Author: jfthomps
Date: Mon Nov 3 20:19:24 2014
New Revision: 1636429
URL: http://svn.apache.org/r1636429
Log:
VCL-759 - check user group access to image when creating block allocations
updated so that only admins are warned about user group not having access to
image; also added warning for accepting block allocaitons (instead of just for
creating new ones)
blockallocations.php:
-modified getPendingBlockHTML: added row for warning message; added onChange
tag to user group selection to clear submitacceptcont2; added submitacceptcont2
hidden input
-modified AJacceptBlockAllocationConfirm: added check for user group having
access to image; added imageid to continuation data
-modified AJacceptBlockAllocationSubmit; get imageid and override from
continuation data; added check for error having already been encountered before
checking for empty set of management nodes; added overrideable check of user
group having access to image; if user group does not have access to image,
create a 2nd continuation that prevents the user group check from being done on
the next submit
-modified processBlockAllocationInput: added conditional that $method must be
new or edit to perform user group access to image check
blockallocations.js:
-modified acceptBlockConfirmCB: if warnmsg passed in, display it
-modified acceptBlockSubmit: if submitacceptcont2 is not empty, use that as the
submitted continuation instead of the one from submitacceptcont
-modified clearCont2: added check for existance of submitcont2 before clearing;
added conditional clearing of submitacceptcont2 as well
Modified:
vcl/trunk/web/.ht-inc/blockallocations.php
vcl/trunk/web/js/blockallocations.js
Modified: vcl/trunk/web/.ht-inc/blockallocations.php
URL:
http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/blockallocations.php?rev=1636429&r1=1636428&r2=1636429&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/blockallocations.php (original)
+++ vcl/trunk/web/.ht-inc/blockallocations.php Mon Nov 3 20:19:24 2014
@@ -2007,6 +2007,9 @@ function getPendingBlockHTML($listonly=0
$rt .= " <th align=\"right\">User Group:</th>\n";
$rt .= " <td><span id=\"acceptgroup\"></span></td>\n";
$rt .= " </tr>\n";
+ $rt .= " <tr id=\"warnmsgtr\" class=\"hidden\">\n";
+ $rt .= " <td colspan=2><span id=\"warnmsg\"
class=\"rederrormsg\"></span></td>\n";
+ $rt .= " </tr>\n";
$rt .= " <tr>\n";
$rt .= " <td colspan=2><hr></td>\n";
$rt .= " </tr>\n";
@@ -2015,10 +2018,11 @@ function getPendingBlockHTML($listonly=0
$rt .= " <td>\n";
if(USEFILTERINGSELECT && count($groups) < FILTERINGSELECTTHRESHOLD) {
$rt .= " <select dojoType=\"dijit.form.FilteringSelect\"
id=groupsel ";
- $rt .= "queryExpr=\"*\${0}*\" highlightMatch=\"all\"
autoComplete=\"false\">\n";
+ $rt .= "queryExpr=\"*\${0}*\" highlightMatch=\"all\"
autoComplete=\"false\" ";
+ $rt .= "onChange=\"clearCont2();\">\n";
}
else
- $rt .= " <select id=groupsel>\n";
+ $rt .= " <select id=groupsel
onChange=\"clearCont2();\">\n";
foreach($groups as $id => $group) {
if($group['name'] == ' None@')
continue;
@@ -2060,6 +2064,7 @@ function getPendingBlockHTML($listonly=0
$rt .= " </script>\n";
$rt .= "</button>\n";
$rt .= "<input type=hidden id=submitacceptcont>\n";
+ $rt .= "<input type=hidden id=submitacceptcont2>\n";
$rt .= "</div>\n"; # accept dialog
$rt .= "<div id=\"rejectDialog\" dojoType=\"dijit.Dialog\"
title=\"Reject Block Allocation\">\n";
@@ -2392,7 +2397,15 @@ function AJacceptBlockAllocationConfirm(
$rt['emailuser'] = "{$data['email']}";
else
$rt['validemail'] = 0;
- $cdata = array('blockid' => $data['id']);
+ if(! is_null($rt['usergroup'])) {
+ $groupresources = getUserResources(array("imageAdmin",
"imageCheckOut"),
+ array("available"), 0, 0, 0,
+ $data['usergroupid']);
+ if(! array_key_exists($data['imageid'],
$groupresources['image']))
+ $rt['warnmsg'] = "Warning: The requested user group
does not currently have access to the requested image.";
+ }
+ $cdata = array('blockid' => $data['id'],
+ 'imageid' => $data['imageid']);
if(empty($data['group']))
$cdata['setusergroup'] = 1;
