Merge pull request #2135 from objectcomputing/feature-2134/add-categories-to-permissions

Swag at permissions changes

Author: mkimberlin

server/src/main/java/com/objectcomputing/checkins/security/permissions/Permissions.java

@@ -1,21 +1,37 @@
 package com.objectcomputing.checkins.security.permissions;
 
 public enum Permissions {
-    CAN_VIEW_FEEDBACK_REQUEST,
-    CAN_CREATE_FEEDBACK_REQUEST,
-    CAN_DELETE_FEEDBACK_REQUEST,
-    CAN_VIEW_FEEDBACK_ANSWER,
-    CAN_DELETE_ORGANIZATION_MEMBERS,
-    CAN_CREATE_ORGANIZATION_MEMBERS,
-    CAN_VIEW_ROLE_PERMISSIONS,
-    CAN_ASSIGN_ROLE_PERMISSIONS,
-    CAN_VIEW_PERMISSIONS,
-    CAN_VIEW_SKILLS_REPORT,
-    CAN_VIEW_RETENTION_REPORT,
-    CAN_VIEW_ANNIVERSARY_REPORT,
-    CAN_VIEW_BIRTHDAY_REPORT,
-    CAN_VIEW_PROFILE_REPORT,
-    CAN_CREATE_CHECKINS,
-    CAN_VIEW_CHECKINS,
-    CAN_UPDATE_CHECKINS,
-}
+    CAN_VIEW_FEEDBACK_REQUEST("View feedback requests", "Feedback"),
+    CAN_CREATE_FEEDBACK_REQUEST("Create feedback requests", "Feedback"),
+    CAN_DELETE_FEEDBACK_REQUEST("Delete feedback requests", "Feedback"),
+    CAN_VIEW_FEEDBACK_ANSWER("View feedback answers", "Feedback"),
+    CAN_DELETE_ORGANIZATION_MEMBERS("Delete organization members", "User Management"),
+    CAN_CREATE_ORGANIZATION_MEMBERS("Create organization members", "User Management"),
+    CAN_VIEW_ROLE_PERMISSIONS("View role permissions", "Security"),
+    CAN_ASSIGN_ROLE_PERMISSIONS("Assign role permissions", "Security"),
+    CAN_VIEW_PERMISSIONS("View all permissions", "Security"),
+    CAN_VIEW_SKILLS_REPORT("View skills report", "Reporting"),
+    CAN_VIEW_RETENTION_REPORT("View retention report", "Reporting"),
+    CAN_VIEW_ANNIVERSARY_REPORT("View anniversary report", "Reporting"),
+    CAN_VIEW_BIRTHDAY_REPORT("View birthday report", "Reporting"),
+    CAN_VIEW_PROFILE_REPORT("View profile report", "Reporting"),
+    CAN_CREATE_CHECKINS("Create check-ins", "Check-ins"),
+    CAN_VIEW_CHECKINS("View check-ins", "Check-ins"),
+    CAN_UPDATE_CHECKINS("Update check-ins", "Check-ins");
+
+    private final String description;
+    private final String category;
+
+    Permissions(String description, String category) {
+        this.description = description;
+        this.category = category;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public String getCategory() {
+        return category;
+    }
+}

server/src/main/java/com/objectcomputing/checkins/services/permissions/Permission.java

@@ -1,5 +1,6 @@
 package com.objectcomputing.checkins.services.permissions;
 
+import com.objectcomputing.checkins.security.permissions.Permissions;
 import io.micronaut.core.annotation.Introspected;
 import io.micronaut.core.annotation.Nullable;
 import io.micronaut.data.annotation.AutoPopulated;
@@ -11,6 +12,7 @@
 import javax.persistence.Entity;
 import javax.persistence.Id;
 import javax.persistence.Table;
+import javax.persistence.Transient;
 import javax.validation.constraints.NotBlank;
 import java.util.Objects;
 import java.util.UUID;
@@ -36,6 +38,8 @@ public class Permission {
     @Schema(description = "A more verbose description of the permission to be displayed on UI")
     private String description;
 
+    public Permission() {}
+
     public Permission(UUID id, String permission, @Nullable String description) {
         this.id = id;
         this.permission = permission;
@@ -59,13 +63,18 @@ public void setPermission(String permission) {
     }
 
     public String getDescription() {
-        return description;
+        return Permissions.valueOf(permission).getDescription(); //ignoring the database for now...
     }
 
-    public void setDescription(String description) {
+    public void setDescription(@Nullable String description) {
         this.description = description;
     }
 
+    @Transient
+    public String getCategory() {
+        return Permissions.valueOf(permission).getCategory();
+    }
+
     @Override
     public boolean equals(Object o) {
         if (this == o) return true;

server/src/test/java/com/objectcomputing/checkins/services/fixture/PermissionFixture.java

