From aecb22d7d55b94896da444690be9a25bc345bb1e Mon Sep 17 00:00:00 2001 From: Aaron Dalton Date: Wed, 22 Nov 2023 16:18:49 -0500 Subject: [PATCH] Fix eslint errors and update documentation --- docs/configs/settings.md | 7 ++-- src/pages/api/auth.js | 2 +- src/pages/index.jsx | 21 ++++++------ src/utils/auth/auth-helpers.js | 58 +++++++++++++++----------------- src/utils/auth/null.js | 12 ++++--- src/utils/auth/proxy.js | 16 ++++----- src/utils/config/api-response.js | 1 - 7 files changed, 59 insertions(+), 58 deletions(-) diff --git a/docs/configs/settings.md b/docs/configs/settings.md index 29e3537e..80a16447 100644 --- a/docs/configs/settings.md +++ b/docs/configs/settings.md @@ -451,11 +451,14 @@ Auth can be configured on the service, bookmark, and widget level using the `all - User3 ``` -Auth for groups can be set in the `groups` under `auth`. +Auth for groups can be set in the `groups` under `auth`. In general the `groups` tag follows the format of the `layout` +section. For example: ```yaml auth: groups: - My Service Group: + My Service Group: allowGroups: ['Group1', 'Group2'] + My Other Group: + allowGroups: ['Group1'] ``` \ No newline at end of file diff --git a/src/pages/api/auth.js b/src/pages/api/auth.js index 6d0d6033..bdc547db 100644 --- a/src/pages/api/auth.js +++ b/src/pages/api/auth.js @@ -7,7 +7,7 @@ export default async function handler(req, res) { try { if (checkAllowedGroup(provider.permissions(req), groups, group)) { - res.json({ group: group}) + res.json({group}) } else { res.status(401).json({message:"Group unathorized"}) } diff --git a/src/pages/index.jsx b/src/pages/index.jsx index 55724010..6721d6af 100644 --- a/src/pages/index.jsx +++ b/src/pages/index.jsx @@ -1,5 +1,5 @@ /* eslint-disable react/no-array-index-key */ -import useSWR, { unstable_serialize, SWRConfig } from "swr"; +import useSWR, { unstable_serialize as unstableSerialize, SWRConfig } from "swr"; import Head from "next/head"; import dynamic from "next/dynamic"; import classNames from "classnames"; @@ -9,6 +9,7 @@ import { BiError } from "react-icons/bi"; import { serverSideTranslations } from "next-i18next/serverSideTranslations"; import { useRouter } from "next/router"; +import NullAuthProvider from "utils/auth/null"; import Tab, { slugify } from "components/tab"; import FileContent from "components/filecontent"; import ServicesGroup from "components/services/group"; @@ -28,7 +29,7 @@ import themes from "utils/styles/themes"; import QuickLaunch from "components/quicklaunch"; import { getStoredProvider, searchProviders } from "components/widgets/search/search"; import { fetchWithAuth, readAuthSettings } from "utils/auth/auth-helpers"; -import { NullAuthProvider } from "utils/auth/null"; + const ThemeToggle = dynamic(() => import("components/toggles/theme"), { ssr: false, }); @@ -59,12 +60,12 @@ export async function getServerSideProps({req}) { props: { initialSettings: settings, fallback: { - [unstable_serialize(["/api/services", authContext])]: services, - [unstable_serialize(["/api/bookmarks", authContext])]: bookmarks, - [unstable_serialize(["/api/widgets", authContext])]: widgets, + [unstableSerialize(["/api/services", authContext])]: services, + [unstableSerialize(["/api/bookmarks", authContext])]: bookmarks, + [unstableSerialize(["/api/widgets", authContext])]: widgets, "/api/hash": false, }, - authContext: authContext, + authContext, ...(await serverSideTranslations(settings.language ?? "en")), }, }; @@ -77,12 +78,12 @@ export async function getServerSideProps({req}) { props: { initialSettings: {}, fallback: { - [unstable_serialize(["/api/services", authContext])]: [], - [unstable_serialize(["/api/bookmarks", authContext])]: [], - [unstable_serialize(["/api/widgets", authContext])]: [], + [unstableSerialize(["/api/services", authContext])]: [], + [unstableSerialize(["/api/bookmarks", authContext])]: [], + [unstableSerialize(["/api/widgets", authContext])]: [], "/api/hash": false, }, - authContext: authContext, + authContext, ...(await serverSideTranslations("en")), }, }; diff --git a/src/utils/auth/auth-helpers.js b/src/utils/auth/auth-helpers.js index 49b9e494..38d86708 100644 --- a/src/utils/auth/auth-helpers.js +++ b/src/utils/auth/auth-helpers.js @@ -1,5 +1,5 @@ -import { ProxyAuthProvider} from "./proxy"; -import { NullAuthProvider} from "./null"; +import ProxyAuthProvider from "./proxy"; +import NullAuthProvider from "./null"; const AuthProviders = { NullAuthProvider, @@ -7,7 +7,30 @@ const AuthProviders = { }; function getProviderByKey(key) { - return AuthProviders.find((provider) => provider.key == key) ?? NullAuthProvider; + return AuthProviders.find((provider) => provider.key === key) ?? NullAuthProvider; +} + +function authAllow({user, groups}, item) { + const groupAllow = (('allowGroups' in item)) && groups.some(group => item.allowGroups.includes(group)); + const userAllow = (('allowUsers' in item)) && item.allowUsers.includes(user); + const allowAll = (!