Disable features for buckets with constraints

#34

Disable features for buckets with constraints
b4bf8b67 · Daniel Göbel · dbf7d5b9 · b4bf8b67 · b4bf8b67 · b4bf8b67
Verified Commit b4bf8b67 authored 2 years ago by Daniel Göbel
--- a/src/components/BucketView.vue
+++ b/src/components/BucketView.vue
@@ -637,7 +637,7 @@ watch(
      <!-- Add bucket permission button -->
      <button
        v-if="!authStore.foreignUser"
-        :hidden="bucketRepository.getBucketPermission(props.bucketName) != null"
+        :hidden="!bucketRepository.permissionFeatureAllowed(props.bucketName)"
        type="button"
        class="btn btn-secondary m-2 tooltip-container"
        :disabled="errorLoadingObjects"
@@ -669,7 +669,7 @@ watch(
      />
      <button
        v-if="!authStore.foreignUser"
-        :hidden="bucketRepository.getBucketPermission(props.bucketName) != null"
+        :hidden="!bucketRepository.permissionFeatureAllowed(props.bucketName)"
        type="button"
        class="btn btn-secondary m-2 tooltip-container"
        :disabled="errorLoadingObjects"
@@ -852,7 +852,7 @@ watch(
                    <button
                      class="dropdown-item"
                      type="button"
-                      :disabled="!writableBucket || !readableBucket"
+                      :disabled="!readableBucket"
                      data-bs-toggle="modal"
                      data-bs-target="#copy-object-modal"
                      @click="objectState.copyObject = obj"

--- a/src/stores/buckets.ts
+++ b/src/stores/buckets.ts
 import { defineStore } from "pinia";
-import { BucketPermissionService, BucketService } from "@/client/s3proxy";
+import {
+  BucketPermissionService,
+  BucketService,
+  Constraint,
+} from "@/client/s3proxy";
 import type {
  BucketOut,
  BucketIn,
@@ -18,12 +22,33 @@ export const useBucketStore = defineStore({
      ownPermissions: Record<string, BucketPermissionOut>;
    }),
  getters: {
+    permissionFeatureAllowed(): (bucketName: string) => boolean {
+      return (bucketName) => {
+        // If a permission for the bucket exist, then false
+        if (this.ownPermissions[bucketName] != null) {
+          return false;
+        }
+        const bucket = this.buckets.find((b) => bucketName == b.name);
+        // If the bucket doesn't exist, then false
+        if (bucket == null) {
+          return false;
+        }
+        // If there is a constraint on the bucket, then false otherwise true
+        return bucket.owner_constraint == null;
+      };
+    },
    writableBuckets(): BucketOut[] {
-      return this.buckets.filter(
+      return this.buckets.filter((bucket) => {
-        (bucket) =>
+        const permission = this.ownPermissions[bucket.name];
-          this.ownPermissions[bucket.name] === undefined ||
+        if (permission != null) {
-          this.ownPermissions[bucket.name].permission !== "READ"
+          return permission.permission !== "READ";
-      );
+        }
+        // If the user owns the bucket, check the bucket constraint
+        return (
+          bucket.owner_constraint == null ||
+          bucket.owner_constraint == Constraint.WRITE
+        );
+      });
    },
    getBucketPermission(): (
      bucketName: string
@@ -31,14 +56,40 @@ export const useBucketStore = defineStore({
      return (bucketName) => this.ownPermissions[bucketName];
    },
    writableBucket(): (bucketName: string) => boolean {
-      return (bucketName) =>
+      return (bucketName) => {
-        this.ownPermissions[bucketName] === undefined ||
+        // If this is a foreign bucket, check that the user has write permission
-        this.ownPermissions[bucketName].permission !== "READ";
+        const permission = this.ownPermissions[bucketName];
+        if (permission != null) {
+          return permission.permission !== "READ";
+        }
+        // If the user owns the bucket, check the bucket constraint
+        const bucket = this.buckets.find((b) => bucketName == b.name);
+        if (bucket != null) {
+          return (
+            bucket.owner_constraint == null ||
+            bucket.owner_constraint == Constraint.WRITE
+          );
+        }
+        return false;
+      };
    },
    readableBucket(): (bucketName: string) => boolean {
-      return (bucketName) =>
+      return (bucketName) => {
-        this.ownPermissions[bucketName] === undefined ||
+        // If this is a foreign bucket, check that the user has read permission
-        this.ownPermissions[bucketName].permission !== "WRITE";
+        const permission = this.ownPermissions[bucketName];
+        if (permission != null) {
+          return permission.permission !== "WRITE";
+        }
+        // If the user owns the bucket, check the bucket constraint
+        const bucket = this.buckets.find((b) => bucketName == b.name);
+        if (bucket != null) {
+          return (
+            bucket.owner_constraint == null ||
+            bucket.owner_constraint == Constraint.READ
+          );
+        }
+        return false;
+      };
    },
  },
  actions: {

--- a/src/views/object-storage/BucketsView.vue
+++ b/src/views/object-storage/BucketsView.vue
@@ -60,7 +60,6 @@ onMounted(() => {
 <template>
  <DeleteModal
-    v-if="!authStore.foreignUser"
    modalID="delete-bucket-modal"
    :object-name-delete="bucketsState.potentialDeleteBucketName"
    :back-modal-id="undefined"
@@ -148,7 +147,7 @@ onMounted(() => {
            :active="false"
            :loading="true"
            :permission="undefined"
-            :deletable="!authStore.foreignUser"
+            :deletable="false"
            :bucket="{
              name: '',
              description: '',