@@ -55,12 +55,12 @@ public interface PermissionFixture extends RepositoryFixture, RolePermissionFixt
     );
 
     default Permission createACustomPermission(Permissions perm) {
-        return getPermissionRepository().save(new Permission(null, perm.name(), null));
+        return getPermissionRepository().save(new Permission(null, perm.name(), perm.getDescription()));
     }
 
     default void saveAllPermissions() {
         for(Permissions permissions : Permissions.values()) {
-            getPermissionRepository().save(new Permission(null, permissions.name(), null));
+            getPermissionRepository().save(new Permission(null, permissions.name(), permissions.getDescription()));
         }
     }
 

web-ui/src/api/memberroles.js

@@ -0,0 +1,11 @@
+import { resolve } from "./api.js";
+
+const memberRolesUrl = "/services/roles/members"
+
+export const getMemberRolesList = async (cookie) => {
+    return resolve({
+      url: memberRolesUrl,
+      responseType: "json",
+      headers: { "X-CSRF-Header": cookie },
+    });
+  };

web-ui/src/api/permissions.js

@@ -0,0 +1,11 @@
+import { resolve } from "./api.js";
+
+const permissionsListUrl = "/services/permissions"
+
+export const getPermissionsList = async (cookie) => {
+    return resolve({
+      url: permissionsListUrl,
+      responseType: "json",
+      headers: { "X-CSRF-Header": cookie },
+    });
+  };

web-ui/src/api/rolepermissions.js

@@ -0,0 +1,31 @@
+import { resolve } from "./api.js";
+
+const rolePermissionsListUrl = "/services/roles/role-permissions";
+
+export const getRolePermissionsList = async (cookie) => {
+  return resolve({
+    url: rolePermissionsListUrl,
+    responseType: "json",
+    headers: { "X-CSRF-Header": cookie },
+  });
+};
+
+export const postRolePermission = async (roleData, cookie) => {
+  return resolve({
+    method: "post",
+    url: rolePermissionsListUrl,
+    responseType: "json",
+    data: roleData,
+    headers: { "X-CSRF-Header": cookie },
+  });
+};
+
+export const deleteRolePermission = async (roleData, cookie) => {
+  return resolve({
+    method: "delete",
+    url: rolePermissionsListUrl,
+    responseType: "json",
+    data: roleData,
+    headers: { "X-CSRF-Header": cookie },
+  });
+};

web-ui/src/components/menu/Menu.jsx

@@ -95,7 +95,7 @@ const Root = styled('div')(({theme}) => ({
 }));
 
 const adminLinks = [
-  // ["/admin/permissions", "Permissions"],
+  ["/admin/permissions", "Permissions"],
   ["/admin/roles", "Roles"],
   ["/admin/users", "Users"],
   ["/admin/email", "Send Email"],

web-ui/src/components/routes/Routes.jsx

@@ -7,6 +7,7 @@ import BirthdayAnniversaryReportPage from "../../pages/BirthdayAnniversaryReport
 import CheckinsPage from "../../pages/CheckinsPage";
 import CheckinsReportPage from "../../pages/CheckinsReportPage";
 import EditSkillsPage from "../../pages/EditSkillsPage";
+import EditPermissionsPage from "../../pages/PermissionsPage";
 import GroupIcon from "@mui/icons-material/Group";
 import GuildsPage from "../../pages/GuildsPage";
 import Header from "../header/Header";
@@ -101,6 +102,10 @@ export default function Routes() {
             <Header title="Skills" />
             <EditSkillsPage />
           </Route>
+          <Route path="/admin/permissions">
+            <Header title="Permissions" />
+            <EditPermissionsPage />
+          </Route>
           <Route path="/checkins-reports">
             <Header title="Check-in Report" />
             <CheckinsReportPage />

web-ui/src/context/selectors.js

@@ -14,6 +14,7 @@ export const selectTeams = (state) => state.teams;
 export const selectGuilds = (state) => state.guilds;
 export const selectLoading = (state) => state.loading;
 export const selectReviewPeriods = (state) => state.reviewPeriods;
+export const selectPermissions = (state) => state.permissions;
 
 export const selectTeamsLoading = createSelector (
   selectLoading,
@@ -40,6 +41,12 @@ export const selectIsAdmin = createSelector(
     userProfile && userProfile.role && userProfile.role.includes("ADMIN")
 );
 
+export const selectHasPermissionAssignmentPermission = createSelector(
+    selectUserProfile,
+    (userProfile) =>
+        userProfile && userProfile.role && userProfile.permissions.some((p) => p?.permission?.includes("CAN_ASSIGN_ROLE_PERMISSIONS"))
+);
+
 export const selectHasReportPermission = createSelector(
     selectUserProfile,
     (userProfile) =>

web-ui/src/helpers/checks.js

@@ -0,0 +1,23 @@
+/**
+ * Full check for whether an array actually exists or is empty, etc
+ * @param arr - an array
+ * @returns a boolean
+ */
+
+export const isArrayPresent = (arr) => Array.isArray(arr) && arr.length;
+
+/**
+ * If a parameter is found in an object within an array, return the array with just that object.
+ * @param arr - an array
+ * @param value - a value
+ * @param key - an optional key with which to search
+ * @returns an array
+ */
+
+export function filterObjectByValOrKey(arr, value, key) {
+  return arr.filter(
+    key
+      ? (a) => a[key].indexOf(value) > -1
+      : (a) => Object.keys(a).some((k) => a[k] === value)
+  );
+}