[Engine-patches] Change in ovirt-engine[master]: engine: Selecting permissionsb ased on app mode

shtripat Fri, 27 Sep 2013 03:22:01 -0700

Shubhendu Tripathi has uploaded a new change for review.

Change subject: engine: Selecting permissionsb ased on app mode
......................................................................


engine: Selecting permissionsb ased on app mode

Updated the stored procedure to select the list of permissions for a
user based on application mode as well.

Earlier list of permissions applicable for all the application modes
were getting listed for a user.

Change-Id: I6913bcc0c1c400d29c78856db60961376c2a2ca5
Bug-Url: https://bugzilla.redhat.com/1008870
Signed-off-by: Shubhendu Tripathi <[email protected]>
---
M 
backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java
M packaging/dbscripts/create_views.sql
M packaging/dbscripts/multi_level_administration_sp.sql
3 files changed, 10 insertions(+), 5 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/13/19613/1

diff --git 
a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java
 
b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java
index f4d078f..e226e64 100644
--- 
a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java
+++ 
b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java
@@ -9,6 +9,8 @@
 import org.ovirt.engine.core.common.businessentities.ActionGroup;
 import org.ovirt.engine.core.common.businessentities.RoleType;
 import org.ovirt.engine.core.common.businessentities.permissions;
+import org.ovirt.engine.core.common.config.Config;
+import org.ovirt.engine.core.common.config.ConfigValues;
 import org.ovirt.engine.core.compat.Guid;
 import org.springframework.jdbc.core.RowMapper;
 import org.springframework.jdbc.core.namedparam.MapSqlParameterSource;
@@ -69,10 +71,13 @@
 
     @Override
     public List<permissions> getAllForAdElement(Guid id, Guid userID, boolean 
isFiltered) {
+        Integer appMode = Config.<Integer> 
GetValue(ConfigValues.ApplicationMode);
+
         MapSqlParameterSource parameterSource = 
getCustomMapSqlParameterSource()
                 .addValue("ad_element_id", id).
                 addValue("user_id", userID).
-                addValue("is_filtered", isFiltered);
+                addValue("is_filtered", isFiltered).
+                addValue("app_mode", appMode.intValue());
 
         return getCallsHandler().executeReadList("GetPermissionsByAdElementId",
                 PermissionRowMapper.instance,
diff --git a/packaging/dbscripts/create_views.sql 
b/packaging/dbscripts/create_views.sql
index ddc1331..ade259d 100644
--- a/packaging/dbscripts/create_views.sql
+++ b/packaging/dbscripts/create_views.sql
@@ -802,7 +802,7 @@
 AS
 
 SELECT     permissions.id as id, permissions.role_id as role_id, 
permissions.ad_element_id as ad_element_id, permissions.object_id as object_id, 
permissions.object_type_id as object_type_id,
-              roles.name as role_name, roles.role_type as role_type, 
roles.allows_viewing_children as allows_viewing_children, 
fn_get_entity_name(permissions.object_id,permissions.object_type_id) as 
object_name,
+              roles.name as role_name, roles.role_type as role_type, 
roles.allows_viewing_children as allows_viewing_children, roles.app_mode as 
app_mode, fn_get_entity_name(permissions.object_id,permissions.object_type_id) 
as object_name,
                        fn_get_ad_element_name(permissions.ad_element_id) as 
owner_name
 FROM         permissions INNER JOIN
 roles ON permissions.role_id = roles.id;
diff --git a/packaging/dbscripts/multi_level_administration_sp.sql 
b/packaging/dbscripts/multi_level_administration_sp.sql
index aa150f3..6c69ce8 100644
--- a/packaging/dbscripts/multi_level_administration_sp.sql
+++ b/packaging/dbscripts/multi_level_administration_sp.sql
@@ -102,14 +102,14 @@
 LANGUAGE plpgsql;
 
 
-Create or replace FUNCTION GetPermissionsByAdElementId(v_ad_element_id UUID, 
v_user_id UUID, v_is_filtered BOOLEAN)
+Create or replace FUNCTION GetPermissionsByAdElementId(v_ad_element_id UUID, 
v_user_id UUID, v_is_filtered BOOLEAN, v_app_mode INTEGER)
 RETURNS SETOF permissions_view STABLE
    AS $procedure$
 BEGIN
    RETURN QUERY SELECT *
    FROM permissions_view
-   WHERE
-   (permissions_view.ad_element_id = v_ad_element_id
+   WHERE (permissions_view.app_mode & v_app_mode) > 0
+   AND (permissions_view.ad_element_id = v_ad_element_id
     OR    ad_element_id IN (SELECT * FROM 
getUserAndGroupsById(v_ad_element_id)))
    AND (NOT v_is_filtered OR EXISTS (SELECT 1 FROM 
user_permissions_permissions_view WHERE user_id = v_user_id));
 


-- 
To view, visit http://gerrit.ovirt.org/19613
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I6913bcc0c1c400d29c78856db60961376c2a2ca5
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Shubhendu Tripathi <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

[Engine-patches] Change in ovirt-engine[master]: engine: Selecting permissionsb ased on app mode

Reply via email to