Using rbac policy for environments panel
Using rbac policy for environments panel and table action. Change-Id: Ia67477f72501f9fc05b94624a8b3f4d9d52d8bdb Depends-On: I3e6aec8e1cbe57cb80e6d1b8df012f5047aad511 Partially-Implements: blueprint murano-dashboard-rbac
This commit is contained in:
parent
8b86508090
commit
8af6b385dd
@ -21,6 +21,7 @@ from muranodashboard import dashboard
|
||||
class Environments(horizon.Panel):
|
||||
name = _("Environments")
|
||||
slug = 'environments'
|
||||
policy_rules = (("murano", "list_environments"),)
|
||||
|
||||
|
||||
dashboard.Murano.register(Environments)
|
||||
|
@ -25,6 +25,7 @@ from horizon import messages
|
||||
from horizon import tables
|
||||
from horizon.utils import filters
|
||||
from muranoclient.common import exceptions as exc
|
||||
from openstack_dashboard import policy
|
||||
from oslo_log import log as logging
|
||||
|
||||
from muranodashboard import api as api_utils
|
||||
@ -34,7 +35,6 @@ from muranodashboard.environments import api
|
||||
from muranodashboard.environments import consts
|
||||
from muranodashboard.packages import consts as pkg_consts
|
||||
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
@ -89,6 +89,7 @@ class CreateEnvironment(tables.LinkAction):
|
||||
classes = ('btn-launch', 'add_env')
|
||||
redirect_url = "horizon:project:murano:environments"
|
||||
icon = 'plus'
|
||||
policy_rules = (("murano", "create_environment"),)
|
||||
|
||||
def allowed(self, request, datum):
|
||||
return True if self.table.data else False
|
||||
@ -104,8 +105,9 @@ class CreateEnvironment(tables.LinkAction):
|
||||
exceptions.handle(request, msg, redirect=redirect)
|
||||
|
||||
|
||||
class DeleteEnvironment(tables.DeleteAction):
|
||||
class DeleteEnvironment(policy.PolicyTargetMixin, tables.DeleteAction):
|
||||
redirect_url = "horizon:project:murano:environments"
|
||||
policy_rules = (("murano", "delete_environment"),)
|
||||
|
||||
@staticmethod
|
||||
def action_present(count):
|
||||
@ -148,6 +150,7 @@ class AbandonEnvironment(tables.DeleteAction):
|
||||
"this environment will have to be released manually.")
|
||||
name = 'abandon'
|
||||
redirect_url = "horizon:project:murano:environments"
|
||||
policy_rules = (("murano", "delete_environment"),)
|
||||
|
||||
@staticmethod
|
||||
def action_present(count):
|
||||
@ -398,6 +401,10 @@ class UpdateServiceRow(tables.Row):
|
||||
|
||||
|
||||
class UpdateName(tables.UpdateAction):
|
||||
def allowed(self, request, environment, cell):
|
||||
policy_rule = (("murano", "update_environment"),)
|
||||
return policy.check(policy_rule, request)
|
||||
|
||||
def update_cell(self, request, datum, obj_id, cell_name, new_cell_value):
|
||||
try:
|
||||
if not new_cell_value or new_cell_value.isspace():
|
||||
@ -439,6 +446,21 @@ class EnvironmentsTable(tables.DataTable):
|
||||
status_choices=consts.STATUS_CHOICES,
|
||||
display_choices=consts.STATUS_DISPLAY_CHOICES)
|
||||
|
||||
def get_env_detail_link(self, environment):
|
||||
# NOTE: using the policy check for show_environment
|
||||
if policy.check((("murano", "show_environment"),),
|
||||
self.request, target={"environment": environment}):
|
||||
return reverse("horizon:murano:environments:services",
|
||||
args=(environment.id,))
|
||||
return None
|
||||
|
||||
def __init__(self, request, data=None, needs_form_wrapper=None, **kwargs):
|
||||
super(EnvironmentsTable,
|
||||
self).__init__(request, data=data,
|
||||
needs_form_wrapper=needs_form_wrapper,
|
||||
**kwargs)
|
||||
self.columns['name'].get_link_url = self.get_env_detail_link
|
||||
|
||||
class Meta(object):
|
||||
name = 'environments'
|
||||
verbose_name = _('Environments')
|
||||
|
@ -22,6 +22,7 @@ from horizon import exceptions
|
||||
from horizon import tabs
|
||||
from openstack_dashboard.api import heat as heat_api
|
||||
from openstack_dashboard.api import nova as nova_api
|
||||
from openstack_dashboard import policy
|
||||
|
||||
from muranoclient.common import exceptions as exc
|
||||
from muranodashboard.environments import api
|
||||
@ -235,6 +236,9 @@ class DeploymentTab(tabs.TableTab):
|
||||
template_name = 'horizon/common/_detail_table.html'
|
||||
preload = False
|
||||
|
||||
def allowed(self, request):
|
||||
return policy.check((("murano", "list_deployments"),), request)
|
||||
|
||||
def get_deployments_data(self):
|
||||
deployments = []
|
||||
self.environment_id = self.tab_group.kwargs['environment_id']
|
||||
|
Loading…
Reference in New Issue
Block a user