From 73781b243f2b1609fd8249316182256c87086e82 Mon Sep 17 00:00:00 2001 From: "david.watkins@db.com" Date: Thu, 11 Jul 2024 09:16:32 +0100 Subject: [PATCH 1/4] Model, dao and endpoint for Permissions viewer --- .../data/permission/PermissionViewDao.java | 77 +++++++++++++++++++ .../org/finos/waltz/model/EntityKind.java | 3 +- .../model/permission/PermissionViewItem.java | 25 ++++++ .../permission/PermissionViewService.java | 25 ++++++ .../endpoints/api/PermissionViewEndpoint.java | 49 ++++++++++++ 5 files changed, 178 insertions(+), 1 deletion(-) create mode 100644 waltz-data/src/main/java/org/finos/waltz/data/permission/PermissionViewDao.java create mode 100644 waltz-model/src/main/java/org/finos/waltz/model/permission/PermissionViewItem.java create mode 100644 waltz-service/src/main/java/org/finos/waltz/service/permission/PermissionViewService.java create mode 100644 waltz-web/src/main/java/org/finos/waltz/web/endpoints/api/PermissionViewEndpoint.java diff --git a/waltz-data/src/main/java/org/finos/waltz/data/permission/PermissionViewDao.java b/waltz-data/src/main/java/org/finos/waltz/data/permission/PermissionViewDao.java new file mode 100644 index 000000000..a1138d9ef --- /dev/null +++ b/waltz-data/src/main/java/org/finos/waltz/data/permission/PermissionViewDao.java @@ -0,0 +1,77 @@ +package org.finos.waltz.data.permission; + +import org.finos.waltz.model.EntityKind; +import org.finos.waltz.model.Operation; +import org.finos.waltz.model.permission.ImmutablePermissionViewItem; +import org.finos.waltz.model.permission.PermissionViewItem; +import org.finos.waltz.schema.Tables; +import org.finos.waltz.schema.tables.AssessmentDefinition; +import org.finos.waltz.schema.tables.InvolvementGroup; +import org.finos.waltz.schema.tables.InvolvementGroupEntry; +import org.finos.waltz.schema.tables.InvolvementKind; +import org.finos.waltz.schema.tables.MeasurableCategory; +import org.finos.waltz.schema.tables.PermissionGroupInvolvement; +import org.jooq.DSLContext; +import org.jooq.Field; +import org.jooq.impl.DSL; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Repository; + +import java.util.Set; + +import static org.finos.waltz.data.JooqUtilities.maybeReadRef; +import static org.finos.waltz.model.EntityReference.mkRef; + +@Repository +public class PermissionViewDao { + + private static final InvolvementGroup ig = Tables.INVOLVEMENT_GROUP.as("ig"); + private static final InvolvementGroupEntry ige = Tables.INVOLVEMENT_GROUP_ENTRY.as("ige"); + private static final InvolvementKind ik = Tables.INVOLVEMENT_KIND.as("ik"); + private static final PermissionGroupInvolvement pgi = Tables.PERMISSION_GROUP_INVOLVEMENT.as("pgi"); + private static final MeasurableCategory mc = Tables.MEASURABLE_CATEGORY.as("mc"); + private static final AssessmentDefinition ad = Tables.ASSESSMENT_DEFINITION.as("ad"); + + private final DSLContext dsl; + + @Autowired + public PermissionViewDao(DSLContext dsl) { + this.dsl = dsl; + } + + public Set findAll() { + Field qualifierName = DSL + .coalesce(mc.NAME, ad.NAME, null) + .as("qualifier_name"); + + return dsl + .select(pgi.PARENT_KIND, + pgi.SUBJECT_KIND, + pgi.QUALIFIER_KIND, + pgi.QUALIFIER_ID, + qualifierName, + pgi.OPERATION, + ig.NAME, + ig.ID, + ig.EXTERNAL_ID, + ik.NAME, + ik.EXTERNAL_ID, + ik.ID) + .from(ig) + .innerJoin(pgi).on(pgi.INVOLVEMENT_GROUP_ID.eq(ig.ID)) + .innerJoin(ige).on(ig.ID.eq(ige.INVOLVEMENT_GROUP_ID)) + .innerJoin(ik).on(ik.ID.eq(ige.INVOLVEMENT_KIND_ID)) + .leftJoin(mc).on(pgi.QUALIFIER_KIND.eq(EntityKind.MEASURABLE_CATEGORY.name()).and(mc.ID.eq(pgi.QUALIFIER_ID))) + .leftJoin(ad).on(pgi.QUALIFIER_KIND.eq(EntityKind.ASSESSMENT_DEFINITION.name()).and(ad.ID.eq(pgi.QUALIFIER_ID))) + .fetchSet(r -> ImmutablePermissionViewItem + .builder() + .parentKind(EntityKind.valueOf(r.get(pgi.PARENT_KIND))) + .subjectKind(EntityKind.valueOf(r.get(pgi.SUBJECT_KIND))) + .qualifier(maybeReadRef(r, pgi.QUALIFIER_KIND, pgi.QUALIFIER_ID, qualifierName).orElse(null)) + .operation(Operation.valueOf(r.get(pgi.OPERATION))) + .involvementGroup(mkRef(EntityKind.INVOLVEMENT_GROUP, r.get(ig.ID), r.get(ig.NAME))) + .involvementKind(mkRef(EntityKind.INVOLVEMENT_KIND, r.get(ig.ID), r.get(ig.NAME))) + .build()); + } + +} diff --git a/waltz-model/src/main/java/org/finos/waltz/model/EntityKind.java b/waltz-model/src/main/java/org/finos/waltz/model/EntityKind.java index cb064967e..b021f6240 100644 --- a/waltz-model/src/main/java/org/finos/waltz/model/EntityKind.java +++ b/waltz-model/src/main/java/org/finos/waltz/model/EntityKind.java @@ -60,6 +60,7 @@ public enum EntityKind { FLOW_CLASSIFICATION("Flow classification"), FLOW_DIAGRAM("Flow diagram"), INVOLVEMENT("Involvement"), + INVOLVEMENT_GROUP("Involvement Group"), INVOLVEMENT_KIND("Involvement kind"), LICENCE("Licence"), LEGAL_ENTITY("Legal Entity"), @@ -107,7 +108,7 @@ public enum EntityKind { CAPABILITY("Capability"), // TO BE REMOVED IN 1.5 @Deprecated - AUTHORITATIVE_SOURCE("Authoritative source"); // TO BE REMOVED IN 1.36 + AUTHORITATIVE_SOURCE("Authoritative source"); // TO BE REMOVED IN 1.36 private final String prettyName; diff --git a/waltz-model/src/main/java/org/finos/waltz/model/permission/PermissionViewItem.java b/waltz-model/src/main/java/org/finos/waltz/model/permission/PermissionViewItem.java new file mode 100644 index 000000000..11d2a4525 --- /dev/null +++ b/waltz-model/src/main/java/org/finos/waltz/model/permission/PermissionViewItem.java @@ -0,0 +1,25 @@ +package org.finos.waltz.model.permission; + +import com.fasterxml.jackson.databind.annotation.JsonSerialize; +import org.finos.waltz.model.EntityKind; +import org.finos.waltz.model.EntityReference; +import org.finos.waltz.model.Nullable; +import org.finos.waltz.model.Operation; +import org.immutables.value.Value; + +@Value.Immutable +@JsonSerialize(as=ImmutablePermissionViewItem.class) +public interface PermissionViewItem { + EntityKind parentKind(); + + EntityKind subjectKind(); + + @Nullable + EntityReference qualifier(); + + Operation operation(); + + EntityReference involvementGroup(); + + EntityReference involvementKind(); +} diff --git a/waltz-service/src/main/java/org/finos/waltz/service/permission/PermissionViewService.java b/waltz-service/src/main/java/org/finos/waltz/service/permission/PermissionViewService.java new file mode 100644 index 000000000..65dd10131 --- /dev/null +++ b/waltz-service/src/main/java/org/finos/waltz/service/permission/PermissionViewService.java @@ -0,0 +1,25 @@ +package org.finos.waltz.service.permission; + +import org.finos.waltz.data.permission.PermissionViewDao; +import org.finos.waltz.model.permission.PermissionViewItem; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.util.Set; + +@Service +public class PermissionViewService { + private final PermissionViewDao permissionViewDao; + + + @Autowired + public PermissionViewService(PermissionViewDao permissionViewDao) { + this.permissionViewDao = permissionViewDao; + } + + + public Set findAll() { + return