Skip to content

Commit f4283c2

Browse files
PiccirelloPiccirello
authored
Merge pull request #3 from PostHog/tom/wording
Tom/wording
2 parents 6ce12b7 + cbca443 commit f4283c2

2 files changed

Lines changed: 42 additions & 30 deletions

File tree

src/main.py

Lines changed: 11 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -496,28 +496,25 @@ def handle_account_selection(ack: Ack, body: dict, client: WebClient) -> SlackRe
496496

497497
if not valid_ps_names:
498498
view_id = body["view"]["id"]
499-
view = slack_helpers.RequestForAccessView.build()
500-
blocks = slack_helpers.remove_blocks(
501-
body["view"]["blocks"],
502-
block_ids=[
503-
slack_helpers.RequestForAccessView.PERMISSION_SET_PLACEHOLDER_BLOCK_ID,
504-
slack_helpers.RequestForAccessView.PERMISSION_SET_BLOCK_ID,
505-
],
499+
updated_view = slack_helpers.RequestForAccessView.build_no_permission_sets_view(
500+
view_blocks=body["view"]["blocks"]
506501
)
507-
blocks = slack_helpers.insert_blocks(
508-
blocks=blocks,
509-
blocks_to_insert=[slack_helpers.RequestForAccessView.build_no_permission_sets_block()],
510-
after_block_id=slack_helpers.RequestForAccessView.ACCOUNT_BLOCK_ID,
511-
)
512-
view.blocks = blocks
513-
return client.views_update(view_id=view_id, view=view)
502+
return client.views_update(view_id=view_id, view=updated_view)
514503

515504
if "*" in valid_ps_names:
516505
permission_sets = sso.get_permission_sets_from_config_with_cache(sso_client=sso_client, s3_client=s3_client, cfg=cfg)
517506
else:
518507
all_ps = sso.get_permission_sets_from_config_with_cache(sso_client=sso_client, s3_client=s3_client, cfg=cfg)
519508
permission_sets = [ps for ps in all_ps if ps.name in valid_ps_names]
520509

510+
# Handle case where filtered list is empty (configured names don't exist in SSO)
511+
if not permission_sets:
512+
view_id = body["view"]["id"]
513+
updated_view = slack_helpers.RequestForAccessView.build_no_permission_sets_view(
514+
view_blocks=body["view"]["blocks"]
515+
)
516+
return client.views_update(view_id=view_id, view=updated_view)
517+
521518
view_id = body["view"]["id"]
522519
updated_view = slack_helpers.RequestForAccessView.update_with_permission_sets(
523520
view_blocks=body["view"]["blocks"],

src/slack_helpers.py

Lines changed: 31 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -69,11 +69,11 @@ def build(cls) -> View:
6969
callback_id=cls.CALLBACK_ID,
7070
submit=PlainTextObject(text="Request"),
7171
close=PlainTextObject(text="Cancel"),
72-
title=PlainTextObject(text="Request AWS access"),
72+
title=PlainTextObject(text="Request AWS Access"),
7373
blocks=[
7474
SectionBlock(
7575
block_id=cls.DURATION_BLOCK_ID,
76-
text=MarkdownTextObject(text="Access duration"),
76+
text=MarkdownTextObject(text="How long do you need access?"),
7777
accessory=StaticSelectElement(
7878
action_id=cls.DURATION_ACTION_ID,
7979
initial_option=get_max_duration_block(cfg)[0],
@@ -83,7 +83,7 @@ def build(cls) -> View:
8383
),
8484
InputBlock(
8585
block_id=cls.REASON_BLOCK_ID,
86-
label=PlainTextObject(text="Reason"),
86+
label=PlainTextObject(text="Reason for access"),
8787
element=PlainTextInputElement(
8888
action_id=cls.REASON_ACTION_ID,
8989
placeholder=PlainTextObject(text="What will this access be used for?"),
@@ -93,7 +93,7 @@ def build(cls) -> View:
9393
DividerBlock(),
9494
SectionBlock(
9595
text=MarkdownTextObject(
96-
text="Remember to use your access responsibly. All AWS actions are logged.",
96+
text="All AWS API calls are logged for security compliance.",
9797
),
9898
),
9999
SectionBlock(
@@ -115,7 +115,7 @@ def build_select_account_input_block(cls, accounts: list[entities.aws.Account])
115115
sorted_accounts = sorted(accounts, key=lambda account: account.name)
116116
return InputBlock(
117117
block_id=cls.ACCOUNT_BLOCK_ID,
118-
label=PlainTextObject(text="Account"),
118+
label=PlainTextObject(text="AWS Account"),
119119
element=StaticSelectElement(
120120
action_id=cls.ACCOUNT_ACTION_ID,
121121
placeholder=PlainTextObject(text="Select account"),
@@ -151,7 +151,7 @@ def update_with_accounts(cls, accounts: list[entities.aws.Account]) -> View:
151151
cls.build_select_account_input_block(accounts),
152152
SectionBlock(
153153
block_id=cls.PERMISSION_SET_PLACEHOLDER_BLOCK_ID,
154-
text=MarkdownTextObject(text=":point_up: Select an account to see available permission sets"),
154+
text=MarkdownTextObject(text="Select an account above to see available permission sets"),
155155
),
156156
],
157157
after_block_id=cls.REASON_BLOCK_ID,
@@ -176,9 +176,26 @@ def update_with_permission_sets(cls, view_blocks: list, permission_sets: list[en
176176
def build_no_permission_sets_block(cls) -> SectionBlock:
177177
return SectionBlock(
178178
block_id=cls.PERMISSION_SET_PLACEHOLDER_BLOCK_ID,
179-
text=MarkdownTextObject(text=":warning: No permission sets available for this account"),
179+
text=MarkdownTextObject(text=":x: No permission sets configured for this account. Contact your admin."),
180180
)
181181

