From 5d0e16d7cda3e3b5079204f00984fa90083fa440 Mon Sep 17 00:00:00 2001 From: Aashish Sharma Date: Wed, 27 Mar 2024 15:15:59 +0530 Subject: [PATCH] mgr/dashboard: remove the option for authentication with token in multi-cluster form Signed-off-by: Aashish Sharma --- .../dashboard/controllers/multi_cluster.py | 13 +-- .../multi-cluster-form.component.html | 97 +++++-------------- .../multi-cluster-form.component.ts | 51 +++------- .../multi-cluster-list.component.ts | 6 +- .../app/shared/api/multi-cluster.service.ts | 8 -- src/pybind/mgr/dashboard/openapi.yaml | 8 -- 6 files changed, 49 insertions(+), 134 deletions(-) diff --git a/src/pybind/mgr/dashboard/controllers/multi_cluster.py b/src/pybind/mgr/dashboard/controllers/multi_cluster.py index ffdf9aed9dc00..de29496e5e7a8 100644 --- a/src/pybind/mgr/dashboard/controllers/multi_cluster.py +++ b/src/pybind/mgr/dashboard/controllers/multi_cluster.py @@ -54,9 +54,7 @@ class MultiCluster(RESTController): @CreatePermission @EndpointDoc("Authenticate to a remote cluster") def auth(self, url: str, cluster_alias: str, username: str, - password=None, token=None, hub_url=None, cluster_fsid=None, - prometheus_api_url=None, ssl_verify=False, ssl_certificate=None, ttl=None): - + password=None, hub_url=None, ssl_verify=False, ssl_certificate=None, ttl=None): try: hub_fsid = mgr.get('config')['fsid'] except KeyError: @@ -101,12 +99,7 @@ class MultiCluster(RESTController): ssl_verify, ssl_certificate) return True - if token and cluster_fsid and prometheus_api_url: - _set_prometheus_targets(prometheus_api_url) - self.set_multi_cluster_config(cluster_fsid, username, url, - cluster_alias, token, prometheus_api_url, - ssl_verify, ssl_certificate) - return True + return False def check_cluster_connection(self, url, payload, username, ssl_verify, ssl_certificate): try: @@ -200,7 +193,7 @@ class MultiCluster(RESTController): @Endpoint('PUT') @UpdatePermission # pylint: disable=W0613 - def reconnect_cluster(self, url: str, username=None, password=None, token=None, + def reconnect_cluster(self, url: str, username=None, password=None, ssl_verify=False, ssl_certificate=None, ttl=None): multicluster_config = self.load_multi_cluster_config() if username and password: diff --git a/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-form/multi-cluster-form.component.html b/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-form/multi-cluster-form.component.html index 30c32c0ec6087..6cc09c772b18f 100644 --- a/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-form/multi-cluster-form.component.html +++ b/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-form/multi-cluster-form.component.html @@ -17,14 +17,6 @@ spacingClass="mb-3" i18n>{{ connectionMessage }} - -

You need to set this cluster's url as the cross origin url in the remote cluster you are trying to connect. - You can do it by running this CLI command in your remote cluster and proceed with authentication via token.

