ui: Correct responses for restricted access to non-admin users#50869
ui: Correct responses for restricted access to non-admin users#50869craig[bot] merged 5 commits intocockroachdb:masterfrom
Conversation
|
This change is |
pkg/server/admin.go
Outdated
| } | ||
|
|
||
| if !isAdmin { | ||
| return nil, errInsufficientPrivilege |
There was a problem hiding this comment.
Wondering if the better thing to do in these cases is find a good way to pass the SQL privilege error through to the UI. Otherwise we get stuck "double checking" all these instances which is both error prone and confusing.
Did you explore that option @koorosh? I think sticking to SQL as "the truth" as much as possible will be good here because the permissions model will change in the future but as long as we use the SQL-level error the UI will always be doing the right thing.
There was a problem hiding this comment.
Good question. My concern is that we have role_members table with an explicit isAdmin field to indicate users' privilege. I thought it is the source of truth right now. Will it be changed in the future?
I agree that right we don't handle permission error in a generic way with other possible SQL errors but on the other hand, restricted access for querying tables isn't the only reason for permission errors (for instance, it could be restricted depending on context).
There was a problem hiding this comment.
@dhartunian since last discussion, there was a change on server which introduced unified validation for admin permissions (2be60c1) so now it returns "this operation requires admin privilege" error message from server.
current:
This information is not available due to the current value of the 'server.remote_debugging.mode' setting.
message from server:
RequestError: this operation requires admin privilege
@Annebirzin , would it be okay to show server message instead of current one?
There was a problem hiding this comment.
@koorosh yep I think this is actually more clear than the current message
dhartunian
left a comment
There was a problem hiding this comment.
Reviewable status:
complete! 0 of 0 LGTMs obtained (waiting on @Annebirzin, @elkmaster, and @koorosh)
pkg/server/admin.go, line 1501 at r3 (raw file):
Previously, Annebirzin (Anne Birzin) wrote…
@koorosh yep I think this is actually more clear than the current message
Sounds good @koorosh, use the new requireAdminUser function in these places.
7d6fb82 to
f03fe4a
Compare
31c9bdc to
b1ed0a1
Compare
dhartunian
left a comment
There was a problem hiding this comment.
Reviewed 10 of 10 files at r9, 2 of 2 files at r10, 3 of 3 files at r11, 2 of 2 files at r12, 5 of 5 files at r13.
Reviewable status:
pkg/ui/src/views/cluster/containers/events/index.tsx, line 181 at r10 (raw file):
loading={!events} error={lastError} render={this.renderContent}
I think renderContent needs to be bound to this in this component, otherwise the Events page fails to render. Or change renderContent so it doesn't depend on this.props. I wasn't able to get it to render without doing that.
pkg/ui/src/views/shared/components/loading/loading.spec.tsx, line 19 at r11 (raw file):
import Loading from "src/views/shared/components/loading"; import { ReactWrapper, mount } from "enzyme"; import { InlineAlert } from "oss/src/components/inlineAlert/inlineAlert";
remove oss
b1ed0a1 to
357cc4a
Compare
|
Updated PR with fix for Events page and also updated imports to use direct imports from |
dhartunian
left a comment
There was a problem hiding this comment.
Does this need a version bump for admin-ui-components to pick up latest Loading version?
Reviewed 22 of 22 files at r14.
Reviewable status:
357cc4a to
93df8ed
Compare
Correct, bumped |
|
@koorosh now there's a conflict w/ |
Current change reuses `requireAdminUser` function to validate whether user has admin role to request resources or not for Events endpoint. In addition, removed unnecessary validation for admin role on Locations endpoint. This endpoint can be accessed by users without admin role as well. Release note: none
Previously, request handlers for node locations and eventslogs didn't check if user has admin role or not and proceeds with attempt to query data from tables with granted permissions for admin users only. This error handled as server error then. Current change validates if user has admin role before requesting data from tables and responds with Permission denied error when user doesn't have admin role. Release note (admin ui change): Show Permission denied error on Node Map and Events views for non-admin users.
Loading component is responsible to provide feedback for user whether data is ready, is loading or failed to load with some error. Previously, when loading failed, error message was rendered inside of Loading component. Now, rendering of errors are delegated to InlineAlert component. Loading component is responsible to properly map error data to InlineAlert props. And it has to take into account next cases: - single error - multiple errors with the same intent - multiple errors with different intent - Restricted permissions error is handled as special case and has to be rendered as "info" alert. Release note (admin ui change): Redesign inline error alerts on pages. Alerts that shown when user has insufficient rights to see some resources (for instance non admin user on Databases page).
Initially, Admin UI messages for restricted permissions were custom and didn't provide enough details. Now, client consumes and decodes server Response errors and displays error messages provided by server. Release note (ui change): Show error messages provided by server instead of custom generic messages defined on client side. For instance, messages about permission restrictions to show pages for non-admin roles
93df8ed to
07da94c
Compare
Currently, Loading component has been defined in two projects: in pkg/ui and admin-ui-components which caused code duplication. admin-ui-components package has updated component styles so it is reused in Admin UI. To avoid extra changes across entire project, Loading component is re-exported from its initial location to preserve the same import paths where it is used. Release note (ui change): display error messages provided by server in alert messages (for instance when permissions denied to display some page).
07da94c to
fd16474
Compare
dhartunian
left a comment
There was a problem hiding this comment.
Reviewed 29 of 29 files at r15, 1 of 2 files at r16.
Reviewable status:
|
bors r+ |
|
Build succeeded: |
Resolves #48152, #50360
Depends on cockroachdb/admin-ui-components#37
Depends on cockroachdb/yarn-vendored#44
Previously, request handlers for node locations and eventslogs didn't
check if the user has an admin role or not and proceeds with an attempt to query
data from tables with granted permissions for admin users only. This
error handled as server error then.
Current change validates if a user has admin role before requesting
data from tables and responds with Permission denied error when user
doesn't have an admin role.
UI changes:
Screens
Single info message (Restricted permissions)
Single error message
Multiple error messages
