assign/remove principal-roles to catalog-roles

Author: binarycat0

src/app/api/principal-roles/[principalRoleName]/catalog-roles/[catalogName]/[catalogRoleName]/route.ts

@@ -0,0 +1,63 @@
+import {NextRequest, NextResponse} from 'next/server';
+import {apiManagementPrincipalRoleCatalogRoleUrl} from "@/app/constants";
+import {getRealmHeadersFromRequest} from "@/utils/auth";
+
+export async function DELETE(
+    request: NextRequest,
+    {params}: { params: Promise<{ principalRoleName: string; catalogName: string; catalogRoleName: string }> }
+) {
+  try {
+    const authHeader = request.headers.get('Authorization');
+
+    if (!authHeader) {
+      return NextResponse.json(
+          {
+            error: {
+              message: 'Authorization header is required',
+              type: 'UnauthorizedError',
+              code: 401
+            }
+          },
+          {status: 401}
+      );
+    }
+
+    const {principalRoleName, catalogName, catalogRoleName} = await params;
+    const url = apiManagementPrincipalRoleCatalogRoleUrl(principalRoleName, catalogName, catalogRoleName);
+
+    console.log('Revoking catalog role from principal role:', principalRoleName, catalogName, catalogRoleName);
+
+    const realmHeaders = getRealmHeadersFromRequest(request);
+
+    const response = await fetch(url, {
+      method: 'DELETE',
+      headers: {
+        'Authorization': authHeader,
+        'Content-Type': 'application/json',
+        ...realmHeaders,
+      },
+    });
+
+    if (!response.ok) {
+      const data = await response.json().catch(() => ({
+        error: {
+          message: 'Failed to revoke catalog role',
+          type: 'RevokeError',
+          code: response.status
+        }
+      }));
+      console.error('Backend error response:', data);
+      return NextResponse.json(data, {status: response.status});
+    }
+
+    console.log('Catalog role revoked successfully');
+    return NextResponse.json({success: true}, {status: 204});
+  } catch (error) {
+    console.error('Revoke catalog role proxy error:', error);
+    return NextResponse.json(
+        {error: {message: 'Internal server error', type: 'InternalServerError', code: 500}},
+        {status: 500}
+    );
+  }
+}
+

src/app/api/principal-roles/[principalRoleName]/catalog-roles/[catalogName]/route.ts

@@ -0,0 +1,67 @@
+import {NextRequest, NextResponse} from 'next/server';
+import {apiManagementPrincipalRoleCatalogRolesUrl} from "@/app/constants";
+import {getRealmHeadersFromRequest} from "@/utils/auth";
+
+export async function PUT(
+    request: NextRequest,
+    {params}: { params: Promise<{ principalRoleName: string; catalogName: string }> }
+) {
+  try {
+    const authHeader = request.headers.get('Authorization');
+
+    if (!authHeader) {
+      return NextResponse.json(
+          {
+            error: {
+              message: 'Authorization header is required',
+              type: 'UnauthorizedError',
+              code: 401
+            }
+          },
+          {status: 401}
+      );
+    }
+
+    const {principalRoleName, catalogName} = await params;
+    const url = apiManagementPrincipalRoleCatalogRolesUrl(principalRoleName, catalogName);
+
+    console.log('Assigning catalog role to principal role:', principalRoleName, catalogName);
+
+    const body = await request.json();
+    console.log('Request body:', body);
+
+    const realmHeaders = getRealmHeadersFromRequest(request);
+
+    const response = await fetch(url, {
+      method: 'PUT',
+      headers: {
+        'Authorization': authHeader,
+        'Content-Type': 'application/json',
+        ...realmHeaders,
+      },
+      body: JSON.stringify(body),
+    });
+
+    if (!response.ok) {
+      const data = await response.json().catch(() => ({
+        error: {
+          message: 'Failed to assign catalog role',
+          type: 'AssignError',
+          code: response.status
+        }
+      }));
+      console.error('Backend error response:', data);
+      return NextResponse.json(data, {status: response.status});
+    }
+
+    console.log('Catalog role assigned successfully');
+    return NextResponse.json({success: true}, {status: 201});
+  } catch (error) {
+    console.error('Assign catalog role proxy error:', error);
+    return NextResponse.json(
+        {error: {message: 'Internal server error', type: 'InternalServerError', code: 500}},
+        {status: 500}
+    );
+  }
+}
+

