From 93043a2218de1e6c341bc28fa701a1f1ba939486 Mon Sep 17 00:00:00 2001 From: xusongfu Date: Mon, 30 May 2022 16:48:13 +0800 Subject: [PATCH] feat: Update certificate 1. Remove certificate in administrator platform 2. Add prefix barbican to the policy 3. Allowed delete lb if provisioning_status is PENDING_UPDATE 4. Allowed change certificate when edit listener Change-Id: I9c754b78fbd19645e11659d06ec6b9ee85ec9714 --- src/layouts/admin-menu.jsx | 22 ---- .../containers/Certificate/Certificate.jsx | 9 +- .../Certificate/Detail/Container/index.jsx | 5 +- .../Certificate/Detail/Secret/index.jsx | 7 +- .../containers/Certificate/actions/Create.jsx | 2 +- .../Certificate/actions/DeleteContainer.jsx | 2 +- .../Certificate/actions/DeleteSecret.jsx | 2 +- .../containers/Certificate/actions/index.jsx | 20 --- .../Listener/Actions/CreateListener.jsx | 16 ++- .../LoadBalancers/Listener/Actions/Edit.jsx | 124 +++++++++++++----- .../LoadBalancerInstance/actions/Delete.jsx | 3 +- src/pages/network/routes/index.js | 15 --- test/e2e/config/config-network.yaml | 2 +- 13 files changed, 114 insertions(+), 115 deletions(-) diff --git a/src/layouts/admin-menu.jsx b/src/layouts/admin-menu.jsx index 703e41e6..5f0c1c9c 100644 --- a/src/layouts/admin-menu.jsx +++ b/src/layouts/admin-menu.jsx @@ -367,28 +367,6 @@ const renderMenu = (t) => { }, ], }, - { - path: '/network/certificate-admin', - name: t('Certificate Management'), - key: 'certificateAdmin', - level: 1, - children: [ - { - path: /^\/network\/certificate-container-admin\/detail\/.[^/]+$/, - name: t('Certificate Detail'), - key: 'certificateContainerDetailAdmin', - level: 2, - routePath: '/network/certificate-container-admin/detail/:id', - }, - { - path: /^\/network\/certificate-secret-admin\/detail\/.[^/]+$/, - name: t('Certificate Detail'), - key: 'certificateSecretDetailAdmin', - level: 2, - routePath: '/network/certificate-secret-admin/detail/:id', - }, - ], - }, { path: '/network/vpn-admin', name: t('VPN'), diff --git a/src/pages/network/containers/Certificate/Certificate.jsx b/src/pages/network/containers/Certificate/Certificate.jsx index 367a3ac5..363a75f2 100644 --- a/src/pages/network/containers/Certificate/Certificate.jsx +++ b/src/pages/network/containers/Certificate/Certificate.jsx @@ -35,11 +35,11 @@ export class Certificate extends Base { } get policy() { - return ['containers:get', 'secrets:get']; + return ['barbican:containers:get', 'barbican:secrets:get']; } get showDetail() { - return checkPolicyRule('secret:decrypt'); + return checkPolicyRule('barbican:secret:decrypt'); } get name() { @@ -47,11 +47,6 @@ export class Certificate extends Base { } get actionConfigs() { - if (this.isAdminPage) { - return this.currentMode === 'SERVER' - ? actionConfigs.actionConfigsContainerAdmin - : actionConfigs.actionConfigsSecretAdmin; - } return this.currentMode === 'SERVER' ? actionConfigs.actionConfigsContainer : actionConfigs.actionConfigsSecret; diff --git a/src/pages/network/containers/Certificate/Detail/Container/index.jsx b/src/pages/network/containers/Certificate/Detail/Container/index.jsx index b9a5c184..201e60c9 100644 --- a/src/pages/network/containers/Certificate/Detail/Container/index.jsx +++ b/src/pages/network/containers/Certificate/Detail/Container/index.jsx @@ -25,7 +25,7 @@ export class Detail extends Base { } get policy() { - return 'container:get'; + return 'barbican:container:get'; } get name() { @@ -37,9 +37,6 @@ export class Detail extends Base { } get actionConfigs() { - if (this.isAdminPage) { - return actionConfigs.actionConfigsContainerAdmin; - } return