permissionViewDao.findAll(); + } + +} diff --git a/waltz-web/src/main/java/org/finos/waltz/web/endpoints/api/PermissionViewEndpoint.java b/waltz-web/src/main/java/org/finos/waltz/web/endpoints/api/PermissionViewEndpoint.java new file mode 100644 index 000000000..73264876d --- /dev/null +++ b/waltz-web/src/main/java/org/finos/waltz/web/endpoints/api/PermissionViewEndpoint.java @@ -0,0 +1,49 @@ +/* + * Waltz - Enterprise Architecture + * Copyright (C) 2016, 2017, 2018, 2019 Waltz open source project + * See README.md for more information + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific + * + */ + +package org.finos.waltz.web.endpoints.api; + + +import org.finos.waltz.service.permission.PermissionViewService; +import org.finos.waltz.web.endpoints.Endpoint; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import static org.finos.waltz.web.WebUtilities.mkPath; +import static org.finos.waltz.web.endpoints.EndpointUtilities.getForList; + + +@Service +public class PermissionViewEndpoint implements Endpoint { + + private static final String BASE_URL = mkPath("api", "permission-view"); + private final PermissionViewService permissionViewService; + + + @Autowired + public PermissionViewEndpoint(PermissionViewService permissionViewService) { + this.permissionViewService = permissionViewService; + } + + + @Override + public void register() { + getForList(BASE_URL, (req, resp) -> permissionViewService.findAll()); + } + +} From 54b336452411cd741aab655a34b82bafbe860b27 Mon Sep 17 00:00:00 2001 From: "david.watkins@db.com" Date: Fri, 12 Jul 2024 14:29:55 +0100 Subject: [PATCH 2/4] Permissions: Visualise the permission groups - Model - Dao - Endpoint - js/enums #CTCTOWALTZ-3268 #7088 --- .../data/permission/PermissionViewDao.java | 24 +++++------ .../org/finos/waltz/model/EntityKind.java | 1 + .../model/permission/PermissionViewItem.java | 2 + .../client/common/services/enums/entity.js | 14 +++++++ .../svelte-stores/entity-alias-store.js | 42 +++++++++++++++++++ 5 files changed, 69 insertions(+), 14 deletions(-) create mode 100644 waltz-ng/client/svelte-stores/entity-alias-store.js diff --git a/waltz-data/src/main/java/org/finos/waltz/data/permission/PermissionViewDao.java b/waltz-data/src/main/java/org/finos/waltz/data/permission/PermissionViewDao.java index a1138d9ef..ad589ddd3 100644 --- a/waltz-data/src/main/java/org/finos/waltz/data/permission/PermissionViewDao.java +++ b/waltz-data/src/main/java/org/finos/waltz/data/permission/PermissionViewDao.java @@ -10,6 +10,7 @@ import org.finos.waltz.schema.tables.InvolvementGroupEntry; import org.finos.waltz.schema.tables.InvolvementKind; import org.finos.waltz.schema.tables.MeasurableCategory; +import org.finos.waltz.schema.tables.PermissionGroup; import org.finos.waltz.schema.tables.PermissionGroupInvolvement; import org.jooq.DSLContext; import org.jooq.Field; @@ -28,6 +29,7 @@ public class PermissionViewDao { private static final InvolvementGroup ig = Tables.INVOLVEMENT_GROUP.as("ig"); private static final InvolvementGroupEntry ige = Tables.INVOLVEMENT_GROUP_ENTRY.as("ige"); private static final InvolvementKind ik = Tables.INVOLVEMENT_KIND.as("ik"); + private static final PermissionGroup pg = Tables.PERMISSION_GROUP.as("pg"); private static final PermissionGroupInvolvement pgi = Tables.PERMISSION_GROUP_INVOLVEMENT.as("pgi"); private static final MeasurableCategory mc = Tables.MEASURABLE_CATEGORY.as("mc"); private static final AssessmentDefinition ad = Tables.ASSESSMENT_DEFINITION.as("ad"); @@ -45,22 +47,15 @@ public Set findAll() { .as("qualifier_name"); return dsl - .select(pgi.PARENT_KIND, - pgi.SUBJECT_KIND, - pgi.QUALIFIER_KIND, - pgi.QUALIFIER_ID, - qualifierName, - pgi.OPERATION, - ig.NAME, - ig.ID, - ig.EXTERNAL_ID, - ik.NAME, - ik.EXTERNAL_ID, - ik.ID) + .select(pg.NAME, pg.ID, pg.EXTERNAL_ID, pg.DESCRIPTION, + pgi.PARENT_KIND, pgi.SUBJECT_KIND, pgi.QUALIFIER_KIND, pgi.QUALIFIER_ID, qualifierName, pgi.OPERATION, + ig.NAME, ig.ID, ig.EXTERNAL_ID, + ik.NAME, ik.DESCRIPTION, ik.EXTERNAL_ID, ik.ID) .from(ig) .innerJoin(pgi).on(pgi.INVOLVEMENT_GROUP_ID.eq(ig.ID)) .innerJoin(ige).on(ig.ID.eq(ige.INVOLVEMENT_GROUP_ID)) .innerJoin(ik).on(ik.ID.eq(ige.INVOLVEMENT_KIND_ID)) + .innerJoin(pg).on(pg.ID.eq(pgi.PERMISSION_GROUP_ID)) .leftJoin(mc).on(pgi.QUALIFIER_KIND.eq(EntityKind.MEASURABLE_CATEGORY.name()).and(mc.ID.eq(pgi.QUALIFIER_ID))) .leftJoin(ad).on(pgi.QUALIFIER_KIND.eq(EntityKind.ASSESSMENT_DEFINITION.name()).and(ad.ID.eq(pgi.QUALIFIER_ID))) .fetchSet(r -> ImmutablePermissionViewItem @@ -69,8 +64,9 @@ public Set findAll() { .subjectKind(EntityKind.valueOf(r.get(pgi.SUBJECT_KIND))) .qualifier(maybeReadRef(r, pgi.QUALIFIER_KIND, pgi.QUALIFIER_ID, qualifierName).orElse(null)) .operation(Operation.valueOf(r.get(pgi.OPERATION))) - .involvementGroup(mkRef(EntityKind.INVOLVEMENT_GROUP, r.get(ig.ID), r.get(ig.NAME))) - .involvementKind(mkRef(EntityKind.INVOLVEMENT_KIND, r.get(ig.ID), r.get(ig.NAME))) + .permissionGroup(mkRef(EntityKind.PERMISSION_GROUP, r.get(pg.ID), r.get(pg.NAME), r.get(pg.DESCRIPTION), r.get(pg.EXTERNAL_ID))) + .involvementGroup(mkRef(EntityKind.INVOLVEMENT_GROUP, r.get(ig.ID), r.get(ig.NAME), null, r.get(ig.EXTERNAL_ID))) + .involvementKind(mkRef(EntityKind.INVOLVEMENT_KIND, r.get(ik.ID), r.get(ik.NAME), r.get(ik.DESCRIPTION), r.get(ik.EXTERNAL_ID))) .build()); } diff --git a/waltz-model/src/main/java/org/finos/waltz/model/EntityKind.java b/waltz-model/src/main/java/org/finos/waltz/model/EntityKind.java index b021f6240..97eda6096 100644 --- a/waltz-model/src/main/java/org/finos/waltz/model/EntityKind.java +++ b/waltz-model/src/main/java/org/finos/waltz/model/EntityKind.java @@ -76,6 +76,7 @@ public enum EntityKind { MEASURABLE_RATING_REPLACEMENT("Measurable rating replacement"), ORG_UNIT("Organisational unit"), PERFORMANCE_METRIC_PACK("Performance metric pack"), + PERMISSION_GROUP("Permission Group"), PERSON("Person"), PHYSICAL_SPECIFICATION("Physical specification"), PHYSICAL_SPEC_DATA_TYPE_DECORATOR("Physical specification data type decorator"), diff --git a/waltz-model/src/main/java/org/finos/waltz/model/permission/PermissionViewItem.java b/waltz-model/src/main/java/org/finos/waltz/model/permission/PermissionViewItem.java index 11d2a4525..1ff583e92 100644 --- a/waltz-model/src/main/java/org/finos/waltz/model/permission/PermissionViewItem.java +++ b/waltz-model/src/main/java/org/finos/waltz/model/permission/PermissionViewItem.java @@ -21,5 +21,7 @@ public interface PermissionViewItem { EntityReference involvementGroup(); + EntityReference permissionGroup(); + EntityReference involvementKind(); } diff --git a/waltz-ng/client/common/services/enums/entity.js b/waltz-ng/client/common/services/enums/entity.js index 3c8e9449f..915da50e6 100644 --- a/waltz-ng/client/common/services/enums/entity.js +++ b/waltz-ng/client/common/services/enums/entity.js @@ -220,6 +220,13 @@ export const entity = { description: null, position: 1500 }, + INVOLVEMENT_GROUP: { + key: "INVOLVEMENT_GROUP", + name: "Involvement Group", + icon: "people-group", + description: null, + position: 1510 + }, INVOLVEMENT_KIND: { key: "INVOLVEMENT_KIND", name: "Involvement Kind", @@ -318,6 +325,13 @@ export const entity = { description: null, position: 1960 }, + PERMISSION_GROUP: { + key: "PERMISSION_GROUP", + name: "Permission Group", + icon: "layer-group", + description: null, + position: 1970 + }, PERSON: { key: "PERSON", name: "Person", diff --git a/waltz-ng/client/svelte-stores/entity-alias-store.js b/waltz-ng/client/svelte-stores/entity-alias-store.js new file mode 100644 index 000000000..88e623eec --- /dev/null +++ b/waltz-ng/client/svelte-stores/entity-alias-store.js @@ -0,0 +1,42 @@ +/* + * Waltz - Enterprise Architecture + * Copyright (C) 2016, 2017, 2018, 2019 Waltz open source project + * See README.md for more information + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific + * + */ + +import {remote} from "./remote"; + +export function mkEntityNamedNoteTypeStore() { + + const fetchForEntityReference = (ref, force = false) => remote + .fetchViewList( + "GET", + `api/entity/alias/${ref.kind}/${ref.id}`, + [], + {force}); + + const updateForEntityReference = (ref, aliases = []) => remote + .execute( + "POST", + `api/entity/alias/${ref.kind}/${ref.id}`, + aliases); + + return { + fetchForEntityReference, + updateForEntityReference + }; +} + +export const entityAliasStore = mkEntityNamedNoteTypeStore(); From 15afcd809101fdaf953ec8c46a1609dbf6cc1702 Mon Sep 17 00:00:00 2001 From: "david.watkins@db.com" Date: Mon, 15 Jul 2024 11:58:49 +0100 Subject: [PATCH 3/4] Permissions: Visualise the permission groups - svelte page (system/permissions) #CTCTOWALTZ-3268 #7088 --- .../client/common/svelte/EntityIcon.svelte | 11 +- .../svelte-stores/permission-view-store.js | 40 +++++ waltz-ng/client/system/permissions-view.js | 20 +++ waltz-ng/client/system/routes.js | 7 + .../svelte/permissions/PermissionsView.svelte | 161 ++++++++++++++++++ waltz-ng/client/system/system-admin-list.js | 6 + 6 files changed, 241 insertions(+), 4 deletions(-) create mode 100644 waltz-ng/client/svelte-stores/permission-view-store.js create mode 100644 waltz-ng/client/system/permissions-view.js create mode 100644 waltz-ng/client/system/svelte/permissions/PermissionsView.svelte diff --git a/waltz-ng/client/common/svelte/EntityIcon.svelte b/waltz-ng/client/common/svelte/EntityIcon.svelte index 293b288c4..778f1b90e 100644 --- a/waltz-ng/client/common/svelte/EntityIcon.svelte +++ b/waltz-ng/client/common/svelte/EntityIcon.svelte @@ -4,13 +4,16 @@ import Icon from "./Icon.svelte"; export let kind; + export let showName = false; - $: name = _.get(entity, [kind, "icon"], "circle-o"); - - + $: iconName = _.get(entity, [kind, "icon"], "circle-o"); + $: label = _.get(entity, [kind, "name"], ""); - + +{#if showName} + {label} +{/if} diff --git a/waltz-ng/client/svelte-stores/permission-view-store.js b/waltz-ng/client/svelte-stores/permission-view-store.js new file mode 100644 index 000000000..21c9db5d2 --- /dev/null +++ b/waltz-ng/client/svelte-stores/permission-view-store.js @@ -0,0 +1,40 @@ +/* + * Waltz - Enterprise Architecture + * Copyright (C) 2016, 2017, 2018, 2019 Waltz open source project + * See README.md for more information + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific + * + */ + + +import {remote} from "./remote"; +import {checkIsEntityRef} from "../common/checks"; + +export function mkPermissionViewStore() { + + const