Your IP : 216.73.216.220
import{R as N,O as T,d7 as ne,cH as oe,u as _,au as O,v as H,d as n,r as G,a9 as ae,j as e,z as U,x as B,T as C,f as Y,h as Q,k as V,p as q,w as J,J as re,b as ie,y as le,H as de,L as ue,b3 as ce}from"./index-BsQN_SZU.js";import{S as pe}from"./SelectableMainTable-DBx4rRiq.js";import{S as me}from"./SelectedTableNotification-BpePAhdG.js";import{u as ge}from"./useSortTableData-DkMx8bMp.js";import{u as M,p as K}from"./usePanelParams-CNAJZsSX.js";import{P as A}from"./PageHeader-BkhUaI4-.js";import{H as he}from"./HelpLink-BJF9zWZL.js";import{P as fe}from"./PermissionGroupsFilter-CX61qN2q.js";import{G as W}from"./GroupSelection-BCidmw-m.js";import{u as X}from"./ModifiedStatusAction-BFtE1DQS.js";import{u as Z}from"./useAuthGroups-D8vRxz3-.js";import{N as ee}from"./NameWithGroupForm-CI9Ry6wx.js";import{B as Ie}from"./BulkDeleteButton-DbqPCHnz.js";import{G as ye}from"./GroupSelectionActions-CHeMh4Rc.js";const Se=["can_delete","can_edit"],be=async t=>{const s=new URLSearchParams;return s.set("recursion","1"),oe(s,t,Se),fetch(`${N}/1.0/auth/identity-provider-groups?${s.toString()}`).then(T).then(l=>l.metadata)},xe=async t=>{await fetch(`${N}/1.0/auth/identity-provider-groups`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({name:t.name,groups:t.groups})}).then(T)},je=async t=>{await fetch(`${N}/1.0/auth/identity-provider-groups/${encodeURIComponent(t.name)}`,{method:"PUT",headers:{"Content-Type":"application/json"},body:JSON.stringify(t)}).then(T)},Pe=async(t,s)=>{await fetch(`${N}/1.0/auth/identity-provider-groups/${encodeURIComponent(t)}`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({name:s})}).then(T)},De=async t=>{await fetch(`${N}/1.0/auth/identity-provider-groups/${encodeURIComponent(t)}`,{method:"DELETE"}).then(T)},Ne=async t=>Promise.allSettled(t.map(async s=>De(s))).then(ne),z=()=>{const{isFineGrained:t}=_();return{canDeleteIdpGroup:u=>O(t,"can_delete",u?.access_entitlements),canEditIdpGroup:u=>O(t,"can_edit",u?.access_entitlements)}},te=(t,s)=>["deduplicate","An identity provider group with this name already exists",async l=>s&&l===s||ae(l,"",t,"auth/identity-provider-groups")],se=t=>{const s=H(),l=n.useNotify(),u=n.useToastNotification(),[a,f]=G.useState(!1),{canDeleteIdpGroup:j}=z(),d=[],r=[];t.forEach(c=>{j(c)?r.push(c):d.push(c)});const P=r.length===1;return{deleteIdpGroups:()=>{f(!0);const c=P?e.jsxs(e.Fragment,{children:["IDP group"," ",e.jsx(U,{bold:!0,type:"idp-group",value:r[0].name})," ","deleted."]}):`${r.length} IDP groups deleted.`;Ne(r.map(b=>b.name)).then(()=>{s.invalidateQueries({queryKey:[B.idpGroups]}),u.success(c)}).catch(b=>{l.failure(`${C("IDP group",r.length)} deletion failed`,b)}).finally(()=>{f(!1)})},isDeleting:a,restrictedIdpGroups:d,deletableIdpGroups:r}},Ge=()=>{const t=M(),s=n.useNotify(),l=n.useToastNotification(),u=H(),a=G.useState(null),{data:f=[],error:j,isLoading:d}=Z(),{desiredState:r,save:P}=X({initialState:{groupsAdded:new Set}});j&&s.failure("Loading panel details failed",j);const I=(g,m)=>{P(m?{groupsAdded:new Set}:{groupsAdded:new Set(g)})},c=()=>{t.clear(),s.clear()},b=g=>{const m={name:g.name,groups:Array.from(r.groupsAdded)};h.setSubmitting(!0),xe(m).then(()=>{l.success(e.jsxs(e.Fragment,{children:["IDP group"," ",e.jsx(J,{type:"idp-group",value:g.name,to:`${N}/ui/permissions/idp-groups`})," ","created."]