- -
@@ -100,51 +96,7 @@
- -
- - This field is required. - -
-
-
- -
- - This field is required. - -
-
-
+ *ngIf="action !== 'edit'">
- -
- - This field is required. -
-
-
+ *ngIf="action !== 'edit'"> @@ -206,6 +141,24 @@
+
diff --git a/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-form/multi-cluster-form.component.ts b/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-form/multi-cluster-form.component.ts index 4a6ed695cba44..18da2ad48d3fb 100644 --- a/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-form/multi-cluster-form.component.ts +++ b/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-form/multi-cluster-form.component.ts @@ -23,14 +23,10 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { readonly ipv4Rgx = /^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/i; readonly ipv6Rgx = /^(?:[a-f0-9]{1,4}:){7}[a-f0-9]{1,4}$/i; clusterApiUrlCmd = 'ceph mgr services'; - prometheusApiUrlCmd = 'ceph config get mgr mgr/dashboard/PROMETHEUS_API_HOST'; - crossOriginCmd = `ceph dashboard set-cross-origin-url ${window.location.origin}`; remoteClusterForm: CdFormGroup; - showToken = false; connectionVerified: boolean; connectionMessage = ''; private subs = new Subscription(); - showCrossOriginError = false; action: string; cluster: MultiCluster; clustersData: MultiCluster[]; @@ -38,6 +34,7 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { clusterUrls: string[]; clusterUsers: string[]; clusterUrlUserMap: Map; + hubUrl: string; constructor( public activeModal: NgbActiveModal, @@ -45,6 +42,11 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { public notificationService: NotificationService, private multiClusterService: MultiClusterService ) { + this.subs.add( + this.multiClusterService.subscribe((resp: any) => { + this.hubUrl = resp['hub_url']; + }) + ); this.createForm(); } ngOnInit(): void { @@ -62,8 +64,6 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { this.remoteClusterForm.get('clusterAlias').disable(); this.remoteClusterForm.get('username').setValue(this.cluster.user); this.remoteClusterForm.get('username').disable(); - this.remoteClusterForm.get('clusterFsid').setValue(this.cluster.name); - this.remoteClusterForm.get('clusterFsid').disable(); this.remoteClusterForm.get('ssl').setValue(this.cluster.ssl_verify); this.remoteClusterForm.get('ssl_cert').setValue(this.cluster.ssl_certificate); } @@ -76,7 +76,7 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { createForm() { this.remoteClusterForm = new CdFormGroup({ - showToken: new FormControl(false), + // showToken: new FormControl(false), username: new FormControl('', [ CdValidators.custom('uniqueUrlandUser', (username: string) => { let remoteClusterUrl = ''; @@ -96,16 +96,6 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { ); }) ]), - clusterFsid: new FormControl('', [ - CdValidators.requiredIf({ - showToken: true - }) - ]), - prometheusApiUrl: new FormControl('', [ - CdValidators.requiredIf({ - showToken: true - }) - ]), password: new FormControl('', []), remoteClusterUrl: new FormControl(null, { validators: [ @@ -120,14 +110,17 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { ); } }), + CdValidators.custom('hubUrlCheck', (remoteClusterUrl: string) => { + return this.action === 'connect' && remoteClusterUrl?.includes(this.hubUrl); + }), Validators.required ] }), - apiToken: new FormControl('', [ - CdValidators.requiredIf({ - showToken: true - }) - ]), + // apiToken: new FormControl('', [ + // CdValidators.requiredIf({ + // showToken: true + // }) + // ]), clusterAlias: new FormControl(null, { validators: [ Validators.required, @@ -159,9 +152,7 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { handleError(error: any): void { if (error.error.code === 'connection_refused') { this.connectionVerified = false; - this.showCrossOriginError = true; this.connectionMessage = error.error.detail; - this.crossOriginCmd = `ceph config set mgr mgr/dashboard/cross_origin_url ${window.location.origin} `; } else { this.connectionVerified = false; this.connectionMessage = error.error.detail; @@ -189,9 +180,6 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { const clusterAlias = this.remoteClusterForm.getValue('clusterAlias'); const username = this.remoteClusterForm.getValue('username'); const password = this.remoteClusterForm.getValue('password'); - const token = this.remoteClusterForm.getValue('apiToken'); - const