[Kimchi-devel] [PATCH 2/2] authorization: Add "mode" attribute to describe user view
Wen Wang
wenwang at linux.vnet.ibm.com
Fri Jul 11 06:31:59 UTC 2014
Thanks Aline, I think there might be some issues by changing the xml
file manually. From the *tabs.xml* we get the mode that a user should
have but it doesn't change when we change user. I have applied your code
and it's something like this:
Either using a guest or root we can only get the permitted tabs of the
guest. Can we have the kimchi/config/ui/tabs.xml changed automatically
according to the logged in user. Role distinguishing can be done in the
back-end and add the right mode to this xml file automatically? Or else
we might need to find other ways to transfer the user roles.
Best regards
Wang Wen
On 7/11/2014 10:16 AM, alinefm at linux.vnet.ibm.com wrote:
> From: Aline Manera <alinefm at linux.vnet.ibm.com>
>
> Kimchi has 2 user roles: "admin" with full control of Kimchi features
> and "user" with limited access
> To describe how each tab should be displayed for a user, the "mode"
> attribute should be added.
> The "mode" attribute values are:
>
> - none: do not show the tab;
> - admin: full instance access;
> - read-only: read-only access;
> - byInstance: each resource will have its configuration sent by the
> backend;
>
> The user will only be able to manage the guests he/she is assigned for,
> because that the guest tab has 'mode' == admin
> As a user can edit a guest, he/she may need to know which networks
> and storage pools are configured, so set network and storage tab 'mode'
> to read-only.
> And as user should not perform any operation on host or templates, set
> their 'mode' attributes to 'none'.
>
> Signed-off-by: Aline Manera <alinefm at linux.vnet.ibm.com>
> ---
> config/ui/tabs.xml | 10 +++++-----
> 1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/config/ui/tabs.xml b/config/ui/tabs.xml
> index b045521..b8e7bd6 100644
> --- a/config/ui/tabs.xml
> +++ b/config/ui/tabs.xml
> @@ -1,22 +1,22 @@
> <?xml version="1.0" encoding="utf-8"?>
> <tabs>
> - <tab>
> + <tab mode="none">
> <title>Host</title>
> <path>tabs/host.html</path>
> </tab>
> - <tab>
> + <tab mode="admin">
> <title>Guests</title>
> <path>tabs/guests.html</path>
> </tab>
> - <tab>
> + <tab mode="none">
> <title>Templates</title>
> <path>tabs/templates.html</path>
> </tab>
> - <tab>
> + <tab mode="read-only">
> <title>Storage</title>
> <path>tabs/storage.html</path>
> </tab>
> - <tab>
> + <tab mode="read-only">
> <title>Network</title>
> <path>tabs/network.html</path>
> </tab>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/kimchi-devel/attachments/20140711/a054360a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: user1.png
Type: image/png
Size: 14937 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/kimchi-devel/attachments/20140711/a054360a/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: user2.png
Type: image/png
Size: 14834 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/kimchi-devel/attachments/20140711/a054360a/attachment-0001.png>
More information about the Kimchi-devel
mailing list