Add vm security group operations

ManageIQ · Aug 25, 2017 · 273bed6 · 273bed6
1 parent e37cdb4
commit 273bed6
Show file tree

Hide file tree

Showing 11 changed files with 404 additions and 2 deletions.
diff --git a/app/assets/javascripts/controllers/vm_cloud/vm_cloud_add_security_group_form_controller.js b/app/assets/javascripts/controllers/vm_cloud/vm_cloud_add_security_group_form_controller.js
@@ -0,0 +1,40 @@
+ManageIQ.angular.app.controller('vmCloudAddSecurityGroupFormController', ['$http', 'vmCloudAddSecurityGroupFormId', 'miqService', function($http, vmCloudAddSecurityGroupFormId, miqService) {
+  var vm = this;
+
+  var init = function() {
+    vm.afterGet = false;
+    vm.vmCloudModel = {
+      security_group: null,
+    };
+    vm.security_groups = [];
+    vm.formId = vmCloudAddSecurityGroupFormId;
+    vm.model = "vmCloudModel";
+    vm.saveable = miqService.saveable;
+    miqService.sparkleOn();
+    $http.get('/vm_cloud/add_security_group_form_fields/' + vmCloudAddSecurityGroupFormId).then(function(response) {
+      var data = response.data;
+      vm.security_groups = data.security_groups;
+      vm.afterGet = true;
+      vm.modelCopy = angular.copy( vm.vmCloudModel );
+    }).catch(miqService.handleFailure);
+    miqService.sparkleOff();
+  };
+
+  vm.cancelClicked = function() {
+    var url = '/vm_cloud/add_security_group_vm/' + vmCloudAddSecurityGroupFormId + '?button=cancel';
+    miqService.miqAjaxButton(url);
+  };
+
+  vm.resetClicked = function(angularForm) {
+    vm.CloudModel = angular.copy( vm.modelCopy );
+    angularForm.$setPristine(true);
+    miqService.miqFlash("warn", "All changes have been reset");
+  };
+
+  vm.saveClicked = function() {
+    var url = '/vm_cloud/add_security_group_vm/' + vmCloudAddSecurityGroupFormId + '?button=submit';
+    miqService.miqAjaxButton(url, vm.vmCloudModel, { complete: false });
+  };
+
+  init();
+}]);
diff --git a/...assets/javascripts/controllers/vm_cloud/vm_cloud_remove_security_group_form_controller.js b/...assets/javascripts/controllers/vm_cloud/vm_cloud_remove_security_group_form_controller.js
@@ -0,0 +1,40 @@
+ManageIQ.angular.app.controller('vmCloudRemoveSecurityGroupFormController', ['$http', 'vmCloudRemoveSecurityGroupFormId', 'miqService', function($http, vmCloudRemoveSecurityGroupFormId, miqService) {
+  var vm = this;
+
+  var init = function() {
+    vm.afterGet = false;
+    vm.vmCloudModel = {
+      security_group: null,
+    };
+    vm.security_groups = [];
+    vm.formId = vmCloudRemoveSecurityGroupFormId;
+    vm.model = "vmCloudModel";
+    vm.saveable = miqService.saveable;
+    miqService.sparkleOn();
+    $http.get('/vm_cloud/remove_security_group_form_fields/' + vmCloudRemoveSecurityGroupFormId).then(function(response) {
+      var data = response.data;
+      vm.security_groups = data.security_groups;
+      vm.afterGet = true;
+      vm.modelCopy = angular.copy( vm.vmCloudModel );
+    }).catch(miqService.handleFailure);
+    miqService.sparkleOff();
+  };
+
+  vm.cancelClicked = function() {
+    var url = '/vm_cloud/remove_security_group_vm/' + vmCloudRemoveSecurityGroupFormId + '?button=cancel';
+    miqService.miqAjaxButton(url);
+  };
+
+  vm.resetClicked = function(angularForm) {
+    vm.CloudModel = angular.copy( vm.modelCopy );
+    angularForm.$setPristine(true);
+    miqService.miqFlash("warn", "All changes have been reset");
+  };
+
+  vm.saveClicked = function() {
+    var url = '/vm_cloud/remove_security_group_vm/' + vmCloudRemoveSecurityGroupFormId + '?button=submit';
+    miqService.miqAjaxButton(url, vm.vmCloudModel, { complete: false });
+  };
+
+  init();
+}]);
diff --git a/app/controllers/application_controller/ci_processing.rb b/app/controllers/application_controller/ci_processing.rb
@@ -8,6 +8,8 @@ module ApplicationController::CiProcessing
     include Mixins::Actions::VmActions::Evacuate
     include Mixins::Actions::VmActions::AssociateFloatingIp
     include Mixins::Actions::VmActions::DisassociateFloatingIp
+    include Mixins::Actions::VmActions::AddSecurityGroup
+    include Mixins::Actions::VmActions::RemoveSecurityGroup
     include Mixins::Actions::VmActions::Resize
     include Mixins::Actions::VmActions::RightSize
     include Mixins::Actions::VmActions::Reconfigure
@@ -1040,6 +1042,8 @@ def process_vm_buttons(pfx)
     when "#{pfx}_live_migrate"              then livemigratevms
     when "#{pfx}_associate_floating_ip"     then associate_floating_ip_vms
     when "#{pfx}_disassociate_floating_ip"  then disassociate_floating_ip_vms
+    when "#{pfx}_add_security_group"        then add_security_group_vms
+    when "#{pfx}_remove_security_group"     then remove_security_group_vms
     when "#{pfx}_retire"                    then retirevms
     when "#{pfx}_retire_now"                then retirevms_now
     when "#{pfx}_right_size"                then vm_right_size

