Skip to content

Commit

Permalink
Merge pull request #271 from lpichler/add_list_of_roles_to_rbac
Browse files Browse the repository at this point in the history 
Add list of roles to rbac
  • Loading branch information
@martinpovolny
martinpovolny authored Feb 1, 2017
2 parents e72872c + d9d1ddd commit 71d9078
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 3 deletions.
16 changes: 14 additions & 2 deletions app/controllers/ops_controller/ops_rbac.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1031,6 +1031,10 @@ def valid_tenant?(tenant_id)
Rbac.filtered(Tenant.in_my_region.where(:id => tenant_id)).present?
end

def valid_role?(group_id)
Rbac::Filterer.filtered(group_id, :class => MiqUserRole).present?
end

# Get variables from group edit form
def rbac_group_get_form_vars
if %w(up down).include?(params[:button])
Expand All @@ -1039,7 +1043,14 @@ def rbac_group_get_form_vars
else
@edit[:new][:ldap_groups_user] = params[:ldap_groups_user] if params[:ldap_groups_user]
@edit[:new][:description] = params[:description] if params[:description]
@edit[:new][:role] = params[:group_role] if params[:group_role]

if params[:group_role]
if valid_role?(new_role_id = params[:group_role].to_i)
@edit[:new][:role] = new_role_id
else
raise "Invalid group selected."
end
end

if params[:group_tenant]
if valid_tenant?(new_tenant_id = params[:group_tenant].to_i)
Expand Down Expand Up @@ -1111,7 +1122,8 @@ def rbac_group_set_form_vars

# Build roles hash
@edit[:roles]["<Choose a Role>"] = nil if @record.id.nil?
MiqUserRole.all.each do |r|

Rbac::Filterer.filtered(MiqUserRole).each do |r|
@edit[:roles][r.name] = r.id
end
if @group.miq_user_role.nil? # If adding, set to first role
Expand Down
2 changes: 1 addition & 1 deletion app/presenters/tree_builder_ops_rbac.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ def x_get_tree_custom_kids(object_hash, count_only, _options)
case object_hash[:id]
when "u" then Rbac.filtered(User.in_my_region)
when "g" then Rbac.filtered(MiqGroup.non_tenant_groups_in_my_region)
when "ur" then MiqUserRole.all
when "ur" then Rbac.filtered(MiqUserRole)
when "tn" then Tenant.with_current_tenant
end
count_only_or_objects(count_only, objects, "name")
Expand Down

0 comments on commit 71d9078

Please sign in to comment.