soreana opened a new pull request, #4774: URL: https://github.com/apache/cloudstack/pull/4774
### Description As a cloud provider, we don't want our customers to see other templates. This pr limits template access to the domain. <!-- For new features, provide link to FS, dev ML discussion etc. --> <!-- In case of bug fix, the expected and actual behaviours, steps to reproduce. --> <!-- When "Fixes: #<id>" is specified, the issue/PR will automatically be closed when this PR gets merged --> <!-- For addressing multiple issues/PRs, use multiple "Fixes: #<id>" --> <!-- Fixes: # --> <!--- ********************************************************************************* --> <!--- NOTE: AUTOMATATION USES THE DESCRIPTIONS TO SET LABELS AND PRODUCE DOCUMENTATION. --> <!--- PLEASE PUT AN 'X' in only **ONE** box --> <!--- ********************************************************************************* --> ### Types of changes - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [x] New feature (non-breaking change which adds functionality) - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] Enhancement (improves an existing feature and functionality) - [ ] Cleanup (Code refactoring and cleanup, that may add test cases) ### Feature/Enhancement Scale or Bug Severity #### Feature/Enhancement Scale - [ ] Major - [x] Minor ### How Has This Been Tested? To test this feature, I created two domains named Test0, Test1 and Test2, each with their respective domain admins (test0, test1 and test2). I used cloudmonkey command to list different combination of templateFilters ( **all**, **featured**, **self**, **selfexecutable**, **sharedexecutable**, **executable** and **community** ) and accounts ( **admin**, **test0**, **test1** and **test2** ). #### Pre configuration: 1. Create three domain with their respective domain admin accounts. 2. Register new template for each account like the following table. 3. Follow the test cases. Owner | Templates -------|-------------- Admin | U20, SystemVM Test0 | U0 Test1 | U1 Test2 | U2 #### Test case one. 1. Set `share.public.templates` to false for every domain 2. List templates in every account. You can't see any templates except the owneres templates. #### Test case two 1. Set `share.public.templates` like the following table. 2. List templates in `test0` account. You should see combination of the `U20, U0, U2` with different `templatefilter` but not `U1` Owner | share.public.templates -------|-------------- Admin | true Test0 | Doesn't matter Test1 | false Test2 | true #### Test case three 1. Set `share.public.templates` like the test case two 2. List templates in `test0` with template id. You should be ablet to see the `U20, U0, U2` but empty result if you use `U1` id. I wrote [this](https://gist.github.com/soreana/7c20dd1b5bca00cfdfee5018c13add6a) script to test this pr, you can find it in the following link. You need the `cmk` command and you should put `admin`, `test1`, and `test2` users info in the cmk configuration file. How to run this? - Put account names in accounts array defined at top of the script - ./listTemplates.sh will list all filter for all accounts - ./listTemplates.sh <account name> list all templates using all possible filters for <account name> - ./listTemplates.sh <template filter> list all templates for accounts in ('admin' 'test' 'test2') using <template filter> - ./listTemplates.sh <account name> <template filter> list all templates for <accounts name> using <template filter> <!-- Please read the [CONTRIBUTING](https://github.com/apache/cloudstack/blob/master/CONTRIBUTING.md) document --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
