Darshan N has uploaded a new change for review. Change subject: engine: Selecting permissions based on app mode ......................................................................
engine: Selecting permissions based on app mode Updated procedures getAllForEntity and getTreeForEntity to list permissions based on application mode as well. Earlier list of permissions applicable for all the application modes were getting listed Change-Id: I7d2d7f1c3d37ecfb66d0965bb0701f7ced6af84d https://bugzilla.redhat.com/show_bug.cgi?id=1031899 Signed-off-by: ndarshan <dnara...@redhat.com> --- M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java M packaging/dbscripts/multi_level_administration_sp.sql 2 files changed, 14 insertions(+), 6 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/32/21532/1 diff --git a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java index 0b65945..cbb0d1b 100644 --- a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java +++ b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java @@ -133,8 +133,11 @@ @Override public List<permissions> getAllForEntity(Guid id, Guid userID, boolean isFiltered) { + Integer appMode = Config.<Integer> GetValue(ConfigValues.ApplicationMode); + MapSqlParameterSource parameterSource = getCustomMapSqlParameterSource() - .addValue("id", id).addValue("user_id", userID).addValue("is_filtered", isFiltered); + .addValue("id", id).addValue("user_id", userID).addValue("is_filtered", isFiltered) + .addValue("app_mode", appMode.intValue()); return getCallsHandler().executeReadList("GetPermissionsByEntityId", PermissionRowMapper.instance, parameterSource); @@ -147,12 +150,15 @@ @Override public List<permissions> getTreeForEntity(Guid id, VdcObjectType type, Guid userID, boolean isFiltered) { + Integer appMode = Config.<Integer> GetValue(ConfigValues.ApplicationMode); + MapSqlParameterSource parameterSource = getCustomMapSqlParameterSource() .addValue("id", id) .addValue("object_type_id", type.getValue()) .addValue("user_id", userID) - .addValue("is_filtered", isFiltered); + .addValue("is_filtered", isFiltered) + .addValue("app_mode", appMode.intValue()); return getCallsHandler().executeReadList("GetPermissionsTreeByEntityId", PermissionRowMapper.instance, parameterSource); diff --git a/packaging/dbscripts/multi_level_administration_sp.sql b/packaging/dbscripts/multi_level_administration_sp.sql index 6c69ce8..695f819 100644 --- a/packaging/dbscripts/multi_level_administration_sp.sql +++ b/packaging/dbscripts/multi_level_administration_sp.sql @@ -454,7 +454,7 @@ -Create or replace FUNCTION GetPermissionsByEntityId(v_id UUID, v_user_id UUID, v_is_filtered BOOLEAN) +Create or replace FUNCTION GetPermissionsByEntityId(v_id UUID, v_user_id UUID, v_is_filtered BOOLEAN, v_app_mode INTEGER) RETURNS SETOF permissions_view STABLE -- SET NOCOUNT ON added to prevent extra result sets from -- interfering with SELECT statements. @@ -462,7 +462,8 @@ BEGIN RETURN QUERY SELECT * FROM permissions_view - WHERE object_id = v_id + WHERE (permissions_view.app_mode & v_app_mode) > 0 + AND object_id = v_id AND (NOT v_is_filtered OR EXISTS (SELECT 1 FROM GetUserPermissionsByEntityId(v_id, v_user_id, v_is_filtered))); END; $procedure$ @@ -520,7 +521,7 @@ Create or replace FUNCTION GetPermissionsTreeByEntityId -(v_id UUID, v_object_type_id INTEGER, v_user_id UUID, v_is_filtered BOOLEAN) +(v_id UUID, v_object_type_id INTEGER, v_user_id UUID, v_is_filtered BOOLEAN, v_app_mode INTEGER) RETURNS SETOF permissions_view STABLE -- SET NOCOUNT ON added to prevent extra result sets from -- interfering with SELECT statements. @@ -528,7 +529,8 @@ BEGIN RETURN QUERY SELECT * FROM permissions_view p - WHERE object_id in(select id from fn_get_entity_parents(v_id,v_object_type_id)) + WHERE (p.app_mode & v_app_mode) > 0 + AND object_id in(select id from fn_get_entity_parents(v_id,v_object_type_id)) AND (NOT v_is_filtered OR EXISTS (SELECT 1 FROM user_flat_groups u WHERE p.ad_element_id = u.granted_id -- To view, visit http://gerrit.ovirt.org/21532 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I7d2d7f1c3d37ecfb66d0965bb0701f7ced6af84d Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Darshan N <dnara...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
