David Lutterkort
2008-Dec-10 20:39 UTC
[Ovirt-devel] [PATCH server] API: add a call to list VMs for a user
Going to the URL /vms will return a list of all the VM's for which the current user has PRIV_VIEW permission. The VM info contains the host the VM is running on (if any) --- src/app/controllers/vm_controller.rb | 14 ++++++++++++++ src/config/routes.rb | 2 +- 2 files changed, 15 insertions(+), 1 deletions(-) diff --git a/src/app/controllers/vm_controller.rb b/src/app/controllers/vm_controller.rb index ff74a37..701dea8 100644 --- a/src/app/controllers/vm_controller.rb +++ b/src/app/controllers/vm_controller.rb @@ -25,6 +25,20 @@ class VmController < ApplicationController before_filter :pre_vm_action, :only => [:vm_action, :cancel_queued_tasks, :console] + def index + roles = "('" + + Permission::roles_for_privilege(Permission::PRIV_VIEW).join("', '") + + "')" + user = get_login_user + @vms = Vm.find(:all, + :joins => "join permissions p on (vm_resource_pool_id = p.pool_id)", + :conditions => [ "p.uid = :user and p.user_role in #{roles}", + { :user => user }]) + respond_to do |format| + format.xml { render :xml => @vms.to_xml(:include => :host) } + end + end + def show set_perms(@perm_obj) @actions = @vm.get_action_hash(@user) diff --git a/src/config/routes.rb b/src/config/routes.rb index 0dbe0d6..135d68b 100644 --- a/src/config/routes.rb +++ b/src/config/routes.rb @@ -56,5 +56,5 @@ ActionController::Routing::Routes.draw do |map| hardware_pools.resources :hosts, :controller => 'host' hardware_pools.resources :storage_pools, :controller => 'storage' end - + map.resources :vms, :controller => 'vm' end -- 1.6.0.4
David Lutterkort
2008-Dec-10 23:55 UTC
[Ovirt-devel] Re: [PATCH server] API: add a call to list VMs for a user
David Lutterkort wrote:> Going to the URL /vms will return a list of all the VM's for which the > current user has PRIV_VIEW permission. The VM info contains the host the VM > is running on (if any)I am not too happy with the way the permission check is done, because it hardcodes a whole lot of knowledge about permissions in the wrong place- if anybody knows a better way to do that, please let me know. David
Scott Seago
2008-Dec-12 20:51 UTC
[Ovirt-devel] [PATCH server] API: add a call to list VMs for a user
David Lutterkort wrote:> Going to the URL /vms will return a list of all the VM's for which the > current user has PRIV_VIEW permission. The VM info contains the host the VM > is running on (if any) > --- > src/app/controllers/vm_controller.rb | 14 ++++++++++++++ > src/config/routes.rb | 2 +- > 2 files changed, 15 insertions(+), 1 deletions(-) > > diff --git a/src/app/controllers/vm_controller.rb b/src/app/controllers/vm_controller.rb > index ff74a37..701dea8 100644 > --- a/src/app/controllers/vm_controller.rb > +++ b/src/app/controllers/vm_controller.rb > @@ -25,6 +25,20 @@ class VmController < ApplicationController > > before_filter :pre_vm_action, :only => [:vm_action, :cancel_queued_tasks, :console] > > + def index > + roles = "('" + > + Permission::roles_for_privilege(Permission::PRIV_VIEW).join("', '") + > + "')" > + user = get_login_user > + @vms = Vm.find(:all, > + :joins => "join permissions p on (vm_resource_pool_id = p.pool_id)", > + :conditions => [ "p.uid = :user and p.user_role in #{roles}", > + { :user => user }]) >Yeah we won't really be able to improve this much until we put the privilege-to-role mapping into the database... Works for me... ACK
Perry Myers
2008-Dec-13 00:29 UTC
[Ovirt-devel] [PATCH server] API: add a call to list VMs for a user
David Lutterkort wrote:> Going to the URL /vms will return a list of all the VM's for which the > current user has PRIV_VIEW permission. The VM info contains the host the VM > is running on (if any)pushed Perry