On 07/18/2014 08:18 AM, wenwang@linux.vnet.ibm.com wrote:

From: Wen Wang <wenwang@linux.vnet.ibm.com>

This patch add each tab's mode into cookie

Signed-off-by: Wen Wang <wenwang@linux.vnet.ibm.com> --- ui/js/src/kimchi.login.js | 20 +++++++++++++------- 1 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/ui/js/src/kimchi.login.js b/ui/js/src/kimchi.login.js index 72d2ee3..9f357dc 100644 --- a/ui/js/src/kimchi.login.js +++ b/ui/js/src/kimchi.login.js @@ -36,8 +36,8 @@ kimchi.login_main = function() { var loginButton = $('#btn-login');

var login = function(event) { - $("#login").hide() - $("#logging").show() + $("#login").hide(); + $("#logging").show();

var userName = userNameBox.val(); userName && kimchi.user.setUserName(userName); @@ -50,18 +50,24 @@ kimchi.login_main = function() { var query = window.location.search; var next = /.*next=(.*?)(&|$)/g.exec(query); if (next) { - var next_url = decodeURIComponent(next[1]) + var next_url = decodeURIComponent(next[1]); } else { var lastPage = kimchi.cookie.get('lastPage'); - var next_url = lastPage ? lastPage.replace(/\"/g,'') : "/" + var next_url = lastPage ? lastPage.replace(/\"/g,'') : "/"; } + var next_url = lastPage ? lastPage.replace(/\"/g,'') : "/";

+ kimchi.cookie.set('HostMode', data.roles['host'] === 'admin' ? 'admin' : 'none', 365); + kimchi.cookie.set('GuestsMode', data.roles['guests'] === 'admin' ? 'admin' : 'byInstance', 365); + kimchi.cookie.set('TemplatesMode',data.roles['templates'] === 'admin' ? 'admin' : 'none', 365); + kimchi.cookie.set('StorageMode', data.roles['storage'] === 'admin' ? 'admin' : 'read-only', 365); + kimchi.cookie.set('NetworkMode', data.roles['network'] === 'admin' ? 'admin' : 'read-only', 365);

You should only store the data.roles value in a cookie and use this info while loading the tabs The mode is described in tabs.xml, and you should get it from there instead of assuming values in UI Also remember, Kimchi supports plugins, ie, each plugin has its own mode configuration described on tab-ext.xml

window.location.replace(next_url) }, function() { - $("#messUserPass").show() + $("#messUserPass").show(); $("#messSession").hide(); - $("#logging").hide() - $("#login").show() + $("#logging").hide(); + $("#login").show(); });

return false;

On 07/19/2014 01:40 AM, Aline Manera wrote:

On 07/18/2014 08:18 AM, wenwang@linux.vnet.ibm.com wrote:

...

From: Wen Wang <wenwang@linux.vnet.ibm.com>

This patch removed host/template tabs from non-root users

Signed-off-by: Wen Wang <wenwang@linux.vnet.ibm.com> --- ui/js/src/kimchi.main.js | 21 +++++++++++++-------- 1 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/ui/js/src/kimchi.main.js b/ui/js/src/kimchi.main.js index 8eb4d73..54a0043 100644 --- a/ui/js/src/kimchi.main.js +++ b/ui/js/src/kimchi.main.js @@ -23,13 +23,16 @@ kimchi.main = function() { $(tabs).each(function(i, tab) { var title = tab['title']; var path = tab['path']; - tabsHtml.push( - '<li>', - '<a class="item" href="', path, '">', - title, - '</a>', - '</li>' - ); + var mode = tab['mode']; + if (mode != 'none') { + tabsHtml.push( + '<li>', + '<a class="item" href="', path, '">', + title, + '</a>', + '</li>' + ); + } }); return tabsHtml.join(''); }; @@ -41,9 +44,11 @@ kimchi.main = function() { var titleKey = $tab.find('title').text(); var title = i18n[titleKey] ? i18n[titleKey] : titleKey; var path = $tab.find('path').text();

...