diff --git a/app/controllers/application_controller/explorer.rb b/app/controllers/application_controller/explorer.rb
@@ -55,6 +55,8 @@ def x_history
     'evacuate'     => :s2, 'service_dialog'   => :s2, 'transform'       => :s2,
     'associate_floating_ip'    => :s2,
     'disassociate_floating_ip' => :s2,
+    'add_security_group'       => :s2,
+    'remove_security_group'    => :s2,
 
     # specials
     'perf'         => :show,

diff --git a/app/controllers/mixins/actions/vm_actions/add_security_group.rb b/app/controllers/mixins/actions/vm_actions/add_security_group.rb
@@ -0,0 +1,106 @@
+module Mixins
+  module Actions
+    module VmActions
+      module AddSecurityGroup
+        def add_security_group_vms
+          assert_privileges("instance_add_security_group")
+          recs = checked_or_params
+          @record = find_record_with_rbac(VmCloud, recs.first)
+          if @record.supports_add_security_group? && @record.ext_management_system.present?
+            if @explorer
+              add_security_group
+              @refresh_partial = "vm_common/add_security_group"
+            else
+              render :update do |page|
+                page << javascript_prologue
+                page.redirect_to :controller => 'vm',
+                                 :action     => 'add_security_group',
+                                 :rec_id     => @record.id,
+                                 :escape     => false
+              end
+            end
+          else
+            add_flash(_("Unable to add Security Group to Instance \"%{name}\": %{details}") % {
+              :name    => @record.name,
+              :details => @record.unsupported_reason(:add_security_group)}, :error)
+          end
+        end
+
+        alias instance_add_security_group add_security_group_vms
+
+        def add_security_group
+          assert_privileges("instance_add_security_group")
+          @record ||= find_record_with_rbac(VmCloud, params[:rec_id])
+          drop_breadcrumb(
+            :name => _("Add Security Group to '%{name}'") % {:name => @record.name},
+            :url  => "/vm_cloud/add_security_group"
+          ) unless @explorer
+          @sb[:explorer] = @explorer
+          @in_a_form = true
+          @add_security_group = true
+          render :action => "show" unless @explorer
+        end
+
+        def add_security_group_form_fields
+          assert_privileges("instance_add_security_group")
+          @record = find_record_with_rbac(VmCloud, params[:id])
+          security_groups = @record.cloud_tenant.nil? ? [] : @record.cloud_tenant.security_groups - @record.security_groups
+          render :json => {
+            :security_groups => security_groups
+          }
+        end
+
+        def add_security_group_vm
+          assert_privileges("instance_add_security_group")
+          @record = find_record_with_rbac(VmCloud, params[:id])
+          case params[:button]
+          when "cancel" then add_handle_cancel_button
+          when "submit" then add_handle_submit_button
+          end
+
+          if @sb[:explorer]
+            replace_right_cell
+          else
+            session[:flash_msgs] = @flash_array.dup
+            render :update do |page|
+              page << javascript_prologue
+              page.redirect_to previous_breadcrumb_url
+            end
+          end
+        end
+
+        def add_handle_cancel_button
+          add_flash(_("Addition of Security Group to Instance \"%{name}\" was cancelled by the user") % {:name => @record.name})
+          @record = @sb[:action] = nil
+        end
+
+        def add_handle_submit_button
+          if @record.supports_add_security_group?
+            security_group = params[:security_group]["name"]
+            begin
+              @record.add_security_group_queue(session[:userid], security_group)
+              add_flash(_("Adding Security Group %{security_group} to Instance \"%{name}\"") % {
+                :security_group => security_group,
+                :name           => @record.name
+              })
+            rescue => ex
+              add_flash(_("Unable to add Security Group %{security_group} to Instance \"%{name}\": %{details}") % {
+                :security_group => security_group,
+                :name           => @record.name,
+                :details        => get_error_message_from_fog(ex.to_s)
+              }, :error)
+            end
+          else
+            add_flash(_("Unable to add Security Group to Instance \"%{name}\": %{details}") % {
+              :name    => @record.name,
+              :details => @record.unsupported_reason(:add_security_group)
+            }, :error)
+          end
+          params[:id] = @record.id.to_s # reset id in params for show
+          @record = nil
+          @sb[:action] = nil
+        end
+      end
+    end
+  end
