Don't load user role assignment or groups tabs for non-admins
As a non admin user, navigate to Identity -> Users. Then click on the username of your user to go to the detail page. Only the allowed Overview tab is visible. The view shows three tabs: Overview, Role assignments, Groups. Click on either Role assignments or Groups. An error will appear, showing that the API call is unauthorised, and the table content will fail to load. This change fixes the issue by conditionally loading the tabs based on policy. Closes-Bug: #1920214 Change-Id: Ic8b723e6fd423b96a4f5eff54f9392cee534ed9e
This commit is contained in:
parent
7db8cd46ad
commit
60cf320315
|
@ -90,6 +90,10 @@ class RoleAssignmentsTab(tabs.TableTab):
|
|||
template_name = "horizon/common/_detail_table.html"
|
||||
preload = False
|
||||
|
||||
def allowed(self, request):
|
||||
return policy.check((("identity", "identity:list_role_assignments"),),
|
||||
self.request)
|
||||
|
||||
def get_roleassignmentstable_data(self):
|
||||
user = self.tab_group.kwargs['user']
|
||||
|
||||
|
@ -136,6 +140,10 @@ class GroupsTab(tabs.TableTab):
|
|||
template_name = "horizon/common/_detail_table.html"
|
||||
preload = False
|
||||
|
||||
def allowed(self, request):
|
||||
return policy.check((("identity", "identity:list_groups"),),
|
||||
self.request)
|
||||
|
||||
def get_groupstable_data(self):
|
||||
user_groups = []
|
||||
user = self.tab_group.kwargs['user']
|
||||
|
|
Loading…
Reference in New Issue