+ var mode = kimchi.cookie.get(titleKey + 'Mode');

While loading the tabs.xml and tab-ext.xml you need to get the mode attribute according to role access element For example:

var role = kimchi.cookie.get(titlekey + 'Role')

var mode = $tab.find(["role='" + role + "']').attrib("mode")

ACK

...

tabs.push({ title: title, - path: path + path: path, + mode: mode }); });

On 07/18/2014 08:18 AM, wenwang@linux.vnet.ibm.com wrote:

From: Wen Wang <wenwang@linux.vnet.ibm.com>

This patch removes [+] icon from the toolbar for users without 'admin' role

Signed-off-by: Wen Wang <wenwang@linux.vnet.ibm.com> --- ui/js/src/kimchi.guest_main.js | 4 ++++ ui/js/src/kimchi.network.js | 4 ++++ ui/js/src/kimchi.storage_main.js | 4 ++++

You need to do the same for the templates tab

3 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/ui/js/src/kimchi.guest_main.js b/ui/js/src/kimchi.guest_main.js index acbae15..3d3a4b8 100644 --- a/ui/js/src/kimchi.guest_main.js +++ b/ui/js/src/kimchi.guest_main.js @@ -323,6 +323,10 @@ kimchi.guestSetRequestHeader = function(xhr) { };

kimchi.guest_main = function() { + var guestsMode = kimchi.cookie.get('GuestsMode'); + if(guestsMode != 'admin') { + $('.tools').remove(); + } $("#vm-add").on("click", function(event) { kimchi.window.open('guest-add.html'); }); diff --git a/ui/js/src/kimchi.network.js b/ui/js/src/kimchi.network.js index cbd967f..a44e33c 100644 --- a/ui/js/src/kimchi.network.js +++ b/ui/js/src/kimchi.network.js @@ -19,6 +19,10 @@ kimchi.NETWORK_TYPE_BRIDGE = "bridged";

kimchi.initNetwork = function() { + var networkMode = kimchi.cookie.get('NetworkMode'); + if(networkMode != 'admin') { + $('.tools').remove(); + } kimchi.initNetworkListView(); kimchi.initNetworkDialog(); kimchi.initNetworkCreation(); diff --git a/ui/js/src/kimchi.storage_main.js b/ui/js/src/kimchi.storage_main.js index 3a18f82..593e7b1 100644 --- a/ui/js/src/kimchi.storage_main.js +++ b/ui/js/src/kimchi.storage_main.js @@ -234,6 +234,10 @@ kimchi.initLogicalPoolExtend = function() { }

kimchi.storage_main = function() { + var storageMode = kimchi.cookie.get('StorageMode'); + if(storageMode != 'admin') { + $('.tools').remove(); + } $('#storage-pool-add').on('click', function() { kimchi.window.open('storagepool-add.html'); });

I have tried. By using stored roles in cookie. we need to query for mode in the xml file everytime we load a tab. It is time consuming and the "+" button as well as the action buttons will blink if we try to make it invisible since the query for tabs.xml is time consuming. Can I store the "mode" parameter in cookie with a json file or maybe "tabMode" that transfer from the "role" so that will make the init more efficiently. thanks On 07/19/2014 01:47 AM, Aline Manera wrote:

Never mind.

Just remembered the templates tab will not be displayed for a "user" role

Reviewed-by: Aline Manera <alinefm@linux.vnet.ibm.com>

On 07/18/2014 08:18 AM, wenwang@linux.vnet.ibm.com wrote:

...

From: Wen Wang <wenwang@linux.vnet.ibm.com>

This patch removes [+] icon from the toolbar for users without 'admin' role

Signed-off-by: Wen Wang <wenwang@linux.vnet.ibm.com> --- ui/js/src/kimchi.guest_main.js | 4 ++++ ui/js/src/kimchi.network.js | 4 ++++ ui/js/src/kimchi.storage_main.js | 4 ++++ 3 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/ui/js/src/kimchi.guest_main.js b/ui/js/src/kimchi.guest_main.js index acbae15..3d3a4b8 100644 --- a/ui/js/src/kimchi.guest_main.js +++ b/ui/js/src/kimchi.guest_main.js @@ -323,6 +323,10 @@ kimchi.guestSetRequestHeader = function(xhr) { };

