Add ability to manage and grant IAM permissions as policy
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@@ -28,7 +28,7 @@ const template = `
|
||||
v-if="field.type === 'display' && (Array.isArray(field.hidden) ? !field.hidden.includes(mode) : !field.hidden) && (typeof field.if !== 'function' || field.if(data))"
|
||||
v-html="typeof field.display === 'function' ? field.display(data) : field.display"
|
||||
></span>
|
||||
<span v-if="field.type.startsWith('select') && (Array.isArray(field.hidden) ? !field.hidden.includes(mode) : !field.hidden) && (typeof field.if !== 'function' || field.if(data))">
|
||||
<span v-if="field.type.startsWith('select') && (Array.isArray(field.hidden) ? !field.hidden.includes(mode) : !field.hidden) && (typeof field.if !== 'function' || field.if(data, field.options))">
|
||||
<label :for="uuid+field.field">{{ field.name }}</label>
|
||||
<select
|
||||
:id="uuid+field.field"
|
||||
|
||||
@@ -60,6 +60,12 @@ export default class SideBarComponent extends Component {
|
||||
type: 'resource',
|
||||
resource: 'iam/Policy',
|
||||
},
|
||||
{
|
||||
text: 'IAM Permissions',
|
||||
action: 'list',
|
||||
type: 'resource',
|
||||
resource: 'iam/Permission',
|
||||
},
|
||||
{
|
||||
text: 'Computers',
|
||||
action: 'list',
|
||||
|
||||
87
app/assets/app/resource/iam/Permission.resource.js
Normal file
87
app/assets/app/resource/iam/Permission.resource.js
Normal file
@@ -0,0 +1,87 @@
|
||||
import CRUDBase from '../CRUDBase.js'
|
||||
|
||||
class PermissionResource extends CRUDBase {
|
||||
constructor() {
|
||||
super()
|
||||
|
||||
this.endpoint = '/api/v1/iam/permission'
|
||||
this.required_fields = ['target_type', 'permission']
|
||||
this.permission_base = 'v1:iam:permission'
|
||||
|
||||
this.item = 'IAM Permission'
|
||||
this.plural = 'IAM Permissions'
|
||||
|
||||
this.listing_definition = {
|
||||
display: `Permissions are custom actions that can be performed on a given IAM target by the subject.`,
|
||||
columns: [
|
||||
{
|
||||
name: 'Target Type',
|
||||
field: 'target_type',
|
||||
renderer: type => type.split('_').map(x => `${x.charAt(0).toUpperCase()}${x.slice(1)}`).join(' '),
|
||||
},
|
||||
{
|
||||
name: 'Permission',
|
||||
field: 'permission',
|
||||
},
|
||||
],
|
||||
actions: [
|
||||
{
|
||||
type: 'resource',
|
||||
position: 'main',
|
||||
action: 'insert',
|
||||
text: 'Create New',
|
||||
color: 'success',
|
||||
},
|
||||
{
|
||||
type: 'resource',
|
||||
position: 'row',
|
||||
action: 'update',
|
||||
icon: 'fa fa-edit',
|
||||
color: 'primary',
|
||||
},
|
||||
{
|
||||
type: 'resource',
|
||||
position: 'row',
|
||||
action: 'delete',
|
||||
icon: 'fa fa-times',
|
||||
color: 'danger',
|
||||
confirm: true,
|
||||
},
|
||||
],
|
||||
}
|
||||
|
||||
this.form_definition = {
|
||||
fields: [
|
||||
{
|
||||
name: 'Target Type',
|
||||
field: 'target_type',
|
||||
required: true,
|
||||
type: 'select',
|
||||
options: [
|
||||
{display: 'Application', value: 'application'},
|
||||
{display: 'Api Scope', value: 'api_scope'},
|
||||
{display: 'Machine', value: 'machine'},
|
||||
{display: 'Machine Group', value: 'machine_group'},
|
||||
],
|
||||
},
|
||||
{
|
||||
name: 'Permission',
|
||||
field: 'permission',
|
||||
required: true,
|
||||
type: 'text',
|
||||
},
|
||||
],
|
||||
/*handlers: {
|
||||
insert: {
|
||||
action: 'back',
|
||||
},
|
||||
update: {
|
||||
action: 'back',
|
||||
},
|
||||
},*/
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
const iam_permission = new PermissionResource()
|
||||
export { iam_permission }
|
||||
@@ -41,6 +41,11 @@ class PolicyResource extends CRUDBase {
|
||||
name: 'Target',
|
||||
field: 'target_display',
|
||||
},
|
||||
{
|
||||
name: 'Permission',
|
||||
field: 'permission',
|
||||
renderer: permission => permission || '-',
|
||||
},
|
||||
],
|
||||
actions: [
|
||||
{
|
||||
@@ -174,6 +179,70 @@ class PolicyResource extends CRUDBase {
|
||||
},
|
||||
if: (form_data) => form_data.target_type === 'machine_group'
|
||||
},
|
||||
{
|
||||
name: 'Permission',
|
||||
field: 'permission',
|
||||
required: false,
|
||||
type: 'select.dynamic',
|
||||
options: {
|
||||
resource: 'iam/Permission',
|
||||
display: 'permission',
|
||||
value: 'permission',
|
||||
other_params: {
|
||||
target_type: 'application',
|
||||
include_unset: true,
|
||||
},
|
||||
},
|
||||
if: (form_data, opts) => form_data.target_type === 'application' && opts?.length
|
||||
},
|
||||
{
|
||||
name: 'Permission',
|
||||
field: 'permission',
|
||||
required: false,
|
||||
type: 'select.dynamic',
|
||||
options: {
|
||||
resource: 'iam/Permission',
|
||||
display: 'permission',
|
||||
value: 'permission',
|
||||
other_params: {
|
||||
target_type: 'api_scope',
|
||||
include_unset: true,
|
||||
},
|
||||
},
|
||||
if: (form_data, opts) => form_data.target_type === 'api_scope' && opts?.length
|
||||
},
|
||||
{
|
||||
name: 'Permission',
|
||||
field: 'permission',
|
||||
required: false,
|
||||
type: 'select.dynamic',
|
||||
options: {
|
||||
resource: 'iam/Permission',
|
||||
display: 'permission',
|
||||
value: 'permission',
|
||||
other_params: {
|
||||
target_type: 'machine',
|
||||
include_unset: true,
|
||||
},
|
||||
},
|
||||
if: (form_data, opts) => form_data.target_type === 'machine' && opts?.length
|
||||
},
|
||||
{
|
||||
name: 'Permission',
|
||||
field: 'permission',
|
||||
required: false,
|
||||
type: 'select.dynamic',
|
||||
options: {
|
||||
resource: 'iam/Permission',
|
||||
display: 'permission',
|
||||
value: 'permission',
|
||||
other_params: {
|
||||
target_type: 'machine_group',
|
||||
include_unset: true,
|
||||
},
|
||||
},
|
||||
if: (form_data, opts) => form_data.target_type === 'machine_group' && opts?.length
|
||||
},
|
||||
],
|
||||
/*handlers: {
|
||||
insert: {
|
||||
|
||||
Reference in New Issue
Block a user