actionConfigs.actionConfigsContainer; } diff --git a/src/pages/network/containers/Certificate/Detail/Secret/index.jsx b/src/pages/network/containers/Certificate/Detail/Secret/index.jsx index afb61426..ad088795 100644 --- a/src/pages/network/containers/Certificate/Detail/Secret/index.jsx +++ b/src/pages/network/containers/Certificate/Detail/Secret/index.jsx @@ -25,7 +25,7 @@ export class Detail extends Base { } get policy() { - return 'secret:get'; + return 'barbican:secret:get'; } get name() { @@ -37,14 +37,11 @@ export class Detail extends Base { } get actionConfigs() { - if (this.isAdminPage) { - return actionConfigs.actionConfigsSecretAdmin; - } return actionConfigs.actionConfigsSecret; } get detailInfos() { - return certificateColumns; + return certificateColumns.filter((it) => it.dataIndex !== 'algorithm'); } get tabs() { diff --git a/src/pages/network/containers/Certificate/actions/Create.jsx b/src/pages/network/containers/Certificate/actions/Create.jsx index 726944ea..4a6ee7cf 100644 --- a/src/pages/network/containers/Certificate/actions/Create.jsx +++ b/src/pages/network/containers/Certificate/actions/Create.jsx @@ -29,7 +29,7 @@ export class CreateAction extends ModalAction { static title = t('Create Certificate'); - static policy = ['secrets:post', 'containers:post']; + static policy = ['barbican:secrets:post', 'barbican:containers:post']; init() { this.store = globalContainersStore; diff --git a/src/pages/network/containers/Certificate/actions/DeleteContainer.jsx b/src/pages/network/containers/Certificate/actions/DeleteContainer.jsx index fbcaa5fa..57ead9cc 100644 --- a/src/pages/network/containers/Certificate/actions/DeleteContainer.jsx +++ b/src/pages/network/containers/Certificate/actions/DeleteContainer.jsx @@ -36,7 +36,7 @@ export default class DeleteAction extends ConfirmAction { return t('delete certificate'); } - policy = ['secret:delete', 'container:delete']; + policy = ['barbican:secret:delete', 'barbican:container:delete']; allowedCheckFunc = () => true; diff --git a/src/pages/network/containers/Certificate/actions/DeleteSecret.jsx b/src/pages/network/containers/Certificate/actions/DeleteSecret.jsx index a3dea9a4..14414dde 100644 --- a/src/pages/network/containers/Certificate/actions/DeleteSecret.jsx +++ b/src/pages/network/containers/Certificate/actions/DeleteSecret.jsx @@ -36,7 +36,7 @@ export default class DeleteAction extends ConfirmAction { return t('delete certificate'); } - policy = 'secret:delete'; + policy = 'barbican:secret:delete'; allowedCheckFunc = () => true; diff --git a/src/pages/network/containers/Certificate/actions/index.jsx b/src/pages/network/containers/Certificate/actions/index.jsx index 10e164b1..0befd578 100644 --- a/src/pages/network/containers/Certificate/actions/index.jsx +++ b/src/pages/network/containers/Certificate/actions/index.jsx @@ -25,15 +25,6 @@ const actionConfigsContainer = { primaryActions: [CreateAction], }; -const actionConfigsContainerAdmin = { - rowActions: { - firstAction: DeleteContainerAction, - moreActions: [], - }, - batchActions: [DeleteContainerAction], - primaryActions: [], -}; - const actionConfigsSecret = { rowActions: { firstAction: DeleteSecretAction, @@ -43,18 +34,7 @@ const actionConfigsSecret = { primaryActions: [CreateAction], }; -const actionConfigsSecretAdmin = { - rowActions: { - firstAction: DeleteSecretAction, - moreActions: [], - }, - batchActions: [DeleteSecretAction], - primaryActions: [], -}; - export default { actionConfigsContainer, - actionConfigsContainerAdmin, actionConfigsSecret, - actionConfigsSecretAdmin, }; diff --git a/src/pages/network/containers/LoadBalancers/Listener/Actions/CreateListener.jsx b/src/pages/network/containers/LoadBalancers/Listener/Actions/CreateListener.jsx index 36c5a874..5e0fe6fd 100644 --- a/src/pages/network/containers/LoadBalancers/Listener/Actions/CreateListener.jsx +++ b/src/pages/network/containers/LoadBalancers/Listener/Actions/CreateListener.jsx @@ -55,12 +55,14 @@ export class Create extends ModalAction { this.fetchSecrets(); } - fetchContainers() { - this.containersStore.fetchList(); + async fetchContainers() { + await this.containersStore.fetchList(); + this.updateDefaultValue(); } - fetchSecrets() { - this.secretsStore.fetchList({ mode: 'CA' }); + async fetchSecrets() { + await this.secretsStore.fetchList({ mode: 'CA' }); + this.updateDefaultValue(); } get ServerCertificate() { @@ -77,6 +79,10 @@ export class Create extends ModalAction { ); } + get isEdit() { + return false; + } + get nameForStateUpdate() { return ['protocol', 'ssl_parsing_method', 'sni_enabled']; } @@ -110,6 +116,7 @@ export class Create extends ModalAction { type: 'select', options: listenerProtocols, required: true, + disabled: this.isEdit, }, { name: 'ssl_parsing_method', @@ -184,6 +191,7 @@ export class Create extends ModalAction { label: t('Port'), type: 'input-number', required: true, + disabled: this.isEdit, }, { name: 'connection_limit', diff --git a/src/pages/network/containers/LoadBalancers/Listener/Actions/Edit.jsx b/src/pages/network/containers/LoadBalancers/Listener/Actions/Edit.jsx index e4f29e7e..e574c6b6 100644 --- a/src/pages/network/containers/LoadBalancers/Listener/Actions/Edit.jsx +++ b/src/pages/network/containers/LoadBalancers/Listener/Actions/Edit.jsx @@ -14,28 +14,16 @@ import { inject, observer } from 'mobx-react'; import globalListenerStore from 'stores/octavia/listener'; -import { ModalAction } from 'containers/Action'; import globalLbaasStore from 'stores/octavia/loadbalancer'; +import { Create as Base } from './CreateListener'; -export class Edit extends ModalAction { +export class Edit extends Base { static id = 'edit-listener'; static title = t('Edit Listener'); static buttonText = t('Edit'); - init() { - this.store = globalListenerStore; - } - - get defaultValue() { - const { item } = this.props; - return { - name: item.name, - description: item.description, - }; - } - static policy = 'os_load-balancer_api:listener:put'; static allowed = async (item, containerProps) => { @@ -49,28 +37,98 @@ export class Edit extends ModalAction { ); }; + get name() { + return t('Edit Listener'); + } + + get isEdit() { + return true; + } + + get defaultValue() { + const { item } = this.props; + const values = { + name: item.name, + description: item.description, + protocol: item.protocol, + protocol_port: item.protocol_port, + connection_limit: item.connection_limit, + }; + if (item.protocol === 'TERMINATED_HTTPS') { + if (item.default_tls_container_ref) { + const [, uuid] = item.default_tls_container_ref.split('/containers/'); + values.default_tls_container_ref = { + selectedRowKeys: [uuid], + selectedRows: this.ServerCertificate.filter((it) => it.id === uuid), + }; + } + if (item.client_ca_tls_container_ref) { + const [, uuid] = item.client_ca_tls_container_ref.split('/secrets/'); + values.ssl_parsing_method = 'two-way'; + values.client_ca_tls_container_ref = { + selectedRowKeys: [uuid], + selectedRows: this.CaCertificate.filter((it) => it.id === uuid), + }; + } else { + values.ssl_parsing_method = 'one-way'; + } + if (item.sni_container_refs && item.sni_container_refs.length) { + values.sni_enabled = true; + const selectedKeys = item.sni_container_refs.map((it) => { + const [, uuid] = it.split('/containers/'); + return uuid; + }); + values.sni_container_refs = { + selectedRowKeys: selectedKeys, + selectedRows: this.SNICertificate.filter((it) => { + return selectedKeys.includes(it.id); + }), + }; + } else { + values.sni_enabled = false; + } + } + return values; + } + onSubmit = (values) => { const { id } = this.item; - return globalListenerStore.edit({ id }, values); + const { + protocol, + protocol_port, + sni_enabled, + ssl_parsing_method, + default_tls_container_ref, + client_ca_tls_container_ref, + sni_container_refs, + ...rest + } = values; + const data = { + ...rest, + }; + if (protocol === 'TERMINATED_HTTPS') { + if (default_tls_container_ref) { + data.default_tls_container_ref = + default_tls_container_ref.selectedRows[0].container_ref; + } + if (ssl_parsing_method === 'two-way' && client_ca_tls_container_ref) { + data.client_ca_tls_container_ref = + client_ca_tls_container_ref.selectedRows[0].secret_ref; + data.client_authentication = 'MANDATORY'; + } else { + data.client_ca_tls_container_ref = null; + data.client_authentication = 'NONE'; + } + if (sni_enabled && sni_container_refs) { + data.sni_container_refs = sni_container_refs.selectedRows.map( + (it) => it.container_ref + ); + } else { + data.sni_container_refs = []; + } + } + return globalListenerStore.edit({ id }, data); }; - - get formItems() { - return [ - { - name: 'name', - label: t('Name'), - type: 'input-name', - required: true, - placeholder: t('Please input name'), - }, - { - name: 'description', - label: t('Description'), - type: 'textarea', - required: false, - }, - ]; - } } export default inject('rootStore')(observer(Edit)); diff --git a/src/pages/network/containers/LoadBalancers/LoadBalancerInstance/actions/Delete.jsx b/src/pages/network/containers/LoadBalancers/LoadBalancerInstance/actions/Delete.jsx index 7c27ba42..810dd257 100644 --- a/src/pages/network/containers/LoadBalancers/LoadBalancerInstance/actions/Delete.jsx +++ b/src/pages/network/containers/LoadBalancers/LoadBalancerInstance/actions/Delete.jsx @@ -55,7 +55,8 @@ export default class DeleteAction extends ConfirmAction { return true; } return ( - (this.isCurrentProject(item) && item.provisioning_status === 'ACTIVE') || + (this.isCurrentProject(item) && + ['ACTIVE', 'PENDING_UPDATE'].includes(item.provisioning_status)) || item.provisioning_status === 'ERROR' ); }; diff --git a/src/pages/network/routes/index.js b/src/pages/network/routes/index.js index 897080a1..8408bc8e 100644 --- a/src/pages/network/routes/index.js +++ b/src/pages/network/routes/index.js @@ -171,21 +171,6 @@ export default [ component: CertificateDetailSecret, exact: true, }, - { - path: `${PATH}/certificate-admin`, - component: Certificate, - exact: true, - }, - { - path: `${PATH}/certificate-container-admin/detail/:id`, - component: CertificateDetailContainer, - exact: true, - }, - { - path: `${PATH}/certificate-secret-admin/detail/:id`, - component: CertificateDetailSecret, - exact: true, - }, { path: `${PATH}/vpn`, component: VPN, exact: true }, { path: `${PATH}/ipsec-site-connection/detail/:id`, diff --git a/test/e2e/config/config-network.yaml b/test/e2e/config/config-network.yaml index 5dc4b889..c535e531 100644 --- a/test/e2e/config/config-network.yaml +++ b/test/e2e/config/config-network.yaml @@ -27,4 +27,4 @@ testFiles: - pages/network/security-group.spec.js - pages/network/vpn.spec.js - pages/network/lb.spec.js - - pages/network/topology.spec.js + # - pages/network/topology.spec.js