[RFC PATCH datacenter-manager 0/3] ui: acl: pre-populate permission path selector

[Shan Shaji <s.shaji@proxmox.com>]

vikunja ticket: #858

Creating this series as an RFC because, after populating the resource paths
and testing them, AFAIU some of the permissions were not working because of
our current API level permissions.

I have tested the cases listed below. Would like to confirm if the desired and
expected behaviour that i mentioned is correct and if I have missed anything. Since i
was not sure about the correct behaviour I haven't made any updates in the API
level permissions.

Backup Server
=============
remote_name = backup
node_name = localhost
Role = Auditor
datastore_name = backup

- /resource/backup
	- This was working even without enabling the propagate flag. Not sure if
	  that is expected.
	- Desired behaviour: when propagate flag is enabled, the resources need to
	  be shown, else the remote should be visible under the remotes but the
	  resources shouldn't be visible.  
- /resource/backup/datastore/backup
	- The datastore details are not shown either in the remote dashboard or in
	  the main dashboard.
	- Desired behaviour: 
		- The remote needs to be visible under remotes of the sidebar.
		- The datastore details need to be visible under the remote overview section.
		- Datastore status needs to be visible under the main dashboard.    
- /resource/backup/node 
	- propagate enabled: not working
	- propagate disabled: not working
	- Desired behaviour:
		- The remote should be visible under the remotes in the sidebar.
		- When propagate is enabled, all the resources in the specific node needs to
		  be visible.
- /resource/backup/node/localhost
	- not working even when propagate is enabled.
	- Desired behaviour: similar behaviour to /resource/backup/node

Cluster
=======
remote_name = cluster
nodes = 3
Role = Auditor
guests = 5

- /resource/cluster
	- The remote was shown in the dashboard. However, I was getting a 403
	  error (user has no access to resource list). 
	- When the propagate flag is set, the resource list loads correctly.
- /resource/cluster/guest
	- propagate disabled: Not working (expected)
	- Not working even when the propagate flag is set to true. The remote is not
	  listed under the remotes in the sidebar. Also, the guest statuses were not
	  being shown in the dashboard as well.
	- Desired behaviour: when propagate is enabled, all virtual guests inside the
		specific remote need to be visible.
- /resource/cluster/guest/{100,101,102}
	- not working, the guest status was not shown in the main dashboard or in the
	  remote-specific dashboard.
	- The propagate option doesn't matter here as it's a specific resource.
	- Desired behaviour: The guest status needs to be shown in the dashboard.
		The remote needs to be listed under remotes.
- /resource/cluster/node
	- propagate disabled: Not working (expected)
	- propagate enabled: Not working
	- Desired behaviour: When propagate is enabled, the remote needs to be visible
		under remotes and the node resources need to be visible
		inside the remote dashboard.
- /resource/cluster/node/pve-node-1
	- propagate disabled: Not working (expected)
	- propagate enabled: Not working
	- Desired behaviour: when propagate is enabled, the remote needs to be
		visible under remotes and the node-specific resources
		need to be visible under the remote dashboard.

PVE node
========
remote_name = trial
Role = Auditor
guests = 1
node_name = pve-free-trial

- /resource/trial
	- propagate disabled: 403 error (user has no access to resource list). (expected)
	- propagate enabled: The resources are visible under the dashboard. (expected)
- /resource/trial/guest
	- propagate disabled: No remote under remotes and no status under the
	  main dashboard. (expected)
	- propagate enabled: No remote under remotes and no status under the main
	 	dashboard.
	- Desired behaviour: when propagate is enabled, the guest statuses need to be
		shown.
- /resource/trial/guest/100
	- propagate doesn't matter here as it's a specific resource.
	- not working, the guest status is not being shown inside the remote-specific
	  dashboard or in the main dashboard.
- /resource/trial/node
	- propagate disabled: no resources are loaded. (expected)
	- propagate enabled: no resources are loaded. (not expected)
	- Desired behaviour: The node resources need to be visible under the remote-
		specific dashboard and in the main dashboard when propagate is enabled. 
- /resource/trial/node/pve-free-trial
	- propagate disabled: no resources are loaded. (expected)
	- propagate enabled: no resources are loaded. (not expected)
	- Desired behaviour: The node resources need to be visible under the remote
		dashboard and in the main dashboard when propagate is enabled. 

Views
=====
views_count = 2

- /view/layout
	- User can view the specific view. 
- /view
	- propagate enabled: Both views are visible to the user. 
	- propagate disabled: Views are visible under the views in the sidebar but the
		resources are not visible when clicking on each view.

Shan Shaji (3):
  pdm-client: add `list_views` function to fetch views list
  ui: acl: list granular level permission paths for views
  ui: acl: list granular level permission paths for resources

 lib/pdm-api-types/src/acl.rs                  |   3 +-
 lib/pdm-client/src/lib.rs                     |  10 ++
 .../configuration/permission_path_selector.rs | 125 +++++++++++++++---
 3 files changed, 121 insertions(+), 17 deletions(-)

-- 
2.47.3