github.com/minio/console@v1.4.1/web-app/src/screens/Console/valid-routes.tsx (about) 1 // This file is part of MinIO Console Server 2 // Copyright (c) 2022 MinIO, Inc. 3 // 4 // This program is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU Affero General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // This program is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU Affero General Public License for more details. 13 // 14 // You should have received a copy of the GNU Affero General Public License 15 // along with this program. If not, see <http://www.gnu.org/licenses/>. 16 17 import React from "react"; 18 import { IMenuItem } from "./Menu/types"; 19 import { 20 adminUserPermissions, 21 CONSOLE_UI_RESOURCE, 22 IAM_PAGES, 23 IAM_PAGES_PERMISSIONS, 24 IAM_SCOPES, 25 S3_ALL_RESOURCES, 26 } from "../../common/SecureComponent/permissions"; 27 import { 28 AccessMenuIcon, 29 AccountsMenuIcon, 30 AuditLogsMenuIcon, 31 BucketsMenuIcon, 32 CallHomeMenuIcon, 33 DocumentationIcon, 34 GroupsMenuIcon, 35 HealthMenuIcon, 36 IdentityMenuIcon, 37 InspectMenuIcon, 38 LambdaIcon, 39 LicenseIcon, 40 LockOpenIcon, 41 LoginIcon, 42 LogsMenuIcon, 43 MetricsMenuIcon, 44 MonitoringMenuIcon, 45 ObjectBrowserIcon, 46 PerformanceMenuIcon, 47 ProfileMenuIcon, 48 RecoverIcon, 49 SettingsIcon, 50 TiersIcon, 51 TraceMenuIcon, 52 UsersMenuIcon, 53 WatchIcon, 54 } from "mds"; 55 import { hasPermission } from "../../common/SecureComponent"; 56 import EncryptionIcon from "../../icons/SidebarMenus/EncryptionIcon"; 57 import EncryptionStatusIcon from "../../icons/SidebarMenus/EncryptionStatusIcon"; 58 59 const permissionsValidation = (item: IMenuItem) => { 60 return ( 61 ((item.customPermissionFnc 62 ? item.customPermissionFnc() 63 : hasPermission( 64 CONSOLE_UI_RESOURCE, 65 IAM_PAGES_PERMISSIONS[item.path ?? ""], 66 )) || 67 item.forceDisplay) && 68 !item.fsHidden 69 ); 70 }; 71 72 const validateItem = (item: IMenuItem) => { 73 // We clean up child items first 74 if (item.children && item.children.length > 0) { 75 const childArray: IMenuItem[] = item.children.reduce( 76 (acc: IMenuItem[], item) => { 77 if (!validateItem(item)) { 78 return [...acc]; 79 } 80 81 return [...acc, item]; 82 }, 83 [], 84 ); 85 86 const ret = { ...item, children: childArray }; 87 88 return ret; 89 } 90 91 if (permissionsValidation(item)) { 92 return item; 93 } 94 95 return false; 96 }; 97 98 export const validRoutes = ( 99 features: string[] | null | undefined, 100 licenseNotification: boolean = false, 101 ) => { 102 const ldapIsEnabled = (features && features.includes("ldap-idp")) || false; 103 const kmsIsEnabled = (features && features.includes("kms")) || false; 104 105 let consoleMenus: IMenuItem[] = [ 106 { 107 group: "User", 108 name: "Object Browser", 109 id: "object-browser", 110 path: IAM_PAGES.OBJECT_BROWSER_VIEW, 111 icon: <ObjectBrowserIcon />, 112 forceDisplay: true, 113 }, 114 { 115 group: "User", 116 id: "nav-accesskeys", 117 path: IAM_PAGES.ACCOUNT, 118 name: "Access Keys", 119 icon: <AccountsMenuIcon />, 120 forceDisplay: true, 121 }, 122 { 123 group: "User", 124 path: "https://min.io/docs/minio/linux/index.html?ref=con", 125 name: "Documentation", 126 icon: <DocumentationIcon />, 127 forceDisplay: true, 128 }, 129 { 130 group: "Administrator", 131 name: "Buckets", 132 id: "buckets", 133 path: IAM_PAGES.BUCKETS, 134 icon: <BucketsMenuIcon />, 135 forceDisplay: true, 136 }, 137 { 138 group: "Administrator", 139 name: "Policies", 140 id: "policies", 141 path: IAM_PAGES.POLICIES, 142 icon: <AccessMenuIcon />, 143 }, 144 { 145 group: "Administrator", 146 name: "Identity", 147 