findAll = (ref, force) => { + return remote + .fetchViewList( + "GET", + `api/permission-view`, + null, + force); + }; + + + return { + findAll + }; +} + +export const permissionViewStore = mkPermissionViewStore(); diff --git a/waltz-ng/client/system/permissions-view.js b/waltz-ng/client/system/permissions-view.js new file mode 100644 index 000000000..0e1247095 --- /dev/null +++ b/waltz-ng/client/system/permissions-view.js @@ -0,0 +1,20 @@ +import {initialiseData} from "../common"; +import PermissionsView from "./svelte/permissions/PermissionsView.svelte"; + +const initialState = { + PermissionsView +}; + + +function controller() { + initialiseData(this, initialState); +} + +const page = { + controller, + template: ``, + controllerAs: "$ctrl" +}; + + +export default page; \ No newline at end of file diff --git a/waltz-ng/client/system/routes.js b/waltz-ng/client/system/routes.js index 1b94b1c22..88f8ea816 100644 --- a/waltz-ng/client/system/routes.js +++ b/waltz-ng/client/system/routes.js @@ -33,6 +33,7 @@ import EudaListView from "./euda-list-view"; import RelationshipKindsView from "./relationship-kinds-view"; import ReassignRecipientsView from "./reassign-recipients-view"; import ColorGradientView from "./color-gradient-view"; +import PermissionsView from "./permissions-view"; import NavAidBuilderView from "./nav-aid-builder-view"; import VersionInfoView from "./version-info-view"; import LicencesAdminView from "./licences-view"; @@ -162,6 +163,11 @@ const diagramBuilderState = { views: {"content@": DiagramBuilderView} }; +const permissionsState = { + url: "/permissions", + views: {"content@": PermissionsView} +}; + function setupRoutes($stateProvider) { $stateProvider @@ -179,6 +185,7 @@ function setupRoutes($stateProvider) { .state("main.system.nav-aids", navAidAdminState) .state("main.system.nav-aid-builder", navAidBuilderState) .state("main.system.orphans", orphansState) + .state("main.system.permissions", permissionsState) .state("main.system.rating-schemes", ratingSchemesState) .state("main.system.reassign-recipients", reassignRecipientsState) .state("main.system.recalculate", recalculateState) diff --git a/waltz-ng/client/system/svelte/permissions/PermissionsView.svelte b/waltz-ng/client/system/svelte/permissions/PermissionsView.svelte new file mode 100644 index 000000000..2665cac3a --- /dev/null +++ b/waltz-ng/client/system/svelte/permissions/PermissionsView.svelte @@ -0,0 +1,161 @@ + + + +
+
    +
  1. + Home +
    2. +
  2. + System Admin +
    3. +
  3. Permission Group
    4. +
+
+ + + +
+
+
+

Permissions groups are the basis for defining fine grained user permissions. +

+
+
+ +
+
+ + + + + + + + + + + {#each grouped || [] as row} + {@const d = row.v[0]} + selectedValues = row.v} + class="clickable"> + + + + + + + {/each} + +
SubjectQualifierPrimary KindOperation
{#if d.qualifier}{/if}{d.operation}
+
+
+ {#if !_.isNil(selectedValues)} + {@const d = selectedValues[0]} + {@const permissionGroups = _.chain(selectedValues).map(d => d.permissionGroup).uniqBy(d => d.id).value()} + +
+ Overview: + + + + + + + + + + + + + + + + + + + + +
Subject
Qualifier + {#if d.qualifier} + (id: {d.qualifier.id}) + {:else} + - + {/if} +
Parent Kind
Operation{d.operation}