clusterFsid = this.remoteClusterForm.getValue('clusterFsid'); - const prometheusApiUrl = this.remoteClusterForm.getValue('prometheusApiUrl'); const ssl = this.remoteClusterForm.getValue('ssl'); const ttl = this.convertToHours(this.remoteClusterForm.getValue('ttl')); const ssl_certificate = this.remoteClusterForm.getValue('ssl_cert')?.trim(); @@ -219,7 +207,7 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { case 'reconnect': this.subs.add( this.multiClusterService - .reConnectCluster(updatedUrl, username, password, token, ssl, ssl_certificate, ttl) + .reConnectCluster(updatedUrl, username, password, ssl, ssl_certificate, ttl) .subscribe(commonSubscribtion) ); break; @@ -231,10 +219,7 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { clusterAlias, username, password, - token, window.location.origin, - clusterFsid, - prometheusApiUrl, ssl, ssl_certificate, ttl @@ -247,10 +232,6 @@ export class MultiClusterFormComponent implements OnInit, OnDestroy { } } - toggleToken() { - this.showToken = !this.showToken; - } - fileUpload(files: FileList, controlName: string) { const file: File = files[0]; const reader = new FileReader(); diff --git a/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-list/multi-cluster-list.component.ts b/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-list/multi-cluster-list.component.ts index 5d0b20f5edd93..5fc1d5d6d06d7 100644 --- a/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-list/multi-cluster-list.component.ts +++ b/src/pybind/mgr/dashboard/frontend/src/app/ceph/cluster/multi-cluster/multi-cluster-list/multi-cluster-list.component.ts @@ -19,6 +19,7 @@ import { MultiCluster } from '~/app/shared/models/multi-cluster'; import { Router } from '@angular/router'; import { CookiesService } from '~/app/shared/services/cookie.service'; import { Observable, Subscription } from 'rxjs'; +import { SettingsService } from '~/app/shared/api/settings.service'; @Component({ selector: 'cd-multi-cluster-list', @@ -55,7 +56,8 @@ export class MultiClusterListComponent implements OnInit, OnDestroy { private notificationService: NotificationService, private authStorageService: AuthStorageService, private modalService: ModalService, - private cookieService: CookiesService + private cookieService: CookiesService, + private settingsService: SettingsService ) { this.tableActions = [ { @@ -162,6 +164,8 @@ export class MultiClusterListComponent implements OnInit, OnDestroy { this.checkClusterConnectionStatus(); }) ); + + this.managedByConfig$ = this.settingsService.getValues('MANAGED_BY_CLUSTERS'); } ngOnDestroy(): void { diff --git a/src/pybind/mgr/dashboard/frontend/src/app/shared/api/multi-cluster.service.ts b/src/pybind/mgr/dashboard/frontend/src/app/shared/api/multi-cluster.service.ts index a26e1b7f199ab..3c4be090f076d 100644 --- a/src/pybind/mgr/dashboard/frontend/src/app/shared/api/multi-cluster.service.ts +++ b/src/pybind/mgr/dashboard/frontend/src/app/shared/api/multi-cluster.service.ts @@ -128,10 +128,7 @@ export class MultiClusterService { clusterAlias: string, username: string, password: string, - token = '', hub_url = '', - clusterFsid = '', - prometheusApiUrl = '', ssl = false, cert = '', ttl: number @@ -141,10 +138,7 @@ export class MultiClusterService { cluster_alias: clusterAlias, username, password, - token, hub_url, - cluster_fsid: clusterFsid, - prometheus_api_url: prometheusApiUrl, ssl_verify: ssl, ssl_certificate: cert, ttl: ttl @@ -155,7 +149,6 @@ export class MultiClusterService { url: any, username: string, password: string, - token = '', ssl = false, cert = '', ttl: number @@ -164,7 +157,6 @@ export class MultiClusterService { url, username, password, - token, ssl_verify: ssl, ssl_certificate: cert, ttl: ttl diff --git a/src/pybind/mgr/dashboard/openapi.yaml b/src/pybind/mgr/dashboard/openapi.yaml index ae0f9e0392172..56b67342399fd 100644 --- a/src/pybind/mgr/dashboard/openapi.yaml +++ b/src/pybind/mgr/dashboard/openapi.yaml @@ -7103,21 +7103,15 @@ paths: properties: cluster_alias: type: string - cluster_fsid: - type: string hub_url: type: string password: type: string - prometheus_api_url: - type: string ssl_certificate: type: string ssl_verify: default: false type: boolean - token: - type: string ttl: type: string url: @@ -7298,8 +7292,6 @@ paths: ssl_verify: default: false type: boolean - token: - type: string ttl: type: string url: -- 2.39.5