Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-02-04 00:18:01 +01:00
Code Issues Projects Releases Wiki Activity

chore: UI SCIM guard for users (#6859)

Browse Source 
https://linear.app/unleash/issue/2-2092/ui-should-not-allow-manual-management-of-scim-managed-users-in-unleash

Adds a UI SCIM guard when trying to manage users.

The condition for the guard is:
 - Enterprise
 - SCIM flag enabled
 - SCIM setting enabled
 - SCIM user


![image](https://github.com/Unleash/unleash/assets/14320932/8a5451f1-0d6e-48ba-b090-bb5832c0e9ec)
This commit is contained in:
Nuno Góis 2024-04-15 14:04:41 +01:00 committed by GitHub
parent 3d60c2acd0
commit 279d3431eb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 24 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
frontend/src/component/admin/users/UsersList/UsersActionsCell/UsersActionsCell.tsx
View File

@ -20,6 +20,7 @@ interface IUsersActionsCellProps {
onChangePassword: (event: React.SyntheticEvent) => void; onChangePassword: (event: React.SyntheticEvent) => void;
onResetPassword: (event: React.SyntheticEvent) => void; onResetPassword: (event: React.SyntheticEvent) => void;
onDelete: (event: React.SyntheticEvent) => void; onDelete: (event: React.SyntheticEvent) => void;
scimEnabled?: boolean;
} }
export const UsersActionsCell: VFC<IUsersActionsCellProps> = ({ export const UsersActionsCell: VFC<IUsersActionsCellProps> = ({
@ -28,7 +29,11 @@ export const UsersActionsCell: VFC<IUsersActionsCellProps> = ({
onChangePassword, onChangePassword,
onResetPassword, onResetPassword,
onDelete, onDelete,
scimEnabled,
}) => { }) => {
const scimTooltip =
'This user is managed by your SCIM provider and cannot be changed manually';
return ( return (
<StyledBox> <StyledBox>
<PermissionIconButton <PermissionIconButton
@ -36,8 +41,9 @@ export const UsersActionsCell: VFC<IUsersActionsCellProps> = ({
onClick={onEdit} onClick={onEdit}
permission={ADMIN} permission={ADMIN}
tooltipProps={{ tooltipProps={{
title: 'Edit user', title: scimEnabled ? scimTooltip : 'Edit user',
}} }}
disabled={scimEnabled}
> >
<Edit /> <Edit />
</PermissionIconButton> </PermissionIconButton>
@ -63,8 +69,9 @@ export const UsersActionsCell: VFC<IUsersActionsCellProps> = ({
onClick={onChangePassword} onClick={onChangePassword}
permission={ADMIN} permission={ADMIN}
tooltipProps={{ tooltipProps={{
title: 'Change password', title: scimEnabled ? scimTooltip : 'Change password',
}} }}
disabled={scimEnabled}
> >
<Lock /> <Lock />
</PermissionIconButton> </PermissionIconButton>
@ -73,8 +80,9 @@ export const UsersActionsCell: VFC<IUsersActionsCellProps> = ({
onClick={onResetPassword} onClick={onResetPassword}
permission={ADMIN} permission={ADMIN}
tooltipProps={{ tooltipProps={{
title: 'Reset password', title: scimEnabled ? scimTooltip : 'Reset password',
}} }}
disabled={scimEnabled}
> >
<LockReset /> <LockReset />
</PermissionIconButton> </PermissionIconButton>
@ -83,8 +91,9 @@ export const UsersActionsCell: VFC<IUsersActionsCellProps> = ({
onClick={onDelete} onClick={onDelete}
permission={ADMIN} permission={ADMIN}
tooltipProps={{ tooltipProps={{
title: 'Remove user', title: scimEnabled ? scimTooltip : 'Remove user',
}} }}
disabled={scimEnabled}
> >
<Delete /> <Delete />
</PermissionIconButton> </PermissionIconButton>

11
frontend/src/component/admin/users/UsersList/UsersList.tsx
View File

@ -38,6 +38,7 @@ import Download from '@mui/icons-material/Download';
import { StyledUsersLinkDiv } from '../Users.styles'; import { StyledUsersLinkDiv } from '../Users.styles';
import { useUiFlag } from 'hooks/useUiFlag'; import { useUiFlag } from 'hooks/useUiFlag';
import useUiConfig from '../../../../hooks/api/getters/useUiConfig/useUiConfig'; import useUiConfig from '../../../../hooks/api/getters/useUiConfig/useUiConfig';
import { useScimSettings } from 'hooks/api/getters/useScimSettings/useScimSettings';
const UsersList = () => { const UsersList = () => {
const navigate = useNavigate(); const navigate = useNavigate();
@ -56,6 +57,11 @@ const UsersList = () => {
open: false, open: false,
}); });
const userAccessUIEnabled = useUiFlag('userAccessUIEnabled'); const userAccessUIEnabled = useUiFlag('userAccessUIEnabled');
const {
settings: { enabled: scimSettingEnabled },
} = useScimSettings();
const scimFlagEnabled = useUiFlag('scimApi');
const scimEnabled = isEnterprise() && scimSettingEnabled && scimFlagEnabled;
const [delDialog, setDelDialog] = useState(false); const [delDialog, setDelDialog] = useState(false);
const [showConfirm, setShowConfirm] = useState(false); const [showConfirm, setShowConfirm] = useState(false);
const [emailSent, setEmailSent] = useState(false); const [emailSent, setEmailSent] = useState(false);
@ -193,7 +199,9 @@ const UsersList = () => {
Header: 'Actions', Header: 'Actions',
id: 'Actions', id: 'Actions',
align: 'center', align: 'center',
Cell: ({ row: { original: user } }: any) => ( Cell: ({
row: { original: user },
}: { row: { original: IUser } }) => (
<UsersActionsCell <UsersActionsCell
onEdit={() => { onEdit={() => {
navigate(`/admin/users/${user.id}/edit`); navigate(`/admin/users/${user.id}/edit`);
@ -210,6 +218,7 @@ const UsersList = () => {
onChangePassword={openPwDialog(user)} onChangePassword={openPwDialog(user)}
onResetPassword={openResetPwDialog(user)} onResetPassword={openResetPwDialog(user)}
onDelete={openDelDialog(user)} onDelete={openDelDialog(user)}
scimEnabled={scimEnabled && Boolean(user.scimId)}
/> />
), ),
width: userAccessUIEnabled ? 240 : 200, width: userAccessUIEnabled ? 240 : 200,

1
frontend/src/interfaces/user.ts
View File

@ -17,6 +17,7 @@ export interface IUser {
paid?: boolean; paid?: boolean;
addedAt?: string; addedAt?: string;
accountType?: AccountType; accountType?: AccountType;
scimId?: string;
} }
export interface IPermission { export interface IPermission {