Ravi Nori has uploaded a new change for review. Change subject: core : TemplateOwner can't edit template and add/edit vnic in userportal. ......................................................................
core : TemplateOwner can't edit template and add/edit vnic in userportal. When user have direct TemplateOwner role on template, he can't edit template in UserPortal and also can't add/edit vnic of template. Change-Id: I724187757513965ba6557d9d94ce7d3857a521a4 Bug-Url: https://bugzilla.redhat.com/953043 Signed-off-by: Ravi Nori <[email protected]> --- A backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetVdsGroupByIdAndAdElementIdQuery.java A backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/GetVdsGroupByIdAndAdElementIdParameters.java M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsGroupDAO.java M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsGroupDAODbFacadeImpl.java M frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/dataprovider/AsyncDataProvider.java M frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/templates/TemplateInterfaceListModel.java M packaging/dbscripts/multi_level_administration_sp.sql M packaging/dbscripts/vds_groups_sp.sql 9 files changed, 114 insertions(+), 2 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/75/29475/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetVdsGroupByIdAndAdElementIdQuery.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetVdsGroupByIdAndAdElementIdQuery.java new file mode 100644 index 0000000..e36d89f --- /dev/null +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetVdsGroupByIdAndAdElementIdQuery.java @@ -0,0 +1,17 @@ +package org.ovirt.engine.core.bll; + +import org.ovirt.engine.core.common.queries.GetVdsGroupByIdAndAdElementIdParameters; + +public class GetVdsGroupByIdAndAdElementIdQuery<P extends GetVdsGroupByIdAndAdElementIdParameters> extends QueriesCommandBase<P> { + public GetVdsGroupByIdAndAdElementIdQuery(P parameters) { + super(parameters); + } + + @Override + protected void executeQueryCommand() { + getQueryReturnValue().setReturnValue( + getDbFacade() + .getVdsGroupDao() + .getByIdAndAdElementId(getParameters().getId(), getParameters().getAdElementId(), getUserID(), getParameters().isFiltered())); + } +} diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/GetVdsGroupByIdAndAdElementIdParameters.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/GetVdsGroupByIdAndAdElementIdParameters.java new file mode 100644 index 0000000..d899ffd --- /dev/null +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/GetVdsGroupByIdAndAdElementIdParameters.java @@ -0,0 +1,25 @@ +package org.ovirt.engine.core.common.queries; + +import org.ovirt.engine.core.compat.Guid; + +/** + * Parameter class for the "GetById" queries + */ +public class GetVdsGroupByIdAndAdElementIdParameters extends IdQueryParameters { + + private static final long serialVersionUID = -4601447036978553847L; + private Guid adElementId; + + public GetVdsGroupByIdAndAdElementIdParameters() { + } + + public GetVdsGroupByIdAndAdElementIdParameters(Guid id, Guid adElementId) { + super(id); + this.adElementId = adElementId; + } + + public Guid getAdElementId() { + return adElementId; + } + +} diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java index bfe81da..ca8df49 100644 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java @@ -108,6 +108,7 @@ GetAllVdsGroups(VdcQueryAuthType.User), GetVdsGroupByVdsGroupId(VdcQueryAuthType.User), // needed when updating VM GetVdsGroupById(VdcQueryAuthType.User), + GetVdsGroupByIdAndAdElementId(VdcQueryAuthType.User), GetVdsGroupByName(VdcQueryAuthType.User), GetVdsGroupsByStoragePoolId(VdcQueryAuthType.User), GetNumberOfActiveVmsInVdsGroupByVdsGroupId, diff --git a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsGroupDAO.java b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsGroupDAO.java index 7403961..17e857a 100644 --- a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsGroupDAO.java +++ b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsGroupDAO.java @@ -61,6 +61,21 @@ VDSGroup getByName(String name); /** + * Retrieves the group with the specified id if the user has direct or indirect permissions + * on the group. + * @param id + * the group id + * @param adElementId + * the element on which the user has permission + * @param userID + * the ID of the user requesting the information + * @param isFiltered + * Whether the results should be filtered according to the user's permissions + * @return + */ + VDSGroup getByIdAndAdElementId(Guid id, Guid adElementId, Guid userID, boolean isFiltered); + + /** * Retrieves the groups with the specified name. * * @param name diff --git a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsGroupDAODbFacadeImpl.java b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsGroupDAODbFacadeImpl.java index fa4e9ff..bde461c 100644 --- a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsGroupDAODbFacadeImpl.java +++ b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/VdsGroupDAODbFacadeImpl.java @@ -49,6 +49,14 @@ } @Override + public VDSGroup getByIdAndAdElementId(Guid id, Guid