Change createUserEndpoint checkbox & fix validation bug (#4876)

Signed-off-by: Thomas Quandt <[email protected]>

Author: thquad

src/frontend/packages/core/src/features/endpoints/create-endpoint/create-endpoint-cf-step-1/create-endpoint-cf-step-1.component.html

@@ -2,21 +2,21 @@
   <h1 class="create-endpoint__section-title">{{endpoint.definition.label}} Information</h1>
   <mat-form-field>
     <input matInput id="name" name="name" formControlName="nameField" placeholder="Name"
-      [appUnique]="registerForm.value.createUserEndpointField ? (existingPersonalEndpoints | async)?.names : (customEndpoints | async)?.names">
+      [appUnique]="registerForm.value.createSystemEndpointField ? (customEndpoints | async)?.names : (existingPersonalEndpoints | async)?.names">
     <mat-error *ngIf="registerForm.controls.nameField.errors?.required">Name is required</mat-error>
     <mat-error *ngIf="registerForm.controls.nameField.errors?.appUnique">Name is not unique</mat-error>
   </mat-form-field>
   <mat-form-field novalidate>
     <input matInput id="url" name="url" formControlName="urlField" type="url" required placeholder="Endpoint Address"
       pattern="{{urlValidation}}" 
-      [appUnique]="registerForm.value.createUserEndpointField ? (existingPersonalEndpoints | async)?.urls : (customEndpoints | async)?.urls">
+      [appUnique]="registerForm.value.createSystemEndpointField ? (customEndpoints | async)?.urls : (existingPersonalEndpoints | async)?.urls">
     <mat-error *ngIf="registerForm.controls.urlField.errors?.required">URL is required</mat-error>
     <mat-error *ngIf="registerForm.controls.urlField.errors?.pattern">Invalid API URL</mat-error>
     <mat-error *ngIf="registerForm.controls.urlField.errors?.appUnique">URL is not unique</mat-error>
   </mat-form-field>
-  <mat-checkbox matInput *ngIf="userEndpointsAndIsAdmin | async" name="createUserEndpoint" 
-    formControlName="createUserEndpointField" (change)="toggleCreateUserEndpoint()"
-    [ngClass]="{'hide': fixedUrl, 'show': !fixedUrl}">Create a user endpoint (only visible to you and other admins)
+  <mat-checkbox matInput *ngIf="userEndpointsAndIsAdmin | async" name="createSystemEndpoint" 
+    formControlName="createSystemEndpointField" (change)="toggleCreateSystemEndpoint()"
+    [ngClass]="{'hide': fixedUrl, 'show': !fixedUrl}">Create a system endpoint (visible to all users)
   </mat-checkbox>
   <mat-checkbox matInput name="skipSll" formControlName="skipSllField"
     [ngClass]="{'hide': fixedUrl, 'show': !fixedUrl}">Skip SSL validation for the

src/frontend/packages/core/src/features/endpoints/create-endpoint/create-endpoint-cf-step-1/create-endpoint-cf-step-1.component.ts

@@ -2,7 +2,7 @@ import { AfterContentInit, Component, Input } from '@angular/core';
 import { FormBuilder, FormGroup, Validators } from '@angular/forms';
 import { ActivatedRoute } from '@angular/router';
 import { Observable } from 'rxjs';
-import { filter, map, pairwise } from 'rxjs/operators';
+import { distinctUntilChanged, filter, map, pairwise } from 'rxjs/operators';
 
 import { entityCatalog } from '../../../../../../store/src/entity-catalog/entity-catalog';
 import {
@@ -14,12 +14,12 @@ import { getIdFromRoute } from '../../../../core/utils.service';
 import { IStepperStep, StepOnNextFunction } from '../../../../shared/components/stepper/step/step.component';
 import { SessionService } from '../../../../shared/services/session.service';
 import { CurrentUserPermissionsService } from '../../../../core/permissions/current-user-permissions.service';
+import { UserProfileService } from '../../../../core/user-profile.service';
 import { SnackBarService } from '../../../../shared/services/snackbar.service';
 import { ConnectEndpointConfig } from '../../connect.service';
 import { getSSOClientRedirectURI } from '../../endpoint-helpers';
 import { CreateEndpointHelperComponent } from '../create-endpoint-helper';
 