+end
diff --git a/app/controllers/mixins/actions/vm_actions/remove_security_group.rb b/app/controllers/mixins/actions/vm_actions/remove_security_group.rb
@@ -0,0 +1,112 @@
+module Mixins
+  module Actions
+    module VmActions
+      module RemoveSecurityGroup
+        def remove_security_group_vms
+          assert_privileges("instance_remove_security_group")
+          recs = checked_or_params
+          @record = find_record_with_rbac(VmCloud, recs.first)
+          if @record.supports_remove_security_group? && @record.ext_management_system.present?
+            if @explorer
+              remove_security_group
+              @refresh_partial = "vm_common/remove_security_group"
+            else
+              render :update do |page|
+                page << javascript_prologue
+                page.redirect_to :controller => 'vm',
+                                 :action     => 'remove_security_group',
+                                 :rec_id     => @record.id,
+                                 :escape     => false
+              end
+            end
+          else
+            add_flash(_("Unable to remove Security Group from Instance \"%{name}\": %{details}") % {
+              :name    => @record.name,
+              :details => @record.unsupported_reason(:remove_security_group)}, :error)
+          end
+        end
+
+        alias instance_remove_security_group remove_security_group_vms
+
+        def remove_security_group
+          assert_privileges("instance_remove_security_group")
+          @record ||= find_record_with_rbac(VmCloud, params[:rec_id])
+          drop_breadcrumb(
+            :name => _("Remove Security Group to '%{name}'") % {:name => @record.name},
+            :url  => "/vm_cloud/remove_security_group"
+          ) unless @explorer
+          @sb[:explorer] = @explorer
+          @in_a_form = true
+          @remove_security_group = true
+          render :action => "show" unless @explorer
+        end
+
+        def remove_security_group_form_fields
+          assert_privileges("instance_remove_security_group")
+          @record = find_record_with_rbac(VmCloud, params[:id])
+          security_groups = []
+          unless @record.ext_management_system.nil?
+            @record.security_groups.each do |security_group|
+              security_groups << security_group
+            end
+          end
+          render :json => {
+            :security_groups => security_groups
+          }
+        end
+
+        def remove_security_group_vm
+          assert_privileges("instance_remove_security_group")
+          @record = find_record_with_rbac(VmCloud, params[:id])
+          case params[:button]
+          when "cancel" then remove_handle_cancel_button
+          when "submit" then remove_handle_submit_button
+          end
+        end
+
+        private
+
+        def remove_handle_cancel_button
+          add_flash(_("Removal of Security Group from Instance \"%{name}\" was cancelled by the user") % {:name => @record.name})
+          @record = @sb[:action] = nil
+        end
+
+        def remove_handle_submit_button
+          if @record.supports_remove_security_group?
+            security_group = params[:security_group]["name"]
+            begin
+              @record.remove_security_group_queue(session[:userid], security_group)
+              add_flash(_("Removing Security Group %{security_group} from Instance \"%{name}\"") % {
+                :security_group => security_group,
+                :name           => @record.name
+              })
+            rescue => ex
+              add_flash(_("Unable to remove Security Group %{security_group} from Instance \"%{name}\": %{details}") % {
+                :security_group => security_group,
+                :name           => @record.name,
+                :details        => get_error_message_from_fog(ex.to_s)
+              }, :error)
+            end
+          else
+            add_flash(_("Unable to remove Security Group from Instance \"%{name}\": %{details}") % {
+              :name    => @record.name,
+              :details => @record.unsupported_reason(:remove_security_group)
+            }, :error)
+          end
+          params[:id] = @record.id.to_s # reset id in params for show
+          @record = nil
+          @sb[:action] = nil
+          if @sb[:explorer]
+            replace_right_cell
+          else
+            session[:flash_msgs] = @flash_array.dup
+            render :update do |page|
+              page << javascript_prologue
+              page.redirect_to previous_breadcrumb_url
+            end
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/app/controllers/vm_common.rb b/app/controllers/vm_common.rb
@@ -1244,7 +1244,7 @@ def replace_right_cell(options = {})
       presenter.update(:main_div, r[:partial => partial, :locals => partial_locals])
 
