Commit b9123de7 authored by Roberto P. Rubio's avatar Roberto P. Rubio
Browse files

Settings for integer type grants

parent 93643237
......@@ -1077,10 +1077,10 @@ sub _add_grants($self) {
$self->_add_grant('screenshot', 1,"Can get a screenshot of own virtual machines.");
$self->_add_grant('start_many',0,"Can have more than one machine started.");
$self->_add_grant('expose_ports',0,"Can expose virtual machine ports.");
$self->_add_grant('start_limit',0,"can have their own limit on started machines.");
$self->_add_grant('start_limit',0,"can have their own limit on started machines.", 1);
}
sub _add_grant($self, $grant, $allowed, $description) {
sub _add_grant($self, $grant, $allowed, $description, $is_int = 0) {
my $sth = $CONNECTOR->dbh->prepare(
"SELECT id, description FROM grant_types WHERE name=?"
);
......@@ -1097,9 +1097,9 @@ sub _add_grant($self, $grant, $allowed, $description) {
}
return if $id;
$sth = $CONNECTOR->dbh->prepare("INSERT INTO grant_types (name, description)"
." VALUES (?,?)");
$sth->execute($grant, $description);
$sth = $CONNECTOR->dbh->prepare("INSERT INTO grant_types (name, description, is_int)"
." VALUES (?,?,?)");
$sth->execute($grant, $description, $is_int);
$sth->finish;
$sth = $CONNECTOR->dbh->prepare("SELECT id FROM grant_types WHERE name=?");
......@@ -1644,6 +1644,8 @@ sub _upgrade_tables {
$self->_upgrade_table('domain_ports', 'is_active','int(1) DEFAULT 0');
$self->_upgrade_table('messages','date_changed','timestamp DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP');
$self->_upgrade_table('grant_types', 'is_int', 'int DEFAULT 0');
}
sub _upgrade_timestamps($self) {
......
......@@ -613,7 +613,6 @@ sub can_do($self, $grant) {
if $grant !~ /^[a-z_]+$/;
return $self->{_grant}->{$grant} if defined $self->{_grant}->{$grant};
confess "Unknown permission '$grant'. Maybe you are using an old release.\n"
."Try removing the table grant_types and start rvd_back again:\n"
."mysql> drop table grant_types;\n"
......@@ -672,7 +671,7 @@ sub _load_grants($self) {
my $sth;
eval { $sth= $$CON->dbh->prepare(
"SELECT gt.name, gu.allowed, gt.enabled"
"SELECT gt.name, gu.allowed, gt.enabled, gt.is_int"
." FROM grant_types gt LEFT JOIN grants_user gu "
." ON gt.id = gu.id_grant "
." AND gu.id_user=?"
......@@ -680,8 +679,8 @@ sub _load_grants($self) {
$sth->execute($self->id);
};
confess $@ if $@;
my ($name, $allowed, $enabled);
$sth->bind_columns(\($name, $allowed, $enabled));
my ($name, $allowed, $enabled, $is_int);
$sth->bind_columns(\($name, $allowed, $enabled, $is_int));
while ($sth->fetch) {
my $grant_alias = $self->_grant_alias($name);
......
......@@ -1062,14 +1062,15 @@ any '/admin/user/(:id).(:type)' => sub {
my %grant;
for my $param_name (@{$c->req->params->names}) {
if ( $param_name =~ /^perm_(.*)/ ) {
$grant{$1} = 1;
my $max = defined($c->req->params->param('max_perm_' . $1)) ? $c->req->params->param('max_perm_' . $1) : 1;
$grant{$1} = $max > 1 ? $max : 1;
} elsif ($param_name =~ /^off_perm_(.*)/) {
$grant{$1} = 0 if !exists $grant{$1};
}
}
for my $perm (keys %grant) {
if ( $grant{$perm} ) {
$USER->grant($user, $perm);
$USER->grant($user, $perm, $grant{$perm});
} else {
$USER->revoke($user, $perm);
}
......
......@@ -21,7 +21,7 @@ INSERT INTO grant_types(name,description) VALUES('remove_clone_all',"can remove
INSERT INTO grant_types(name,description) VALUES('hibernate_clone_all',"can hibernate any clone.");
/* Special users should be allowed these */
INSERT INTO grant_types(name,description) VALUES('start_limit',"can have their own limit on started machines."); /* the value in grants_user will be the maximum number of concurrent machines instead of a boolean */
INSERT INTO grant_types(name,description, is_int) VALUES('start_limit',"can have their own limit on started machines.", 1); /* the value in grants_user will be the maximum number of concurrent machines instead of a boolean */
/* admins should be allowed these */
INSERT INTO grant_types(name,description) VALUES('clone_all',"can clone any virtual machine.");
......
......@@ -2,12 +2,15 @@
<div class="card-body">
<form method="post">
% for my $perm ($_user->list_all_permissions) {
% my $checked = '';
% $checked = 'checked' if $user->can_do($perm->{name});
% my $can_do = $user->can_do($perm->{name});
% my $checked = $can_do ? 'checked' : '';
<input type="checkbox" <%= $checked %>
name="perm_<%= $perm->{name} %>">
<input type="hidden" name="off_perm_<%= $perm->{name} %>" value="off">
<label for="perm_<%= $perm->{name} %>"><%= $perm->{name} %>: <%=l($perm->{description}) %></label><br/>
% if ($perm->{is_int} != 0) {
<input type="number" name="max_perm_<%= $perm->{name} %>" min="1" value="<%= $can_do %>" max="999" style="margin-left: 15px; margin-bottom: 10px"><br>
% }
% }
<button type="reset" class="btn btn-outline-secondary" onclick = "location='/admin/users'"><%=l 'Cancel' %></button>
<input type="submit" class="btn btn-primary" name="grant" value="<%=l 'Submit' %>">
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment