Skip to content

Commit a185d3a

Browse files
DanielleMaywoodaslilac
DanielleMaywood
and
aslilac
authored
fix(site): ensure notification settings page follows RBAC correctly (#19097)
Ensure template admin and user admins are able to see the correct notification groups on the notification settings page. --------- Co-authored-by: ケイラ <mckayla@hey.com>
1 parent 8b43503 commit a185d3a

File tree

3 files changed

+62
-11
lines changed

3 files changed

+62
-11
lines changed

site/src/pages/UserSettingsPage/NotificationsPage/NotificationsPage.stories.tsx

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ const meta = {
4040
},
4141
],
4242
user: MockUserOwner,
43-
permissions: { viewDeploymentConfig: true },
43+
permissions: { createTemplates: true, createUser: true },
4444
},
4545
decorators: [withGlobalSnackbar, withAuthProvider, withDashboardProvider],
4646
} satisfies Meta<typeof NotificationsPage>;
@@ -74,7 +74,19 @@ export const ToggleNotification: Story = {
7474

7575
export const NonAdmin: Story = {
7676
parameters: {
77-
permissions: { viewDeploymentConfig: false },
77+
permissions: { createTemplates: false, createUser: false },
78+
},
79+
};
80+
81+
export const TemplateAdmin: Story = {
82+
parameters: {
83+
permissions: { createTemplates: true, createUser: false },
84+
},
85+
};
86+
87+
export const UserAdmin: Story = {
88+
parameters: {
89+
permissions: { createTemplates: false, createUser: true },
7890
},
7991
};
8092

site/src/pages/UserSettingsPage/NotificationsPage/NotificationsPage.tsx

Lines changed: 22 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@ import {
2828
methodIcons,
2929
methodLabels,
3030
} from "modules/notifications/utils";
31+
import type { Permissions } from "modules/permissions";
3132
import { type FC, Fragment } from "react";
3233
import { useEffect } from "react";
3334
import { Helmet } from "react-helmet-async";
@@ -46,15 +47,7 @@ const NotificationsPage: FC = () => {
4647
},
4748
{
4849
...systemNotificationTemplates(),
49-
select: (data: NotificationTemplate[]) => {
50-
const groups = selectTemplatesByGroup(data);
51-
return permissions.viewDeploymentConfig
52-
? groups
53-
: {
54-
// Members only have access to the "Workspace Notifications" group
55-
"Workspace Events": groups["Workspace Events"],
56-
};
57-
},
50+
select: (data: NotificationTemplate[]) => selectTemplatesByGroup(data),
5851
},
5952
notificationDispatchMethods(),
6053
],
@@ -103,6 +96,10 @@ const NotificationsPage: FC = () => {
10396
{ready ? (
10497
<Stack spacing={4}>
10598
{Object.entries(templatesByGroup.data).map(([group, templates]) => {
99+
if (!canSeeNotificationGroup(group, permissions)) {
100+
return null;
101+
}
102+
106103
const allDisabled = templates.some((tpl) => {
107104
return notificationIsDisabled(disabledPreferences.data, tpl);
108105
});
@@ -211,6 +208,22 @@ const NotificationsPage: FC = () => {
211208

212209
export default NotificationsPage;
213210

211+
function canSeeNotificationGroup(
212+
group: string,
213+
permissions: Permissions,
214+
): boolean {
215+
switch (group) {
216+
case "Workspace Events":
217+
return true;
218+
case "Template Events":
219+
return permissions.createTemplates;
220+
case "User Events":
221+
return permissions.createUser;
222+
default:
223+
return false;
224+
}
225+
}
226+
214227
function notificationIsDisabled(
215228
disabledPreferences: Record<string, boolean>,
216229
tmpl: NotificationTemplate,

site/src/testHelpers/entities.ts

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4404,6 +4404,32 @@ export const MockNotificationTemplates: TypesGen.NotificationTemplate[] = [
44044404
kind: "system",
44054405
enabled_by_default: true,
44064406
},
4407+
{
4408+
id: "template-event-1",
4409+
name: "Template Version Created",
4410+
title_template: 'Template version "{{.Labels.version_name}}" created',
4411+
body_template:
4412+
'Hi {{.UserName}}\nA new version of template "{{.Labels.template_name}}" has been created.',
4413+
actions:
4414+
'[{"url": "{{ base_url }}/templates/{{.Labels.template_name}}", "label": "View template"}]',
4415+
group: "Template Events",
4416+
method: "smtp",
4417+
kind: "system",
4418+
enabled_by_default: true,
4419+
},
4420+
{
4421+
id: "template-event-2",
4422+
name: "Template Updated",
4423+
title_template: 'Template "{{.Labels.template_name}}" updated',
4424+
body_template:
4425+
'Hi {{.UserName}}\nTemplate "{{.Labels.template_name}}" has been updated.',
4426+
actions:
4427+
'[{"url": "{{ base_url }}/templates/{{.Labels.template_name}}", "label": "View template"}]',
4428+
group: "Template Events",
4429+
method: "webhook",
4430+
kind: "system",
4431+
enabled_by_default: true,
4432+
},
44074433
];
44084434

44094435
export const MockNotificationMethodsResponse: TypesGen.NotificationMethodsResponse =

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy