@checkstack/dependency-frontend 0.5.5 → 0.5.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +31 -0
- package/package.json +2 -2
- package/src/components/DependencySignalsFiller.tsx +3 -2
- package/src/index.tsx +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,36 @@
|
|
|
1
1
|
# @checkstack/dependency-frontend
|
|
2
2
|
|
|
3
|
+
## 0.5.6
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- f9cfdae: fix(dependency): gate the dependency map behind its own non-public access rule
|
|
8
|
+
|
|
9
|
+
Anonymous users could see the "Dependency Map" nav entry and open the page
|
|
10
|
+
(which then rendered empty) because the map was gated by `dependency.read`,
|
|
11
|
+
which is public so that dependency _warning_ badges stay visible on the
|
|
12
|
+
catalog and dashboard.
|
|
13
|
+
|
|
14
|
+
The full topology map is now gated by a dedicated `dependency.map` access
|
|
15
|
+
rule that is granted to authenticated users by default but is NOT public, so
|
|
16
|
+
anonymous visitors no longer see the nav entry or reach the page. The
|
|
17
|
+
`getAllDependencies`, `getNodePositions`, and `saveNodePositions` endpoints
|
|
18
|
+
move to this rule too, and the dashboard dependency signal now renders as
|
|
19
|
+
plain text (not a map link) for users without map access. Per-system
|
|
20
|
+
dependency warnings stay on the public `dependency.read` rule, so warning
|
|
21
|
+
badges/alerts/signals remain visible to everyone as before.
|
|
22
|
+
|
|
23
|
+
Admins can still grant `dependency.map` to the anonymous role to make the
|
|
24
|
+
map public again.
|
|
25
|
+
|
|
26
|
+
Note: the default-rule sync is add-only, so on existing deployments the
|
|
27
|
+
anonymous role keeps any rules already granted. Since `dependency.map` is a
|
|
28
|
+
brand-new rule the anonymous role never had it, so the map is hidden from
|
|
29
|
+
anonymous users immediately after upgrade with no admin action required.
|
|
30
|
+
|
|
31
|
+
- Updated dependencies [f9cfdae]
|
|
32
|
+
- @checkstack/dependency-common@1.2.5
|
|
33
|
+
|
|
3
34
|
## 0.5.5
|
|
4
35
|
|
|
5
36
|
### Patch Changes
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@checkstack/dependency-frontend",
|
|
3
|
-
"version": "0.5.
|
|
3
|
+
"version": "0.5.6",
|
|
4
4
|
"license": "Elastic-2.0",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "src/index.tsx",
|
|
@@ -16,7 +16,7 @@
|
|
|
16
16
|
"@checkstack/catalog-common": "2.3.4",
|
|
17
17
|
"@checkstack/common": "0.15.0",
|
|
18
18
|
"@checkstack/dashboard-frontend": "0.8.5",
|
|
19
|
-
"@checkstack/dependency-common": "1.2.
|
|
19
|
+
"@checkstack/dependency-common": "1.2.5",
|
|
20
20
|
"@checkstack/frontend-api": "0.9.0",
|
|
21
21
|
"@checkstack/gitops-common": "0.6.3",
|
|
22
22
|
"@checkstack/gitops-frontend": "0.5.5",
|
|
@@ -64,8 +64,9 @@ export const DependencySignalsFiller: React.FC<Props> = ({
|
|
|
64
64
|
? `${upstreamCount} upstream ${upstreamCount === 1 ? "system" : "systems"} affected`
|
|
65
65
|
: undefined,
|
|
66
66
|
href: resolveRoute(dependencyRoutes.routes.map),
|
|
67
|
-
// The dependency map is gated
|
|
68
|
-
|
|
67
|
+
// The dependency map is gated by its own rule; users who can see the
|
|
68
|
+
// warning (dependency.read) but not the map get plain text, not a link.
|
|
69
|
+
accessRule: dependencyAccess.map,
|
|
69
70
|
iconName: "GitBranch",
|
|
70
71
|
};
|
|
71
72
|
result[systemId] = [signal];
|
package/src/index.tsx
CHANGED