Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

change capabilities logic for sudo prefixes #5647

Merged
merged 6 commits into from
Oct 31, 2018
Merged

change capabilities logic for sudo prefixes #5647

merged 6 commits into from
Oct 31, 2018

Conversation

madalynrose
Copy link
Contributor

specifically for sys/leases/revoke with update capability

@madalynrose madalynrose requested a review from a team October 30, 2018 17:14
meirish
meirish reviewed Oct 30, 2018
View reviewed changes
ui/tests/unit/models/capabilities-test.js
})
);
assert.ok(model.get('canRead'));
assert.notOk(model.get('canCreate'), 'sudo requires the capability to be set as well');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this doesn't have to do with sudo, just that create wasn't in the capabilities list.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's in every test so I just left it

meirish
meirish reviewed Oct 30, 2018
View reviewed changes
ui/tests/unit/models/capabilities-test.js
assert.ok(model.get('canUpdate'), 'should not require sudo if it has update');
assert.notOk(model.get('canDelete'));
assert.notOk(model.get('canList'));
});
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add another test for the paths in the SUDO_PREFIX arg too to make sure they are requiring sudo?

So for path: 'sys/leases/revoke-prefix/aws' with capabilities "update", canUpdate should be false, but with "update", "sudo", canUpdate should be true.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added a couple. Do they look right?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yassss - perfect!

meirish
meirish previously approved these changes Oct 30, 2018
View reviewed changes
Copy link
Contributor

@meirish meirish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Woot, nice! I think it'd be good to cover the other case too (where we want to require sudo because the API does). Hopefully all this can be simplified in the future with OpenAPI though 🤞.

meirish
meirish approved these changes Oct 31, 2018
View reviewed changes
Copy link
Contributor

@meirish meirish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome! 👍

@chrishoffman chrishoffman added this to the 1.0 milestone Oct 31, 2018
@madalynrose madalynrose merged commit 6576251 into master Oct 31, 2018
@madalynrose madalynrose deleted the lease-capabilities branch October 31, 2018 15:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@meirish meirish meirish approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.0
Development

Successfully merging this pull request may close these issues.
3 participants
@madalynrose @meirish @chrishoffman