random-mirrors
/
cosmos-explorer
mirror of https://github.com/Azure/cosmos-explorer.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Support data plane RBAC

This commit is contained in:
Senthamil Sindhu 2024-06-14 12:12:30 -07:00
parent ef7c2fe2f7
commit 10a8505b9a
7 changed files with 118 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Common/Constants.ts
View File

@ -179,6 +179,9 @@ export class CassandraProxyAPIs {
export class Queries { export class Queries {
public static CustomPageOption: string = "custom"; public static CustomPageOption: string = "custom";
public static UnlimitedPageOption: string = "unlimited"; public static UnlimitedPageOption: string = "unlimited";
public static setAutomaticRBACOption: string = "Automatic";
public static setTrueRBACOption: string = "True";
public static setFalseRBACOption: string = "False";
public static itemsPerPage: number = 100; public static itemsPerPage: number = 100;
public static unlimitedItemsPerPage: number = 100; // TODO: Figure out appropriate value so it works for accounts with a large number of partitions public static unlimitedItemsPerPage: number = 100; // TODO: Figure out appropriate value so it works for accounts with a large number of partitions
public static containersPerPage: number = 50; public static containersPerPage: number = 50;

45
src/Explorer/Panes/SettingsPane/SettingsPane.tsx
View File

@ -41,6 +41,13 @@ export const SettingsPane: FunctionComponent<{ explorer: Explorer }> = ({
? Constants.Queries.UnlimitedPageOption ? Constants.Queries.UnlimitedPageOption
: Constants.Queries.CustomPageOption, : Constants.Queries.CustomPageOption,
); );
const [enableDataPlaneRBACOption, setEnableDataPlaneRBACOption] = useState<string>(
LocalStorageUtility.getEntryString(StorageKey.DataPlaneRbacEnabled) === Constants.Queries.setAutomaticRBACOption
? Constants.Queries.setAutomaticRBACOption
: LocalStorageUtility.getEntryString(StorageKey.DataPlaneRbacEnabled) === Constants.Queries.setTrueRBACOption
? Constants.Queries.setTrueRBACOption
: Constants.Queries.setFalseRBACOption
);
const [ruThresholdEnabled, setRUThresholdEnabled] = useState<boolean>(isRUThresholdEnabled()); const [ruThresholdEnabled, setRUThresholdEnabled] = useState<boolean>(isRUThresholdEnabled());
const [ruThreshold, setRUThreshold] = useState<number>(getRUThreshold()); const [ruThreshold, setRUThreshold] = useState<number>(getRUThreshold());
const [queryTimeoutEnabled, setQueryTimeoutEnabled] = useState<boolean>( const [queryTimeoutEnabled, setQueryTimeoutEnabled] = useState<boolean>(
@ -110,7 +117,14 @@ export const SettingsPane: FunctionComponent<{ explorer: Explorer }> = ({
StorageKey.ActualItemPerPage, StorageKey.ActualItemPerPage,
isCustomPageOptionSelected() ? customItemPerPage : Constants.Queries.unlimitedItemsPerPage, isCustomPageOptionSelected() ? customItemPerPage : Constants.Queries.unlimitedItemsPerPage,
); );