kimchi.guest_main = function() { + var guestsMode = kimchi.cookie.get('GuestsMode'); + if(guestsMode != 'admin') { + $('.tools').remove(); + } $("#vm-add").on("click", function(event) { kimchi.window.open('guest-add.html'); }); diff --git a/ui/js/src/kimchi.network.js b/ui/js/src/kimchi.network.js index cbd967f..a44e33c 100644 --- a/ui/js/src/kimchi.network.js +++ b/ui/js/src/kimchi.network.js @@ -19,6 +19,10 @@ kimchi.NETWORK_TYPE_BRIDGE = "bridged";

kimchi.initNetwork = function() { + var networkMode = kimchi.cookie.get('NetworkMode'); + if(networkMode != 'admin') { + $('.tools').remove(); + } kimchi.initNetworkListView(); kimchi.initNetworkDialog(); kimchi.initNetworkCreation(); diff --git a/ui/js/src/kimchi.storage_main.js b/ui/js/src/kimchi.storage_main.js index 3a18f82..593e7b1 100644 --- a/ui/js/src/kimchi.storage_main.js +++ b/ui/js/src/kimchi.storage_main.js @@ -234,6 +234,10 @@ kimchi.initLogicalPoolExtend = function() { }

kimchi.storage_main = function() { + var storageMode = kimchi.cookie.get('StorageMode'); + if(storageMode != 'admin') { + $('.tools').remove(); + } $('#storage-pool-add').on('click', function() { kimchi.window.open('storagepool-add.html'); });

On 07/22/2014 03:40 AM, Aline Manera wrote:

On 07/21/2014 09:02 AM, Wen Wang wrote:

...

I have tried. By using stored roles in cookie. we need to query for mode in the xml file everytime we load a tab. It is time consuming and the "+" button as well as the action buttons will blink if we try to make it invisible since the query for tabs.xml is time consuming. Can I store the "mode" parameter in cookie with a json file or maybe "tabMode" that transfer from the "role" so that will make the init more efficiently.

I think it can work pretty well. You can store the tab mode in a cookie while loading it to use it later when needed.

ACK

...

thanks

On 07/19/2014 01:47 AM, Aline Manera wrote:

...

Never mind.

Just remembered the templates tab will not be displayed for a "user" role

Reviewed-by: Aline Manera <alinefm@linux.vnet.ibm.com>

On 07/18/2014 08:18 AM, wenwang@linux.vnet.ibm.com wrote:

...

From: Wen Wang <wenwang@linux.vnet.ibm.com>

This patch removes [+] icon from the toolbar for users without 'admin' role

Signed-off-by: Wen Wang <wenwang@linux.vnet.ibm.com> --- ui/js/src/kimchi.guest_main.js | 4 ++++ ui/js/src/kimchi.network.js | 4 ++++ ui/js/src/kimchi.storage_main.js | 4 ++++ 3 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/ui/js/src/kimchi.guest_main.js b/ui/js/src/kimchi.guest_main.js index acbae15..3d3a4b8 100644 --- a/ui/js/src/kimchi.guest_main.js +++ b/ui/js/src/kimchi.guest_main.js @@ -323,6 +323,10 @@ kimchi.guestSetRequestHeader = function(xhr) { };

kimchi.guest_main = function() { + var guestsMode = kimchi.cookie.get('GuestsMode'); + if(guestsMode != 'admin') { + $('.tools').remove(); + } $("#vm-add").on("click", function(event) { kimchi.window.open('guest-add.html'); }); diff --git a/ui/js/src/kimchi.network.js b/ui/js/src/kimchi.network.js index cbd967f..a44e33c 100644 --- a/ui/js/src/kimchi.network.js +++ b/ui/js/src/kimchi.network.js @@ -19,6 +19,10 @@ kimchi.NETWORK_TYPE_BRIDGE = "bridged";

