[Engine-patches] Change in ovirt-engine[master]: engine : User is not able to see newly added permissions on ...

rnori Wed, 18 Sep 2013 13:49:40 -0700

Ravi Nori has uploaded a new change for review.

Change subject: engine : User is not able to see newly added permissions on 
object if he inherited this permission on that object
......................................................................


engine : User is not able to see newly added permissions on object if he 
inherited this permission on that object

In UserPortal if user inherit some permissions on some object,
than if he try to add new permissions to object that he inherit
permission from, he is not able to see this newly added permissions.

Change-Id: I9f8f8b110c41665bb6efe2647b654b845d70b7de
Bug-Url: https://bugzilla.redhat.com/877906
Signed-off-by: Ravi Nori <[email protected]>
---
M 
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetPermissionsForObjectQuery.java
M 
backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/GetPermissionsForObjectQueryTest.java
M 
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/GetPermissionsForObjectParameters.java
M 
backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAO.java
M 
backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java
M 
frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/configure/PermissionListModel.java
M 
frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/configure/UserPortalPermissionListModel.java
M packaging/dbscripts/multi_level_administration_sp.sql
8 files changed, 71 insertions(+), 3 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/77/19377/1

diff --git 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetPermissionsForObjectQuery.java
 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetPermissionsForObjectQuery.java
index e27aec5..7ebce7f 100644
--- 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetPermissionsForObjectQuery.java
+++ 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetPermissionsForObjectQuery.java
@@ -19,7 +19,7 @@
         PermissionDAO dao = getDbFacade().getPermissionDao();
         List<permissions> perms;
         if (getParameters().getDirectOnly()) {
-            perms = dao.getAllForEntity(objectId, getUserID(), 
getParameters().isFiltered());
+            perms = dao.getAllForEntity(objectId, getUserID(), 
getParameters().isFiltered(), getParameters().getAllUsersWithPermission());
         } else {
             perms = dao.getTreeForEntity(objectId,
                     getParameters().getVdcObjectType(),
diff --git 
a/backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/GetPermissionsForObjectQueryTest.java
 
b/backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/GetPermissionsForObjectQueryTest.java
index ac234b1..5434def 100644
--- 
a/backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/GetPermissionsForObjectQueryTest.java
+++ 
b/backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/GetPermissionsForObjectQueryTest.java
@@ -38,7 +38,7 @@
     @Test
     public void testExecuteQueryWithDirectOnly() {
         PermissionDAO permissionDAOMock = mock(PermissionDAO.class);
-        when(permissionDAOMock.getAllForEntity(objectID, 
getUser().getUserId(), 
getQueryParameters().isFiltered())).thenReturn(mockedPermissions);
+        when(permissionDAOMock.getAllForEntity(objectID, 
getUser().getUserId(), getQueryParameters().isFiltered(), 
false)).thenReturn(mockedPermissions);
         
when(getDbFacadeMockInstance().getPermissionDao()).thenReturn(permissionDAOMock);
 
         assertQueryDAOCall(true);
diff --git 
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/GetPermissionsForObjectParameters.java
 
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/GetPermissionsForObjectParameters.java
index e03a90f..67df02a 100644
--- 
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/GetPermissionsForObjectParameters.java
+++ 
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/GetPermissionsForObjectParameters.java
@@ -14,6 +14,8 @@
      */
     private boolean directOnly;
 
+    private boolean allUsersWithPermission;
+
     private VdcObjectType vdcObjectType;
 
     public GetPermissionsForObjectParameters() {
@@ -49,4 +51,12 @@
         return vdcObjectType;
     }
 
+    public boolean getAllUsersWithPermission() {
+        return allUsersWithPermission;
+    }
+
+    public void setAllUsersWithPermission(boolean getAllUserPermissions) {
+        this.allUsersWithPermission = getAllUserPermissions;
+    }
+
 }
diff --git 
a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAO.java
 
b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAO.java
index 501c992..00bd6d7 100644
--- 
a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAO.java
+++ 
b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAO.java
@@ -135,6 +135,8 @@
      */
     List<permissions> getAllForEntity(Guid id, Guid userID, boolean 
isFiltered);
 
+    public List<permissions> getAllForEntity(Guid id, Guid userID, boolean 
isFiltered, boolean allUsersWithPermission);
+
     List<permissions> getTreeForEntity(Guid id, VdcObjectType type);
 
     List<permissions> getTreeForEntity(Guid id, VdcObjectType type, Guid 
userID, boolean isFiltered);
diff --git 
a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java
 
b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java
index f4d078f..4bfc61e 100644
--- 
a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java
+++ 
b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/PermissionDAODbFacadeImpl.java
@@ -128,9 +128,18 @@
 
