[Kimchi-devel] [PATCHv4 2/2] Change guest edit permission logic

Aline Manera alinefm at linux.vnet.ibm.com
Wed Nov 26 12:04:09 UTC 2014


On 11/26/2014 12:14 AM, lvroyce0210 at gmail.com wrote:
> From: Royce Lv <lvroyce at linux.vnet.ibm.com>
>
> Update api for ldap user query,
> also adopt guest edit permission, validate user when change permission,
> add notice icon to indicate invalid user input.
>
> Signed-off-by: Royce Lv <lvroyce at linux.vnet.ibm.com>
> ---
>   ui/js/src/kimchi.api.js             |  15 +-
>   ui/js/src/kimchi.guest_edit_main.js | 289 ++++++++++++++++++++++++------------
>   2 files changed, 201 insertions(+), 103 deletions(-)
>
> diff --git a/ui/js/src/kimchi.api.js b/ui/js/src/kimchi.api.js
> index 78c6d66..d868a4a 100644
> --- a/ui/js/src/kimchi.api.js
> +++ b/ui/js/src/kimchi.api.js
> @@ -1087,14 +1087,21 @@ var kimchi = {
>           });
>       },
>
> -    getHostUsers : function(suc, err) {
> +    getHostUsers : function(usr_data, suc, err) {
> +        var usr = usr_data ? '?_user_id='+usr_data.user_id : '';

Let's rename it to "GetUsers" or if you want to differ from PAM, use 
"GetUserById"

> +        var handler = function(data) {
> +            if (usr_data) {
> +                data['_kimchi_user'] = usr_data.user_id;
> +            }
> +            suc(data);
> +        }
>           kimchi.requestJSON({
> -            url : kimchi.url + 'host/users',
> +            url : kimchi.url + '/users' + usr,
>               type : 'GET',
>               contentType : 'application/json',
>               dataType : 'json',
>               resend : true,
> -            success : suc,
> +            success : handler,
>               error : err ? err : function(data) {
>                   kimchi.message.error(data.responseJSON.reason);
>               }
> @@ -1103,7 +1110,7 @@ var kimchi = {
>
>       getHostGroups : function(suc, err) {
>           kimchi.requestJSON({
> -            url : kimchi.url + 'host/groups',

Same here.