LocalStorageUtility.setEntryNumber(StorageKey.CustomItemPerPage, customItemPerPage); LocalStorageUtility.setEntryNumber(StorageKey.CustomItemPerPage, customItemPerPage);
LocalStorageUtility.setEntryString(
StorageKey.DataPlaneRbacEnabled,
enableDataPlaneRBACOption
);
LocalStorageUtility.setEntryBoolean(StorageKey.RUThresholdEnabled, ruThresholdEnabled); LocalStorageUtility.setEntryBoolean(StorageKey.RUThresholdEnabled, ruThresholdEnabled);
LocalStorageUtility.setEntryBoolean(StorageKey.QueryTimeoutEnabled, queryTimeoutEnabled); LocalStorageUtility.setEntryBoolean(StorageKey.QueryTimeoutEnabled, queryTimeoutEnabled);
LocalStorageUtility.setEntryNumber(StorageKey.RetryAttempts, retryAttempts); LocalStorageUtility.setEntryNumber(StorageKey.RetryAttempts, retryAttempts);
@ -197,6 +211,12 @@ export const SettingsPane: FunctionComponent<{ explorer: Explorer }> = ({
{ key: Constants.PriorityLevel.High, text: "High" }, { key: Constants.PriorityLevel.High, text: "High" },
]; ];
const dataPlaneRBACOptionsList: IChoiceGroupOption[] = [
{ key: Constants.Queries.setAutomaticRBACOption, text: "Automatic" },
{ key: Constants.Queries.setTrueRBACOption, text: "True" },
{ key: Constants.Queries.setFalseRBACOption, text: "False"}
];
const handleOnPriorityLevelOptionChange = ( const handleOnPriorityLevelOptionChange = (
ev: React.FormEvent<HTMLInputElement>, ev: React.FormEvent<HTMLInputElement>,
option: IChoiceGroupOption, option: IChoiceGroupOption,
@ -208,6 +228,10 @@ export const SettingsPane: FunctionComponent<{ explorer: Explorer }> = ({
setPageOption(option.key); setPageOption(option.key);
}; };
const handleOnDataPlaneRBACOptionChange = (ev: React.FormEvent<HTMLInputElement>, option: IChoiceGroupOption): void => {
setEnableDataPlaneRBACOption(option.key);
};
const handleOnRUThresholdToggleChange = (ev: React.MouseEvent<HTMLElement>, checked?: boolean): void => { const handleOnRUThresholdToggleChange = (ev: React.MouseEvent<HTMLElement>, checked?: boolean): void => {
setRUThresholdEnabled(checked); setRUThresholdEnabled(checked);
}; };
@ -361,6 +385,27 @@ export const SettingsPane: FunctionComponent<{ explorer: Explorer }> = ({
</div> </div>
</div> </div>
)} )}
{(
<div className="settingsSection">
<div className="settingsSectionPart">
<fieldset>
<legend id="enableDataPlaneRBACOptions" className="settingsSectionLabel legendLabel">
Enable DataPlane RBAC
</legend>
<InfoTooltip>
Choose Automatic to enable DataPlane RBAC automatically. True/False to voluntarily enable/disable DataPlane RBAC
</InfoTooltip>
<ChoiceGroup
ariaLabelledBy="enableDataPlaneRBACOptions"
selectedKey={enableDataPlaneRBACOption}
options={dataPlaneRBACOptionsList}
styles={choiceButtonStyles}
onChange={handleOnDataPlaneRBACOptionChange}
/>
</fieldset>
</div>
</div>
)}
{userContext.apiType === "SQL" && ( {userContext.apiType === "SQL" && (
<> <>
<div className="settingsSection"> <div className="settingsSection">

