Moti Asayag has uploaded a new change for review. Change subject: engine: Management network should be viewable on UP ......................................................................
engine: Management network should be viewable on UP When creating an empty data-center, a management network is created automatically for it, without any permissions. This causes the users not to be able to user the network without granting permissions explicitly for that network. In order to improve the user-experience, the default network will be granted for 'everyone' user with 'NetworkUser' role. Change-Id: I3bf7a3c16b61bf343fe0994050042573e06b3c33 Bug-Url: https://bugzilla.redhat.com/902697 Signed-off-by: Moti Asayag <[email protected]> --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/dc/AddNetworkCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/storage/AddEmptyStoragePoolCommand.java 2 files changed, 4 insertions(+), 22 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/28/12728/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/dc/AddNetworkCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/dc/AddNetworkCommand.java index b7afaa5..17ec6b9 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/dc/AddNetworkCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/dc/AddNetworkCommand.java @@ -3,14 +3,12 @@ import java.util.Collections; import java.util.List; -import org.ovirt.engine.core.bll.MultiLevelAdministrationHandler; -import org.ovirt.engine.core.bll.PredefinedRoles; +import org.ovirt.engine.core.bll.network.cluster.NetworkHelper; import org.ovirt.engine.core.bll.utils.PermissionSubject; import org.ovirt.engine.core.bll.validator.NetworkValidator; import org.ovirt.engine.core.common.AuditLogType; import org.ovirt.engine.core.common.VdcObjectType; import org.ovirt.engine.core.common.action.AddNetworkStoragePoolParameters; -import org.ovirt.engine.core.common.businessentities.permissions; import org.ovirt.engine.core.common.validation.group.CreateEntity; import org.ovirt.engine.core.compat.Guid; import org.ovirt.engine.core.dal.VdcBllMessages; @@ -25,7 +23,7 @@ protected void executeCommand() { getNetwork().setId(Guid.NewGuid()); getNetworkDAO().save(getNetwork()); - addPermissions(); + NetworkHelper.addPermissions(getCurrentUser().getUserId(), getNetwork().getId(), getParameters().isPublicUse()); getReturnValue().setActionReturnValue(getNetwork().getId()); setSucceeded(true); } @@ -64,23 +62,5 @@ return Collections.singletonList(new PermissionSubject(getStoragePoolId() == null ? null : getStoragePoolId().getValue(), VdcObjectType.StoragePool, getActionType().getActionGroup())); - } - - private void addPermissions() { - addPermissionOnNetwork(getCurrentUser().getUserId(), PredefinedRoles.NETWORK_ADMIN); - - // if the Network is for public use, set EVERYONE as a NETWORK_USER. - if (getParameters().isPublicUse()) { - addPermissionOnNetwork(MultiLevelAdministrationHandler.EVERYONE_OBJECT_ID, PredefinedRoles.NETWORK_USER); - } - } - - private void addPermissionOnNetwork(Guid userId, PredefinedRoles role) { - permissions perms = new permissions(); - perms.setad_element_id(userId); - perms.setObjectType(VdcObjectType.Network); - perms.setObjectId(getNetwork().getId()); - perms.setrole_id(role.getId()); - MultiLevelAdministrationHandler.addPermission(perms); } } diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/storage/AddEmptyStoragePoolCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/storage/AddEmptyStoragePoolCommand.java index 4b9fcd7..0c0a54f 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/storage/AddEmptyStoragePoolCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/storage/AddEmptyStoragePoolCommand.java @@ -5,6 +5,7 @@ import org.ovirt.engine.core.bll.AddVdsGroupCommand; import org.ovirt.engine.core.bll.MultiLevelAdministrationHandler; +import org.ovirt.engine.core.bll.network.cluster.NetworkHelper; import org.ovirt.engine.core.bll.utils.PermissionSubject; import org.ovirt.engine.core.bll.utils.VersionSupport; import org.ovirt.engine.core.common.AuditLogType; @@ -60,6 +61,7 @@ net.setDataCenterId(getStoragePool().getId()); net.setVmNetwork(true); getNetworkDAO().save(net); + NetworkHelper.addPermissions(getCurrentUser().getUserId(), net.getId(), true); } @Override -- To view, visit http://gerrit.ovirt.org/12728 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I3bf7a3c16b61bf343fe0994050042573e06b3c33 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Moti Asayag <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
