploaded image for project: 'Automation Hub'
  1. Automation Hub
  2. AAH-1714

Refactor UI permissions

    • False
    • Hide

      None

      Show
      None
    • False

      NOTE: the ui portion of this is handled in https://issues.redhat.com/browse/AAH-2016

       

      There are a couple of issues this aims to address:

      • The list of permissions we expose in the UI is currently hardcoded in the UI in constants
      • The list of model permissions we track for users are currently hardcoded in the API under _ui/v1/me/

      Whenever a new permission is added, it has to be updated in the UI and API separately. We should make the following changes to address this.

      1. Move all the permissions we care about to the api under galaxy_ng/app/constants.py. The data structure for this should look like:

      PERMISSIONS = {
          "ansible.upload_to_namesapce": {
              # Short name to display in the UI
              "name": "Upload collections",
      
              # Description to use when the permission is being assigned to a specifc object
              "object_description": "Upload collections to this namespace.",
      
              # Description to use when the permission is being assigned globally
              "global_description": "Upload collections to any existing namespace.",
      
              # Category to group the permission in the UI.
              "ui_category": "collection_namespace"
          },
      
          "galaxy.my_permission": {
              [...]
          }
      }
      

       

      2. Update the _ui/v1/me/ endpoint to iterate through each permission here and return the following:

      {
          "permissions": {
              "ansible.upload_to_namesapce": {
                  "name": "Upload collections",
                  "object_description": "Upload collections to this namespace.",
                  "global_description": "Upload collections to any existing namespace.",
                  "ui_category": "collection_namespace",
                  "has_model_permission": true
              },
      
              "galaxy.my_permission": {
                  [...]
              }
          }
      }
      

       

      3. Update the UI to load permissions and their descriptions from the "me" endpoint. This will include getting rid of all the permissions hardcoded into constants.

       

      The list of permissions should include everything that is in the current LOCKED_ROLES configuration. Descriptions, names and categories for the roles can be copied from the UI:

              semighdo@redhat.com Shaiah Emigh-Doyle
              dnewswan David Newswanger
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: