Right. By one off, I mean, I don't expect the entire community to adopt this approach.
The one thing to pay attention to with this approach is that every time you change a roles permissions, you have to adapt and redeploy the CSS to reflect the permission change. I don't remember if you have to rebuild to pick up a new CSS file (I sure hope not). You could put the css in an object store (like s3) and reference it in ACS, then update the CORS settings to 'allow origin X' and serve it from a central location. This way if you have multiple installs of ACS that will have the same permissions you can update the visibility on all in a single place. How you want to manage it will depend on how you are configuring and managing your ACS setups, but you the idea. On Aug 17, 2016 8:34 PM, "Marty Godsey" <ma...@gonsource.com> wrote: > Not elegant but will work. This is not a one off to a degree. It's for my > own servers but I will have at least 10-20 management server across the > country in different zones but this allows me to "hide" some elements that > won't be used until a more elegant way is created/available. > > Thank you for the direction Will. > > Regards, > Marty Godsey > > -----Original Message----- > From: Will Stevens [mailto:williamstev...@gmail.com] > Sent: Wednesday, August 17, 2016 8:29 PM > To: dev@cloudstack.apache.org > Subject: RE: Hiding buttons based on role > > If I was doing a one off solution for my own use case with a limited > scope, I would do it he following. > > Apply a CSS class to the <body> tag which corresponds to the role. Then I > would use CSS to 'display:none' on the elements you want to turn off by > referencing the body role class (and keep the permissions applied so if > they unhide it won't work). > > It is not an elegant solution, but it will work. > > On Aug 17, 2016 8:19 PM, "Marty Godsey" <ma...@gonsource.com> wrote: > > > > > > Ok. Thank you. > > > > I think for the time being I will enable all the project APIs again > > but > deny access to create a project.. this way at least he API errors on page > load go away. > > > > This is something I think would be nice to have in the permissions > > area > now since we have granular rules. A way to "turn off" certain areas of the > GUI and/or ACS functionality. > > > > Regards, > > Marty Godsey > > > > -----Original Message----- > > From: Will Stevens [mailto:williamstev...@gmail.com] > > Sent: Wednesday, August 17, 2016 8:10 PM > > To: dev@cloudstack.apache.org > > Subject: RE: Hiding buttons based on role > > > > Yes. Most of the UI is built using huge json structures. These will > > need > to be adapted to account for a user's role. I don't think there has been > work done on that yet, but I could be wrong. > > > > @rohit, do you know if anyone has looked into this at all yet? > > > > On Aug 17, 2016 7:41 PM, "Marty Godsey" <ma...@gonsource.com> wrote: > > > > > With that being said, we are now getting into the area of UI > > > modification to hide the button huh? > > > > > > Regards, > > > Marty Godsey > > > > > > -----Original Message----- > > > From: Will Stevens [mailto:williamstev...@gmail.com] > > > Sent: Wednesday, August 17, 2016 7:23 PM > > > To: dev@cloudstack.apache.org > > > Subject: Re: Hiding buttons based on role > > > > > > My understanding is that the permissions can be set, but they > > > currently do not modify the UI in any way. I believe what you are > > > experiencing is the expected behavior. > > > > > > Cheers, > > > > > > Will > > > > > > On Aug 17, 2016 6:47 PM, "Marty Godsey" <ma...@gonsource.com> wrote: > > > > > > > Is it possible to hide a button based upon a role? As an example I > > > > want to hide and deny access to the projects tab. I can modify the > > > > role access to the API but the button is still present. In fact I > > > > get an API error that states I don't have access. > > > > > > > > Regards, > > > > Marty Godsey > > > > > > > > > > > >