Oved Ourfali has uploaded a new change for review. Change subject: rest: User can't see its permissions (#868304) ......................................................................
rest: User can't see its permissions (#868304) https://bugzilla.redhat.com/868304 When asking for object permissions in the REST API, we call search query, to get all users. This patch changes that to only fetch for users relevant for the permission itself, doing that using GetDbUserById query, and also making it a user query to allow users to view permissions on their objects. Change-Id: I6f21f4b8a845d52276dd7d97b5c7069892bb3b77 Signed-off-by: Oved Ourfali <oourf...@redhat.com> --- M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java M backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendAssignedPermissionsResource.java M backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/AbstractBackendAssignedPermissionsResourceTest.java M backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendEntityAssignedPermissionsResourceTest.java M backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendGroupAssignedPermissionsResourceTest.java M backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendUserAssignedPermissionsResourceTest.java 6 files changed, 44 insertions(+), 30 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/20/8720/1 diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java index 21831a5..ea243e4 100644 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java @@ -93,7 +93,7 @@ // Users queries GetUserVmsByUserIdAndGroups(VdcQueryAuthType.User), GetTimeLeasedUsersByVmPoolId, - GetDbUserByUserId, + GetDbUserByUserId(VdcQueryAuthType.User), GetUsersByVmid, GetVmsByUserid, GetUserMessage, diff --git a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendAssignedPermissionsResource.java b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendAssignedPermissionsResource.java index da0ba72..90ef1b9 100644 --- a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendAssignedPermissionsResource.java +++ b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendAssignedPermissionsResource.java @@ -24,7 +24,9 @@ import org.ovirt.engine.core.common.interfaces.SearchType; import org.ovirt.engine.core.common.queries.MultilevelAdministrationByPermissionIdParameters; import org.ovirt.engine.core.common.queries.VdcQueryParametersBase; +import org.ovirt.engine.core.common.queries.VdcQueryReturnValue; import org.ovirt.engine.core.common.queries.VdcQueryType; +import org.ovirt.engine.core.common.queries.GetDbUserByUserIdParameters; import org.ovirt.engine.core.common.users.VdcUser; import org.ovirt.engine.core.compat.Guid; import org.ovirt.engine.core.compat.StringHelper; @@ -90,16 +92,27 @@ protected Permissions mapCollection(List<permissions> entities) { Permissions collection = new Permissions(); - Map<Guid, DbUser> users = getUsers(); for (permissions entity : entities) { if (entity.getObjectType() != VdcObjectType.System) { - Permission permission = map(entity, users.containsKey(entity.getad_element_id()) ? users.get(entity.getad_element_id()) : null); + Permission permission = map(entity, getUserById(entity.getad_element_id())); collection.getPermissions().add(addLinks(permission, permission.getUser() != null ? suggestedParentType : Group.class)); } } return collection; } + public DbUser getUserById(Guid userId) { + GetDbUserByUserIdParameters queryParameters = new GetDbUserByUserIdParameters(userId); + VdcQueryReturnValue userQueryResponse = runQuery(VdcQueryType.GetDbUserByUserId, queryParameters); + + DbUser returnValue = null; + if (userQueryResponse != null && userQueryResponse.getSucceeded()) { + returnValue = (DbUser) userQueryResponse.getReturnValue(); + } + + return returnValue; + } + public Map<Guid, DbUser> getUsers() { HashMap<Guid, DbUser> users = new HashMap<Guid, DbUser>(); for (DbUser user : asCollection(DbUser.class, getEntity(List.class, SearchType.DBUser, "users:"))) { diff --git a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/AbstractBackendAssignedPermissionsResourceTest.java b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/AbstractBackendAssignedPermissionsResourceTest.java index bf03542..6d2588e 100644 --- a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/AbstractBackendAssignedPermissionsResourceTest.java +++ b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/AbstractBackendAssignedPermissionsResourceTest.java @@ -150,15 +150,19 @@ protected ArrayList<DbUser> getUsers() { ArrayList<DbUser> users = new ArrayList<DbUser>(); for (int i=0; i < NAMES.length; i++) { - DbUser user = new DbUser(); - user.setuser_id(GUIDS[i]); - user.setname(NAMES[i]); - user.setusername(NAMES[i]); - users.add(user); + users.add(getUserByIdx(i)); } return users; } + protected DbUser getUserByIdx(int idx) { + DbUser user = new DbUser(); + user.setuser_id(GUIDS[idx]); + user.setname(NAMES[idx]); + user.setusername(NAMES[idx]); + return user; + } + protected abstract Permission getModel(); @Override diff --git a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendEntityAssignedPermissionsResourceTest.java b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendEntityAssignedPermissionsResourceTest.java index a0a837e..1eba0ba 100644 --- a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendEntityAssignedPermissionsResourceTest.java +++ b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendEntityAssignedPermissionsResourceTest.java @@ -14,10 +14,9 @@ import org.ovirt.engine.core.common.action.PermissionsOperationsParametes; import org.ovirt.engine.core.common.action.VdcActionType; -import org.ovirt.engine.core.common.interfaces.SearchType; +import org.ovirt.engine.core.common.queries.GetDbUserByUserIdParameters; import org.ovirt.engine.core.common.queries.GetPermissionsForObjectParameters; import org.ovirt.engine.core.common.queries.MultilevelAdministrationByPermissionIdParameters; -import org.ovirt.engine.core.common.queries.SearchParameters; import org.ovirt.engine.core.common.queries.VdcQueryType; public class BackendEntityAssignedPermissionsResourceTest @@ -83,11 +82,11 @@ public void testList() throws Exception { UriInfo uriInfo = setUpUriExpectations(null); - setUpGetEntityExpectations(VdcQueryType.Search, - SearchParameters.class, - new String[] {"SearchPattern", "SearchTypeValue"}, - new Object[] {"users:", SearchType.DBUser}, - getUsers()); + setUpGetEntityExpectations(VdcQueryType.GetDbUserByUserId, + GetDbUserByUserIdParameters.class, + new String[] {"UserId"}, + new Object[] {GUIDS[1]}, + getUserByIdx(1)); setUpQueryExpectations(""); collection.setUriInfo(uriInfo); diff --git a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendGroupAssignedPermissionsResourceTest.java b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendGroupAssignedPermissionsResourceTest.java index 60dfafc..d6fac0c 100644 --- a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendGroupAssignedPermissionsResourceTest.java +++ b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendGroupAssignedPermissionsResourceTest.java @@ -13,10 +13,10 @@ import org.ovirt.engine.api.model.Group; import org.ovirt.engine.core.common.VdcObjectType; import org.ovirt.engine.core.common.businessentities.permissions; -import org.ovirt.engine.core.common.interfaces.SearchType; +import org.ovirt.engine.core.common.queries.GetDbUserByUserIdParameters; import org.ovirt.engine.core.common.queries.MultilevelAdministrationByAdElementIdParameters; -import org.ovirt.engine.core.common.queries.SearchParameters; import org.ovirt.engine.core.common.queries.VdcQueryType; + public class BackendGroupAssignedPermissionsResourceTest extends AbstractBackendAssignedPermissionsResourceTest { @@ -79,11 +79,11 @@ @Test public void testList() throws Exception { UriInfo uriInfo = setUpUriExpectations(null); - setUpGetEntityExpectations(VdcQueryType.Search, - SearchParameters.class, - new String[] {"SearchPattern", "SearchTypeValue"}, - new Object[] {"users:", SearchType.DBUser}, - getUsers()); + setUpGetEntityExpectations(VdcQueryType.GetDbUserByUserId, + GetDbUserByUserIdParameters.class, + new String[] {"UserId"}, + new Object[] {GUIDS[1]}, + getUserByIdx(1)); setUpQueryExpectations(""); collection.setUriInfo(uriInfo); verifyCollection(getCollection()); diff --git a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendUserAssignedPermissionsResourceTest.java b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendUserAssignedPermissionsResourceTest.java index fbf1f4e..40c9e3f 100644 --- a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendUserAssignedPermissionsResourceTest.java +++ b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendUserAssignedPermissionsResourceTest.java @@ -13,9 +13,8 @@ import org.ovirt.engine.api.model.User; import org.ovirt.engine.core.common.VdcObjectType; import org.ovirt.engine.core.common.businessentities.permissions; -import org.ovirt.engine.core.common.interfaces.SearchType; +import org.ovirt.engine.core.common.queries.GetDbUserByUserIdParameters; import org.ovirt.engine.core.common.queries.MultilevelAdministrationByAdElementIdParameters; -import org.ovirt.engine.core.common.queries.SearchParameters; import org.ovirt.engine.core.common.queries.VdcQueryType; public class BackendUserAssignedPermissionsResourceTest @@ -54,12 +53,11 @@ @Test public void testList() throws Exception { UriInfo uriInfo = setUpUriExpectations(null); - - setUpGetEntityExpectations(VdcQueryType.Search, - SearchParameters.class, - new String[] {"SearchPattern", "SearchTypeValue"}, - new Object[] {"users:", SearchType.DBUser}, - getUsers()); + setUpGetEntityExpectations(VdcQueryType.GetDbUserByUserId, + GetDbUserByUserIdParameters.class, + new String[] {"UserId"}, + new Object[] {GUIDS[1]}, + getUserByIdx(1)); setUpQueryExpectations(""); collection.setUriInfo(uriInfo); verifyCollection(getCollection()); -- To view, visit http://gerrit.ovirt.org/8720 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I6f21f4b8a845d52276dd7d97b5c7069892bb3b77 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Oved Ourfali <oourf...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