       locals = {:action_url => action, :record_id => @record.try(:id)}
-      if %w(clone migrate miq_request_new pre_prov publish
+      if %w(clone migrate miq_request_new pre_prov publish add_security_group remove_security_group
             reconfigure resize live_migrate attach detach evacuate
             associate_floating_ip disassociate_floating_ip).include?(@sb[:action])
         locals[:no_reset]        = true                              # don't need reset button on the screen
@@ -1332,7 +1332,7 @@ def replace_right_cell(options = {})
           ])
         # these subviews use angular, so they need to use a special partial
         # so the form buttons on the outer frame can be updated.
-        elsif %w(attach detach live_migrate resize evacuate ownership
+        elsif %w(attach detach live_migrate resize evacuate ownership add_security_group remove_security_group
                  associate_floating_ip disassociate_floating_ip).include?(@sb[:action])
           presenter.update(:form_buttons_div, r[:partial => "layouts/angular/paging_div_buttons"])
         elsif action != "retire" && action != "reconfigure_update"
@@ -1517,6 +1517,18 @@ def set_right_cell_vars
         :name => name, :model => ui_lookup(:table => table)
       }
       action = "disassociate_floating_ip_vm"
+    when "add_security_group"
+      partial = "vm_common/add_security_group"
+      header = _("Add Security Group to %{model} \"%{name}\"") % {
+        :name => name, :model => ui_lookup(:table => table)
+      }
+      action = "add_security_group"
+    when "remove_security_group"
+      partial = "vm_common/remove_security_group"
+      header = _("Remove Security Group from %{model} \"%{name}\"") % {
+        :name => name, :model => ui_lookup(:table => table)
+      }
+      action = "remove_security_group"
     when "clone", "migrate", "publish"
       partial = "miq_request/prov_edit"
       task_headers = {"clone"   => _("Clone %{vm_or_template}"),

diff --git a/app/helpers/application_helper/toolbar/openstack_vm_cloud_center.rb b/app/helpers/application_helper/toolbar/openstack_vm_cloud_center.rb
@@ -68,6 +68,20 @@ class ApplicationHelper::Toolbar::OpenstackVmCloudCenter < ApplicationHelper::To
           t = N_('Disassociate a Floating IP from this Instance'),
           t,
           :klass => ApplicationHelper::Button::InstanceDisassociateFloatingIp),
+        button(
+          :instance_add_security_group,
+          'pficon pficon-cloud-security fa-lg',
+          t = N_('Add a Security Group to this Instance'),
+          t,
+          :klass   => ApplicationHelper::Button::GenericFeatureButtonWithDisable,
+          :options => {:feature => :add_security_group}),
+        button(
+          :instance_remove_security_group,
+          'pficon pficon-cloud-security fa-lg',
+          t = N_('Remove a Security Group from this Instance'),
+          t,
+          :klass   => ApplicationHelper::Button::GenericFeatureButtonWithDisable,
+          :options => {:feature => :remove_security_group}),
         button(
           :instance_resize,
           'pficon pficon-edit fa-lg',