[Engine-patches] Change in ovirt-engine[master]: backend: [wip] add ActionGroup to access image domains

Wed, 14 Aug 2013 05:42:16 -0700 

Federico Simoncelli has uploaded a new change for review.

Change subject: backend: [wip] add ActionGroup to access image domains
......................................................................

backend: [wip] add ActionGroup to access image domains

Change-Id: Ifbff053962ae1dceef51c7d8ff356fcf527aa5e2
Signed-off-by: Federico Simoncelli <fsimo...@redhat.com>
---
M 
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ExportRepoImageCommand.java
M 
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportRepoImageCommand.java
M 
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/ActionGroup.java
A packaging/dbscripts/upgrade/03_03_0780_image_domains_permissions.sql
4 files changed, 12 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/78/18078/1

diff --git 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ExportRepoImageCommand.java
 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ExportRepoImageCommand.java
index 6eaf74c..439e42d 100644
--- 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ExportRepoImageCommand.java
+++ 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ExportRepoImageCommand.java
@@ -137,7 +137,7 @@
         permissionSubjects.add(new PermissionSubject(getDiskImage().getId(),
                 VdcObjectType.Disk, ActionGroup.ATTACH_DISK));
         permissionSubjects.add(new 
PermissionSubject(getParameters().getStorageDomainId(),
-                VdcObjectType.Storage, ActionGroup.CREATE_DISK));
+                VdcObjectType.Storage, ActionGroup.CREATE_DISK)); // 
ActionGroup.ACCESS_IMAGE_STORAGE ?
         return permissionSubjects;
     }
 
diff --git 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportRepoImageCommand.java
 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportRepoImageCommand.java
index 348e9e1..f734a79 100644
--- 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportRepoImageCommand.java
+++ 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportRepoImageCommand.java
@@ -105,6 +105,8 @@
         // NOTE: there's no read-permission from a storage domain
         permissionSubjects.add(new 
PermissionSubject(getParameters().getStorageDomainId(),
                 VdcObjectType.Storage, ActionGroup.CREATE_DISK));
+        permissionSubjects.add(new 
PermissionSubject(getParameters().getSourceStorageDomainId(),
+                VdcObjectType.Storage, ActionGroup.ACCESS_IMAGE_STORAGE));
         return permissionSubjects;
     }
 
diff --git 
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/ActionGroup.java
 
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/ActionGroup.java
index cd32a0a..56d96c2 100644
--- 
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/ActionGroup.java
+++ 
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/ActionGroup.java
@@ -97,12 +97,13 @@
     MANIPULATE_GLUSTER_SERVICE(1004, RoleType.ADMIN, 
VdcObjectType.GlusterService, true, ApplicationMode.GlusterOnly),
 
     // Disks action groups
-    CREATE_DISK(1100, RoleType.USER, VdcObjectType.Disk, false, 
ApplicationMode.VirtOnly),
+    CREATE_DISK(1100, RoleType.USER, VdcObjectType.Storage, false, 
ApplicationMode.VirtOnly),
     ATTACH_DISK(1101, RoleType.USER, VdcObjectType.Disk, true, 
ApplicationMode.VirtOnly),
     EDIT_DISK_PROPERTIES(1102, RoleType.USER, VdcObjectType.Disk, true, 
ApplicationMode.VirtOnly),
     CONFIGURE_DISK_STORAGE(1103, RoleType.USER, VdcObjectType.Disk, true, 
ApplicationMode.VirtOnly),
     DELETE_DISK(1104, RoleType.USER, VdcObjectType.Disk, true, 
ApplicationMode.VirtOnly),
     CONFIGURE_SCSI_GENERIC_IO(1105, RoleType.ADMIN, VdcObjectType.Disk, true, 
ApplicationMode.VirtOnly),
+    ACCESS_IMAGE_STORAGE(1106, RoleType.USER, VdcObjectType.Storage, false, 
ApplicationMode.VirtOnly),
 
     // Network
     PORT_MIRRORING(1200, RoleType.ADMIN, VdcObjectType.Network, true, 
ApplicationMode.VirtOnly),
diff --git 
a/packaging/dbscripts/upgrade/03_03_0780_image_domains_permissions.sql 
b/packaging/dbscripts/upgrade/03_03_0780_image_domains_permissions.sql
new file mode 100644
index 0000000..189da03
--- /dev/null
+++ b/packaging/dbscripts/upgrade/03_03_0780_image_domains_permissions.sql
@@ -0,0 +1,7 @@
+-- Adding the ACCESS_IMAGE_STORAGE action to the relevant roles
+INSERT INTO roles_groups (role_id, action_group_id) VALUES
+  ('00000000-0000-0000-0001-000000000001', 1106), -- UserRole
+  ('def00008-0000-0000-0000-def000000008', 1106), -- TemplateAdmin
+  ('00000000-0000-0000-0000-000000000001', 1106), -- SuperUser
+  ('def00003-0000-0000-0000-def000000003', 1106), -- StorageAdmin
+  ('00000000-0000-0000-0001-000000000002', 1106); -- PowerUserRole


-- 
To view, visit http://gerrit.ovirt.org/18078
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ifbff053962ae1dceef51c7d8ff356fcf527aa5e2
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Federico Simoncelli <fsimo...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to