Andrew Bogott has uploaded a new change for review.
https://gerrit.wikimedia.org/r/268832
Change subject: Keep track of roleids as a separate thing from rolenames.
......................................................................
Keep track of roleids as a separate thing from rolenames.
In keystone/ldap they are the same, but that's not something
we can count on in the future.
Bug: T115029
Change-Id: I0545b502510758ed161473f7cdbe6d3da0d0fc7c
---
M nova/OpenStackNovaProject.php
M nova/OpenStackNovaRole.php
M special/SpecialNovaProject.php
M special/SpecialNovaRole.php
4 files changed, 35 insertions(+), 25 deletions(-)
git pull
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/OpenStackManager
refs/changes/32/268832/1
diff --git a/nova/OpenStackNovaProject.php b/nova/OpenStackNovaProject.php
index f212613..d40072a 100644
--- a/nova/OpenStackNovaProject.php
+++ b/nova/OpenStackNovaProject.php
@@ -16,7 +16,6 @@
public $projectGroup;
// list of roles
- static $rolenames = array( 'projectadmin' );
static $roleids = array( 'projectadmin' );
// short-lived cache of project objects
@@ -614,8 +613,8 @@
$success = LdapAuthenticationPlugin::ldap_add(
$wgAuth->ldapconn, $projectdn, $project );
$project = new OpenStackNovaProject( $projectname );
if ( $success ) {
- foreach ( self::$rolenames as $rolename ) {
- OpenStackNovaRole::createRole( $rolename,
$project );
+ foreach ( self::$roleids as $roleid ) {
+ OpenStackNovaRole::createRole( $roleid,
$project );
# TODO: If role addition fails, find a way to
fail gracefully
# Though, if the project was added
successfully, it is unlikely
# that role addition will fail.
diff --git a/nova/OpenStackNovaRole.php b/nova/OpenStackNovaRole.php
index 72c26fc..0438cbc 100644
--- a/nova/OpenStackNovaRole.php
+++ b/nova/OpenStackNovaRole.php
@@ -9,12 +9,13 @@
class OpenStackNovaRole {
public $rolename;
+ public $roleid;
public $roleDN;
public $roleInfo;
public $project;
/**
- * @param $rolename
+ * @param $roleid, $project
* @param null $project, optional
*/
function __construct( $roleid, $project ) {
@@ -64,6 +65,13 @@
*/
function getRoleName() {
return $this->rolename;
+ }
+
+ /**
+ * @return string
+ */
+ function getRoleId() {
+ return $this->roleid;
}
/**
@@ -189,7 +197,7 @@
/**
* @static
- * @param $rolename
+ * @param $roleid
* @param $project
* @return null|OpenStackNovaRole
*/
diff --git a/special/SpecialNovaProject.php b/special/SpecialNovaProject.php
index 95916dd..722ee7b 100644
--- a/special/SpecialNovaProject.php
+++ b/special/SpecialNovaProject.php
@@ -222,6 +222,7 @@
foreach ( $project->getRoles() as $role ) {
$roleRow = array();
$roleName = $role->getRoleName();
+ $roleId = $role->getRoleId();
$this->pushResourceColumn( $roleRow, $roleName );
$roleMembers = $role->getMembers();
natcasesort( $roleMembers );
@@ -229,11 +230,11 @@
$actions = array();
$specialRoleTitle = Title::newFromText(
'Special:NovaRole' );
$actions[] = $this->createActionLink(
'openstackmanager-addrolemember',
- array( 'action' => 'addmember', 'projectname'
=> $projectName, 'rolename' => $roleName, 'returnto' => 'Special:NovaProject' ),
+ array( 'action' => 'addmember', 'projectname'
=> $projectName, 'roleid' => $roleId, 'returnto' => 'Special:NovaProject' ),
$specialRoleTitle
);
$actions[] = $this->createActionLink(
'openstackmanager-removerolemember',
- array( 'action' => 'deletemember',
'projectname' => $projectName, 'rolename' => $roleName, 'returnto' =>
'Special:NovaProject' ),
+ array( 'action' => 'deletemember',
'projectname' => $projectName, 'roleid' => $roleId, 'returnto' =>
'Special:NovaProject' ),
$specialRoleTitle
);
$this->pushRawResourceColumn( $roleRow,
$this->createResourceList( $actions ) );
diff --git a/special/SpecialNovaRole.php b/special/SpecialNovaRole.php
index 0b25363..a370a4c 100644
--- a/special/SpecialNovaRole.php
+++ b/special/SpecialNovaRole.php
@@ -41,17 +41,17 @@
$this->getOutput()->setPagetitle( $this->msg(
'openstackmanager-addmember' ) );
$roleInfo = array();
- $rolename = $this->getRequest()->getText( 'rolename' );
+ $roleid = $this->getRequest()->getText( 'roleid' );
$projectname = $this->getRequest()->getText( 'projectname' );
if ( $projectname ) {
- if ( !$this->userCanExecute( $this->getUser() ) &&
!$this->userLDAP->inRole( $rolename, $projectname ) ) {
+ if ( !$this->userCanExecute( $this->getUser() ) &&
!$this->userLDAP->inRole( $roleid, $projectname ) ) {
$this->displayRestrictionError();
return false;
}
$project = OpenStackNovaProject::getProjectByName(
$projectname );
$projectmembers = $project->getMembers();
natcasesort( $projectmembers );
- $role = OpenStackNovaRole::getProjectRoleByName(
$rolename, $project );
+ $role = OpenStackNovaRole::getProjectRoleById( $roleid,
$project );
$rolemembers = $role->getMembers();
$member_keys = array();
foreach ( $projectmembers as $projectmember ) {
@@ -78,10 +78,10 @@
'default' => 'addmember',
'name' => 'action',
);
- $roleInfo['rolename'] = array(
+ $roleInfo['roleid'] = array(
'type' => 'hidden',
- 'default' => $rolename,
- 'name' => 'rolename',
+ 'default' => $roleid,
+ 'name' => 'roleid',
);
$roleInfo['projectname'] = array(
'type' => 'hidden',
@@ -113,17 +113,17 @@
$this->setHeaders();
$this->getOutput()->setPagetitle( $this->msg(
'openstackmanager-removerolemember' ) );
- $rolename = $this->getRequest()->getText( 'rolename' );
+ $roleid = $this->getRequest()->getText( 'roleid' );
$projectname = $this->getRequest()->getText( 'projectname' );
if ( $projectname ) {
- if ( !$this->userCanExecute( $this->getUser() ) &&
!$this->userLDAP->inRole( $rolename, $projectname ) ) {
+ if ( !$this->userCanExecute( $this->getUser() ) &&
!$this->userLDAP->inRole( $roleid, $projectname ) ) {
$this->displayRestrictionError();
return false;
}
$project = OpenStackNovaProject::getProjectByName(
$projectname );
$projectmembers = $project->getMembers();
natcasesort( $projectmembers );
- $role = OpenStackNovaRole::getProjectRoleByName(
$rolename, $project );
+ $role = OpenStackNovaRole::getProjectRoleById( $roleid,
$project );
$rolemembers = $role->getMembers();
$member_keys = array();
foreach ( $projectmembers as $projectmember ) {
@@ -151,10 +151,10 @@
'default' => 'deletemember',
'name' => 'action',
);
- $roleInfo['rolename'] = array(
+ $roleInfo['roleid'] = array(
'type' => 'hidden',
- 'default' => $rolename,
- 'name' => 'rolename',
+ 'default' => $roleid,
+ 'name' => 'roleid',
);
$roleInfo['projectname'] = array(
'type' => 'hidden',
@@ -192,7 +192,8 @@
$this->getOutput()->addWikiMsg(
'openstackmanager-nonexistentproject' );
return true;
}
- $role = OpenStackNovaRole::getProjectRoleByName(
$formData['rolename'], $project );
+ $role = OpenStackNovaRole::getProjectRoleById(
$formData['roleid'], $project );
+ $rolename = $role->getRoleName();
$members = $formData['members'];
} else {
//TODO: display error
@@ -204,9 +205,9 @@
foreach ( $members as $member ) {
$success = $role->addMember( $member );
if ( $success ) {
- $this->getOutput()->addWikiMsg(
'openstackmanager-addedto', $member, $formData['rolename'] );
+ $this->getOutput()->addWikiMsg(
'openstackmanager-addedto', $member, $rolename );
} else {
- $this->getOutput()->addWikiMsg(
'openstackmanager-failedtoadd', $member, $formData['rolename'] );
+ $this->getOutput()->addWikiMsg(
'openstackmanager-failedtoadd', $member, $rolename );
}
}
$project->editArticle();
@@ -235,7 +236,8 @@
$this->getOutput()->addWikiMsg(
'openstackmanager-nonexistentproject' );
return true;
}
- $role = OpenStackNovaRole::getProjectRoleByName(
$formData['rolename'], $project );
+ $role = OpenStackNovaRole::getProjectRoleById(
$formData['roleid'], $project );
+ $rolename = $role->getRoleName();
} else {
//TODO: display error
}
@@ -246,9 +248,9 @@
foreach ( $formData['members'] as $member ) {
$success = $role->deleteMember( $member );
if ( $success ) {
- $this->getOutput()->addWikiMsg(
'openstackmanager-removedfrom', $member, $formData['rolename'] );
+ $this->getOutput()->addWikiMsg(
'openstackmanager-removedfrom', $member, $rolename );
} else {
- $this->getOutput()->addWikiMsg(
'openstackmanager-failedtoremove', $member, $formData['rolename'] );
+ $this->getOutput()->addWikiMsg(
'openstackmanager-failedtoremove', $member, $rolename );
}
}
$project->editArticle();
--
To view, visit https://gerrit.wikimedia.org/r/268832
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I0545b502510758ed161473f7cdbe6d3da0d0fc7c
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/OpenStackManager
Gerrit-Branch: master
Gerrit-Owner: Andrew Bogott <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