> +            url : kimchi.url + '/groups',
>               type : 'GET',
>               contentType : 'application/json',
>               dataType : 'json',
> diff --git a/ui/js/src/kimchi.guest_edit_main.js b/ui/js/src/kimchi.guest_edit_main.js
> index 9d87a73..ad0c976 100644
> --- a/ui/js/src/kimchi.guest_edit_main.js
> +++ b/ui/js/src/kimchi.guest_edit_main.js
> @@ -35,6 +35,7 @@ kimchi.guest_edit_main = function() {
>
>       var guestEditForm = $('#form-guest-edit-general');
>       var saveButton = $('#guest-edit-button-save');
> +    var authType;
>
>       var refreshCDROMs = function() {
>           kimchi.listVMStorages({
> @@ -42,7 +43,6 @@ kimchi.guest_edit_main = function() {
>           }, function(storages) {
>               var container = $('#form-guest-edit-storage .body');
>               $(container).empty();
> -
>               $.each(storages, function(index, storage) {
>                   storage['vm'] = kimchi.selectedGuest;
>                   rowHTML = $('#' + storage['type'] + '-row-tmpl').html();
> @@ -256,107 +256,180 @@ kimchi.guest_edit_main = function() {
>       };
>
>       var setupPermission = function() {
> -        var userNodes = {}, groupNodes = {};
> -        kimchi.retrieveVM(kimchi.selectedGuest, function(vm){
> -            kimchi.getHostUsers(function(users){
> -                kimchi.getHostGroups(function(groups){
> -                    var subArray = function(a1, a2){ //a1-a2
> -                        for(var i=0; i<a2.length; i++){
> -                            for(var j=0; j<a1.length; j++){
> -                                if(a2[i] == a1[j]){
> -                                    a1.splice(j, 1);
> -                                    break;
> -                                }
> -                            }
> -                        }
> -                    };
> -                    subArray(users, vm.users); subArray(groups, vm.groups);
> -                    init(users, groups, vm.users, vm.groups);
> -                });
> +       //set up for LDAP
> +       $(".add", "#form-guest-edit-permission").button({
> +            icons: { primary: "ui-icon-plusthick" },
> +            text: false
> +        }).click(function(evt){
> +            evt.preventDefault();
> +            addItem({
> +                user: "",
> +                freeze: false,
> +                viewMode: "hide",
> +                editMode: "",
> +                checked: true
>               });
>           });
> -        var sortNodes = function(container, isUser){
> -            nodes = container.children();
> -            var keys = [];
> -            nodes.each(function(){
> -                keys.push($("label", this).text());
> +        var addItem = function(data) {
> +            var itemNode = $.parseHTML(kimchi.substitute($('#ldap-user-tmpl').html(),data));
> +            $(".body", "#form-guest-edit-permission .ldap").append(itemNode);
> +            $(".delete", itemNode).button({
> +                icons: { primary: "ui-icon-trash" },
> +                text: false
> +            }).click(function(evt){
> +                evt.preventDefault();
> +                var item = $(this).parent().parent();
> +                item.remove();
>               });
> -            keys.sort();
> -            container.empty();
> -            for(var i=0; i<keys.length; i++){
> -                var itemNode = isUser ? userNodes[keys[i]] : groupNodes[keys[i]];
> -                $(itemNode).click(function(){
> -                    $(this).toggleClass("item-picked");
> -                });
> -                container.append(itemNode);
> +            $("input").focusout(function() {
> +                var item = $(this).parent().parent();
> +                var user= $(this).val();
> +                item.prop("id", user);
> +                $("label", item).text(user);
> +            });
> +            $("input").focusin(function() {
> +                $(this).removeClass("checked");
> +            });
> +
> +            if (data.checked == true) {
> +                $(".checked", itemNode).addClass("hide");
>               }
>           };
> -        var init = function(availUsers, availGroups, selUsers, selGroups){
> -            var initNode = function(key, isUserNode){
> -                var nodeGroups = isUserNode ? userNodes : groupNodes;
> -                nodeGroups[key] = $.parseHTML(kimchi.substitute($('#permission-item').html(), {
> -                    val: key,
> -                    class: isUserNode? "user-icon" : "group-icon"
> -                }));
> -            };
> -            for(var i=0; i<availUsers.length; i++){
> -                initNode(availUsers[i], true);
> -                $("#permission-avail-users").append(userNodes[availUsers[i]]);
> -                sortNodes($("#permission-avail-users"), true);
> +        var toggleEdit = function(item, on){
> +            $("label", item).toggleClass("hide", on);
> +            $("input", item).toggleClass("hide", !on);
> +            $(".action-area", item).toggleClass("hide");
> +        };
> +        //set up for PAM
> +        var userNodes = {}, groupNodes = {};
> +        kimchi.getCapabilities(function(result) {

The capabilities values are cached on kimchi.capabilities variable so 
you don't need to request it again.

You can check kimchi.host.js for details on how use the 
kimchi.capabilities variable.

