Joseph Doherty
869be660fd
v2-ci / build (push) Failing after 49s
v2-ci / unit-tests (tests/Core/ZB.MOM.WW.OtOpcUa.Cluster.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.ControlPlane.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.OpcUaServer.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.Runtime.Tests) (push) Has been skipped
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.Security.Tests) (push) Has been skipped
v2-ci / integration (tests/Server/ZB.MOM.WW.OtOpcUa.Host.IntegrationTests) (push) Has been skipped
v2-ci / integration (tests/Server/ZB.MOM.WW.OtOpcUa.OpcUaServer.IntegrationTests) (push) Has been skipped
Removes the internal-roadmap deferral banners (the original request that seeded this work); kept the genuinely useful operator descriptions.
99 lines
3.9 KiB
Plaintext
99 lines
3.9 KiB
Plaintext
@page "/clusters/{ClusterId}/acls"
|
|
@attribute [Microsoft.AspNetCore.Authorization.Authorize]
|
|
@rendermode RenderMode.InteractiveServer
|
|
@using Microsoft.EntityFrameworkCore
|
|
@using ZB.MOM.WW.OtOpcUa.Configuration
|
|
@using ZB.MOM.WW.OtOpcUa.Configuration.Entities
|
|
@inject IDbContextFactory<OtOpcUaConfigDbContext> DbFactory
|
|
|
|
<div class="d-flex justify-content-between align-items-center mb-3">
|
|
<h4 class="mb-0">ACLs · <span class="mono">@ClusterId</span></h4>
|
|
<a href="/clusters/@ClusterId/acls/new" class="btn btn-primary btn-sm">New ACL grant</a>
|
|
</div>
|
|
|
|
<ClusterNav ClusterId="@ClusterId" ActiveTab="acls" />
|
|
|
|
@if (_rows is null)
|
|
{
|
|
<p>Loading…</p>
|
|
}
|
|
else
|
|
{
|
|
<section class="panel notice rise" style="animation-delay:.02s">
|
|
ACL rows grant LDAP groups specific <span class="mono">NodePermissions</span> on a scope
|
|
(a folder, an equipment, a tag). Per-cluster role grants were dropped in favour of
|
|
fleet-wide LDAP-group → role mapping; ACLs here are the finer-grained per-node scope.
|
|
</section>
|
|
|
|
<section class="panel rise mt-3" style="animation-delay:.08s">
|
|
<div class="panel-head">@_rows.Count ACL row@(_rows.Count == 1 ? "" : "s")</div>
|
|
@if (_rows.Count == 0)
|
|
{
|
|
<div style="padding:1rem" class="text-muted">No ACL rows for this cluster — default permissions from the fleet-wide LDAP group mapping apply.</div>
|
|
}
|
|
else
|
|
{
|
|
<div class="table-wrap">
|
|
<table class="data-table">
|
|
<thead>
|
|
<tr>
|
|
<th>NodeAclId</th>
|
|
<th>LDAP group</th>
|
|
<th>Scope</th>
|
|
<th>Scope target</th>
|
|
<th>Permissions</th>
|
|
<th>Notes</th>
|
|
<th></th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
@foreach (var a in _rows)
|
|
{
|
|
<tr>
|
|
<td><span class="mono small">@a.NodeAclId</span></td>
|
|
<td><span class="mono">@a.LdapGroup</span></td>
|
|
<td>@a.ScopeKind</td>
|
|
<td><span class="mono small">@(a.ScopeId ?? "—")</span></td>
|
|
<td>
|
|
@foreach (var perm in PermissionChips(a.PermissionFlags))
|
|
{
|
|
<span class="chip chip-idle me-1">@perm</span>
|
|
}
|
|
</td>
|
|
<td class="text-muted small">@(a.Notes ?? "")</td>
|
|
<td><a href="/clusters/@ClusterId/acls/@a.NodeAclId" class="btn btn-sm btn-outline-primary">Edit</a></td>
|
|
</tr>
|
|
}
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
}
|
|
</section>
|
|
}
|
|
|
|
@code {
|
|
[Parameter] public string ClusterId { get; set; } = "";
|
|
private List<NodeAcl>? _rows;
|
|
|
|
protected override async Task OnInitializedAsync()
|
|
{
|
|
await using var db = await DbFactory.CreateDbContextAsync();
|
|
_rows = await db.NodeAcls.AsNoTracking()
|
|
.Where(a => a.ClusterId == ClusterId)
|
|
.OrderBy(a => a.NodeAclId)
|
|
.ToListAsync();
|
|
}
|
|
|
|
private static IEnumerable<string> PermissionChips(ZB.MOM.WW.OtOpcUa.Configuration.Enums.NodePermissions flags)
|
|
{
|
|
foreach (var v in Enum.GetValues<ZB.MOM.WW.OtOpcUa.Configuration.Enums.NodePermissions>())
|
|
{
|
|
// Skip None (zero) and composite values that aren't single bits.
|
|
var n = (int)v;
|
|
if (n == 0) continue;
|
|
if ((n & (n - 1)) != 0) continue;
|
|
if (flags.HasFlag(v)) yield return v.ToString();
|
|
}
|
|
}
|
|
}
|