@bigbinary/neeto-access-control-frontend v0.0.8

neeto-access-control-nano

The neeto-access-control-nano manages access control across neeto products. The nano exports the @bigbinary/neeto-access-control-frontend NPM package and neeto-access-control-engine Rails engine for development.

Contents

1. Development with Host Application
   • Engine
     • Installation
   • Frontend package
     • Installation
     • Components
2. Instructions for Publishing
3. Releasing beta versions

Development with Host Application

Engine

The engine is used to manage access control across neeto products.

Installation

1. Add the gem in Gemfile

     source "NEETO_GEM_SERVER_URL" do
       # ..existing gems
   
       gem "neeto-access-control-engine"
     end

2. Install the gem

     bundle install

3. Add required migrations in the db/migrate folder. Run the following commands to copy the migrations from the engine to the host application. Ex: neetoForm

     bundle exec rails neeto_access_control_engine:install:migrations
     bundle exec rails db:migrate

4. Add this line to your application's config/routes.rb file:

     mount NeetoAccessControlEngine::Engine => "/secure"

5. Add has_one association to the model you want to add the access control configuration. For Example - The organization only needs single access control.

     class Organization < ApplicationRecord
       has_one :access_control_configuration, as: :owner, class_name: "NeetoAccessControlEngine::Configuration", dependent: :destroy
     end

6. Your controller must include the concern and access_control_configuration method.

     class PublicController < ApplicationController
       .
       .
       include NeetoAccessControlEngine::Authenticate
       .
       private
   
         def access_control_configuration
           @_access_control_configuration ||= @organization.access_control_configuration
         end
     end

7. Add overrides for the following files:

• 7.1. google_controller_override.rb

    NeetoAccessControlEngine::GoogleController.class_eval do
      private
  
        def access_control_configuration
          @_access_control_configuration ||= @organization.access_control_configuration
        end
    end

• 7.2. guest_sessions_controller_override.rb

    NeetoAccessControlEngine::GuestSessionsController.class_eval do
      private
  
        def access_control_configuration
          @_access_control_configuration ||= @organization.access_control_configuration
        end
    end

• 7.3. configurations_controller_override.rb

    NeetoAccessControlEngine::Api::V1::ConfigurationsController.class_eval do
  
      private
  
        def owner
          @organization
        end
    end

8. Add Google OAuth support

• 8.1. Create Google OAuth account Watch the demo video for step-by-step instructions on creating a Google OAuth account. Add the authorised redirect URI: https://connect.neetokb.net/secure/google_oauth2/callback

• 8.2. Set the env variables Add the following secret values to config/secrets.yml.

  google:
    client_id: <%= ENV['GOOGLE_OAUTH_CLIENT_ID'] %>
    client_secret: <%= ENV['GOOGLE_OAUTH_CLIENT_SECRET'] %>

Frontend package

Installation

1. Install the latest neeto-access-control-frontend package using the below command:

     yarn add @bigbinary/neeto-access-control-frontend

Components

1. Configuration (source code)

Props

• ownerId: To specify the ID of the instance of the model. The ID is used to fetch and update access control configuration.
• ownerType: Type of the model.
• onReset: Callback function that is triggered when the reset button is clicked.
• onSuccess: Callback function that is triggered when the configuration is successfully updated.
• handleCancel: Callback function that is triggered when the cancel button is clicked.
• headerProps: Props passed to the Header component from neetoMolecules.
• className: Additional classes to be added to the form.

Usage

This is an example usage in neetoKB

import React from "react";

import { Configuration } from "@bigbinary/neeto-access-control-frontend";

import { HELP_SECURITY_DOC_URL } from "src/constants/urls";

import { buildDefaultBreadcrumbs } from "./utils";

const AccessControl = () => {
  return (
    <Configuration
      className="mx-auto max-w-3xl md:px-0 lg:px-6"
      handleCancel={() => {}}
      headerProps={{
        title: "Access control",
        description: "Access control description",
        helpLink: HELP_SECURITY_DOC_URL,
        breadcrumbs: buildDefaultBreadcrumbs({
          title: "Access control",
        }),
      }}
    />
  );
};

export default AccessControl;

Customize option labels in the host application with translations

To customize option labels for authentication, you can set the translations from the host application. To set the translations from the host application:

• Open the en.json file.
• Add translations for the auth option labels under the neetoAccessControl.auth namespace. For Example:

  {
    "neetoAccessControl": {
      "auth": {
        "no": "No auth label",
        "basic": "Basic auth label",
        "email": "Email auth label"
        "session": "Session auth label"
      }
    }
  }

Instructions for Publishing

Consult the building and releasing packages guide for details on how to publish.

Releasing beta versions

• Push the changes to a target branch for releasing the beta version.
• Update the package version to {latest-version}-beta (if 1.2.34 is the current latest version, it will be 1.2.34-beta) in the target branch for beta release.
• Draft a new release from the repo with the target branch.
• Add a new tag and title in the format: version prefixed with v, eg: v1.2.34-beta.
• Generate release notes.
• Set the release as a pre-release and publish the release.

If we are releasing a beta version of a product, we have to inform the compliance team as well to avoid overwriting the version with the latest version on the next compliance release.