Skip to content

Commit

Permalink
Remove HCL-parsing in favour of API-provided JSON
Browse files Browse the repository at this point in the history 
This is written assuming #6017 is merged as-is. It’s trivial
to change the property name if needed!
  • Loading branch information
@backspace
backspace committed Jul 25, 2019
1 parent d949352 commit 313552a
Show file tree
Hide file tree
Showing 6 changed files with 73 additions and 66 deletions.
17 changes: 9 additions & 8 deletions ui/app/abilities/job.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,17 +17,17 @@ export default Ability.extend({

rulesForActiveNamespace: computed(
'activeNamespace',
'token.selfTokenPolicies.@each.namespace' /* FIXME not quite */,
'token.selfTokenPolicies.@each.Namespaces' /* FIXME not quite */,
function() {
const activeNamespace = this.activeNamespace;

return (this.get('token.selfTokenPolicies') || []).toArray().reduce((rules, policy) => {
const policyNamespaces = getWithDefault(policy, 'rulesJson.namespace', {});
const policyNamespaces = getWithDefault(policy, 'rulesJSON.Namespaces', []);

const matchingNamespace = this._findMatchingNamespace(policyNamespaces, activeNamespace);

if (matchingNamespace) {
rules.push(policyNamespaces[matchingNamespace]);
rules.push(policyNamespaces.find(namespace => namespace.Name === matchingNamespace));
}

return rules;
Expand All @@ -40,20 +40,21 @@ export default Ability.extend({
'[email protected]',
function() {
return this.rulesForActiveNamespace.some(rules => {
const policy = rules.policy;
const capabilities = getWithDefault(rules, 'capabilities', []);
const policy = rules.Policy;
const capabilities = getWithDefault(rules, 'Capabilities', []);

return policy == 'write' || capabilities.includes('submit-job');
});
}
),

_findMatchingNamespace(policyNamespaces, activeNamespace) {
if (policyNamespaces[activeNamespace]) {
const namespaceNames = policyNamespaces.mapBy('Name');

if (namespaceNames.includes(activeNamespace)) {
return activeNamespace;
}

const namespaceNames = Object.keys(policyNamespaces);
const globNamespaceNames = namespaceNames.filter(namespaceName => namespaceName.includes('*'));

const matchingNamespaceName = globNamespaceNames.reduce(
Expand All @@ -80,7 +81,7 @@ export default Ability.extend({

if (matchingNamespaceName) {
return matchingNamespaceName;
} else if (policyNamespaces.default) {
} else if (namespaceNames.includes('default')) {
return 'default';
}
},
Expand Down
12 changes: 1 addition & 11 deletions ui/app/models/policy.js
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,9 @@
import Model from 'ember-data/model';
import attr from 'ember-data/attr';
import { computed } from '@ember/object';
import hclToJson from 'hcl-to-json';

export default Model.extend({
name: attr('string'),
description: attr('string'),
rules: attr('string'),

// FIXME remove if/when API can return rules in JSON
rulesJson: computed('rules', function() {
try {
return hclToJson(this.get('rules'));
} catch (e) {
return null;
}
}),
rulesJSON: attr(),
});
1 change: 0 additions & 1 deletion ui/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,6 @@
"eslint": "^5.16.0",
"flat": "^4.0.0",
"fuse.js": "^3.4.4",
"hcl-to-json": "^0.1.1",
"husky": "^1.3.1",
"ivy-codemirror": "^2.1.0",
"lint-staged": "^8.1.5",
Expand Down
21 changes: 21 additions & 0 deletions ui/tests/acceptance/jobs-list-test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,19 @@ module('Acceptance | jobs list', function(hooks) {
node {
policy = "read"
}`,
// TODO worth keeping HCL rules for comparison?
rulesJSON: {
Namespaces: [
{
Name: job1.namespaceId,
Policy: 'write',
},
{
Name: job2.namespaceId,
Capabilities: ['list-jobs'],
},
],
},
});

clientToken.policyIds = [policy.id];
Expand Down Expand Up @@ -133,6 +146,14 @@ module('Acceptance | jobs list', function(hooks) {
node {
policy = "read"
}`,
rulesJSON: {
Namespaces: [
{
Name: 'default',
Policy: 'write',
},
],
},
});

