Oved Ourfali has uploaded a new change for review. Change subject: core: Private templates can be used by any user to create VMs (#849674) ......................................................................
core: Private templates can be used by any user to create VMs (#849674) https://bugzilla.redhat.com/849674 The User Portal shows in the new VM Dialog all the templates that the user has CREATE_VM action group on, regardless of whether the user can indeed see them or not. This patch changes it, showing only templates that: 1. The user can see, using the user_vm_templates_permission_view 2. The user can CREATE_VM on (the test we do today) Change-Id: I19ab3cde6febd1b6def3f7fedc82c83f56795ebe Signed-off-by: Oved Ourfali <[email protected]> --- M backend/manager/dbscripts/vm_templates_sp.sql 1 file changed, 5 insertions(+), 3 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/72/7372/1 diff --git a/backend/manager/dbscripts/vm_templates_sp.sql b/backend/manager/dbscripts/vm_templates_sp.sql index d35a0ae..b6455d9 100644 --- a/backend/manager/dbscripts/vm_templates_sp.sql +++ b/backend/manager/dbscripts/vm_templates_sp.sql @@ -312,9 +312,11 @@ Create or replace FUNCTION fn_perms_get_templates_with_permitted_action(v_user_id UUID, v_action_group_id integer) RETURNS SETOF vm_templates_view AS $procedure$ BEGIN - RETURN QUERY SELECT * - FROM vm_templates_view - WHERE (SELECT get_entity_permissions(v_user_id, v_action_group_id, vm_templates_view.vmt_guid, 4)) IS NOT NULL; + RETURN QUERY SELECT vm_templates_view.* + FROM vm_templates_view, user_vm_template_permissions_view + WHERE vm_templates_view.vmt_guid = user_vm_template_permissions_view.entity_id AND + user_vm_template_permissions_view.user_id = v_user_id AND + (SELECT get_entity_permissions(v_user_id, v_action_group_id, vm_templates_view.vmt_guid, 4) IS NOT NULL); END; $procedure$ LANGUAGE plpgsql; -- To view, visit http://gerrit.ovirt.org/7372 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I19ab3cde6febd1b6def3f7fedc82c83f56795ebe Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Oved Ourfali <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
