HSC-1209: Remove UX when user does not have the correct permissions #1 #849
Conversation
| that.clusterActions = []; | ||
|
|
||
| if (canCreateOrg || isAdmin) { | ||
| that.clusterActions.push(createOrg); |
There was a problem hiding this comment.
authModel.isAllowed(that.clusterGuid, authModel.resources.organization, authModel.actions.create); whill check if the user is an admin or not. Therefore the || isAdmin check is redundant.
| } | ||
| if (canCreateSpace || isAdmin) { | ||
| that.clusterActions.push(createSpace); | ||
| } |
| } | ||
| if (canAssignUsers || isAdmin) { | ||
| that.clusterActions.push(assignUsers); | ||
| } |
There was a problem hiding this comment.
I think we need to keep this one, there's a path that doesn't go through authModel.isAllowed and instead uses org/space manager count
| function init() { | ||
| this.showManageRoles = function () { | ||
| return that.canUserManageRoles() || that.isAdmin; | ||
| }; |
There was a problem hiding this comment.
canUserManageRoles takes care of the isAdmin check via the authModel.
| that.userActions[0].disabled = !that.canUserManageRoles(); | ||
| this.showRemoveFromSpace = function () { | ||
| return that.canUserRemoveFromSpace() || that.isAdmin; | ||
| }; |
|
|
||
| this.showRemoveFromOrg = function () { | ||
| return that.canUserRemoveFromOrg() || that.isAdmin; | ||
| }; |
| @@ -23,7 +23,7 @@ | |||
| <dd>{{ orgSummaryTileCtrl.getEndpoint() }}</dd> | |||
| <dt translate>CF Interactions</dt> | |||
| <dd> | |||
| <a ng-click="orgSummaryTileCtrl.cliCommands.show(orgSummaryTileCtrl.getEndpoint(), orgSummaryTileCtrl.userName, orgSummaryTileCtrl.organization.details.org.entity.name)" | |||
| <a ng-click="orgSummaryTileCtrl.cliCommands.show(orgSummaryTileCtrl.getEndpoint(), orgSummaryTileCtrl.userName, orgSummaryTileCtrl.clusterGuid, orgSummaryTileCtrl.organization)" | |||
| class="btn btn-link" translate>CLI Commands</a> | |||
There was a problem hiding this comment.
For improved readability, could we refactor this to a method on the controller like orgSummaryTileCtrl.showCliCommands()
|
LGTM, there are some redundant conditions which should never be hit, therefore can be removed. |
|
LGTM |
Remove features when user has no permissions to execute. This improves the experience for non-admins where previously options were provided to them that could never be enabled.
Covers endpoints side of console. Applications side to come