Merge pull request #85 from helyOSFramework/feature/rabbmq_permissions

Feature/Rabbitmq agent permissions
helyOSFramework · Jan 9, 2025 · 7c24346 · 7c24346
2 parents 71a40f9 + c3cb742
commit 7c24346
Show file tree

Hide file tree

Showing 20 changed files with 799 additions and 186 deletions.
diff --git a/helyos_dashboard/package-lock.json b/helyos_dashboard/package-lock.json
diff --git a/helyos_dashboard/package.json b/helyos_dashboard/package.json
@@ -37,7 +37,7 @@
     "bootstrap": "^5.3.2",
     "cheap-ruler": "^3.0.2",
     "core-js": "^3.38.0",
-    "helyosjs-sdk": "2.2.1",
+    "helyosjs-sdk": "2.3.0",
     "js-yaml": "^4.1.0",
     "lodash": "^4.17.21",
     "rxjs": "^7.4.1",

diff --git a/helyos_dashboard/src/app/layout/agent-assistants/agent-assistants.component.html b/helyos_dashboard/src/app/layout/agent-assistants/agent-assistants.component.html
@@ -269,7 +269,7 @@ <h5>RabbitMQ account</h5>
                     <label for="protocol">Protocol AMQP</label>
                   </fieldset>
                 </div>
-
+  
                 <div class="row">
                   <fieldset class="form-group col-xl-6">
                     <label for="allowAnonymousCheckin">Registration</label>
@@ -285,49 +285,118 @@ <h5>RabbitMQ account</h5>
                     </select>
                   </fieldset>
                 </div>
-
-                <div class="row" *ngIf="selectedItem.allowAnonymousCheckin">
-                  <div class="col-xl-12">
-                    <br />
-                    <p>
-                      The agent can perform the check-in using the
-                      <i>anonymous</i> account *, helyOS will automatically create a RabbitMQ account and send the
-                      username and password to the agent.
-                    </p>
-                    <p style="font-size: small">
-                      * (username, password) = (anonymous, anonymous). The agent must possess the
-                      AGENT_REGISTRATION_TOKEN.
-                    </p>
-                  </div>
+
+
+                <div  style="margin-left: 12px;">
+                    <div class="row" *ngIf="selectedItem.allowAnonymousCheckin">
+                      <div class="col-xl-12">
+                        <p style="font-size: small">
+                          helyOS automatically creates a RabbitMQ account; the agent can perform the check-in using the
+                          <i>anonymous</i>* account. The new username and password will be sent to the agent. Please refrain from using this method in production. 
+                        </p>
+                        <p style="font-size: small">
+                          * (username, password) = (anonymous, anonymous). The agent must possess the
+                          AGENT_REGISTRATION_TOKEN.
+                        </p>
+                      </div>
+                    </div>
+
+                    <div class="row" *ngIf="!selectedItem.allowAnonymousCheckin">
+                      <fieldset class="form-group col-xl-6">
+                        <label for="rbmqUsername">username *</label>
+                        <input
+                          id="rbmqUsername"
+                          class="form-control"
+                          [(ngModel)]="selectedItem.rbmqUsername"
+                          (ngModelChange)="rbmqAccountChange = true"
+                          name="rbmqUsername"
+                          placeholder="0000-0000-0000-0000" />
+                      </fieldset>
+
+                      <fieldset class="form-group col-xl-6">
+                        <label for="rbmqPassword"> password </label>
+                        <input
+                          id="rbmqPassword"
+                          class="form-control"
+                          [(ngModel)]="rbmqPassword"
+                          (ngModelChange)="rbmqAccountChange = true"
+                          name="rbmqPassword"
+                          placeholder="*********" />
+                      </fieldset>
+                      <p style="font-size: small" class="col-xl-12">
+                        * helyOS will accept messages from this agent only if the username matches the uuid.
+                      </p>
+                    </div>
                 </div>
-
-                <div class="row" *ngIf="!selectedItem.allowAnonymousCheckin">
-                  <fieldset class="form-group col-xl-6">
-                    <label for="rbmqUsername">username *</label>
-                    <input
-                      for="rbmqUsername"
-                      class="form-control"
-                      [(ngModel)]="selectedItem.rbmqUsername"
-                      (ngModelChange)="rbmqAccountChange = true"
-                      name="rbmqUsername"
-                      placeholder="0000-0000-0000-0000" />
-                  </fieldset>
-
+
+
+                <div class="row">
                   <fieldset class="form-group col-xl-6">
-                    <label for="rbmqPassword"> password </label>
-                    <input
-                      id="rbmqPassword"
-                      class="form-control"
-                      [(ngModel)]="rbmqPassword"
-                      (ngModelChange)="rbmqAccountChange = true"
-                      name="rbmqPassword"
-                      placeholder="*********" />
+                    <label for="permissionOption">Permissions</label>
+                    <select
+                      id="permissionOption"
+                      class="form-control form-select"
+                      [disabled]="selectedItem.protocol === 'MQTT'"
+                      [(ngModel)]="permissionOption"
+                      name="permissionOption"
+                      (ngModelChange)="changePermissions()">
+                      <option [ngValue]="'loose'">Free to send and receive messages</option>
+                      <option [ngValue]="'strict'">Only exchange messages with helyOS core</option>
+                      <option [ngValue]="'other'">Custom message permissions</option>
+                    </select>
                   </fieldset>
-                  <p style="font-size: small" class="col-xl-12">
-                    * helyOS will accept messages from this agent only if the username matches the uuid.
-                  </p>
                 </div>
+
+                <div  style="margin-left: 12px;">
+                    <p  *ngIf="selectedItem.protocol === 'MQTT'" style="font-size: small;">
+                        Permission options are not available in the MQTT protocol.
+                    </p>
+
+                  <div *ngIf="selectedItem.protocol !== 'MQTT'" >
+                      <div class="row">
+                        <fieldset class="form-group col-xl-12">
+                          <label for="readPermission">read</label>
+                          <input
+                            [readonly]="permissionOption!=='other'"
+                            id="readPermissions"
+                            class="form-control"
+                            [(ngModel)]="selectedItem.readPermissions"
+                            name="readPermissions"
+                            />
+                        </fieldset>
+                      </div>
+
+                      <div class="row">
+                        <fieldset class="form-group col-xl-12">
+                          <label for="writePermission"> write </label>
+                          <input
+                            [readonly]="permissionOption!=='other'"
+                            id="writePermissions"
+                            class="form-control"
+                            [(ngModel)]="selectedItem.writePermissions"
+                            name="writePermissions"
+                            />
+                        </fieldset>
+                      </div>
+
+                      <div class="row">
+                        <fieldset class="form-group col-xl-12">
+                          <label for="configurePermission"> configure </label>
+                          <input
+                            [readonly]="permissionOption!=='other'"
+                            id="configurePermissions"
+                            class="form-control"
+                            [(ngModel)]="selectedItem.configurePermissions"
+                            name="configurePermissions"
+                            />
+                        </fieldset>
+                      </div>
+                  </div>
+                </div>
+
+
               </div>
+
 