})),u.invalidateQueries({queryKey:[B.idpGroups]}),c()}).catch(v=>{s.failure("IDP group creation failed",v)}).finally(()=>{h.setSubmitting(!1)})},y=Y().shape({name:Q().test(...te(a)).required("IDP group name is required")}),h=V({initialValues:{name:""},validationSchema:y,onSubmit:b});return e.jsxs(n.SidePanel,{loading:d,hasError:!f,children:[e.jsx(n.SidePanel.Header,{children:e.jsx(n.SidePanel.HeaderTitle,{children:"Create IDP group"})}),e.jsx(q,{className:"u-no-padding"}),e.jsx(ee,{formik:h}),e.jsx("p",{children:"Groups"}),e.jsx(n.SidePanel.Content,{className:"u-no-padding",children:e.jsx(W,{groups:f,modifiedGroups:r.groupsAdded,parentItemName:"",selectedGroups:r.groupsAdded,setSelectedGroups:I,toggleGroup:g=>{const m=new Set([...r.groupsAdded]);m.has(g)?m.delete(g):m.add(g),I([...m],m.size===0)},scrollDependencies:[f,r.groupsAdded.size,s.notification,h]})}),e.jsxs(n.SidePanel.Footer,{className:"u-align--right",children:[e.jsx(n.Button,{appearance:"base",onClick:c,className:"u-no-margin--bottom",children:"Cancel"}),e.jsx(n.ActionButton,{appearance:"positive",onClick:()=>{h.submitForm()},className:"u-no-margin--bottom",disabled:!h.isValid||h.isSubmitting||!h.values.name,loading:h.isSubmitting,children:"Create IDP group"})]})]})},ve=({idpGroups:t})=>{const{deletableIdpGroups:s,restrictedIdpGroups:l,deleteIdpGroups:u}=se(t),a=()=>{if(l.length)return[`${s.length} ${C("IDP group",s.length)} will be deleted.`,`${l.length} ${C("IDP group",l.length)} that you do not have permission to delete will be ignored.`]};return e.jsx(Ie,{entities:t,deletableEntities:s,entityType:"IDP group",onDelete:u,disabledReason:s.length?void 0:`You do not have permission to delete the selected ${C("idp group",t.length)}`,className:"u-no-margin--bottom",buttonLabel:`Delete ${t.length} ${C("IDP group",t.length)}`,bulkDeleteBreakdown:a()})},Ce=({idpGroup:t,onClose:s})=>{const l=M(),u=n.useNotify(),a=n.useToastNotification(),f=H(),j=G.useState(null),{data:d=[],error:r,isLoading:P}=Z(),{desiredState:I,save:c,undo:b}=X({initialState:{groupsAdded:new Set,groupsRemoved:new Set}});r&&u.failure("Loading panel details failed",r);const y=new Set(I.groupsAdded);for(const i of t.groups)I.groupsRemoved.has(i)||y.add(i);const h=()=>{const i=new Set;for(const p of t.groups)y.has(p)||i.add(p);for(const p of d)!t.groups.includes(p.name)&&y.has(p.name)&&i.add(p.name);return i},g=(i,p)=>{c(p?{groupsAdded:new Set,groupsRemoved:new Set(d.map(x=>x.name))}:{groupsAdded:new Set(i),groupsRemoved:new Set})},m=i=>{const p=y.has(i),x=new Set(I.groupsAdded),R=new Set(I.groupsRemoved);p?(x.delete(i),R.add(i)):(x.add(i),R.delete(i)),c({groupsAdded:x,groupsRemoved:R})},v=()=>{l.clear(),u.clear(),s?.()},L=i=>{const p=new Set(t.groups);for(const E of I.groupsAdded)p.add(E);for(const E of I.groupsRemoved)p.delete(E);let x=je({...t,groups:Array.from(p)});t.name!==i.name&&(x=x.then(async()=>Pe(t?.name??"",i.name))),S.setSubmitting(!0),x.then(()=>{a.success(e.jsxs(e.Fragment,{children:["IDP group"," ",e.jsx(J,{type:"idp-group",value:i.name,to:`${N}/ui/permissions/idp-groups`})," ","updated."]})),f.invalidateQueries({queryKey:[B.idpGroups]}),v()}).catch(E=>{u.failure("IDP group update failed",E)}).finally(()=>{S.setSubmitting(!1)})},F=Y().shape({name:Q().test(...te(j,l.idpGroup??"")).required("IDP group name is required")}),S=V({initialValues:{name:t?.name??""