id: "identity", 148 icon: <IdentityMenuIcon />, 149 children: [ 150 { 151 id: "users", 152 path: IAM_PAGES.USERS, 153 customPermissionFnc: () => 154 hasPermission(CONSOLE_UI_RESOURCE, adminUserPermissions) || 155 hasPermission(S3_ALL_RESOURCES, adminUserPermissions) || 156 hasPermission(CONSOLE_UI_RESOURCE, [IAM_SCOPES.ADMIN_ALL_ACTIONS]), 157 name: "Users", 158 icon: <UsersMenuIcon />, 159 fsHidden: ldapIsEnabled, 160 }, 161 { 162 id: "groups", 163 path: IAM_PAGES.GROUPS, 164 name: "Groups", 165 icon: <GroupsMenuIcon />, 166 fsHidden: ldapIsEnabled, 167 }, 168 { 169 name: "OpenID", 170 id: "openID", 171 path: IAM_PAGES.IDP_OPENID_CONFIGURATIONS, 172 icon: <LockOpenIcon />, 173 }, 174 { 175 name: "LDAP", 176 id: "ldap", 177 path: IAM_PAGES.IDP_LDAP_CONFIGURATIONS, 178 icon: <LoginIcon />, 179 }, 180 ], 181 }, 182 { 183 group: "Administrator", 184 name: "Monitoring", 185 id: "tools", 186 icon: <MonitoringMenuIcon />, 187 children: [ 188 { 189 name: "Metrics", 190 id: "monitorMetrics", 191 path: IAM_PAGES.DASHBOARD, 192 icon: <MetricsMenuIcon />, 193 }, 194 { 195 name: "Logs ", 196 id: "monitorLogs", 197 path: IAM_PAGES.TOOLS_LOGS, 198 icon: <LogsMenuIcon />, 199 }, 200 { 201 name: "Audit", 202 id: "monitorAudit", 203 path: IAM_PAGES.TOOLS_AUDITLOGS, 204 icon: <AuditLogsMenuIcon />, 205 }, 206 { 207 name: "Trace", 208 id: "monitorTrace", 209 path: IAM_PAGES.TOOLS_TRACE, 210 icon: <TraceMenuIcon />, 211 }, 212 { 213 name: "Watch", 214 id: "monitorWatch", 215 icon: <WatchIcon />, 216 path: IAM_PAGES.TOOLS_WATCH, 217 }, 218 { 219 name: "Encryption", 220 id: "monitorEncryption", 221 path: IAM_PAGES.KMS_STATUS, 222 icon: <EncryptionStatusIcon />, 223 fsHidden: !kmsIsEnabled, 224 }, 225 ], 226 }, 227 { 228 group: "Administrator", 229 path: IAM_PAGES.EVENT_DESTINATIONS, 230 name: "Events", 231 icon: <LambdaIcon />, 232 id: "lambda", 233 }, 234 { 235 group: "Administrator", 236 path: IAM_PAGES.TIERS, 237 name: "Tiering", 238 icon: <TiersIcon />, 239 id: "tiers", 240 }, 241 { 242 group: "Administrator", 243 path: IAM_PAGES.SITE_REPLICATION, 244 name: "Site Replication", 245 icon: <RecoverIcon />, 246 id: "sitereplication", 247 }, 248 { 249 group: "Administrator", 250 path: IAM_PAGES.KMS_KEYS, 251 name: "Encryption", 252 icon: <EncryptionIcon />, 253 id: "encryption", 254 fsHidden: !kmsIsEnabled, 255 }, 256 { 257 group: "Administrator", 258 path: IAM_PAGES.SETTINGS, 259 name: "Configuration", 260 id: "configurations", 261 icon: <SettingsIcon />, 262 }, 263 { 264 group: "Subnet", 265 path: IAM_PAGES.LICENSE, 266 name: "License", 267 id: "license", 268 icon: <LicenseIcon />, 269 badge: licenseNotification, 270 forceDisplay: true, 271 }, 272 { 273 group: "Subnet", 274 name: "Health", 275 id: "diagnostics", 276 icon: <HealthMenuIcon />, 277 path: IAM_PAGES.TOOLS_DIAGNOSTICS, 278 }, 279 { 280 group: "Subnet", 281 name: "Performance", 282 id: "performance", 283 icon: <PerformanceMenuIcon />, 284 path: IAM_PAGES.TOOLS_SPEEDTEST, 285 }, 286 { 287 group: "Subnet", 288 name: "Profile", 289 id: "profile", 290 icon: <ProfileMenuIcon />, 291 path: IAM_PAGES.PROFILE, 292 }, 293 { 294 group: "Subnet", 295 name: "Inspect", 296 id: "inspectObjects", 297 path: IAM_PAGES.SUPPORT_INSPECT, 298 icon: <InspectMenuIcon />, 299 }, 300 { 301 group: "Subnet", 302 name: "Call Home", 303 id: "callhome", 304 icon: <CallHomeMenuIcon />, 305 path: IAM_PAGES.CALL_HOME, 306 }, 307 ]; 308 309 return consoleMenus.reduce((acc: IMenuItem[], item) => { 310 const validation = validateItem(item); 311 if (!validation) { 312 return [...acc]; 313 } 314 315 return [...acc, validation]; 316 }, []); 317 };