From e1e206d33825e1f719ad8a1e41943d072e1b2489 Mon Sep 17 00:00:00 2001
From: Drew Bomhof <dbomhof@redhat.com>
Date: Wed, 20 Dec 2017 16:58:01 -0500
Subject: [PATCH] Added get_targets_for base class methods

1. Turns on RBAC filtering by default at the base class level for all allowed_ methods in the CloudManager class

https://bugzilla.redhat.com/show_bug.cgi?id=1514237
---
 .../providers/cloud_manager/provision_workflow.rb  | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/app/models/manageiq/providers/cloud_manager/provision_workflow.rb b/app/models/manageiq/providers/cloud_manager/provision_workflow.rb
index 7da381ecb5ae..0821296f42a3 100644
--- a/app/models/manageiq/providers/cloud_manager/provision_workflow.rb
+++ b/app/models/manageiq/providers/cloud_manager/provision_workflow.rb
@@ -22,7 +22,9 @@ def allowed_cloud_subnets(_options = {})
 
     az_id = src[:availability_zone_id].to_i
     if (cn = CloudNetwork.find_by(:id => src[:cloud_network_id]))
-      cn.cloud_subnets.each_with_object({}) do |cs, hash|
+
+      targets = get_targets_for_source(cn, :cloud_filter, CloudNetwork, 'cloud_subnets')
+      targets.each_with_object({}) do |cs, hash|
         next if !az_id.zero? && az_id != cs.availability_zone_id
         hash[cs.id] = "#{cs.name} (#{cs.cidr}) | #{cs.availability_zone.try(:name)}"
       end
@@ -33,10 +35,8 @@ def allowed_cloud_subnets(_options = {})
 
   def allowed_guest_access_key_pairs(_options = {})
     source = load_ar_obj(get_source_vm)
-    ems = source.try(:ext_management_system)
-
-    return {} if ems.nil?
-    ems.key_pairs.each_with_object({}) { |kp, h| h[kp.id] = kp.name }
+    targets = get_targets_for_ems(source, :cloud_filter, ManageIQ::Providers, 'key_pairs')
+    targets.each_with_object({}) { |kp, h| h[kp.id] = kp.name }
   end
 
   def allowed_security_groups(_options = {})
@@ -51,8 +51,8 @@ def allowed_security_groups(_options = {})
 
   def allowed_floating_ip_addresses(_options = {})
     return {} unless (src_obj = provider_or_tenant_object)
-
-    src_obj.floating_ips.available.each_with_object({}) do |ip, h|
+    targets = get_targets_for_source(src_obj, :cloud_filter, FloatingIp, 'floating_ips.available')
+    targets.each_with_object({}) do |ip, h|
       h[ip.id] = ip.address
     end
   end