diff --git a/packages/manager/src/features/Account/SwitchAccountDrawer.tsx b/packages/manager/src/features/Account/SwitchAccountDrawer.tsx index d18e6f105f1..72d894d0712 100644 --- a/packages/manager/src/features/Account/SwitchAccountDrawer.tsx +++ b/packages/manager/src/features/Account/SwitchAccountDrawer.tsx @@ -99,7 +99,7 @@ export const SwitchAccountDrawer = (props: Props) => { filter, headers: isProxyOrDelegateUserType ? { - Authorization: currentTokenWithBearer, + Authorization: currentParentTokenWithBearer, } : undefined, }, @@ -146,9 +146,9 @@ export const SwitchAccountDrawer = (props: Props) => { const proxyToken = await createToken(euuid); setTokenInLocalStorage({ - prefix: isProxyUserType - ? 'authentication/proxy_token' - : 'authentication/delegate_token', + prefix: isIAMDelegationEnabled + ? 'authentication/delegate_token' + : 'authentication/proxy_token', token: { ...proxyToken, token: `Bearer ${proxyToken.token}`, @@ -156,7 +156,7 @@ export const SwitchAccountDrawer = (props: Props) => { }); updateCurrentToken({ - userType: isProxyUserType ? 'proxy' : 'delegate', + userType: isIAMDelegationEnabled ? 'delegate' : 'proxy', }); onClose(event); location.reload(); diff --git a/packages/manager/src/features/Account/SwitchAccounts/SessionExpirationDialog.tsx b/packages/manager/src/features/Account/SwitchAccounts/SessionExpirationDialog.tsx index abf84a1390f..383afb8d172 100644 --- a/packages/manager/src/features/Account/SwitchAccounts/SessionExpirationDialog.tsx +++ b/packages/manager/src/features/Account/SwitchAccounts/SessionExpirationDialog.tsx @@ -9,6 +9,7 @@ import { sessionExpirationContext as _sessionExpirationContext } from 'src/conte import { useParentChildAuthentication } from 'src/features/Account/SwitchAccounts/useParentChildAuthentication'; import { setTokenInLocalStorage } from 'src/features/Account/SwitchAccounts/utils'; import { useDelegationRole } from 'src/features/IAM/hooks/useDelegationRole'; +import { useIsIAMDelegationEnabled } from 'src/features/IAM/hooks/useIsIAMEnabled'; import { parseAPIDate } from 'src/utilities/date'; import { getStorage, setStorage } from 'src/utilities/storage'; @@ -23,6 +24,7 @@ export const SessionExpirationDialog = React.memo( _sessionExpirationContext ); const { isProxyUserType, isDelegateUserType } = useDelegationRole(); + const { isIAMDelegationEnabled } = useIsIAMDelegationEnabled(); const [timeRemaining, setTimeRemaining] = React.useState<{ minutes: number; @@ -112,10 +114,14 @@ export const SessionExpirationDialog = React.memo( const proxyToken = await createToken(euuid); + const tokenPrefix = isIAMDelegationEnabled + ? 'authentication/delegate_token' + : 'authentication/proxy_token'; + const tokenUserType = isIAMDelegationEnabled ? 'delegate' : 'proxy'; + setTokenInLocalStorage({ - prefix: isProxyUserType - ? 'authentication/proxy_token' - : 'authentication/delegate_token', + prefix: tokenPrefix, + token: { ...proxyToken, token: `Bearer ${proxyToken.token}`, @@ -123,7 +129,7 @@ export const SessionExpirationDialog = React.memo( }); updateCurrentToken({ - userType: isProxyUserType ? 'proxy' : 'delegate', + userType: tokenUserType, }); onClose(); location.reload(); @@ -139,7 +145,7 @@ export const SessionExpirationDialog = React.memo( */ useEffect(() => { const checkTokenExpiry = () => { - const expiryString = isProxyUserType + const expiryString = isIAMDelegationEnabled ? getStorage('authentication/proxy_token/expire') : getStorage('authentication/delegate_token/expire'); diff --git a/packages/manager/src/features/TopMenu/UserMenu/UserMenu.tsx b/packages/manager/src/features/TopMenu/UserMenu/UserMenu.tsx index e33fc1ff850..4d1ad28e8bf 100644 --- a/packages/manager/src/features/TopMenu/UserMenu/UserMenu.tsx +++ b/packages/manager/src/features/TopMenu/UserMenu/UserMenu.tsx @@ -71,9 +71,10 @@ export const UserMenu = React.memo(() => { React.useEffect(() => { // Run after we've switched to a proxy user. if ( - isProxyOrDelegateUserType && - (!getStorage('is_proxy_user_type') || - !getStorage('is_delegate_user_type')) + (isProxyOrDelegateUserType && + isProxyUserType && + !getStorage('is_proxy_user_type')) || + (isDelegateUserType && !getStorage('is_delegate_user_type')) ) { // Flag for proxy user to display success toast once. if (isProxyUserType) { diff --git a/packages/manager/src/features/Users/UserPermissions.tsx b/packages/manager/src/features/Users/UserPermissions.tsx index 43c36667d72..60a28340b7e 100644 --- a/packages/manager/src/features/Users/UserPermissions.tsx +++ b/packages/manager/src/features/Users/UserPermissions.tsx @@ -162,14 +162,12 @@ class UserPermissions extends React.Component { }; componentDidMount() { - this.getUserGrants(); - this.getUserType(); + this.getUserAndGrants(); } componentDidUpdate(prevProps: CombinedProps) { if (prevProps.currentUsername !== this.props.currentUsername) { - this.getUserGrants(); - this.getUserType(); + this.getUserAndGrants(); } } @@ -214,64 +212,50 @@ class UserPermissions extends React.Component { { showTabs: false, tabs: [] } ); - getUserGrants = () => { + getUserAndGrants = async () => { const { currentUsername } = this.props; - if (currentUsername) { - getGrants(currentUsername) - .then((grants) => { - if (grants.global) { - const { showTabs, tabs } = this.getTabInformation(grants); - - this.setState({ - grants, - loading: false, - loadingGrants: false, - originalGrants: grants, - restricted: true, - showTabs, - tabs, - }); - } else { - this.setState({ - grants, - loading: false, - loadingGrants: false, - restricted: false, - }); - } - }) - .catch((errResponse) => { - this.setState({ - errors: getAPIErrorOrDefault( - errResponse, - 'Unknown error occurred while fetching user permissions. Try again later.' - ), - }); - scrollErrorIntoViewV2(this.formContainerRef); - }); + if (!currentUsername) { + return; } - }; - getUserType = async () => { - const { currentUsername } = this.props; + try { + const user = await getUser(currentUsername); - // Current user is the user whose permissions are currently being viewed. - if (currentUsername) { - try { - const user = await getUser(currentUsername); + this.setState({ + userType: user.user_type, + }); + if (!user.restricted) { this.setState({ - userType: user.user_type, - }); - } catch (error) { - this.setState({ - errors: getAPIErrorOrDefault( - error, - 'Unknown error occurred while fetching user permissions. Try again later.' - ), + loading: false, + loadingGrants: false, + restricted: false, }); - scrollErrorIntoViewV2(this.formContainerRef); + return; } + + const grants = await getGrants(currentUsername); + const { showTabs, tabs } = this.getTabInformation(grants); + + this.setState({ + grants, + loading: false, + loadingGrants: false, + originalGrants: grants, + restricted: true, + showTabs, + tabs, + }); + } catch (errResponse) { + this.setState({ + errors: getAPIErrorOrDefault( + errResponse, + 'Unknown error occurred while fetching user permissions. Try again later.' + ), + loading: false, + loadingGrants: false, + }); + scrollErrorIntoViewV2(this.formContainerRef); } }; @@ -303,7 +287,7 @@ class UserPermissions extends React.Component { user ); // unconditionally sets this.state.loadingGrants to false - this.getUserGrants(); + this.getUserAndGrants(); enqueueSnackbar('User permissions successfully saved.', { variant: 'success', }); diff --git a/packages/manager/src/features/Users/UserRow.tsx b/packages/manager/src/features/Users/UserRow.tsx index 21f0bbea796..4d964b0fd11 100644 --- a/packages/manager/src/features/Users/UserRow.tsx +++ b/packages/manager/src/features/Users/UserRow.tsx @@ -23,7 +23,7 @@ interface Props { export const UserRow = ({ onDelete, user }: Props) => { const theme = useTheme(); - const { data: grants } = useAccountUserGrants(user.username); + const { data: grants } = useAccountUserGrants(user.username, user.restricted); const { data: profile } = useProfile(); const isProxyOrDelegateUser = Boolean( diff --git a/packages/manager/src/features/Users/UsersLanding.tsx b/packages/manager/src/features/Users/UsersLanding.tsx index 421fc74215f..927434dd480 100644 --- a/packages/manager/src/features/Users/UsersLanding.tsx +++ b/packages/manager/src/features/Users/UsersLanding.tsx @@ -34,7 +34,6 @@ export const UsersLanding = () => { const matchesLgUp = useMediaQuery(theme.breakpoints.up('lg')); const { isProxyOrDelegateUserType, - isProxyUserType, isChildUserType, isParentUserType, profile, @@ -88,7 +87,7 @@ export const UsersLanding = () => { isInitialLoading: isLoadingProxyUser, } = useAccountUsers({ enabled: showProxyOrDelegateUserTable && !isRestrictedUser, - filters: { user_type: isProxyUserType ? 'proxy' : 'delegate' }, + filters: { user_type: 'proxy' }, }); const isChildAccountAccessRestricted = useRestrictedGlobalGrantCheck({ diff --git a/packages/queries/src/account/users.ts b/packages/queries/src/account/users.ts index 228f260d7f2..eaa607e3c9c 100644 --- a/packages/queries/src/account/users.ts +++ b/packages/queries/src/account/users.ts @@ -62,10 +62,14 @@ export const useAccountUser = (username: string, enabled: boolean = true) => { }); }; -export const useAccountUserGrants = (username: string) => { - return useQuery( - accountQueries.users._ctx.user(username)._ctx.grants, - ); +export const useAccountUserGrants = ( + username: string, + enabled: boolean = true, +) => { + return useQuery({ + ...accountQueries.users._ctx.user(username)._ctx.grants, + enabled, + }); }; export const useUpdateUserMutation = (username: string) => {