search

rancher / dashboard

The Rancher UI
https://rancher.com
Apache License 2.0
445 stars 249 forks source link

Enhancements for port project membership from ember UI to vue UI #3318

Open anupama2501 opened 3 years ago

anupama2501 commented 3 years ago

Rancher master-head commit 4d18400

Addressing 4 enhancement in this ticket, updated to reflect current state of ticket after splitting

  1. Create an rke2 node driver 1 worker ,1cp, 1 etcd cluster from explorer.
  2. Create standard users - user1, user2, user3, user4, user5
  3. Create a project P1
  4. Add user1 as project owner in P1, user2 as project member in P1 and user3 as read-only

Enhancement 1 (disregard here, now tracked in https://github.com/rancher/dashboard/issues/3344):

  1. Login as user1 and create a project in the cluster
  2. Only the create button says 'Error' but no error message is displayed on the UI.
  3. When project owners or project members create a project in the cluster, an error should be displayed to the users. reference from ember UI: projects.management.cattle.io is forbidden: User "u-7g8s9" cannot create resource "projects" in API group "management.cattle.io" in the namespace "c-m-593a381b"

Enhancement2 (the sole focus of this ticket):

  1. For user1, the RBAC option in the cluster is show with roles and role-bindings only
  2. For user2, the RBAC option in the cluster is shown with cluster members only but no members in it
  3. The RBAC option can be completely hidden from the project owner, project members, read-only and custom project permissions.

Enhancement3 (not possible):

  1. Log in as user3 to the rancher server.
  2. Create a namespace as user3.
  3. Following is the error displayed for user3: Method POST not supported
  4. Error message can be changed to projects.management.cattle.io is forbidden: User "u-7g8s9" cannot create resource "projects" in API group "management.cattle.io" in the namespace "c-m-593a381b for more clear understanding.

Enhancement4 (not possible):

  1. For user1, user2, user3 - cluster Explorer --> More Resources --> core --> Secrets are visible.
  2. These can be hidden from the users and need not be shown

reference ticket: https://github.com/rancher/dashboard/issues/2673

izaac commented 3 years ago

Rancher version: 2.6 master-head (06/23/2021) d44698d

I am able to add a user multiple times with same or different roles into a project, on Ember UI only the first one was displayed for a user and it's updated if we try to add the same user again. In this case Ember UI shown the user as custom (as if it had multiple roles).

Screen Shot 2021-06-23 at 2 16 00 PM

Screen Shot 2021-06-23 at 2 17 12 PM

gaktive commented 3 years ago

Will spawn request 1 into a new bug. 2 we'll look at later, 3 & 4 aren't possible.

@izaac can you create a separate item for your comment?

izaac commented 3 years ago

@gaktive https://github.com/rancher/dashboard/issues/3344

gaktive commented 3 years ago

And #3342 spawned from Item 1