This role and mode infomation is stored in tabs.xml, If backend is using this information, I guess its difficult to update operations a role can perform. If we are using it in frontend, is that mean user can hack .js to change the access mode? I suppose roles and operations mappings need to be restored in backend db to make sure APIs are protected by authorization? On 2014年07月16日 03:44, alinefm@linux.vnet.ibm.com wrote:
From: Aline Manera <alinefm@linux.vnet.ibm.com>
Kimchi has 2 user roles: "admin" with full control of Kimchi features and "user" with limited access To describe how each tab should be displayed to user, an "access" element was added to tabs.xml indicating which view mode each role has.
<access role="..." mode="..."/>
The "mode" attribute values are:
- none: do not show the tab; - admin: full instance access; - read-only: read-only access; - byInstance: each resource will have its configuration sent by the backend ("access" parameter);
The user will only be able to manage the guests he/she is assigned for, because that the guest tab has 'mode' == by-instance. That way each VM will have a new parameter "access" indicating if user has "full" or "read-only" access to this VM.
As a user can edit a guest, he/she may need to know which networks and storage pools are configured, so set network and storage tab 'mode' to read-only.
And as user should not perform any operation on host or templates, set their 'mode' attributes to 'none'.
Signed-off-by: Aline Manera <alinefm@linux.vnet.ibm.com> --- config/ui/tabs.xml | 15 +++++++++++++++ plugins/sample/ui/config/tab-ext.xml | 3 +++ 2 files changed, 18 insertions(+)
diff --git a/config/ui/tabs.xml b/config/ui/tabs.xml index b045521..f79684c 100644 --- a/config/ui/tabs.xml +++ b/config/ui/tabs.xml @@ -1,22 +1,37 @@ <?xml version="1.0" encoding="utf-8"?> <tabs> <tab> + <access role="admin" mode="admin"/> + <access role="user" mode="none"/> + <title>Host</title> <path>tabs/host.html</path> </tab> <tab> + <access role="admin" mode="admin"/> + <access role="user" mode="byInstance"/> Maybe more role for guests? Virtualization admin can create/destroy, guest system admin can start and stop, guest user can just login and logout. + <title>Guests</title> <path>tabs/guests.html</path> </tab> <tab> + <access role="admin" mode="admin"/> + <access role="user" mode="none"/> I suppose also read-only for 'user', because user may want to browser templates available, check details of the template to make decision about which to use. + <title>Templates</title> <path>tabs/templates.html</path> </tab> <tab> + <access role="admin" mode="admin"/> + <access role="user" mode="read-only"/> + <title>Storage</title> <path>tabs/storage.html</path> </tab> <tab> + <access role="admin" mode="admin"/> + <access role="user" mode="read-only"/> + <title>Network</title> <path>tabs/network.html</path> </tab> diff --git a/plugins/sample/ui/config/tab-ext.xml b/plugins/sample/ui/config/tab-ext.xml index 8e0b3d3..a1fb1c2 100644 --- a/plugins/sample/ui/config/tab-ext.xml +++ b/plugins/sample/ui/config/tab-ext.xml @@ -1,6 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> <tabs-ext> <tab> + <access role="admin" mode="admin"/> + <access role="user" mode="none"/> + <title>SampleTab</title> <path>plugins/sample/tab.html</path> </tab>