Add user role filtering with configurable hidden roles

Signed-off-by: Mihaela Balutoiu <mbalutoiu@cloudbasesolutions.com>

config.ts

@@ -189,6 +189,9 @@ const conf: Config = {
   // The list of the users to hide in the UI
   hiddenUsers: ["barbican", "coriolis"],
 
+  // The list of user roles to hide in the UI
+  hiddenUserRoles: ["audit", "creator", "observer", "service", "key-manager:service-admin"],
+
   // By default, if a field name contains `password` in it (ex.: `user_password`),
   // it will be rendered as a password input
   // If the field doesn't contain `password` in its name, the following list will be used instead

src/@types/Config.ts

@@ -38,6 +38,7 @@ export type Config = {
   providerNames: { [providerName in ProviderTypes]: string };
   providersDisabledExecuteOptions: [ProviderTypes];
   hiddenUsers: string[];
+  hiddenUserRoles: string[];
   passwordFields: string[];
   defaultListItemsPerPage?: number;
   servicesUrls: Services;

src/components/modules/ProjectModule/ProjectDetailsContent/ProjectDetailsContent.tsx

@@ -28,6 +28,7 @@ import Table from "@src/components/ui/Table";
 
 import type { Project, RoleAssignment, Role } from "@src/@types/Project";
 import type { User } from "@src/@types/User";
+import configLoader from "@src/utils/Config";
 
 const Wrapper = styled.div<any>`
   ${ThemeProps.exactWidth(ThemeProps.contentWidth)}
@@ -233,8 +234,9 @@ class ProjectDetailsContent extends React.Component<Props, State> {
         .map(a => ({ value: a.role.id, label: a.role.name }));
       return roles;
     };
+    const hiddenRoles = configLoader.config.hiddenUserRoles || [];
     const allRoles = this.props.roles
-      .filter(r => r.name !== "key-manager:service-admin")
+      .filter(r => !hiddenRoles.includes(r.name))
       .map(r => ({ value: r.id, label: r.name }));
 
     this.props.users.forEach(user => {

src/components/modules/ProjectModule/ProjectMemberModal/ProjectMemberModal.tsx

@@ -27,6 +27,7 @@ import AutocompleteDropdown from "@src/components/ui/Dropdowns/AutocompleteDropd
 
 import { ThemePalette, ThemeProps } from "@src/components/Theme";
 import KeyboardManager from "@src/utils/KeyboardManager";
+import configLoader from "@src/utils/Config";
 
 import userImage from "./images/user.svg";
 
@@ -236,6 +237,10 @@ class ProjectMemberModal extends React.Component<Props, State> {
       }
     };
     const highlighFieldName = this.state.isNew ? "rolesNew" : "rolesExisting";
+    const hiddenRoles = configLoader.config.hiddenUserRoles || [];
+    const filteredRoles = this.props.roles.filter(
+      r => !hiddenRoles.includes(r.name),
+    );
 
     return (
       <FieldInput
@@ -254,9 +259,7 @@ class ProjectMemberModal extends React.Component<Props, State> {
         width={ThemeProps.inputSizes.large.width}
         layout="modal"
         disabled={this.props.loading}
-        enum={this.props.roles
-          .filter(r => r.name !== "key-manager:service-admin")
-          .map(r => ({ name: r.name, id: r.id }))}
+        enum={filteredRoles.map(r => ({ name: r.name, id: r.id }))}
         required
         highlight={Boolean(
           this.state.highlightFieldNames.find(n => n === highlighFieldName),

src/sources/ProjectSource.ts

@@ -46,8 +46,14 @@ class ProjectsSource {
       skipLog,
     });
     const assignments: RoleAssignment[] = response.data.role_assignments;
-    assignments.sort((a1, a2) => a1.role.name.localeCompare(a2.role.name));
-    return assignments;
+    const hiddenRoles = configLoader.config.hiddenUserRoles || [];
+    const filteredAssignments = assignments.filter(
+      a => !hiddenRoles.includes(a.role.name),
+    );
+    filteredAssignments.sort((a1, a2) =>
+      a1.role.name.localeCompare(a2.role.name),
+    );
+    return filteredAssignments;
   }
 
   async getUsers(projectId: string): Promise<User[]> {

src/sources/UserSource.ts

@@ -335,8 +335,12 @@ class UserSource {
       `${configLoader.config.servicesUrls.keystone}/roles`,
     );
     const roles: Role[] = response.data.roles;
-    roles.sort((r1, r2) => r1.name.localeCompare(r2.name));
-    return roles;
+    const hiddenRoles = configLoader.config.hiddenUserRoles || [];
+    const filteredRoles = roles.filter(
+      role => !hiddenRoles.includes(role.name),
+    );
+    filteredRoles.sort((r1, r2) => r1.name.localeCompare(r2.name));
+    return filteredRoles;
   }
 
   async getProjects(userId: string): Promise<Project[]> {
@@ -344,8 +348,10 @@ class UserSource {
       `${configLoader.config.servicesUrls.keystone}/role_assignments?include_names`,
     );
     const assignments: RoleAssignment[] = response.data.role_assignments;
+    const hiddenRoles = configLoader.config.hiddenUserRoles || [];
     const projects: Project[] = assignments
       .filter(a => a.user.id === userId)
+      .filter(a => !hiddenRoles.includes(a.role.name))
       .filter(
         (a, i, arr) =>
           arr.findIndex(