-
 @Component({
   selector: 'app-create-endpoint-cf-step-1',
   templateUrl: './create-endpoint-cf-step-1.component.html',
@@ -63,9 +63,10 @@ export class CreateEndpointCfStep1Component extends CreateEndpointHelperComponen
     activatedRoute: ActivatedRoute,
     private snackBarService: SnackBarService,
     sessionService: SessionService,
-    currentUserPermissionsService: CurrentUserPermissionsService
+    currentUserPermissionsService: CurrentUserPermissionsService,
+    userProfileService: UserProfileService
   ) {
-    super(sessionService, currentUserPermissionsService);
+    super(sessionService, currentUserPermissionsService, userProfileService);
 
     this.registerForm = this.fb.group({
       nameField: ['', [Validators.required]],
@@ -75,7 +76,7 @@ export class CreateEndpointCfStep1Component extends CreateEndpointHelperComponen
       // Optional Client ID and Client Secret
       clientIDField: ['', []],
       clientSecretField: ['', []],
-      createUserEndpointField: [false, []],
+      createSystemEndpointField: [true, []],
     });
 
     const epType = getIdFromRoute(activatedRoute, 'type');
@@ -98,7 +99,7 @@ export class CreateEndpointCfStep1Component extends CreateEndpointHelperComponen
       this.registerForm.value.clientIDField,
       this.registerForm.value.clientSecretField,
       this.registerForm.value.ssoAllowedField,
-      this.registerForm.value.createUserEndpointField,
+      this.registerForm.value.createSystemEndpointField,
     ).pipe(
       pairwise(),
       filter(([oldVal, newVal]) => (oldVal.busy && !newVal.busy)),
@@ -149,7 +150,7 @@ export class CreateEndpointCfStep1Component extends CreateEndpointHelperComponen
     this.showAdvancedOptions = !this.showAdvancedOptions;
   }
 
-  toggleCreateUserEndpoint() {
+  toggleCreateSystemEndpoint() {
     // wait a tick for validators to adjust to new data in the directive
     setTimeout(() => {
       this.registerForm.controls.nameField.updateValueAndValidity();

src/frontend/packages/core/src/features/endpoints/create-endpoint/create-endpoint-helper.ts

@@ -5,6 +5,7 @@ import { getFullEndpointApiUrl } from '../../../../../store/src/endpoint-utils';
 import { stratosEntityCatalog } from '../../../../../store/src/stratos-entity-catalog';
 import { CurrentUserPermissionsService } from '../../../core/permissions/current-user-permissions.service';
 import { StratosCurrentUserPermissions } from '../../../core/permissions/stratos-user-permissions.checker';
+import { UserProfileService } from '../../../core/user-profile.service';
 import { SessionService } from '../../../shared/services/session.service';
 
 type EndpointObservable = Observable<{
@@ -22,7 +23,8 @@ export class CreateEndpointHelperComponent {
 
   constructor(
     public sessionService: SessionService,
-    public currentUserPermissionsService: CurrentUserPermissionsService
+    public currentUserPermissionsService: CurrentUserPermissionsService,
+    public userProfileService: UserProfileService
   ) {
     const currentPage$ = stratosEntityCatalog.endpoint.store.getAll.getPaginationMonitor().currentPage$;
     this.existingSystemEndpoints = currentPage$.pipe(
@@ -31,10 +33,13 @@ export class CreateEndpointHelperComponent {
         urls: endpoints.filter(ep => ep.creator.system).map(ep => getFullEndpointApiUrl(ep)),
       }))
     );
-    this.existingPersonalEndpoints = currentPage$.pipe(
-      map(endpoints => ({
-        names: endpoints.filter(ep => !ep.creator.system).map(ep => ep.name),
-        urls: endpoints.filter(ep => !ep.creator.system).map(ep => getFullEndpointApiUrl(ep)),
+    this.existingPersonalEndpoints = combineLatest([
+      currentPage$,
+      this.userProfileService.userProfile$
+    ]).pipe(
+      map(([endpoints, profile]) => ({
+        names: endpoints.filter(ep => !ep.creator.system && ep.creator.name === profile.userName).map(ep => ep.name),
+        urls: endpoints.filter(ep => !ep.creator.system && ep.creator.name === profile.userName).map(ep => getFullEndpointApiUrl(ep)),
       }))
     );
     this.existingEndpoints = currentPage$.pipe(

src/frontend/packages/git/src/shared/components/git-registration/git-registration.component.html