await JobsList.visit();
Expand Down
74 changes: 42 additions & 32 deletions ui/tests/unit/abilities/job-test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,12 +27,13 @@ module('Unit | Ability | job run FIXME just for ease of filtering', function(hoo
selfToken: { type: 'client' },
selfTokenPolicies: [
{
rulesJson: {
namespace: {
aNamespace: {
policy: 'write',
rulesJSON: {
Namespaces: [
{
Name: 'aNamespace',
Policy: 'write',
},
},
],
},
},
],
Expand All @@ -56,15 +57,17 @@ module('Unit | Ability | job run FIXME just for ease of filtering', function(hoo
selfToken: { type: 'client' },
selfTokenPolicies: [
{
rulesJson: {
namespace: {
aNamespace: {
policy: 'read',
rulesJSON: {
Namespaces: [
{
Name: 'aNamespace',
Policy: 'read',
},
default: {
policy: 'write',
{
Name: 'default',
Policy: 'write',
},
},
],
},
},
],
Expand All @@ -88,12 +91,13 @@ module('Unit | Ability | job run FIXME just for ease of filtering', function(hoo
selfToken: { type: 'client' },
selfTokenPolicies: [
{
rulesJson: {
namespace: {
aNamespace: {
policy: 'read',
rulesJSON: {
Namespaces: [
{
Name: 'aNamespace',
Policy: 'read',
},
},
],
},
},
],
Expand All @@ -117,27 +121,33 @@ module('Unit | Ability | job run FIXME just for ease of filtering', function(hoo
selfToken: { type: 'client' },
selfTokenPolicies: [
{
rulesJson: {
namespace: {
'production-*': {
policy: 'write',
rulesJSON: {
Namespaces: [
{
Name: 'production-*',
Policy: 'write',
},
'production-api': {
policy: 'write',
{
Name: 'production-api',
Policy: 'write',
},
'production-web': {
policy: 'deny',
{
Name: 'production-web',
Policy: 'deny',
},
'*-suffixed': {
policy: 'write',
{
Name: '*-suffixed',
Policy: 'write',
},
'*-more-suffixed': {
policy: 'deny',
{
Name: '*-more-suffixed',
Policy: 'deny',
},
'*-abc-*': {
policy: 'write',
{
Name: '*-abc-*',
Policy: 'write',
},
},
],
},
},
],
Expand Down
14 changes: 0 additions & 14 deletions ui/yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6200,15 +6200,6 @@ hash.js@^1.0.0, hash.js@^1.0.3:
inherits "^2.0.3"
minimalistic-assert "^1.0.1"

hcl-to-json@^0.1.1:
version "0.1.1"
resolved "https://registry.yarnpkg.com/hcl-to-json/-/hcl-to-json-0.1.1.tgz#39674aa2a5a4d2b4c2b6762c8196af4af4f12903"
integrity sha512-sj1RPsdgX/ilBGZGnyjbSHQbRe20hyA6VDXYBGJedHSCdwSWkr/7tr85N7FGeM7KvBjIQX7Gl897bo0Ug73Z/A==
dependencies:
debug "^3.0.1"
lodash.get "^4.4.2"
lodash.set "^4.3.2"

heimdalljs-fs-monitor@^0.2.2:
version "0.2.2"
resolved "https://registry.yarnpkg.com/heimdalljs-fs-monitor/-/heimdalljs-fs-monitor-0.2.2.tgz#a76d98f52dbf3aa1b7c20cebb0132e2f5eeb9204"
Expand Down Expand Up @@ -7537,11 +7528,6 @@ lodash.restparam@^3.0.0:
resolved "https://registry.yarnpkg.com/lodash.restparam/-/lodash.restparam-3.6.1.tgz#936a4e309ef330a7645ed4145986c85ae5b20805"
integrity sha1-k2pOMJ7zMKdkXtQUWYbIWuWyCAU=

lodash.set@^4.3.2:
version "4.3.2"
resolved "https://registry.yarnpkg.com/lodash.set/-/lodash.set-4.3.2.tgz#d8757b1da807dde24816b0d6a84bea1a76230b23"
integrity sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=

lodash.support@~2.3.0:
version "2.3.0"
resolved "https://registry.yarnpkg.com/lodash.support/-/lodash.support-2.3.0.tgz#7eaf038af4f0d6aab776b44aa6dcfc80334c9bfd"
Expand Down

0 comments on commit 313552a

Please sign in to comment.