},enableReinitialize:!0,validationSchema:F,onSubmit:L}),D=h(),$=!!S.touched.name,k=S.isValid&&S.values.name,o=!!D.size,w=$&&k||k&&o;return e.jsxs(n.SidePanel,{loading:P,hasError:!d,children:[e.jsx(n.SidePanel.Header,{children:e.jsx(n.SidePanel.HeaderTitle,{className:"u-truncate",children:`Edit IDP group ${t?.name}`})}),e.jsx(q,{className:"u-no-padding"}),e.jsx(ee,{formik:S}),e.jsx("p",{children:"Map groups to this idp group"}),e.jsx(n.SidePanel.Content,{className:"u-no-padding",children:e.jsx(W,{groups:d,modifiedGroups:D,parentItemName:"IDP group",parentItems:[t],selectedGroups:y,setSelectedGroups:g,toggleGroup:m,scrollDependencies:[d,D.size,u.notification,S]})}),e.jsx(n.SidePanel.Footer,{className:"u-align--right",children:e.jsx(ye,{modifiedGroups:D,undoChange:b,closePanel:v,onSubmit:()=>{S.submitForm()},loading:S.isSubmitting,disabled:!w||S.isSubmitting,isEdit:!0})})]})},we=({idpGroup:t})=>{const{canDeleteIdpGroup:s}=z(),{isDeleting:l,deletableIdpGroups:u,deleteIdpGroups:a}=se([t]);return e.jsx(n.ConfirmationButton,{onHoverText:s(t)?"Delete IDP group":"You do not have permission to delete this IDP group",appearance:"base",className:"has-icon is-dense","aria-label":"Delete IDP group",type:"button",disabled:!s(t),shiftClickEnabled:!0,showShiftClickHint:!0,confirmationModalProps:{title:"Confirm IDP group deletion",confirmButtonLabel:"Delete",confirmButtonLoading:l,onConfirm:a,className:"permission-confirm-modal",children:e.jsxs("p",{children:["Are you sure you want to delete the IDP group"," ",e.jsx(U,{type:"idp-group",value:u[0]?.name,bold:!0}),"?"]})},children:e.jsx(n.Icon,{name:"delete"})})},Ee=()=>{const{isFineGrained:t}=_();return re({queryKey:[B.idpGroups],queryFn:async()=>be(t),enabled:t!==null})},_e=()=>{const t=n.useNotify(),{data:s=[],error:l,isLoading:u}=Ee(),a=M(),[f,j]=G.useState(""),[d,r]=G.useState([]),{data:P}=ie(),I=P?.config?.["oidc.groups.claim"],{canCreateIdpGroups:c}=le(),{canEditIdpGroup:b}=z(),y=de();l&&t.failure("Loading provider groups failed",l),G.useEffect(()=>{const o=d.filter(w=>s.some(i=>i.name===w));o.length!==d.length&&r(o)},[s]),G.useEffect(()=>{a.idpGroup&&r([a.idpGroup])},[a.idpGroup,s]);const h=[{content:"Name",className:"name",sortKey:"name"},{content:"Mapped groups",sortKey:"groups",className:"u-align--right mapped-groups"},{"aria-label":"Actions",className:"u-align--right actions"}],g=s.filter(o=>!f||o.name.toLowerCase().includes(f)),m=s.filter(o=>d.includes(o.name)),v=g.map(o=>{const w=()=>{if(b(o))return e.jsx(n.Button,{appearance:"link",dense:!0,onClick:()=>{a.openEditIdpGroup(o.name)},children:o.groups.length});const i=C("group",o.groups?.length??0),p=o.groups?.join(`
- `),x=`Assigned ${i}:
- ${p}`;return e.jsx("div",{title:o.groups?.length?x:"",children:o.groups?.length||0})};return{key:o.name,name:o.name,className:"u-row",columns:[{content:o.name,role:"rowheader","aria-label":"Name",className:"u-truncate",title:o.name},{content:w(),role:"cell",className:"u-align--right mapped-groups","aria-label":"Number of mapped groups"},{className:"actions u-align--right",content:e.jsx(n.List,{inline:!0,className:"u-no-margin--bottom actions-list",items:[e.jsx(n.Button,{appearance:"base",hasIcon:!0,dense:!0,onClick:()=>{a.openEditIdpGroup(o.name)},type:"button","aria-label":"Edit IDP group details",title:b(o)?"Edit details":"You do not have permission to modify this IDP