@@ -19,21 +19,21 @@ <h3>Select the type of {{gitTypes[epSubType].label}} to register</h3>
         <div *ngIf="showEndpointFields" class="select-step__endpoint-form">
           <mat-form-field>
             <input matInput id="name" name="name" formControlName="nameField" placeholder="Name"
-              [appUnique]="registerForm.value.createUserEndpointField ? (existingPersonalEndpoints | async)?.names : (customEndpoints | async)?.names">
+              [appUnique]="registerForm.value.createSystemEndpointField ? (customEndpoints | async)?.names : (existingPersonalEndpoints | async)?.names">
             <mat-error *ngIf="registerForm.controls.nameField.errors?.required">Name is required</mat-error>
             <mat-error *ngIf="registerForm.controls.nameField.errors?.appUnique">Name is not unique</mat-error>
           </mat-form-field>
           <mat-form-field novalidate>
             <input matInput id="url" name="url" formControlName="urlField" type="url" required
               placeholder="Endpoint Address" pattern="{{urlValidation}}"
-              [appUnique]="registerForm.value.createUserEndpointField ? (existingPersonalEndpoints | async)?.urls : (customEndpoints | async)?.urls">
+              [appUnique]="registerForm.value.createSystemEndpointField ? (customEndpoints | async)?.urls : (existingPersonalEndpoints | async)?.urls">
             <mat-error *ngIf="registerForm.controls.urlField.errors?.required">URL is required</mat-error>
             <mat-error *ngIf="registerForm.controls.urlField.errors?.pattern">Invalid API URL</mat-error>
             <mat-error *ngIf="registerForm.controls.urlField.errors?.appUnique">URL is not unique</mat-error>
           </mat-form-field>
-          <mat-checkbox matInput *ngIf="userEndpointsAndIsAdmin | async" name="createUserEndpoint" 
-            formControlName="createUserEndpointField" (change)="toggleCreateUserEndpoint()"
-            [ngClass]="{'hide': fixedUrl, 'show': !fixedUrl}">Create a user endpoint (only visible to you and other admins)
+          <mat-checkbox matInput *ngIf="userEndpointsAndIsAdmin | async" name="createSystemEndpoint" 
+            formControlName="createSystemEndpointField" (change)="toggleCreateSystemEndpoint()"
+            [ngClass]="{'hide': fixedUrl, 'show': !fixedUrl}">Create a system endpoint (visible to all users)
           </mat-checkbox>
           <mat-checkbox matInput name="skipSll" formControlName="skipSllField"
             [ngClass]="{'hide': fixedUrl, 'show': !fixedUrl}">Skip SSL validation for the

src/frontend/packages/git/src/shared/components/git-registration/git-registration.component.ts

@@ -13,6 +13,7 @@ import { ConnectEndpointConfig } from '../../../../../core/src/features/endpoint
 import { StepOnNextFunction } from '../../../../../core/src/shared/components/stepper/step/step.component';
 import { SessionService } from '../../../../../core/src/shared/services/session.service';
 import { CurrentUserPermissionsService } from '../../../../../core/src/core/permissions/current-user-permissions.service';
+import { UserProfileService } from '../../../../../core/src/core/user-profile.service';
 import { SnackBarService } from '../../../../../core/src/shared/services/snackbar.service';
 import { getFullEndpointApiUrl } from '../../../../../store/src/endpoint-utils';
 import { entityCatalog } from '../../../../../store/src/public-api';
@@ -77,9 +78,10 @@ export class GitRegistrationComponent extends CreateEndpointHelperComponent impl
     private snackBarService: SnackBarService,
     private endpointsService: EndpointsService,
     public sessionService: SessionService,
-    public currentUserPermissionsService: CurrentUserPermissionsService
+    public currentUserPermissionsService: CurrentUserPermissionsService,
+    public userProfileService: UserProfileService
   ) {
-    super(sessionService, currentUserPermissionsService);
+    super(sessionService, currentUserPermissionsService, userProfileService);
     this.epSubType = getIdFromRoute(activatedRoute, 'subtype');
     const githubLabel = entityCatalog.getEndpoint(GIT_ENDPOINT_TYPE, GIT_ENDPOINT_SUB_TYPES.GITHUB).definition.label || 'Github';
     const gitlabLabel = entityCatalog.getEndpoint(GIT_ENDPOINT_TYPE, GIT_ENDPOINT_SUB_TYPES.GITLAB).definition.label || 'Gitlab';
@@ -159,7 +161,7 @@ export class GitRegistrationComponent extends CreateEndpointHelperComponent impl
       nameField: ['', [Validators.required]],
       urlField: ['', [Validators.required]],
       skipSllField: [false, []],
-      createUserEndpointField: [false, []],
+      createSystemEndpointField: [true, []],
     });
     this.updateType();
 
