[Kimchi-devel] [PATCH 0/5 V3] authorization: Backend changes

alinefm at linux.vnet.ibm.com alinefm at linux.vnet.ibm.com
Wed Jul 16 21:52:27 UTC 2014 

From: Aline Manera <alinefm at linux.vnet.ibm.com>

V2 -> V3:
- Update backend authorization rules to reflect our last discussions
- Use .getiterator() instead of .iter() while reading xml files
- Get role according tab instead of sudo rights
  To do that I needed to add a new parameter to UrlSubNode() as Kimchi protects 
  its API URIs and the user role is per tab, I need to know which URIs is used
  in each tab

V1 -> V2:
- Add "access" elements to describe role/view for each tab
- Return a role map in /login
  For each tab, a role will be returned. That way we have more flexibility to
  change user role per tab
- Add "access" parameter to VM.lookup()
  As the user will have full access to the VM assigned to it, return
  "access=full" for all them

Aline Manera (5):
  authorization: Update authorization rules per API
  authorization: Update /login to return user roles instead of sudo
    parameter
  authorization: Add "access" elements to tabs.xml to describe user view
  authorization: Add "access" parameter to VM resource
  authorization: Get role according to tab instead of sudo rights

 config/ui/tabs.xml                   | 15 +++++++++++++
 plugins/sample/ui/config/tab-ext.xml |  3 +++
 src/kimchi/auth.py                   | 42 +++++++++++++++++++++++++-----------
 src/kimchi/control/debugreports.py   |  2 +-
 src/kimchi/control/host.py           |  2 +-
 src/kimchi/control/interfaces.py     |  2 +-
 src/kimchi/control/networks.py       |  2 +-
 src/kimchi/control/storagepools.py   |  2 +-
 src/kimchi/control/storageservers.py |  2 +-
 src/kimchi/control/templates.py      |  2 +-
 src/kimchi/control/utils.py          |  4 +++-
 src/kimchi/control/vms.py            |  2 +-
 src/kimchi/mockmodel.py              |  3 ++-
 src/kimchi/model/vms.py              |  3 ++-
 src/kimchi/server.py                 |  1 +
 src/kimchi/utils.py                  | 15 +++++++++++++
 tests/test_authorization.py          |  8 +++----
 tests/test_mockmodel.py              |  3 ++-
 tests/test_model.py                  |  3 ++-
 tests/test_rest.py                   |  8 +++++++
 tests/utils.py                       |  6 +++---
 21 files changed, 97 insertions(+), 33 deletions(-)

-- 
1.9.3

More information about the Kimchi-devel mailing list