Merge pull request #40397 from rhcs-dashboard/update-texts

mgr/dashboard: Improve descriptions in some parts of the dashboard

Reviewed-by: Aashish Sharma <aasharma@redhat.com>
Reviewed-by: Alfonso Martínez <almartin@redhat.com>
Reviewed-by: Avan Thakkar <athakkar@redhat.com>
Reviewed-by: Laura Paduano <lpaduano@suse.com>

src/pybind/mgr/dashboard/frontend/src/app/ceph/block/rbd-trash-move-modal/rbd-trash-move-modal.component.html

@@ -17,7 +17,7 @@
         </div>
 
         <p i18n>To move <kbd>{{ imageSpecStr }}</kbd> to trash,
-          click <kbd>Move Image</kbd>. Optionally, you can pick an expiration date.</p>
+          click <kbd>Move</kbd>. Optionally, you can pick an expiration date.</p>
 
         <div class="form-group">
           <label class="col-form-label"

src/pybind/mgr/dashboard/frontend/src/app/ceph/block/rbd-trash-purge-modal/rbd-trash-purge-modal.component.html

@@ -9,12 +9,10 @@
           [formGroup]="purgeForm"
           novalidate>
       <div class="modal-body">
-        <p>
-          <ng-container i18n>To purge, select one or</ng-container>&nbsp;
-          <kbd i18n>All</kbd>&nbsp;
-          <ng-container i18n>pools and click</ng-container>&nbsp;
-          <kbd i18n>Purge Trash</kbd>.&nbsp;
-        </p>
+        <p i18n>To purge, select&nbsp;
+          <kbd>All</kbd>&nbsp;
+          or one pool and click&nbsp;
+          <kbd>Purge</kbd>.&nbsp;</p>
 
         <div class="form-group">
           <label class="col-form-label mx-auto"

src/pybind/mgr/dashboard/frontend/src/app/ceph/block/rbd-trash-restore-modal/rbd-trash-restore-modal.component.html

@@ -9,12 +9,10 @@
           [formGroup]="restoreForm"
           novalidate>
       <div class="modal-body">
-        <p>
-          <ng-container i18n>To restore</ng-container>&nbsp;
+        <p i18n>To restore&nbsp;
           <kbd>{{ imageSpec }}@{{ imageId }}</kbd>,&nbsp;
-          <ng-container i18n>type the image's new name and click</ng-container>&nbsp;
-          <kbd i18n>Restore Image</kbd>.
-        </p>
+          type the image's new name and click&nbsp;
+          <kbd>Restore</kbd>.</p>
 
         <div class="form-group">
           <label class="col-form-label"

src/pybind/mgr/dashboard/frontend/src/app/shared/components/select/select.component.scss

@@ -19,4 +19,8 @@
 
 .select-menu-item-content {
   padding: 0.5em;
+
+  .form-text {
+    display: flex;
+  }
 }

src/pybind/mgr/dashboard/services/access_control.py

@@ -208,67 +208,76 @@ class Role(object):
 # this roles cannot be deleted nor updated
 
 # admin role provides all permissions for all scopes
-ADMIN_ROLE = Role('administrator', 'Administrator', {
-    scope_name: Permission.all_permissions()
-    for scope_name in Scope.all_scopes()
-})
+ADMIN_ROLE = Role(
+    'administrator', 'allows full permissions for all security scopes', {
+        scope_name: Permission.all_permissions()
+        for scope_name in Scope.all_scopes()
+    })
 
 
 # read-only role provides read-only permission for all scopes
-READ_ONLY_ROLE = Role('read-only', 'Read-Only', {
-    scope_name: [_P.READ] for scope_name in Scope.all_scopes()
-    if scope_name != Scope.DASHBOARD_SETTINGS
-})
+READ_ONLY_ROLE = Role(
+    'read-only', 'allows read permission for all security scopes except dashboard settings', {
+        scope_name: [_P.READ] for scope_name in Scope.all_scopes()
+        if scope_name != Scope.DASHBOARD_SETTINGS
+    })
 