1
src/Explorer/Tables/TableDataClient.ts
View File

@ -733,7 +733,6 @@ export class CassandraAPIDataClient extends TableDataClient {
private useCassandraProxyEndpoint(api: string): boolean { private useCassandraProxyEndpoint(api: string): boolean {
const activeCassandraProxyEndpoints: string[] = [ const activeCassandraProxyEndpoints: string[] = [
// CassandraProxyEndpoints.Development,
CassandraProxyEndpoints.Mpac, CassandraProxyEndpoints.Mpac,
CassandraProxyEndpoints.Prod, CassandraProxyEndpoints.Prod,
]; ];

2
src/Platform/Hosted/extractFeatures.ts
View File

@ -14,6 +14,7 @@ export type Features = {
readonly enableTtl: boolean; readonly enableTtl: boolean;
readonly executeSproc: boolean; readonly executeSproc: boolean;
readonly enableAadDataPlane: boolean; readonly enableAadDataPlane: boolean;
readonly enableDataPlaneRbac: boolean;
readonly enableResourceGraph: boolean; readonly enableResourceGraph: boolean;
readonly enableKoResourceTree: boolean; readonly enableKoResourceTree: boolean;
readonly hostedDataExplorer: boolean; readonly hostedDataExplorer: boolean;
@ -74,6 +75,7 @@ export function extractFeatures(given = new URLSearchParams(window.location.sear
canExceedMaximumValue: "true" === get("canexceedmaximumvalue"), canExceedMaximumValue: "true" === get("canexceedmaximumvalue"),
cosmosdb: "true" === get("cosmosdb"), cosmosdb: "true" === get("cosmosdb"),
enableAadDataPlane: "true" === get("enableaaddataplane"), enableAadDataPlane: "true" === get("enableaaddataplane"),
enableDataPlaneRbac: "true" === get("enabledataplanerbac"),
enableResourceGraph: "true" === get("enableresourcegraph"), enableResourceGraph: "true" === get("enableresourcegraph"),
enableChangeFeedPolicy: "true" === get("enablechangefeedpolicy"), enableChangeFeedPolicy: "true" === get("enablechangefeedpolicy"),
enableFixedCollectionWithSharedThroughput: "true" === get("enablefixedcollectionwithsharedthroughput"), enableFixedCollectionWithSharedThroughput: "true" === get("enablefixedcollectionwithsharedthroughput"),

3
src/Shared/StorageUtility.ts
View File

@ -5,6 +5,9 @@ import * as StringUtility from "./StringUtility";
export { LocalStorageUtility, SessionStorageUtility }; export { LocalStorageUtility, SessionStorageUtility };
export enum StorageKey { export enum StorageKey {
ActualItemPerPage, ActualItemPerPage,
DataPlaneRbacEnabled,
DataPlaneRbacDisabled,
isDataPlaneRbacAutomatic,
RUThresholdEnabled, RUThresholdEnabled,
RUThreshold, RUThreshold,
QueryTimeoutEnabled, QueryTimeoutEnabled,

1
src/UserContext.ts
View File

@ -101,6 +101,7 @@ interface UserContext {
sampleDataConnectionInfo?: ParsedResourceTokenConnectionString; sampleDataConnectionInfo?: ParsedResourceTokenConnectionString;
readonly vcoreMongoConnectionParams?: VCoreMongoConnectionParams; readonly vcoreMongoConnectionParams?: VCoreMongoConnectionParams;
readonly feedbackPolicies?: AdminFeedbackPolicySettings; readonly feedbackPolicies?: AdminFeedbackPolicySettings;
readonly dataPlaneRbacEnabled?: boolean;
} }
export type ApiType = "SQL" | "Mongo" | "Gremlin" | "Tables" | "Cassandra" | "Postgres" | "VCoreMongo"; export type ApiType = "SQL" | "Mongo" | "Gremlin" | "Tables" | "Cassandra" | "Postgres" | "VCoreMongo";