@@ -201,10 +203,10 @@ export class GitRegistrationComponent extends CreateEndpointHelperComponent impl
     const skipSSL = this.registerForm.controls.nameField.value && this.registerForm.controls.urlField.value ?
       this.registerForm.controls.skipSllField.value :
       false;
-    const createUserEndpoint = this.registerForm.controls.createUserEndpointField.value;
+    const createSystemEndpoint = this.registerForm.controls.createSystemEndpointField.value;
 
     return stratosEntityCatalog.endpoint.api.register<ActionState>(GIT_ENDPOINT_TYPE,
-      this.epSubType, name, url, skipSSL, '', '', false, createUserEndpoint)
+      this.epSubType, name, url, skipSSL, '', '', false, createSystemEndpoint)
       .pipe(
         pairwise(),
         filter(([oldVal, newVal]) => (oldVal.busy && !newVal.busy)),
@@ -240,7 +242,7 @@ export class GitRegistrationComponent extends CreateEndpointHelperComponent impl
     return ready + '/' + defn.urlSuffix;
   }
 
-  toggleCreateUserEndpoint() {
+  toggleCreateSystemEndpoint() {
     // wait a tick for validators to adjust to new data in the directive
     setTimeout(() => {
       this.registerForm.controls.nameField.updateValueAndValidity();

src/frontend/packages/store/src/actions/endpoint.actions.ts

@@ -215,7 +215,7 @@ export class RegisterEndpoint extends SingleBaseEndpointAction {
     public clientID = '',
     public clientSecret = '',
     public ssoAllowed: boolean,
-    public createUserEndpoint: boolean,
+    public createSystemEndpoint: boolean,
   ) {
     super(
       REGISTER_ENDPOINTS,

src/frontend/packages/store/src/effects/endpoint.effects.ts

@@ -195,7 +195,7 @@ export class EndpointsEffect {
         cnsi_client_id: action.clientID,
         cnsi_client_secret: action.clientSecret,
         sso_allowed: action.ssoAllowed ? 'true' : 'false',
-        create_user_endpoint: action.createUserEndpoint ? 'true' : 'false'
+        create_system_endpoint: action.createSystemEndpoint ? 'true' : 'false'
       };
       // Do not include sub_type in HttpParams if it doesn't exist (falsies get stringified and sent)
       if (action.endpointSubType) {

src/frontend/packages/store/src/stratos-action-builders.ts

@@ -60,7 +60,7 @@ export interface EndpointActionBuilder extends OrchestratedActionBuilders {
     clientID?: string,
     clientSecret?: string,
     ssoAllowed?: boolean,
-    createUserEndpointField?: boolean,
+    createSystemEndpointField?: boolean,
   ) => RegisterEndpoint;
   update: (
     guid: string,
@@ -105,7 +105,7 @@ export const endpointActionBuilder: EndpointActionBuilder = {
     clientID?: string,
     clientSecret?: string,
     ssoAllowed?: boolean,
-    createUserEndpoint?: boolean,
+    createSystemEndpoint?: boolean,
   ) => new RegisterEndpoint(
     endpointType,
     endpointSubType,
@@ -115,7 +115,7 @@ export const endpointActionBuilder: EndpointActionBuilder = {
     clientID,
     clientSecret,
     ssoAllowed,
-    createUserEndpoint,
+    createSystemEndpoint,
   ),
   update: (
     guid: string,

src/jetstream/cnsi.go

@@ -63,10 +63,10 @@ func (p *portalProxy) RegisterEndpoint(c echo.Context, fetchInfo interfaces.Info
 	cnsiClientSecret := params.CNSIClientSecret
 	subType := params.SubType
 
