[Kimchi-devel] [PATCH 2/3] authorization: Add "access" elements to tabs.xml to describe user view
Royce Lv
lvroyce at linux.vnet.ibm.com
Wed Jul 16 07:38:20 UTC 2014
This role and mode infomation is stored in tabs.xml,
If backend is using this information, I guess its difficult to update
operations a role can perform.
If we are using it in frontend,
is that mean user can hack .js to change the access mode?
I suppose roles and operations mappings need to be restored in backend
db to make sure APIs are protected by authorization?
On 2014年07月16日 03:44, alinefm at linux.vnet.ibm.com wrote:
> From: Aline Manera <alinefm at linux.vnet.ibm.com>
>
> Kimchi has 2 user roles: "admin" with full control of Kimchi features
> and "user" with limited access
> To describe how each tab should be displayed to user, an "access"
> element was added to tabs.xml indicating which view mode each role has.
>
> <access role="..." mode="..."/>
>
> The "mode" attribute values are:
>
> - none: do not show the tab;
> - admin: full instance access;
> - read-only: read-only access;
> - byInstance: each resource will have its configuration sent by the
> backend ("access" parameter);
>
> The user will only be able to manage the guests he/she is assigned for,
> because that the guest tab has 'mode' == by-instance.
> That way each VM will have a new parameter "access" indicating if user has
> "full" or "read-only" access to this VM.
>
> As a user can edit a guest, he/she may need to know which networks
> and storage pools are configured, so set network and storage tab 'mode'
> to read-only.
>
> And as user should not perform any operation on host or templates, set
> their 'mode' attributes to 'none'.
>
> Signed-off-by: Aline Manera <alinefm at linux.vnet.ibm.com>
> ---
> config/ui/tabs.xml | 15 +++++++++++++++
> plugins/sample/ui/config/tab-ext.xml | 3 +++
> 2 files changed, 18 insertions(+)
>
> diff --git a/config/ui/tabs.xml b/config/ui/tabs.xml
> index b045521..f79684c 100644
> --- a/config/ui/tabs.xml
> +++ b/config/ui/tabs.xml
> @@ -1,22 +1,37 @@
> <?xml version="1.0" encoding="utf-8"?>
> <tabs>
> <tab>
> + <access role="admin" mode="admin"/>
> + <access role="user" mode="none"/>
> +
> <title>Host</title>
> <path>tabs/host.html</path>
> </tab>
> <tab>
> + <access role="admin" mode="admin"/>
> + <access role="user" mode="byInstance"/>
Maybe more role for guests? Virtualization admin can create/destroy,
guest system admin can start and stop, guest user can just login and logout.
> +
> <title>Guests</title>
> <path>tabs/guests.html</path>
> </tab>
> <tab>
> + <access role="admin" mode="admin"/>
> + <access role="user" mode="none"/>
I suppose also read-only for 'user', because user may want to browser
templates available, check details of the template to make decision
about which to use.
> +
> <title>Templates</title>
> <path>tabs/templates.html</path>
> </tab>
> <tab>
> + <access role="admin" mode="admin"/>
> + <access role="user" mode="read-only"/>
> +
> <title>Storage</title>
> <path>tabs/storage.html</path>
> </tab>
> <tab>
> + <access role="admin" mode="admin"/>
> + <access role="user" mode="read-only"/>
> +
> <title>Network</title>
> <path>tabs/network.html</path>
> </tab>
> diff --git a/plugins/sample/ui/config/tab-ext.xml b/plugins/sample/ui/config/tab-ext.xml
> index 8e0b3d3..a1fb1c2 100644
> --- a/plugins/sample/ui/config/tab-ext.xml
> +++ b/plugins/sample/ui/config/tab-ext.xml
> @@ -1,6 +1,9 @@
> <?xml version="1.0" encoding="utf-8"?>
> <tabs-ext>
> <tab>
> + <access role="admin" mode="admin"/>
> + <access role="user" mode="none"/>
> +
> <title>SampleTab</title>
> <path>plugins/sample/tab.html</path>
> </tab>
More information about the Kimchi-devel
mailing list