62
src/hooks/useKnockoutExplorer.ts
View File

@ -4,6 +4,7 @@ import { FABRIC_RPC_VERSION, FabricMessageV2 } from "Contracts/FabricMessagesCon
import Explorer from "Explorer/Explorer"; import Explorer from "Explorer/Explorer";
import { useSelectedNode } from "Explorer/useSelectedNode"; import { useSelectedNode } from "Explorer/useSelectedNode";
import { scheduleRefreshDatabaseResourceToken } from "Platform/Fabric/FabricUtil"; import { scheduleRefreshDatabaseResourceToken } from "Platform/Fabric/FabricUtil";
import { LocalStorageUtility, StorageKey } from "Shared/StorageUtility";
import { getNetworkSettingsWarningMessage } from "Utils/NetworkUtility"; import { getNetworkSettingsWarningMessage } from "Utils/NetworkUtility";
import { logConsoleError } from "Utils/NotificationConsoleUtils"; import { logConsoleError } from "Utils/NotificationConsoleUtils";
import { useQueryCopilot } from "hooks/useQueryCopilot"; import { useQueryCopilot } from "hooks/useQueryCopilot";
@ -270,9 +271,31 @@ async function configureHostedWithAAD(config: AAD): Promise<Explorer> {
} }
} }
try { try {
if(LocalStorageUtility.hasItem(StorageKey.DataPlaneRbacEnabled)) {
var isDataPlaneRbacSetting = LocalStorageUtility.getEntryString(StorageKey.DataPlaneRbacEnabled);
if (isDataPlaneRbacSetting == "Automatic")
{
if (!account.properties.disableLocalAuth) { if (!account.properties.disableLocalAuth) {
keys = await listKeys(subscriptionId, resourceGroup, account.name); keys = await listKeys(subscriptionId, resourceGroup, account.name);
} }
else {
updateUserContext({
dataPlaneRbacEnabled: true
});
}
}
else if(isDataPlaneRbacSetting == "True") {
updateUserContext({
dataPlaneRbacEnabled: true
});
}
else {
keys = await listKeys(subscriptionId, resourceGroup, account.name);
updateUserContext({
dataPlaneRbacEnabled: false
});
}
}
} catch (e) { } catch (e) {
if (userContext.features.enableAadDataPlane) { if (userContext.features.enableAadDataPlane) {
console.warn(e); console.warn(e);
@ -393,8 +416,9 @@ async function configurePortal(): Promise<Explorer> {
updateUserContext({ updateUserContext({
authType: AuthType.AAD, authType: AuthType.AAD,
}); });
let explorer: Explorer; let explorer: Explorer;
return new Promise((resolve) => { return new Promise(async (resolve) => {
// In development mode, try to load the iframe message from session storage. // In development mode, try to load the iframe message from session storage.
// This allows webpack hot reload to function properly in the portal // This allows webpack hot reload to function properly in the portal
if (process.env.NODE_ENV === "development" && !window.location.search.includes("disablePortalInitCache")) { if (process.env.NODE_ENV === "development" && !window.location.search.includes("disablePortalInitCache")) {
@ -407,6 +431,7 @@ async function configurePortal(): Promise<Explorer> {
console.dir(message); console.dir(message);
updateContextsFromPortalMessage(message); updateContextsFromPortalMessage(message);
explorer = new Explorer(); explorer = new Explorer();
// In development mode, save the iframe message from the portal in session storage. // In development mode, save the iframe message from the portal in session storage.
// This allows webpack hot reload to funciton properly // This allows webpack hot reload to funciton properly
if (process.env.NODE_ENV === "development") { if (process.env.NODE_ENV === "development") {
@ -419,7 +444,7 @@ async function configurePortal(): Promise<Explorer> {
// In the Portal, configuration of Explorer happens via iframe message // In the Portal, configuration of Explorer happens via iframe message
window.addEventListener( window.addEventListener(
"message", "message",
(event) => { async (event) => {
if (isInvalidParentFrameOrigin(event)) { if (isInvalidParentFrameOrigin(event)) {
return; return;
} }
@ -449,6 +474,37 @@ async function configurePortal(): Promise<Explorer> {
setTimeout(() => explorer.openNPSSurveyDialog(), 3000); setTimeout(() => explorer.openNPSSurveyDialog(), 3000);
} }
let dbAccount = userContext.databaseAccount;
let keys: DatabaseAccountListKeysResult = {};
const account = userContext.databaseAccount;
const subscriptionId = userContext.subscriptionId;
const resourceGroup = userContext.resourceGroup;
if(LocalStorageUtility.hasItem(StorageKey.DataPlaneRbacEnabled)) {
var isDataPlaneRbacSetting = LocalStorageUtility.getEntryString(StorageKey.DataPlaneRbacEnabled);
if (isDataPlaneRbacSetting == "Automatic")
{
if (!account.properties.disableLocalAuth) {
keys = await listKeys(subscriptionId, resourceGroup, account.name);
}
else {
updateUserContext({
dataPlaneRbacEnabled: true
});
}
}
else if(isDataPlaneRbacSetting == "True") {
updateUserContext({
dataPlaneRbacEnabled: true
});
}
else {
keys = await listKeys(subscriptionId, resourceGroup, account.name);
updateUserContext({
dataPlaneRbacEnabled: false
});
}
}
if (openAction) { if (openAction) {
handleOpenAction(openAction, useDatabases.getState().databases, explorer); handleOpenAction(openAction, useDatabases.getState().databases, explorer);
} }
@ -471,7 +527,9 @@ async function configurePortal(): Promise<Explorer> {
); );
sendReadyMessage(); sendReadyMessage();
}); });
} }
function shouldForwardMessage(message: PortalMessage, messageOrigin: string) { function shouldForwardMessage(message: PortalMessage, messageOrigin: string) {