This is an automated email from the ASF dual-hosted git repository.
scottyaslan pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new 0e373e9c21 NIFI-12833: (#8718)
0e373e9c21 is described below
commit 0e373e9c21cc6c633822374138280d14af427ff9
Author: Matt Gilman <[email protected]>
AuthorDate: Wed May 1 11:31:02 2024 -0400
NIFI-12833: (#8718)
- Reloading current user when any policy changes.
- Reloading the component for the policy whenever it's view permissions
changes.
This closes #8718
---
.../state/access-policy/access-policy.effects.ts | 16 +++++++++
.../component-access-policies.component.ts | 40 +++++++++++++++++++---
2 files changed, 51 insertions(+), 5 deletions(-)
diff --git
a/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi/src/app/pages/access-policies/state/access-policy/access-policy.effects.ts
b/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi/src/app/pages/access-policies/state/access-policy/access-policy.effects.ts
index 9037ed0ece..da1aa94c7a 100644
---
a/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi/src/app/pages/access-policies/state/access-policy/access-policy.effects.ts
+++
b/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi/src/app/pages/access-policies/state/access-policy/access-policy.effects.ts
@@ -36,6 +36,7 @@ import { selectUserGroups, selectUsers } from
'../tenants/tenants.selectors';
import { OverridePolicyDialog } from
'../../ui/common/override-policy-dialog/override-policy-dialog.component';
import { MEDIUM_DIALOG, SMALL_DIALOG } from '../../../../index';
import { HttpErrorResponse } from '@angular/common/http';
+import { loadCurrentUser } from
'../../../../state/current-user/current-user.actions';
@Injectable()
export class AccessPolicyEffects {
@@ -145,6 +146,9 @@ export class AccessPolicyEffects {
switchMap(([, resourceAction]) =>
from(this.accessPoliciesService.createAccessPolicy(resourceAction)).pipe(
map((response) => {
+ // reload the current user to reflect the latest
permission changes
+ this.store.dispatch(loadCurrentUser());
+
const accessPolicy: AccessPolicyEntity = response;
const policyStatus: PolicyStatus = PolicyStatus.Found;
@@ -219,6 +223,9 @@ export class AccessPolicyEffects {
})
).pipe(
map((response) => {
+ // reload the current user to reflect the latest
permission changes
+ this.store.dispatch(loadCurrentUser());
+
const accessPolicy: AccessPolicyEntity = response;
const policyStatus: PolicyStatus = PolicyStatus.Found;
@@ -326,6 +333,9 @@ export class AccessPolicyEffects {
map((response: any) => {
this.dialog.closeAll();
+ // reload the current user to reflect the latest
permission changes
+ this.store.dispatch(loadCurrentUser());
+
return AccessPolicyActions.loadAccessPolicySuccess({
response: {
accessPolicy: response,
@@ -396,6 +406,9 @@ export class AccessPolicyEffects {
return
from(this.accessPoliciesService.updateAccessPolicy(accessPolicy, users,
userGroups)).pipe(
map((response: any) => {
+ // reload the current user to reflect the latest
permission changes
+ this.store.dispatch(loadCurrentUser());
+
return AccessPolicyActions.loadAccessPolicySuccess({
response: {
accessPolicy: response,
@@ -449,6 +462,9 @@ export class AccessPolicyEffects {
switchMap(([, resourceAction, accessPolicy]) =>
from(this.accessPoliciesService.deleteAccessPolicy(accessPolicy)).pipe(
map(() => {
+ // reload the current user to reflect the latest
permission changes
+ this.store.dispatch(loadCurrentUser());
+
// the policy was removed, we need to reload the
policy for this resource and action to fetch
// the inherited policy or correctly when it's not
found
return AccessPolicyActions.loadAccessPolicy({
diff --git
a/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi/src/app/pages/access-policies/ui/component-access-policies/component-access-policies.component.ts
b/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi/src/app/pages/access-policies/ui/component-access-policies/component-access-policies.component.ts
index 7e7d9b4528..580346f5bd 100644
---
a/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi/src/app/pages/access-policies/ui/component-access-policies/component-access-policies.component.ts
+++
b/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi/src/app/pages/access-policies/ui/component-access-policies/component-access-policies.component.ts
@@ -21,8 +21,8 @@ import { selectCurrentUser } from
'../../../../state/current-user/current-user.s
import {
createAccessPolicy,
openAddTenantToPolicyDialog,
- promptOverrideAccessPolicy,
promptDeleteAccessPolicy,
+ promptOverrideAccessPolicy,
promptRemoveTenantFromPolicy,
reloadAccessPolicy,
resetAccessPolicyState,
@@ -32,6 +32,7 @@ import {
import { AccessPolicyState, RemoveTenantFromPolicyRequest } from
'../../state/access-policy';
import { initialState } from '../../state/access-policy/access-policy.reducer';
import {
+ selectAccessPolicy,
selectAccessPolicyState,
selectComponentResourceActionFromRoute
} from '../../state/access-policy/access-policy.selectors';
@@ -190,17 +191,46 @@ export class ComponentAccessPolicies implements OnInit,
OnDestroy {
resourceIdentifier: this.resourceIdentifier
};
+ // 'read' component policies are loaded every time the
policy is set so
+ // here we only need to conditionally load the component
for this policy
+ // when the action is not 'read' or the policy is not
'component'
+ if (this.action !== Action.Read || this.policy !==
'component') {
+ this.store.dispatch(
+ loadPolicyComponent({
+ request: {
+ componentResourceAction
+ }
+ })
+ );
+ }
+
+ // set the current policy
this.store.dispatch(
- loadPolicyComponent({
+ setAccessPolicy({
request: {
- componentResourceAction
+ resourceAction
}
})
);
+ }
+ });
+
+ this.store
+ .select(selectAccessPolicy)
+ .pipe(isDefinedAndNotNull(), takeUntilDestroyed())
+ .subscribe(() => {
+ // if the policy state has updated and it is the 'read' policy
for the
+ // 'component' then reload the component to reflect the latest
permissions
+ if (this.action === Action.Read && this.policy ===
'component') {
this.store.dispatch(
- setAccessPolicy({
+ loadPolicyComponent({
request: {
- resourceAction
+ componentResourceAction: {
+ policy: this.policy,
+ action: this.action,
+ resource: this.resource,
+ resourceIdentifier: this.resourceIdentifier
+ }
}
})
);