('allowGroups' in item)) && (!('allowUsers' in item)); + + return userAllow || groupAllow || allowAll; +} + +export function checkAllowedGroup(perms, authGroups, groupName) { + const testGroup = authGroups.find((group) => group.name === groupName ) + return testGroup ? authAllow(perms, testGroup) : true +} + + +function filterAllowedItems(perms, authGroups, groups, groupKey) { + return groups.filter((group) => checkAllowedGroup(perms, authGroups, group.name)) + .map((group) => ({ + name: group.name, + [groupKey]: group[groupKey].filter((item) => authAllow(perms, item)) + })) + .filter((group) => group[groupKey].length); } export function readAuthSettings({provider, groups} = {}) { @@ -25,33 +48,6 @@ export async function fetchWithAuth(key, context) { return getProviderByKey(context.provider).fetch([key, context]); } -export function checkAllowedGroup(perms, authGroups, groupName) { - testGroup = authGroups.find((group) => group.name == groupName ) - return testGroup ? authAllow(perms, testGroup) : true -} - export const filterAllowedServices = (perms, authGroups, services) => filterAllowedItems(perms, authGroups, services, 'services'); export const filterAllowedBookmarks = (perms, authGroups, bookmarks) => filterAllowedItems(perms, authGroups, bookmarks, 'bookmarks'); -export const filterAllowedWidgets = (perms, widgets) => { - return widgets.filter((widget) => authItemFilter(perms, widget.options) ) -} - -function filterAllowedItems(perms, authGroups, groups, groupKey) { - return groups.filter((group) => checkAllowedGroup(perms, authGroups, group.name)) - .map((group) => ({ - name: group.name, - [groupKey]: group[groupKey].filter((item) => authAllow(perms, item)) - })) - .filter((group) => group[groupKey].length); -} - - - -function authAllow({user, groups}, item) { - const groupAllow = (('allowGroups' in item)) && groups.some(group => item.allowGroups.includes(group)); - const userAllow = (('allowUsers' in item)) && item.allowUsers.includes(user); - const allowAll = (!('allowGroups' in item)) && (!('allowUsers' in item)); - - return userAllow || groupAllow || allowAll; -} - +export const filterAllowedWidgets = (perms, widgets) => widgets.filter((widget) => authAllow(perms, widget.options)) \ No newline at end of file diff --git a/src/utils/auth/null.js b/src/utils/auth/null.js index f1656823..8b16bd3c 100644 --- a/src/utils/auth/null.js +++ b/src/utils/auth/null.js @@ -3,19 +3,21 @@ const NullAuthKey = "none" function createNullAuth() { return { - authorize: (request) => NullPermissions, - getContext: (request) => { return { + authorize: () => NullPermissions, + getContext: () => ({ provider: NullAuthKey - } }, + }), } } -async function fetchNullAuth([key, context]) { +async function fetchNullAuth([key]) { return fetch(key).then((res) => res.json()) } -export const NullAuthProvider = { +const NullAuthProvider = { key: NullAuthKey, create: createNullAuth, fetch: fetchNullAuth } + +export default NullAuthProvider; diff --git a/src/utils/auth/proxy.js b/src/utils/auth/proxy.js index 3369e62f..cb7e9355 100644 --- a/src/utils/auth/proxy.js +++ b/src/utils/auth/proxy.js @@ -3,21 +3,19 @@ const ProxyAuthKey="proxy" function getProxyPermissions(userHeader, groupHeader, request) { - const user = (userHeader)?request.headers.get(userHeader):None; + const user = (userHeader)?request.headers.get(userHeader):null; const groupsString = (groupHeader)?request.headers.get(groupHeader):""; - return {user: user, groups: (groupsString)?groupsString.split(",").map((v) => v.trimStart()):[]} + return {user, groups: (groupsString)?groupsString.split(",").map((v) => v.trimStart()):[]} } function createProxyAuth({groupHeader, userHeader}) { return { - getContext : (request) => { - return { + getContext : (request) => ({ type: ProxyAuthKey, ...userHeader && {[userHeader]: request.headers.get(userHeader) }, ...groupHeader && {[groupHeader]: request.headers.get(groupHeader)} - } - }, + }), authorize : (request) => getProxyPermissions(userHeader, groupHeader, request) } } @@ -26,8 +24,10 @@ async function fetchProxyAuth([key, context]) { return fetch(key, {headers: context.headers}).then((res) => res.json()) } -export const ProxyAuthProvider = { +const ProxyAuthProvider = { key: ProxyAuthKey, create: createProxyAuth, fetch: fetchProxyAuth -} \ No newline at end of file +} + +export default ProxyAuthProvider; \ No newline at end of file diff --git a/src/utils/config/api-response.js b/src/utils/config/api-response.js index 280a8268..311cda9a 100644 --- a/src/utils/config/api-response.js +++ b/src/utils/config/api-response.js @@ -12,7 +12,6 @@ import { servicesFromKubernetes, } from "utils/config/service-helpers"; import { cleanWidgetGroups, widgetsFromConfig } from "utils/config/widget-helpers"; - import { filterAllowedBookmarks, filterAllowedServices,