     @Override
     public List<permissions> getAllForEntity(Guid id, Guid userID, boolean 
isFiltered) {
+        return getAllForEntity(id, userID, isFiltered, false);
+    }
+
+    @Override
+    public List<permissions> getAllForEntity(Guid id, Guid userID, boolean 
isFiltered, boolean allUsersWithPermission) {
         MapSqlParameterSource parameterSource = 
getCustomMapSqlParameterSource()
                 .addValue("id", id).addValue("user_id", 
userID).addValue("is_filtered", isFiltered);
-        return getCallsHandler().executeReadList("GetPermissionsByEntityId",
+        String functionName = "GetPermissionsByEntityId";
+        if (allUsersWithPermission) {
+            functionName = "GetAllUsersWithPermissionsOnEntityByEntityId";
+        }
+        return getCallsHandler().executeReadList(functionName,
                 PermissionRowMapper.instance,
                 parameterSource);
     }
diff --git 
a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/configure/PermissionListModel.java
 
b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/configure/PermissionListModel.java
index 4a5eaaa..a7f3d2b 100644
--- 
a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/configure/PermissionListModel.java
+++ 
b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/configure/PermissionListModel.java
@@ -106,9 +106,14 @@
         tempVar.setVdcObjectType(objType);
         tempVar.setDirectOnly(directOnly);
         tempVar.setRefresh(getIsQueryFirstTime());
+        tempVar.setAllUsersWithPermission(getAllUsersWithPermission());
         super.syncSearch(VdcQueryType.GetPermissionsForObject, tempVar);
     }
 
+    public boolean getAllUsersWithPermission() {
+        return false;
+    }
+
     private void add()
     {
         if (getWindow() != null)
diff --git 
a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/configure/UserPortalPermissionListModel.java
 
b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/configure/UserPortalPermissionListModel.java
index 275acdb..3efe136 100644
--- 
a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/configure/UserPortalPermissionListModel.java
+++ 
b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/configure/UserPortalPermissionListModel.java
@@ -8,4 +8,9 @@
     protected AdElementListModel createAdElementListModel() {
         return new UserPortalAdElementListModel();
     }
+
+    @Override
+    public boolean getAllUsersWithPermission() {
+        return true;
+    }
 }
diff --git a/packaging/dbscripts/multi_level_administration_sp.sql 
b/packaging/dbscripts/multi_level_administration_sp.sql
index aa150f3..49e5287 100644
--- a/packaging/dbscripts/multi_level_administration_sp.sql
+++ b/packaging/dbscripts/multi_level_administration_sp.sql
@@ -469,6 +469,22 @@
 LANGUAGE plpgsql;
 
 
+Create or replace FUNCTION GetAllUsersWithPermissionsOnEntityByEntityId(v_id 
UUID, v_user_id UUID, v_is_filtered BOOLEAN)
+RETURNS SETOF permissions_view STABLE
+       -- SET NOCOUNT ON added to prevent extra result sets from
+       -- interfering with SELECT statements.
+   AS $procedure$
+BEGIN
+   RETURN QUERY SELECT *
+   FROM permissions_view
+   WHERE object_id = v_id
+   AND   (NOT v_is_filtered OR EXISTS (SELECT 1
+                                       FROM   
GetAllUsersWithPermissionsByEntityId(v_id, v_user_id, v_is_filtered)));
+END; $procedure$
+LANGUAGE plpgsql;
+
+
+
 Create or replace FUNCTION GetUserPermissionsByEntityId(v_id UUID, v_user_id 
UUID, v_is_filtered BOOLEAN)
 RETURNS SETOF permissions_view STABLE
     -- SET NOCOUNT ON added to prevent extra result sets from
@@ -487,6 +503,27 @@
 
 
 
+Create or replace FUNCTION GetAllUsersWithPermissionsByEntityId(v_id UUID, 
v_user_id UUID, v_is_filtered BOOLEAN)
+RETURNS SETOF permissions_view STABLE
+    -- SET NOCOUNT ON added to prevent extra result sets from
+    -- interfering with SELECT statements.
+   AS $procedure$
+BEGIN
+   RETURN QUERY SELECT *
+   FROM permissions_view p
+   WHERE object_id in (select id from fn_get_entity_parents(v_id, 
+                                                            (SELECT DISTINCT 
role_type
+                                                               FROM 
permissions_view p
+                                                              WHERE object_id 
= v_id)))
+   AND   (NOT v_is_filtered OR EXISTS (SELECT 1
+                                       FROM   user_flat_groups u
+                                       WHERE  p.ad_element_id = u.granted_id
+                                       AND    u.user_id       = v_user_id));
+END; $procedure$
+LANGUAGE plpgsql;
+
+
+
 Create or replace FUNCTION DeletePermissionsByEntityId(v_id UUID)
 RETURNS VOID
        -- SET NOCOUNT ON added to prevent extra result sets from


-- 
To view, visit http://gerrit.ovirt.org/19377
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I9f8f8b110c41665bb6efe2647b654b845d70b7de
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Ravi Nori <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

[Engine-patches] Change in ovirt-engine[master]: engine : User is not able to see newly added permissions on ...

Reply via email to