2:38 a.m.
This role and mode infomation is stored in tabs.xml,
If backend is using this information, I guess its difficult to update
operations a role can perform.
If we are using it in frontend,
is that mean user can hack .js to change the access mode?
I suppose roles and operations mappings need to be restored in backend
db to make sure APIs are protected by authorization?
On 2014年07月16日 03:44, alinefm(a)linux.vnet.ibm.com wrote:
From: Aline Manera <alinefm(a)linux.vnet.ibm.com>
Kimchi has 2 user roles: "admin" with full control of Kimchi features
and "user" with limited access
To describe how each tab should be displayed to user, an "access"
element was added to tabs.xml indicating which view mode each role has.
<access role="..." mode="..."/>
The "mode" attribute values are:
- none: do not show the tab;
- admin: full instance access;
- read-only: read-only access;
- byInstance: each resource will have its configuration sent by the
backend ("access" parameter);
The user will only be able to manage the guests he/she is assigned for,
because that the guest tab has 'mode' == by-instance.
That way each VM will have a new parameter "access" indicating if user has
"full" or "read-only" access to this VM.
As a user can edit a guest, he/she may need to know which networks
and storage pools are configured, so set network and storage tab 'mode'
to read-only.
And as user should not perform any operation on host or templates, set
their 'mode' attributes to 'none'.
Signed-off-by: Aline Manera <alinefm(a)linux.vnet.ibm.com>
---
config/ui/tabs.xml | 15 +++++++++++++++
plugins/sample/ui/config/tab-ext.xml | 3 +++
2 files changed, 18 insertions(+)
diff --git a/config/ui/tabs.xml b/config/ui/tabs.xml
index b045521..f79684c 100644
--- a/config/ui/tabs.xml
+++ b/config/ui/tabs.xml
@@ -1,22 +1,37 @@
<?xml version="1.0" encoding="utf-8"?>
<tabs>
<tab>
+ <access role="admin" mode="admin"/>
+ <access role="user" mode="none"/>
+
<title>Host</title>
<path>tabs/host.html</path>
</tab>
<tab>
+ <access role="admin" mode="admin"/>
+ <access role="user" mode="byInstance"/>
Maybe
more role for guests? Virtualization admin can create/destroy,
guest system admin can start and stop, guest user can just login and logout.
+
<title>Guests</title>
<path>tabs/guests.html</path>
</tab>
<tab>
+ <access role="admin" mode="admin"/>
+ <access role="user" mode="none"/>
I suppose also
read-only for 'user', because user may want to browser
templates available, check details of the template to make decision
about which to use.
+
<title>Templates</title>
<path>tabs/templates.html</path>
</tab>
<tab>
+ <access role="admin" mode="admin"/>
+ <access role="user" mode="read-only"/>
+
<title>Storage</title>
<path>tabs/storage.html</path>
</tab>
<tab>
+ <access role="admin" mode="admin"/>
+ <access role="user" mode="read-only"/>
+
<title>Network</title>
<path>tabs/network.html</path>
</tab>
diff --git a/plugins/sample/ui/config/tab-ext.xml b/plugins/sample/ui/config/tab-ext.xml
index 8e0b3d3..a1fb1c2 100644
--- a/plugins/sample/ui/config/tab-ext.xml
+++ b/plugins/sample/ui/config/tab-ext.xml
@@ -1,6 +1,9 @@
<?xml version="1.0" encoding="utf-8"?>
<tabs-ext>
<tab>
+ <access role="admin" mode="admin"/>
+ <access role="user" mode="none"/>
+
<title>SampleTab</title>
<path>plugins/sample/tab.html</path>
</tab>