else
@@ -2436,11 +2449,13 @@ function AJacceptBlockAllocationSubmit()
$comments = getContinuationVar('comments');
$validemail = getContinuationVar('validemail');
$emailuser = getContinuationVar('emailuser');
+ $imageid = getContinuationVar('imageid');
$setusergroup = getContinuationVar('setusergroup');
if($setusergroup)
$usergroupid = processInputVar('groupid', ARG_NUMERIC);
$name = processInputVar('brname', ARG_STRING);
$emailtext = processInputVar('emailtext', ARG_STRING);
+ $override = getContinuationVar('override', 0);
$err = 0;
if(! preg_match('/^([-a-zA-Z0-9\. ]){3,80}$/', $name)) {
@@ -2465,12 +2480,23 @@ function AJacceptBlockAllocationSubmit()
$err = 1;
}
$managementnodes = getManagementNodes('future');
- if(empty($managementnodes)) {
+ if(! $err && empty($managementnodes)) {
$errmsg = "Error encountered while trying to create block
allocation:\\n\\n";
$errmsg .= "No active management nodes were found. Please
try\\n";
$errmsg .= "accepting the block allocation at a later time.";
$err = 1;
}
+ $dooverride = 0;
+ if(! $err && ! $override && $setusergroup) {
+ $groupresources = getUserResources(array("imageAdmin",
"imageCheckOut"),
+ array("available"), 0, 0, 0,
+ $usergroupid);
+ if(! array_key_exists($imageid, $groupresources['image'])) {
+ $errmsg = "Warning: The selected user group does not
currently have access to the requested image. You can accept the Block
Allocation again to ignore this warning.";
+ $err = 1;
+ $dooverride = 1;
+ }
+ }
$mnid = array_rand($managementnodes);
if(! $err) {
# update values for block allocation
@@ -2519,6 +2545,13 @@ function AJacceptBlockAllocationSubmit()
$cdata = getContinuationVar();
$cont = addContinuationsEntry('AJacceptBlockAllocationSubmit',
$cdata, SECINDAY, 1, 0);
print "dojo.byId('submitacceptcont').value = '$cont';";
+ if($dooverride) {
+ $cdata['override'] = 1;
+ $cont =
addContinuationsEntry('AJacceptBlockAllocationSubmit', $cdata, SECINDAY, 1, 0);
+ print "dojo.byId('submitacceptcont2').value = '$cont';";
+ }
+ else
+ print "dojo.byId('submitacceptcont2').value = '';";
print "document.body.style.cursor = 'default';";
return;
}
@@ -3059,7 +3092,8 @@ function processBlockAllocationInput() {
}
}
$dooverride = 0;
- if(! $err && ! $override) {
+ # check user group access to image
+ if(($method == 'new' || $method == 'edit') && ! $err && ! $override) {
$groupresources = getUserResources(array("imageAdmin",
"imageCheckOut"),
array("available"), 0, 0, 0,
$return['groupid']);
Modified: vcl/trunk/web/js/blockallocations.js
URL:
http://svn.apache.org/viewvc/vcl/trunk/web/js/blockallocations.js?rev=1636429&r1=1636428&r2=1636429&view=diff
==============================================================================
--- vcl/trunk/web/js/blockallocations.js (original)
+++ vcl/trunk/web/js/blockallocations.js Mon Nov 3 20:19:24 2014
@@ -1007,6 +1007,14 @@ function acceptBlockConfirmCB(data, ioAr
dojo.removeClass('staticusergroup', 'hidden');
dojo.byId('acceptgroup').innerHTML = data.items.usergroup;
}
+ if('warnmsg' in data.items && data.items.warnmsg != '') {
+ dojo.removeClass('warnmsgtr', 'hidden');
+ dojo.byId('warnmsg').innerHTML = data.items.warnmsg;
+ }
+ else {
+ dojo.addClass('warnmsgtr', 'hidden');
+ dojo.byId('warnmsg').innerHTML = '';
+ }
if(data.items.validemail) {
dojo.removeClass('acceptemailblock', 'hidden');
dojo.addClass('acceptemailwarning', 'hidden');
@@ -1061,6 +1069,8 @@ function acceptBlockSubmit() {
groupid: getSelectValue('groupsel'),
brname: dijit.byId('brname').value,
emailtext: dijit.byId('acceptemailtext').attr('value')};
+ if(dojo.byId('submitacceptcont2').value != '')
+ data.continuation = dojo.byId('submitacceptcont2').value;
document.body.style.cursor = 'wait';
RPCwrapper(data, generalReqCB);
}
@@ -1400,5 +1410,8 @@ function viewBlockUsageCB(data, ioArgs)
}
function clearCont2() {
- dojo.byId('submitcont2').value = '';
+ if(dojo.byId('submitcont2'))
+ dojo.byId('submitcont2').value = '';
+ if(dojo.byId('submitacceptcont2'))
+ dojo.byId('submitacceptcont2').value = '';
}
