UI: Implement new policy SS + modal designs #17749

hellobontempo · 2022-10-31T20:50:14Z

This PR adds the ability to create an ACL or RGP policy inline when creating a group or entity. It also filters out the root policy from the dropdown.

Example A:

users that can list and read policies but cannot create, will only see a dropdown of existing policies

path "sys/policies*" {
    capabilities = ["read", "list"]
}
path "identity/entity/*" {
  capabilities = ["read", "update", "list", "create"]
}
path "identity/group/*" {
  capabilities = ["read", "update", "list", "create"]
}

Example B:

user cannot list or create policies, string list input appears

path "sys/policies*" {
    capabilities = ["read"]
}
path "identity/entity/*" {
  capabilities = ["read", "update", "list", "create"]
}
path "identity/group/*" {
  capabilities = ["read", "update", "list", "create"]
}

Type RGP is disabled unless the user has Sentinel (enterprise feature)

ui/lib/core/addon/components/search-select-with-modal.js

zofskeez

Nice work! I left some comments. It's probably out of the scope of this work but given the complexity of the SearchSelect component I'm surprised that we have somewhat duplicated it for the modal version. It would be great if we could incorporate the modal into the primary component if possible but I'm not familiar with the component and would love to learn more about it.

ui/app/components/identity/edit-form.js

ui/app/components/policy-form.js

ui/app/templates/components/identity/edit-form.hbs

ui/app/templates/components/policy-form.hbs

ui/lib/core/addon/components/form-field.hbs

ui/lib/core/addon/components/search-select-with-modal.hbs

ui/tests/acceptance/policies-acl-old-test.js

ui/app/models/identity/entity.js

ui/app/templates/components/identity/edit-form.hbs

ui/lib/core/addon/components/form-field.hbs

hellobontempo · 2022-11-15T23:53:50Z

ui/lib/core/addon/components/form-field.js

@@ -42,6 +42,23 @@ import { dasherize } from 'vault/helpers/dasherize';
 */

 export default class FormFieldComponent extends Component {
+  // alphabetical list of all editTypes if they hide <FormFieldLabel>
+  shouldHideLabel = {


Curious about feedback here. Having this object felt like a nice, concise way to document the list of different edit types and quickly reference whether or not they render a <FormFieldLabel>.

But if this feels overly complicated I can refactor to more similarly mimic the template's original conditional

Nice! I wonder if we could iterate on this in the future and export it somewhere and then consume the different types in models as well?

ui/lib/core/addon/components/form-field.js

hashishaw

Wowza, great work on this! A few more things to address, although none are major. I'll play around with the branch and then approve if it looks good from there

ui/app/components/policy-form.js

ui/lib/core/addon/components/form-field.js

ui/lib/core/addon/components/search-select-with-modal.js

hashishaw · 2022-11-16T17:38:25Z

ui/lib/core/addon/components/search-select-with-modal.js

  handleChange() {
    if (this.selectedOptions.length && typeof this.selectedOptions.firstObject === 'object') {
-      if (this.passObject) {


I understand we might not need this in the modal version, but at some point we had to be able know in the parent whether the user picked a new item, so that we could show the form inline. Maybe in a future where the two components are merged, we can only show forms in a modal? 🤩

ui/lib/core/addon/components/search-select-with-modal.js

ui/tests/integration/components/search-select-with-modal-test.js

zofskeez

Nice work!

ui/app/components/policy-form.js

ui/app/templates/components/identity/edit-form.hbs

zofskeez · 2022-11-16T16:50:28Z

ui/lib/core/addon/components/form-field.js

@@ -42,6 +42,23 @@ import { dasherize } from 'vault/helpers/dasherize';
 */

 export default class FormFieldComponent extends Component {
+  // alphabetical list of all editTypes if they hide <FormFieldLabel>
+  shouldHideLabel = {


Nice! I wonder if we could iterate on this in the future and export it somewhere and then consume the different types in models as well?

ui/lib/core/addon/components/form-field.hbs

ui/lib/core/addon/components/search-select-with-modal.hbs

ui/lib/core/addon/components/search-select-with-modal.js

Includes fixing the wizard

github-advanced-security

Semgrep Scanner found more than 10 potential problems in the proposed changes. Check the Files changed tab for more details.

ui/app/components/modal-form/oidc-assignment-template.js

hashishaw

😭 it's beautiful, let's ship it

Really though, great work on this and loved the collaboration involved!

ui/app/components/modal-form/oidc-assignment-template.js

ui/app/components/policy-form.js

refactor ss+modal to accept multiple models

ca57d91

hellobontempo commented Oct 31, 2022

View reviewed changes

ui/lib/core/addon/components/search-select-with-modal.js Show resolved Hide resolved

hellobontempo added 6 commits October 31, 2022 14:16

create policy form

8bfe0ac

cleanup and fix test

81762c8

add tabs to policy modal form

b901de6

add search select with modal to entity form

0f535f5

update group form;

8c8147b

allow modal to fit-content

8f8e77c

hellobontempo marked this pull request as ready for review November 1, 2022 23:08

hellobontempo added 6 commits November 1, 2022 16:11

add changelog

232a529

add check for policy create ability

4f23b7c

add id so tests pass

cb2a708

filter out root option

1160dc7

fix test

f44ba2a

add cleanup method

0abf3c1

hellobontempo commented Nov 2, 2022

View reviewed changes

ui/lib/core/addon/components/search-select-with-modal.js Outdated Show resolved Hide resolved

hellobontempo added the ui label Nov 2, 2022

hellobontempo added this to the 1.13.0-rc1 milestone Nov 2, 2022

add ACL policy link

73e1f2f

zofskeez reviewed Nov 7, 2022

View reviewed changes

hellobontempo added 3 commits November 7, 2022 11:53

cleanup from comments

5253a3e

refactor sending action to parent

258346b

refactor, data down actions up!

96cea9f