kimchi.initNetwork = function() { + var networkMode = kimchi.cookie.get('NetworkMode'); + if(networkMode != 'admin') { + $('.tools').remove(); + } kimchi.initNetworkListView(); kimchi.initNetworkDialog(); kimchi.initNetworkCreation(); diff --git a/ui/js/src/kimchi.storage_main.js b/ui/js/src/kimchi.storage_main.js index 3a18f82..593e7b1 100644 --- a/ui/js/src/kimchi.storage_main.js +++ b/ui/js/src/kimchi.storage_main.js @@ -234,6 +234,10 @@ kimchi.initLogicalPoolExtend = function() { }

kimchi.storage_main = function() { + var storageMode = kimchi.cookie.get('StorageMode'); + if(storageMode != 'admin') { + $('.tools').remove(); + } $('#storage-pool-add').on('click', function() { kimchi.window.open('storagepool-add.html'); });

Reviewed-by: Aline Manera <alinefm@linux.vnet.ibm.com> On 07/18/2014 08:18 AM, wenwang@linux.vnet.ibm.com wrote:

From: Wen Wang <wenwang@linux.vnet.ibm.com>

Authorization: remove actions menu from storage/network tabs for non-rooot users

Signed-off-by: Wen Wang <wenwang@linux.vnet.ibm.com>

Conflicts:

ui/js/src/kimchi.network.js --- ui/css/theme-default/storage.css | 18 +++++++++--------- ui/js/src/kimchi.network.js | 5 +++++ ui/js/src/kimchi.storage_main.js | 7 +++++++ 3 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/ui/css/theme-default/storage.css b/ui/css/theme-default/storage.css index e94c1ec..d0e64b3 100644 --- a/ui/css/theme-default/storage.css +++ b/ui/css/theme-default/storage.css @@ -17,7 +17,7 @@ */ /* STORAGE */ .handle { - width: 5%; + padding-left: 111px; }

.storage-title { @@ -148,37 +148,37 @@ }

.storage-name { - width: 20%; + width: 199px; }

.storage-state { - width: 5%; + width: 51px; }

.storage-location { - width: 29%; + width: 288px; }

.storage-type { - width: 10%; + width: 98px; }

.storage-capacity { - width: 10%; + width: 98px; }

.storage-allocate { - width: 10%; + width: 98px; }

.storage-button { - width: 11%; + width: 108px; text-align: center; }

.title-name { - width: 198px; + width: 199px; }

.title-state { diff --git a/ui/js/src/kimchi.network.js b/ui/js/src/kimchi.network.js index a44e33c..0b13feb 100644 --- a/ui/js/src/kimchi.network.js +++ b/ui/js/src/kimchi.network.js @@ -22,6 +22,7 @@ kimchi.initNetwork = function() { var networkMode = kimchi.cookie.get('NetworkMode'); if(networkMode != 'admin') { $('.tools').remove(); + $('.header span:last-child').remove(); } kimchi.initNetworkListView(); kimchi.initNetworkDialog(); @@ -52,6 +53,10 @@ kimchi.initNetworkListView = function() {

kimchi.addNetworkItem = function(network) { $("#networkBody").append(kimchi.getNetworkItemHtml(network)); + var networkMode = kimchi.cookie.get('NetworkMode'); + if(networkMode != 'admin') { + $('.column-action').remove(); + } kimchi.addNetworkActions(network); };

diff --git a/ui/js/src/kimchi.storage_main.js b/ui/js/src/kimchi.storage_main.js index 593e7b1..d0b2a17 100644 --- a/ui/js/src/kimchi.storage_main.js +++ b/ui/js/src/kimchi.storage_main.js @@ -16,6 +16,10 @@ * limitations under the License. */ kimchi.doListStoragePools = function() { + var storageMode = kimchi.cookie.get('StorageMode'); + if(storageMode != 'admin') { + $('.title-actions').remove(); + } kimchi.listStoragePools(function(result) { var storageHtml = $('#storageTmpl').html(); if (result && result.length) { @@ -31,6 +35,9 @@ kimchi.doListStoragePools = function() { }); $('#storagepoolsList').html(listHtml); kimchi.storageBindClick(); + if(storageMode != 'admin') { + $('.storage-button').remove(); + } } else { $('#storagepoolsList').html(''); }