group",disabled:!b(o),children:e.jsx(n.Icon,{name:"edit"})},`edit-${o.name}`),e.jsx(we,{idpGroup:o},`delete-${o.name}`)]}),role:"cell","aria-label":"Actions"}],sortData:{name:o.name.toLowerCase(),groups:o.groups.length}}}),{rows:L,updateSort:F}=ge({rows:v});if(u)return e.jsx(n.Spinner,{className:"u-loader",text:"Loading...",isMainComponent:!0});const S=()=>d.length>0?e.jsx(me,{totalCount:s.length??0,itemName:"IDP group",parentName:"",selectedNames:d,setSelectedNames:r,filteredNames:g.map(o=>o.name),hideActions:!!a.panel}):null,D=s.length>0,$=e.jsxs(e.Fragment,{children:[e.jsx(e.Fragment,{children:"Identity provider groups map authentication entities from your identity provider to groups within LXD."}),!I&&e.jsxs(e.Fragment,{children:[e.jsx("br",{}),"You need to set your server"," ",e.jsxs(ue,{to:`${N}/ui/settings`,children:["configuration (",e.jsx("code",{children:"oidc.groups.claim"}),")"]})," ","to the name of the custom claim that provides the IDP groups."]}),e.jsx("br",{}),e.jsx(ce,{docPath:"/explanation/authorization/#use-groups-defined-by-the-identity-provider",children:"Learn more about IDP groups"})]}),k=D?e.jsxs(e.Fragment,{children:[e.jsx(n.Notification,{severity:"information",children:$}),e.jsx(n.ScrollableTable,{dependencies:[s],tableId:"idp-groups-table",belowIds:["status-bar"],children:e.jsx(n.TablePagination,{data:L,id:"pagination",itemName:"IDP group",className:"u-no-margin--top","aria-label":"Table pagination control",description:S(),children:e.jsx(pe,{id:"idp-groups-table",className:"permission-idp-group-table",headers:h,rows:L,sortable:!0,emptyStateMsg:"No identity provider groups found matching this search",onUpdateSort:F,itemName:"IDP group",parentName:"",selectedNames:d,setSelectedNames:r,disabledNames:[],filteredNames:g.map(o=>o.name),disableSelect:!!a.panel})})})]}):e.jsxs(n.EmptyState,{className:"empty-state",image:e.jsx(n.Icon,{name:"user-group",className:"empty-state-icon"}),title:"No IDP group mappings",children:[e.jsx("p",{children:$}),e.jsxs(n.Button,{className:"empty-state-button",appearance:"positive",onClick:a.openCreateIdpGroup,disabled:!c(),title:c()?"":"You do not have permission to create IDP groups",hasIcon:!y,children:[!y&&e.jsx(n.Icon,{name:"plus",light:!0}),e.jsx("span",{children:"Create IDP group"})]})]});return e.jsxs(e.Fragment,{children:[e.jsxs(n.CustomLayout,{mainClassName:"permission-idp-groups-list",contentClassName:"u-no-padding--bottom",header:e.jsxs(A,{children:[e.jsxs(A.Left,{children:[e.jsx(A.Title,{children:e.jsx(he,{docPath:"/explanation/authorization",title:"Learn more about permissions",children:"IDP groups"})}),!d.length&&D?e.jsx(A.Search,{children:e.jsx(fe,{onChange:j,value:f,disabled:!!a.idpGroup})}):null,d.length>0&&!a.panel&&e.jsx(e.Fragment,{children:e.jsx(ve,{idpGroups:m})})]}),D&&e.jsx(A.BaseActions,{children:!d.length&&e.jsxs(n.Button,{appearance:"positive",className:"u-no-margin--bottom u-float-right",onClick:a.openCreateIdpGroup,disabled:!c(),title:c()?"":"You do not have permission to create IDP groups",hasIcon:!y,children:[!y&&e.jsx(n.Icon,{name:"plus",light:!0}),e.jsx("span",{children:"Create IDP group"})]})})]}),children:[!a.panel&&e.jsx(q,{}),e.jsx(n.Row,{children:k})]}),a.panel===K.createIdpGroup&&e.jsx(Ge,{}),a.panel===K.editIdpGroup&&m.length>0&&e.jsx(Ce,{idpGroup:m[0],onClose:()=>{r([])}})]})};export{_e as default};