-	createUserEndpoint, err := strconv.ParseBool(params.CreateUserEndpoint)
+	createSystemEndpoint, err := strconv.ParseBool(params.CreateSystemEndpoint)
 	if err != nil {
-		// default to false
-		createUserEndpoint = false
+		// default to true
+		createSystemEndpoint = true
 	}
 
 	if cnsiClientId == "" {
@@ -82,7 +82,7 @@ func (p *portalProxy) RegisterEndpoint(c echo.Context, fetchInfo interfaces.Info
 			"Failed to get session user: %v", err)
 	}
 
-	newCNSI, err := p.DoRegisterEndpoint(params.CNSIName, params.APIEndpoint, skipSSLValidation, cnsiClientId, cnsiClientSecret, userID, ssoAllowed, subType, createUserEndpoint, fetchInfo)
+	newCNSI, err := p.DoRegisterEndpoint(params.CNSIName, params.APIEndpoint, skipSSLValidation, cnsiClientId, cnsiClientSecret, userID, ssoAllowed, subType, createSystemEndpoint, fetchInfo)
 	if err != nil {
 		return err
 	}
@@ -91,7 +91,7 @@ func (p *portalProxy) RegisterEndpoint(c echo.Context, fetchInfo interfaces.Info
 	return nil
 }
 
-func (p *portalProxy) DoRegisterEndpoint(cnsiName string, apiEndpoint string, skipSSLValidation bool, clientId string, clientSecret string, userId string, ssoAllowed bool, subType string, createUserEndpoint bool, fetchInfo interfaces.InfoFunc) (interfaces.CNSIRecord, error) {
+func (p *portalProxy) DoRegisterEndpoint(cnsiName string, apiEndpoint string, skipSSLValidation bool, clientId string, clientSecret string, userId string, ssoAllowed bool, subType string, createSystemEndpoint bool, fetchInfo interfaces.InfoFunc) (interfaces.CNSIRecord, error) {
 	log.Debug("DoRegisterEndpoint")
 
 	if len(cnsiName) == 0 || len(apiEndpoint) == 0 {
@@ -150,7 +150,7 @@ func (p *portalProxy) DoRegisterEndpoint(cnsiName string, apiEndpoint string, sk
 		// check if we've already got this APIEndpoint in this DB
 		for _, duplicate := range duplicateEndpoints {
 			// cant create same system endpoint
-			if len(duplicate.Creator) == 0 && isAdmin && !createUserEndpoint {
+			if len(duplicate.Creator) == 0 && isAdmin && createSystemEndpoint {
 				return interfaces.CNSIRecord{}, interfaces.NewHTTPShadowError(
 					http.StatusBadRequest,
 					"Can not register same system endpoint multiple times",
@@ -171,7 +171,7 @@ func (p *portalProxy) DoRegisterEndpoint(cnsiName string, apiEndpoint string, sk
 
 	h := sha1.New()
 	// see why its generated this way in Issue #4753 / #3031
-	if p.GetConfig().UserEndpointsEnabled != config.UserEndpointsConfigEnum.Disabled && (!isAdmin || createUserEndpoint) {
+	if p.GetConfig().UserEndpointsEnabled != config.UserEndpointsConfigEnum.Disabled && (!isAdmin || (isAdmin && !createSystemEndpoint)) {
 		// Make the new guid unique per api url AND user id
 		h.Write([]byte(apiEndpointURL.String() + userId))
 	} else {
@@ -204,7 +204,7 @@ func (p *portalProxy) DoRegisterEndpoint(cnsiName string, apiEndpoint string, sk
 	newCNSI.SubType = subType
 
 	// admins currently can't create user endpoints
-	if p.GetConfig().UserEndpointsEnabled != config.UserEndpointsConfigEnum.Disabled && (!isAdmin || createUserEndpoint) {
+	if p.GetConfig().UserEndpointsEnabled != config.UserEndpointsConfigEnum.Disabled && (!isAdmin || !createSystemEndpoint) {
 		newCNSI.Creator = userId
 	}