> +            authType = result.auth;
> +            if (authType == 'pam') {
> +                $("#form-guest-edit-permission .ldap").hide();
> +                kimchi.retrieveVM(kimchi.selectedGuest, function(vm){
> +                    kimchi.getHostUsers(undefined, function(users){
> +                        kimchi.getHostGroups(function(groups){
> +                            var subArray = function(a1, a2){ //a1-a2
> +                                for(var i=0; i<a2.length; i++){
> +                                    for(var j=0; j<a1.length; j++){
> +                                        if(a2[i] == a1[j]){
> +                                            a1.splice(j, 1);
> +                                            break;
> +                                        }
> +                                    }
> +                                }
> +                            };
> +                            subArray(users, vm.users); subArray(groups, vm.groups);
> +                            init(users, groups, vm.users, vm.groups);
> +                        });
> +                    });
> +                });
>               }
> -            for(var i=0; i<selUsers.length; i++){
> -                initNode(selUsers[i], true);
> -                $("#permission-sel-users").append(userNodes[selUsers[i]]);
> -                sortNodes($("#permission-sel-users"), true);
> +            else if (authType == 'ldap') {
> +                $("#form-guest-edit-permission .pam").hide();
> +                kimchi.retrieveVM(kimchi.selectedGuest, function(vm){
> +                    for (var i=0; i<vm.users.length; i++) {
> +                        var user = {'user_id' :vm.users[i]};
> +                        kimchi.getHostUsers(user, function(data) {
> +                            addItem({
> +                                user: data._kimchi_user,
> +                                viewMode: "",
> +                                freeze: true,
> +                                editMode: "hide",
> +                                checked: true});
> +                        }, function (data) {
> +                            addItem({
> +                                user: data._kimchi_user,
> +                                viewMode: "",
> +                                freeze: true,
> +                                editMode: "hide",
> +                                checked: false});
> +                        });
> +                    }
> +                });
>               }
> -            for(var i=0; i<availGroups.length; i++){
> -                initNode(availGroups[i], false);
> -                $("#permission-avail-groups").append(groupNodes[availGroups[i]]);
> -                sortNodes($("#permission-avail-groups"), false);
> +            var sortNodes = function(container, isUser){
> +                nodes = container.children();
> +                var keys = [];
> +                nodes.each(function(){
> +                    keys.push($("label", this).text());
> +                });
> +                keys.sort();
> +                container.empty();
> +                for(var i=0; i<keys.length; i++){
> +                    var itemNode = isUser ? userNodes[keys[i]] : groupNodes[keys[i]];
> +                    $(itemNode).click(function(){
> +                        $(this).toggleClass("item-picked");
> +                    });
> +                    container.append(itemNode);
> +                }
> +            };
> +            var init = function(availUsers, availGroups, selUsers, selGroups){
> +                var initNode = function(key, isUserNode){
> +                    var nodeGroups = isUserNode ? userNodes : groupNodes;
> +                    nodeGroups[key] = $.parseHTML(kimchi.substitute($('#permission-item-pam').html(), {
> +                        val: key,
> +                        class: isUserNode? "user-icon" : "group-icon"
> +                    }));
> +                };
> +                for(var i=0; i<availUsers.length; i++){
> +                    initNode(availUsers[i], true);
> +                    $("#permission-avail-users").append(userNodes[availUsers[i]]);
> +                    sortNodes($("#permission-avail-users"), true);
> +                }
> +                for(var i=0; i<selUsers.length; i++){
> +                    initNode(selUsers[i], true);
> +                    $("#permission-sel-users").append(userNodes[selUsers[i]]);
> +                    sortNodes($("#permission-sel-users"), true);
> +                }
> +                for(var i=0; i<availGroups.length; i++){
> +                    initNode(availGroups[i], false);
> +                    $("#permission-avail-groups").append(groupNodes[availGroups[i]]);
> +                    sortNodes($("#permission-avail-groups"), false);
> +                }
> +                for(var i=0; i<selGroups.length; i++){
> +                    initNode(selGroups[i], false);
> +                    $("#permission-sel-groups").append(groupNodes[selGroups[i]]);
> +                    sortNodes($("#permission-sel-groups"), false);
> +                }
> +            };
> +            var filterNodes = function(key, container){
> +                container.children().each(function(){
> +                    $(this).css("display", $("label", this).text().indexOf(key)==-1 ? "none" : "");
> +                });
>               }
> -            for(var i=0; i<selGroups.length; i++){
> -                initNode(selGroups[i], false);
> -                $("#permission-sel-groups").append(groupNodes[selGroups[i]]);
> +            $("#permission-avail-searchBox").on("keyup", function() {
> +                var key = $(this).val();
> +                filterNodes(key, $("#permission-avail-users"));
> +                filterNodes(key, $("#permission-avail-groups"));
> +            });
> +            $("#permission-sel-searchBox").on("keyup", function() {