adElementId, Guid userID, boolean isFiltered) { + MapSqlParameterSource parameterSource = getCustomMapSqlParameterSource() + .addValue("vds_group_id", id).addValue("ad_element_id", adElementId).addValue("user_id", userID).addValue("is_filtered", isFiltered); + + return getCallsHandler().executeRead("GetVdsGroupByIdAndAdElementId", VdsGroupRowMapper.instance, parameterSource); + } + + @Override public VDSGroup getWithRunningVms(Guid id) { MapSqlParameterSource parameterSource = getCustomMapSqlParameterSource() .addValue("vds_group_id", id); diff --git a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/dataprovider/AsyncDataProvider.java b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/dataprovider/AsyncDataProvider.java index 62e3898..63c8f8d 100644 --- a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/dataprovider/AsyncDataProvider.java +++ b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/dataprovider/AsyncDataProvider.java @@ -105,6 +105,7 @@ import org.ovirt.engine.core.common.queries.GetTagsByUserIdParameters; import org.ovirt.engine.core.common.queries.GetTagsByVdsIdParameters; import org.ovirt.engine.core.common.queries.GetTagsByVmIdParameters; +import org.ovirt.engine.core.common.queries.GetVdsGroupByIdAndAdElementIdParameters; import org.ovirt.engine.core.common.queries.GetVmTemplateParameters; import org.ovirt.engine.core.common.queries.GetVmUpdatesOnNextRunExistsParameters; import org.ovirt.engine.core.common.queries.IdQueryParameters; @@ -599,6 +600,17 @@ Frontend.getInstance().runQuery(VdcQueryType.GetVdsGroupById, new IdQueryParameters(id), aQuery); } + public static void getClusterByIdAndAdElementId(AsyncQuery aQuery, Guid id, Guid adElementId) { + aQuery.converterCallback = new IAsyncConverter() { + @Override + public Object Convert(Object source, AsyncQuery _asyncQuery) + { + return source; + } + }; + Frontend.getInstance().runQuery(VdcQueryType.GetVdsGroupByIdAndAdElementId, new GetVdsGroupByIdAndAdElementIdParameters(id, adElementId), aQuery); + } + public static void getClusterListByName(AsyncQuery aQuery, String name) { aQuery.converterCallback = new IAsyncConverter() { @Override diff --git a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/templates/TemplateInterfaceListModel.java b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/templates/TemplateInterfaceListModel.java index 8e617f3..96a4b00 100644 --- a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/templates/TemplateInterfaceListModel.java +++ b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/templates/TemplateInterfaceListModel.java @@ -213,7 +213,7 @@ super.setEntity(value); if (getEntity() != null) { - AsyncDataProvider.getClusterById(new AsyncQuery(this, new INewAsyncCallback() { + AsyncDataProvider.getClusterByIdAndAdElementId(new AsyncQuery(this, new INewAsyncCallback() { @Override public void onSuccess(Object listModel, Object returnValue) { @@ -221,7 +221,8 @@ updateActionAvailability(); } }), - ((VmTemplate) getEntity()).getVdsGroupId()); + ((VmTemplate) getEntity()).getVdsGroupId(), + ((VmTemplate) getEntity()).getId()); } } diff --git a/packaging/dbscripts/multi_level_administration_sp.sql b/packaging/dbscripts/multi_level_administration_sp.sql index 383380e..27b84cf 100644 --- a/packaging/dbscripts/multi_level_administration_sp.sql +++ b/packaging/dbscripts/multi_level_administration_sp.sql @@ -602,3 +602,17 @@ END; $procedure$ LANGUAGE plpgsql; + + +Create or replace FUNCTION GetAllEntitiesUserHasPermissionsOn(v_id UUID, v_user_id UUID) +RETURNS SETOF idUuidType STABLE + AS $procedure$ + declare r_type int4; +BEGIN + for r_type in (SELECT DISTINCT role_type FROM permissions_view p, user_flat_groups u WHERE p.ad_element_id = u.granted_id AND u.user_id = v_user_id) + LOOP + RETURN QUERY select id from fn_get_entity_parents(v_id, r_type) AS id; + END LOOP; + return; +END; $procedure$ +LANGUAGE plpgsql; diff --git a/packaging/dbscripts/vds_groups_sp.sql b/packaging/dbscripts/vds_groups_sp.sql index 3e5169f..412eef5 100644 --- a/packaging/dbscripts/vds_groups_sp.sql +++ b/packaging/dbscripts/vds_groups_sp.sql @@ -156,6 +156,25 @@ +Create or replace FUNCTION GetVdsGroupByIdAndAdElementId(v_vds_group_id UUID, v_ad_element_id UUID, v_user_id UUID, v_is_filtered BOOLEAN) RETURNS SETOF vds_groups_view STABLE + AS $procedure$ +BEGIN + RETURN QUERY SELECT vds_groups_view.* + FROM vds_groups_view + WHERE vds_group_id = v_vds_group_id + AND (NOT v_is_filtered + OR EXISTS (SELECT 1 + FROM user_vds_groups_permissions_view + WHERE user_id = v_user_id AND entity_id = v_vds_group_id) + OR vds_group_id in (SELECT id from GetAllEntitiesUserHasPermissionsOn(v_ad_element_id, v_user_id)) + ); + +END; $procedure$ +LANGUAGE plpgsql; + + + + Create or replace FUNCTION GetVdsGroupByVdsGroupName(v_vds_group_name VARCHAR(40), v_is_case_sensitive BOOLEAN) RETURNS SETOF vds_groups_view STABLE AS $procedure$ BEGIN -- To view, visit http://gerrit.ovirt.org/29475 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I724187757513965ba6557d9d94ce7d3857a521a4 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ravi Nori <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