src/app/catalogs/page.tsx

@@ -6,9 +6,17 @@ import PrincipalRolesList, {PrincipalRoleItem, PrincipalItem} from "@/app/ui/pri
 import Grants, {Grant} from "@/app/ui/grants"
 import CreateCatalogModal from "@/app/ui/create-catalog-modal"
 import CreateCatalogRoleModal from "@/app/ui/create-catalog-role-modal"
+import AssignCatalogRoleModal from "@/app/ui/assign-catalog-role-modal"
+import RemoveCatalogRoleModal from "@/app/ui/remove-catalog-role-modal"
 import {useCallback, useEffect, useState} from 'react'
-import {Breadcrumb, Button, Divider, Flex, message, Space, Spin, Typography} from 'antd';
-import {FolderAddOutlined, FolderOpenOutlined, UsergroupAddOutlined} from '@ant-design/icons';
+import {Breadcrumb, Button, Divider, message, Space, Spin, Typography, Flex} from 'antd';
+import {
+  FolderAddOutlined,
+  FolderOpenOutlined,
+  MinusOutlined,
+  PlusOutlined,
+  UsergroupAddOutlined
+} from '@ant-design/icons';
 import {useAuthenticatedFetch} from '@/hooks/useAuthenticatedFetch';
 
 const {Title} = Typography;
@@ -39,6 +47,8 @@ export default function Page() {
   const [grantsLoading, setGrantsLoading] = useState(false);
   const [createModalVisible, setCreateModalVisible] = useState(false);
   const [createCatalogRoleModalVisible, setCreateCatalogRoleModalVisible] = useState(false);
+  const [assignCatalogRoleModalVisible, setAssignCatalogRoleModalVisible] = useState(false);
+  const [removeCatalogRoleModalVisible, setRemoveCatalogRoleModalVisible] = useState(false);
   const {authenticatedFetch} = useAuthenticatedFetch();
 
   const getCatalogs = useCallback(async (): Promise<CatalogEntity[]> => {
@@ -260,10 +270,10 @@ export default function Page() {
 
     try {
       await authenticatedFetch(
-        `/api/principal-roles/${encodeURIComponent(selectedCatalog)}/${encodeURIComponent(selectedCatalogRole)}/${encodeURIComponent(principalRoleName)}`,
-        {
-          method: 'DELETE',
-        }
+          `/api/principal-roles/${encodeURIComponent(selectedCatalog)}/${encodeURIComponent(selectedCatalogRole)}/${encodeURIComponent(principalRoleName)}`,
+          {
+            method: 'DELETE',
+          }
       );
 
       message.success(`Principal role "${principalRoleName}" removed from catalog role "${selectedCatalogRole}" successfully!`);
@@ -280,10 +290,10 @@ export default function Page() {
   const handleDeletePrincipal = async (principalRoleName: string, principalName: string) => {
     try {
       await authenticatedFetch(
-        `/api/principal-role-principals/${encodeURIComponent(principalRoleName)}/${encodeURIComponent(principalName)}`,
-        {
-          method: 'DELETE',
-        }
+          `/api/principal-role-principals/${encodeURIComponent(principalRoleName)}/${encodeURIComponent(principalName)}`,
+          {
+            method: 'DELETE',
+          }
       );
 
       message.success(`Principal "${principalName}" removed from role "${principalRoleName}" successfully!`);
@@ -366,6 +376,40 @@ export default function Page() {
     }
   };
 