> +                var key = $(this).val();
> +                filterNodes(key, $("#permission-sel-users"));
> +                filterNodes(key, $("#permission-sel-groups"));
> +            });
> +            $('#permissionGo').button().click(function(evt) {
> +                evt.preventDefault();
> +                $("#permission-avail-users").children(".item-picked").appendTo("#permission-sel-users").removeClass("item-picked");
> +                sortNodes($("#permission-sel-users"), true);
> +                $("#permission-avail-groups").children(".item-picked").appendTo("#permission-sel-groups").removeClass("item-picked");
>                   sortNodes($("#permission-sel-groups"), false);
> -            }
> -        };
> -        var filterNodes = function(key, container){
> -            container.children().each(function(){
> -                $(this).css("display", $("label", this).text().indexOf(key)==-1 ? "none" : "");
> +                $("#permission-sel-searchBox").val("");
> +                filterNodes("", $("#permission-sel-users"));
> +                filterNodes("", $("#permission-sel-groups"));
> +            });
> +            $('#permissionBack').button().click(function(evt) {
> +                evt.preventDefault();
> +                $("#permission-sel-users").children(".item-picked").appendTo("#permission-avail-users").removeClass("item-picked");
> +                sortNodes($("#permission-avail-users"), true);
> +                $("#permission-sel-groups").children(".item-picked").appendTo("#permission-avail-groups").removeClass("item-picked");
> +                sortNodes($("#permission-avail-groups"), false);
> +                $("#permission-avail-searchBox").val("");
> +                filterNodes("", $("#permission-avail-users"));
> +                filterNodes("", $("#permission-avail-groups"));
>               });
> -        }
> -        $("#permission-avail-searchBox").on("keyup", function() {
> -            var key = $(this).val();
> -            filterNodes(key, $("#permission-avail-users"));
> -            filterNodes(key, $("#permission-avail-groups"));
> -        });
> -        $("#permission-sel-searchBox").on("keyup", function() {
> -            var key = $(this).val();
> -            filterNodes(key, $("#permission-sel-users"));
> -            filterNodes(key, $("#permission-sel-groups"));
> -        });
> -        $('#permissionGo').button().click(function(evt) {
> -            evt.preventDefault();
> -            $("#permission-avail-users").children(".item-picked").appendTo("#permission-sel-users").removeClass("item-picked");
> -            sortNodes($("#permission-sel-users"), true);
> -            $("#permission-avail-groups").children(".item-picked").appendTo("#permission-sel-groups").removeClass("item-picked");
> -            sortNodes($("#permission-sel-groups"), false);
> -            $("#permission-sel-searchBox").val("");
> -            filterNodes("", $("#permission-sel-users"));
> -            filterNodes("", $("#permission-sel-groups"));
> -        });
> -        $('#permissionBack').button().click(function(evt) {
> -            evt.preventDefault();
> -            $("#permission-sel-users").children(".item-picked").appendTo("#permission-avail-users").removeClass("item-picked");
> -            sortNodes($("#permission-avail-users"), true);
> -            $("#permission-sel-groups").children(".item-picked").appendTo("#permission-avail-groups").removeClass("item-picked");
> -            sortNodes($("#permission-avail-groups"), false);
> -            $("#permission-avail-searchBox").val("");
> -            filterNodes("", $("#permission-avail-users"));
> -            filterNodes("", $("#permission-avail-groups"));
>           });
> -    };
> -
> +    }
>       var setupPCIDevice = function(){
>           kimchi.getHostPCIDevices(function(hostPCIs){
>               kimchi.getVMPCIDevices(kimchi.selectedGuest, function(vmPCIs){
> @@ -531,14 +604,32 @@ kimchi.guest_edit_main = function() {
>
>       var permissionSubmit = function(event) {
>           var content = { users: [], groups: [] };
> -        $("#permission-sel-users").children().each(function(){
> -            content.users.push($("label", this).text());
> -        });
> -        $("#permission-sel-groups").children().each(function(){
> -            content.groups.push($("label", this).text());
> -        });
> -        kimchi.updateVM(kimchi.selectedGuest, content, function(){
> -            kimchi.window.close();
> +        kimchi.getCapabilities(function(result) {
> +            authType = result.auth;
> +            if (authType == 'pam') {
> +                $("#permission-sel-users").children().each(function(){
> +                    content.users.push($("label", this).text());
> +                });
> +                $("#permission-sel-groups").children().each(function(){
> +                    content.groups.push($("label", this).text());
> +                });
> +            }
> +            else if (authType == 'ldap') {
> +                $(".body","#form-guest-edit-permission .ldap").children().each(function () {
> +                    var user = {'user_id': $(this).attr("id")};
> +                    var tmp = $(this);
> +                    kimchi.getHostUsers(user, function(data) {
> +                            $("label", tmp).toggleClass("hide", false);
> +                            $("input", tmp).toggleClass("hide", true);
> +                        }, function (data) {
> +                            $("input", tmp).addClass("checked");
> +                    });
> +                    content.users.push($(this).attr("id"));
> +                });
> +           }
> +           kimchi.updateVM(kimchi.selectedGuest, content, function(){
> +               kimchi.window.close();
> +           });
>           });
>       }
>




More information about the Kimchi-devel mailing list