 
 # block manager role provides all permission for block related scopes
-BLOCK_MGR_ROLE = Role('block-manager', 'Block Manager', {
-    Scope.RBD_IMAGE: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.POOL: [_P.READ],
-    Scope.ISCSI: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.RBD_MIRRORING: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.GRAFANA: [_P.READ],
-})
+BLOCK_MGR_ROLE = Role(
+    'block-manager', 'allows full permissions for rbd-image, rbd-mirroring, and iscsi scopes', {
+        Scope.RBD_IMAGE: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.POOL: [_P.READ],
+        Scope.ISCSI: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.RBD_MIRRORING: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.GRAFANA: [_P.READ],
+    })
 
 
 # RadosGW manager role provides all permissions for block related scopes
-RGW_MGR_ROLE = Role('rgw-manager', 'RGW Manager', {
-    Scope.RGW: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.GRAFANA: [_P.READ],
-})
+RGW_MGR_ROLE = Role(
+    'rgw-manager', 'allows full permissions for the rgw scope', {
+        Scope.RGW: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.GRAFANA: [_P.READ],
+    })
 
 
 # Cluster manager role provides all permission for OSDs, Monitors, and
 # Config options
-CLUSTER_MGR_ROLE = Role('cluster-manager', 'Cluster Manager', {
-    Scope.HOSTS: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.OSD: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.MONITOR: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.MANAGER: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.CONFIG_OPT: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.LOG: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.GRAFANA: [_P.READ],
-})
+CLUSTER_MGR_ROLE = Role(
+    'cluster-manager', """allows full permissions for the hosts, osd, mon, mgr,
+    and config-opt scopes.""", {
+        Scope.HOSTS: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.OSD: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.MONITOR: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.MANAGER: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.CONFIG_OPT: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.LOG: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.GRAFANA: [_P.READ],
+    })
 
 
 # Pool manager role provides all permissions for pool related scopes
-POOL_MGR_ROLE = Role('pool-manager', 'Pool Manager', {
-    Scope.POOL: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.GRAFANA: [_P.READ],
-})
+POOL_MGR_ROLE = Role(
+    'pool-manager', 'allows full permissions for the pool scope', {
+        Scope.POOL: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.GRAFANA: [_P.READ],
+    })
 
 # CephFS manager role provides all permissions for CephFS related scopes
-CEPHFS_MGR_ROLE = Role('cephfs-manager', 'CephFS Manager', {
-    Scope.CEPHFS: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.GRAFANA: [_P.READ],
-})
+CEPHFS_MGR_ROLE = Role(
+    'cephfs-manager', 'allows full permissions for the cephfs scope', {
+        Scope.CEPHFS: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.GRAFANA: [_P.READ],
+    })
 
-GANESHA_MGR_ROLE = Role('ganesha-manager', 'NFS Ganesha Manager', {
-    Scope.NFS_GANESHA: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.CEPHFS: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.RGW: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
-    Scope.GRAFANA: [_P.READ],
-})
+GANESHA_MGR_ROLE = Role(
+    'ganesha-manager', 'allows full permissions for the nfs-ganesha scope', {
+        Scope.NFS_GANESHA: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.CEPHFS: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.RGW: [_P.READ, _P.CREATE, _P.UPDATE, _P.DELETE],
+        Scope.GRAFANA: [_P.READ],
+    })
 
 
 SYSTEM_ROLES = {

src/pybind/mgr/dashboard/tests/test_access_control.py

@@ -154,7 +154,8 @@ class AccessControlTest(unittest.TestCase, CLICommandTestMixin):
     def test_show_system_role(self):
         role = self.exec_cmd('ac-role-show', rolename="read-only")
         self.assertEqual(role['name'], 'read-only')
-        self.assertEqual(role['description'], 'Read-Only')
+        self.assertEqual(role['description'],
+                         'allows read permission for all security scopes except dashboard settings')
 
     def test_delete_system_role(self):
         with self.assertRaises(CmdException) as ctx: