From 40dabb6ee746495fce9ffc80055337674046b230 Mon Sep 17 00:00:00 2001 From: Wei Zhou Date: Mon, 23 May 2022 12:58:51 +0200 Subject: [PATCH] UI: fix create vpc private gateway for regular user (#6400) * UI: display 'egress/ipv6/publicip' tabs only for domain/root admin and the owner please note (1) isolated networks only . (2) networks in project are not impacted. the tabs are always visible. (3) 'network permission' tab is also only visible for domain/root admin and the owner. but not visible in project view. * UI: fix create vpc private gateway for regular user --- ui/src/config/section/network.js | 8 ++++---- ui/src/views/network/VpcTab.vue | 19 ++++++++++++++----- 2 files changed, 18 insertions(+), 9 deletions(-) diff --git a/ui/src/config/section/network.js b/ui/src/config/section/network.js index 03aa388b4ae..94e7ffeabc1 100644 --- a/ui/src/config/section/network.js +++ b/ui/src/config/section/network.js @@ -58,15 +58,15 @@ export default { }, { name: 'egress.rules', component: shallowRef(defineAsyncComponent(() => import('@/views/network/EgressRulesTab.vue'))), - show: (record) => { return record.type === 'Isolated' && !('vpcid' in record) && 'listEgressFirewallRules' in store.getters.apis } + show: (record, route, user) => { return record.type === 'Isolated' && !('vpcid' in record) && 'listEgressFirewallRules' in store.getters.apis && (['Admin', 'DomainAdmin'].includes(user.roletype) || record.account === user.account || record.projectid) } }, { name: 'ip.v6.firewall', component: shallowRef(defineAsyncComponent(() => import('@/views/network/Ipv6FirewallRulesTab.vue'))), - show: (record) => { return record.type === 'Isolated' && ['IPv6', 'DualStack'].includes(record.internetprotocol) && !('vpcid' in record) && 'listIpv6FirewallRules' in store.getters.apis } + show: (record, route, user) => { return record.type === 'Isolated' && ['IPv6', 'DualStack'].includes(record.internetprotocol) && !('vpcid' in record) && 'listIpv6FirewallRules' in store.getters.apis && (['Admin', 'DomainAdmin'].includes(user.roletype) || record.account === user.account || record.projectid) } }, { name: 'public.ip.addresses', component: shallowRef(defineAsyncComponent(() => import('@/views/network/IpAddressesTab.vue'))), - show: (record) => { return (record.type === 'Isolated' || record.type === 'Shared') && !('vpcid' in record) && 'listPublicIpAddresses' in store.getters.apis } + show: (record, route, user) => { return 'listPublicIpAddresses' in store.getters.apis && (record.type === 'Shared' || (record.type === 'Isolated' && !('vpcid' in record) && (['Admin', 'DomainAdmin'].includes(user.roletype) || record.account === user.account || record.projectid))) } }, { name: 'virtual.routers', component: shallowRef(defineAsyncComponent(() => import('@/views/network/RoutersTab.vue'))), @@ -78,7 +78,7 @@ export default { }, { name: 'network.permissions', component: shallowRef(defineAsyncComponent(() => import('@/views/network/NetworkPermissions.vue'))), - show: (record, route, user) => { return 'listNetworkPermissions' in store.getters.apis && record.acltype === 'Account' && !('vpcid' in record) && (['Admin', 'DomainAdmin'].includes(user.roletype) || record.account === user.account) } + show: (record, route, user) => { return 'listNetworkPermissions' in store.getters.apis && record.acltype === 'Account' && !('vpcid' in record) && (['Admin', 'DomainAdmin'].includes(user.roletype) || record.account === user.account) && !record.projectid } }, { name: 'events', diff --git a/ui/src/views/network/VpcTab.vue b/ui/src/views/network/VpcTab.vue index e8b0c13314a..2b7ab94cd9b 100644 --- a/ui/src/views/network/VpcTab.vue +++ b/ui/src/views/network/VpcTab.vue @@ -156,7 +156,7 @@ :model="form" :rules="rules" > - +