182+
@classmethod
183+
def build_no_permission_sets_view(cls, view_blocks: list) -> View:
184+
"""Build view with warning and disabled submit button."""
185+
view = cls.build()
186+
view.submit_disabled = True
187+
blocks = remove_blocks(
188+
view_blocks,
189+
block_ids=[cls.PERMISSION_SET_PLACEHOLDER_BLOCK_ID, cls.PERMISSION_SET_BLOCK_ID],
190+
)
191+
blocks = insert_blocks(
192+
blocks=blocks,
193+
blocks_to_insert=[cls.build_no_permission_sets_block()],
194+
after_block_id=cls.ACCOUNT_BLOCK_ID,
195+
)
196+
view.blocks = blocks
197+
return view
198+
182199
@classmethod
183200
def parse(cls, obj: dict) -> RequestForAccess:
184201
values = jp.search("view.state.values", obj)
@@ -542,13 +559,11 @@ def build(cls) -> View: # noqa: ANN102
542559
callback_id=cls.CALLBACK_ID,
543560
submit=PlainTextObject(text="Request"),
544561
close=PlainTextObject(text="Cancel"),
545-
title=PlainTextObject(text="Request AWS access"),
562+
title=PlainTextObject(text="Request Group Access"),
546563
blocks=[
547-
SectionBlock(text=MarkdownTextObject(text=":wave: Hey! Please fill form below to request access to AWS SSO group.")),
548-
DividerBlock(),
549564
SectionBlock(
550565
block_id=cls.DURATION_BLOCK_ID,
551-
text=MarkdownTextObject(text="Select the duration for which the access will be provided"),
566+
text=MarkdownTextObject(text="How long do you need access?"),
552567
accessory=StaticSelectElement(
553568
action_id=cls.DURATION_ACTION_ID,
554569
initial_option=get_max_duration_block(cfg)[0],
@@ -558,23 +573,23 @@ def build(cls) -> View: # noqa: ANN102
558573
),
559574
InputBlock(
560575
block_id=cls.REASON_BLOCK_ID,
561-
label=PlainTextObject(text="Why do you need access?"),
576+
label=PlainTextObject(text="Reason for access"),
562577
element=PlainTextInputElement(
563578
action_id=cls.REASON_ACTION_ID,
564-
placeholder=PlainTextObject(text="Reason will be saved in audit logs. Please be specific."),
579+
placeholder=PlainTextObject(text="What will this access be used for?"),
565580
multiline=True,
566581
),
567582
),
568583
DividerBlock(),
569584
SectionBlock(
570585
text=MarkdownTextObject(
571-
text="Remember to use access responsibly. All actions (AWS API calls) are being recorded.",
586+
text="All AWS API calls are logged for security compliance.",
572587
),
573588
),
574589
SectionBlock(
575590
block_id=cls.LOADING_BLOCK_ID,
576591
text=MarkdownTextObject(
577-
text=":hourglass: Loading available accounts and permission sets...",
592+
text=":hourglass: Loading available groups...",
578593
),
579594
),
580595
],
@@ -603,7 +618,7 @@ def build_select_group_input_block(cls, groups: list[entities.aws.SSOGroup]) ->
603618
sorted_groups = sorted(groups, key=lambda groups: groups.name)
604619
return InputBlock(
605620
block_id=cls.GROUP_BLOCK_ID,
606-
label=PlainTextObject(text="Select group"),
621+
label=PlainTextObject(text="SSO Group"),
607622
element=StaticSelectElement(
608623
action_id=cls.GROUP_ACTION_ID,
609624
placeholder=PlainTextObject(text="Select group"),

0 commit comments

Comments
 (0)