+ + Permission Groups: + + + + + + + + + + + {#each permissionGroups as pg} + {@const involvementGroups = _.chain(selectedValues).filter(d => d.permissionGroup.id === pg.id).map(d => d.involvementGroup).uniqBy(d => d.id).value()} + {#each involvementGroups as ig} + {@const involvementKinds = _.chain(selectedValues).filter(d => d.permissionGroup.id === pg.id).filter(d => d.involvementGroup.id === ig.id).map(d => d.involvementKind).uniqBy(d => d.id).value()} + {#each involvementKinds as ik} + + + + + + {/each} + {/each} + {/each} + +
Permission GroupInvolvement GroupInvolvement Kind
{pg.name}{ig.name}{ik.name}
+ + +
+ {/if} + +
+
+ +
+ diff --git a/waltz-ng/client/system/system-admin-list.js b/waltz-ng/client/system/system-admin-list.js index edaecf7dd..06dd4c4e3 100644 --- a/waltz-ng/client/system/system-admin-list.js +++ b/waltz-ng/client/system/system-admin-list.js @@ -56,6 +56,12 @@ const userManagementOptions = [ description: "View and create custom roles to manage user access", state: "main.role.list", icon: "users" + }, { + name: "Fine grained permissions", + role: "USER_ADMIN", + description: "View and create fine grained permissions to users", + state: "main.system.permissions", + icon: "users-rectangle" } ]; From 3f5b6d752ce83fed849e22f0042a1a4b45988d66 Mon Sep 17 00:00:00 2001 From: "david.watkins@db.com" Date: Mon, 15 Jul 2024 12:47:32 +0100 Subject: [PATCH 4/4] Permissions: Visualise the permission groups - added some in-situ documentation #CTCTOWALTZ-3268 #7088 --- .../svelte/permissions/PermissionsView.svelte | 45 +++++++++++++++---- 1 file changed, 37 insertions(+), 8 deletions(-) diff --git a/waltz-ng/client/system/svelte/permissions/PermissionsView.svelte b/waltz-ng/client/system/svelte/permissions/PermissionsView.svelte index 2665cac3a..54cc7907f 100644 --- a/waltz-ng/client/system/svelte/permissions/PermissionsView.svelte +++ b/waltz-ng/client/system/svelte/permissions/PermissionsView.svelte @@ -26,10 +26,6 @@ $: grouped = _ .map((v, k) => ({k, v})) .orderBy(d => d.k) .value(); - -$: console.log({raw, grouped}) - -
+ +
@@ -83,13 +81,40 @@ $: console.log({raw, grouped})
+ +
- {#if !_.isNil(selectedValues)} + {#if _.isNil(selectedValues)} +
+

Help

+
+
Subject
+
The subject entity kind relates to the class of entity the permission applies to. Subsequent columns refine this selection.
+
Qualifier
+
The optional qualifier refines the subject kind, for instance if the subject was a Viewpoint rating the qualifier would indicate which measurable category the permissions apply to.
+
Primary Kind
+
The entity kind the subject/qualifier applies to/ Used when a subject entity is owned but different kinds of entity, for example a flow can be owned by applications, actors and end user applications.
+
Operation
+
The type of operation being performed, one of: +
    +
  • ADD - creating new entries
    • +
  • REMOVE - removing existing entries
    • +
  • UPDATE - updating existing entries
    • +
  • ATTEST - attesting entries, only applicable for Flows and Viewpoint Ratings
    • +
+
+
+
+ Once you select a row you this panel will be replaced with a detail view. + This view shows the permission groups, which contain involvement groups, which then contain specific involvement kinds. + This sum list of involvement kinds show which users (via their involvements) can perform the operation on the specified set of entities. +
+ {:else} {@const d = selectedValues[0]} {@const permissionGroups = _.chain(selectedValues).map(d => d.permissionGroup).uniqBy(d => d.id).value()}
- Overview: +

Overview

@@ -120,7 +145,7 @@ $: console.log({raw, grouped})
- Permission Groups: +

Permissions

@@ -156,6 +181,10 @@ $: console.log({raw, grouped}) - +