               <h5>State Properties</h5>
               <div class="field-group">

diff --git a/helyos_dashboard/src/app/layout/agent-assistants/agent-assistants.component.ts b/helyos_dashboard/src/app/layout/agent-assistants/agent-assistants.component.ts
@@ -18,13 +18,33 @@ export class AgentAssistantsComponent implements OnInit {
   public active = 1;
   private agentClass: AgentClass = AgentClass.Assistant;
   public saveStateMsg: string = '';
+  public permissionOption: string;
+  public readPermissions: string;
+  public writePermissions: string;
+  public configurePermissions: string;
+  private readStrict: string;
+  private writeStrict: string;
+  private configureStrict: string;
 
   constructor(private helyosService: HelyosService) {
 
   }
 
   ngOnInit() {
-    this.list();
+    this.loadConfigurations()
+    .then(() => this.list());
+  }
+
+
+  loadConfigurations() {
+    return this.helyosService.methods.RBMQConfig.list()
+    .then(rv => {
+      const config =rv[0];
+      this.readStrict = `${config.agentsDlExchange}|${config.agentsAnonymousExchange}|${config.agentsMqttExchange}`;
+      this.writeStrict = `${config.agentsUlExchange}|${config.agentsAnonymousExchange}|${config.agentsMqttExchange}`;
+      this.configureStrict = `.*`;
+
+    })
   }
 
   list() {
@@ -104,6 +124,10 @@ export class AgentAssistantsComponent implements OnInit {
         this.selectedItem.wpClearance = JSON.stringify(r.wpClearance, null, 2);
         this.rbmqPassword = '';
         this.saveStateMsg = '';
+        this.readPermissions =  this.selectedItem.readPermissions; 
+        this.writePermissions = this.selectedItem.writePermissions;
+        this.configurePermissions = this.selectedItem.configurePermissions; 
+        this.setPermissionOption();
         const id = r.id;
         const leaderId = typeof id === 'string' ? Number(id) : id;
         this.helyosService.methods.toolsInterconnections.list({
@@ -272,6 +296,51 @@ export class AgentAssistantsComponent implements OnInit {
     }
   }
 
+
+
+  changePermissions() {
+    switch (this.permissionOption) {
+      case 'loose':
+        this.selectedItem.readPermissions = '.*';
+        this.selectedItem.writePermissions = '.*';
+        this.selectedItem.configurePermissions = '.*';
+        break;
+
+      case 'strict':
+        this.selectedItem.readPermissions =  this.readStrict;
+        this.selectedItem.writePermissions =  this.writeStrict;
+        this.selectedItem.configurePermissions =  this.configureStrict;
+        break;
+
+      case 'other':
+        this.selectedItem.readPermissions = this.readPermissions;
+        this.selectedItem.writePermissions = this.writePermissions;
+        this.selectedItem.configurePermissions = this.configurePermissions;
+        break;
+
+      default:
+        break;
+    }
+  }
+
+  setPermissionOption() {
+    const { configurePermissions, readPermissions, writePermissions } = this.selectedItem;
+
+    if (configurePermissions === '.*' && readPermissions === '.*' && writePermissions === '.*') {
+      this.permissionOption = 'loose';
+    } else if (
+      readPermissions === this.readStrict &&
+      writePermissions === this.writeStrict &&
+      configurePermissions === this.configureStrict
+    ) {
+      this.permissionOption = 'strict';
+    } else {
+      this.permissionOption = 'other';
+    }
+  }
+
+
+
   openDocs() {
     window.open('https://helyos-manual.readthedocs.io/en/latest/2-helyos-configuration/admin-dashboard.html#register-agents-view', '_blank');
   }