+  const handleAddCatalogRole = () => {
+    setAssignCatalogRoleModalVisible(true);
+  };
+
+  const handleRemoveCatalogRole = () => {
+    setRemoveCatalogRoleModalVisible(true);
+  };
+
+  const handleAssignCatalogRoleSuccess = async () => {
+    if (selectedCatalog && selectedCatalogRole) {
+      // Refresh the principal roles list
+      setPrincipalRolesLoading(true);
+      try {
+        const roles = await getPrincipalRoles(selectedCatalog, selectedCatalogRole);
+        setPrincipalRoles(roles);
+      } finally {
+        setPrincipalRolesLoading(false);
+      }
+    }
+  };
+
+  const handleRemoveCatalogRoleSuccess = async () => {
+    if (selectedCatalog && selectedCatalogRole) {
+      // Refresh the principal roles list
+      setPrincipalRolesLoading(true);
+      try {
+        const roles = await getPrincipalRoles(selectedCatalog, selectedCatalogRole);
+        setPrincipalRoles(roles);
+      } finally {
+        setPrincipalRolesLoading(false);
+      }
+    }
+  };
+
   if (loading) {
     return (
         <Spin size="large"/>
@@ -436,6 +480,25 @@ export default function Page() {
         {selectedCatalog && selectedCatalogRole && (
             <>
               <Divider orientation="left">Principal Roles Assigned to Catalog Role</Divider>
+              <Flex justify="flex-end" align="center" style={{width: '100%'}}>
+                <Space>
+                  <Button
+                      type="default"
+                      icon={<PlusOutlined/>}
+                      onClick={handleAddCatalogRole}
+                  >
+                    Add Role
+                  </Button>
+                  <Button
+                      danger
+                      icon={<MinusOutlined/>}
+                      onClick={handleRemoveCatalogRole}
+                      disabled={principalRoles.length === 0}
+                  >
+                    Remove Role
+                  </Button>
+                </Space>
+              </Flex>
               <PrincipalRolesList
                   roles={principalRoles}
                   loading={principalRolesLoading}
@@ -468,6 +531,23 @@ export default function Page() {
             onClose={() => setCreateCatalogRoleModalVisible(false)}
             onSuccess={handleCreateCatalogRoleSuccess}
         />
+
+        <AssignCatalogRoleModal
+            visible={assignCatalogRoleModalVisible}
+            catalogName={selectedCatalog}
+            catalogRoleName={selectedCatalogRole}
+            onClose={() => setAssignCatalogRoleModalVisible(false)}
+            onSuccess={handleAssignCatalogRoleSuccess}
+        />
+
+        <RemoveCatalogRoleModal
+            visible={removeCatalogRoleModalVisible}
+            catalogName={selectedCatalog}
+            catalogRoleName={selectedCatalogRole}
+            assignedPrincipalRoles={principalRoles}
+            onClose={() => setRemoveCatalogRoleModalVisible(false)}
+            onSuccess={handleRemoveCatalogRoleSuccess}
+        />
       </Space>
   )
 }

src/app/constants.ts

@@ -7,6 +7,8 @@ export const apiManagementPrincipalsUrl = apiManagementUrl + "/principals";
 export const apiManagementPrincipalRolesUrl = apiManagementUrl + "/principal-roles";
 export const apiManagementPrincipalPrincipalRolesUrl = (principalName: string) => apiManagementUrl + `/principals/${principalName}/principal-roles`;
 export const apiManagementPrincipalRolePrincipalsUrl = (principalRoleName: string) => apiManagementUrl + `/principal-roles/${principalRoleName}/principals`;
+export const apiManagementPrincipalRoleCatalogRolesUrl = (principalRoleName: string, catalogName: string) => apiManagementUrl + `/principal-roles/${principalRoleName}/catalog-roles/${catalogName}`;
+export const apiManagementPrincipalRoleCatalogRoleUrl = (principalRoleName: string, catalogName: string, catalogRoleName: string) => apiManagementUrl + `/principal-roles/${principalRoleName}/catalog-roles/${catalogName}/${catalogRoleName}`;
 
 export const apiCatalogUrl = process.env.POLARIS_CATALOG_API_URL || "http://localhost:8181/api/catalog/v1";
 export const apiCatalogAuthUrl = apiCatalogUrl + "/oauth/tokens"