Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dashboard services - add missing rbac #3901

Merged
merged 2 commits into from
May 15, 2018
Merged

Dashboard services - add missing rbac #3901

merged 2 commits into from
May 15, 2018

Conversation

himdel
Copy link
Contributor

@himdel himdel commented May 4, 2018
edited
Loading

All the dashboard services have missing RBAC now:

ContainerProjectDashboard does:

  def initialize(project_id, controller)
     @project_id = project_id
     @project = ContainerProject.find(@project_id)

and is initialized from ContainerDashboardController like...

  def collect_project_data(project_id)
    ContainerProjectDashboardService.new(project_id, self).all_data
  end

called as

  def project_data
    render :json => {:data => collect_project_data(params[:id]) }
  end

(project_data being the endpoint).

Similar thing happens in the other dashboard service/controller pairs.

Fixing that :)

The change is just
:s/\([A-Z][a-zA-Z:]\+\).find(\([^)]*\))/find_record_with_rbac(\1, \2)

Thanks @skateman, @felipedf for noticing.

@himdel himdel mentioned this pull request May 4, 2018
Merged
skateman
skateman approved these changes May 4, 2018
View reviewed changes
Copy link
Member

@skateman skateman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Seal of Approval

@himdel
Dashboard services - add missing rbac
2a67164 
:s/\([A-Z][a-zA-Z:]\+\).find(\([^)]*\))/find_record_with_rbac(\1, \2)
@mzazrivec
Copy link
Contributor

@himdel The CI failures seem related:

undefined method 'find_record_with_rbac' for #<ContainerDashboardService

@himdel
Copy link
Contributor Author

himdel commented May 14, 2018

Aah thanks, forgot to include the mixin :)

Added.

felipedf
felipedf reviewed May 14, 2018
View reviewed changes
Copy link
Member

@felipedf felipedf left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@himdel CheckedIdMixin is defined inside the Mixins module so you might wanna do include Mixins::CheckedIdMixin instead.
Also is there any convention/rule that prevent us from including this on the super class DashboardService that I am not aware of? pure curiosity 😄

@himdel
Dashboard services - use if ...present instead of unless ...blank
d020a34 
+ include CheckedIdMixin to be able to use find_record_with_rbac
@himdel
Copy link
Contributor Author

himdel commented May 14, 2018

@fbladilo Thanks for noticing, fixed :)

Also is there any convention/rule that prevent us from including this on the super class DashboardService that I am not aware of? pure curiosity smile

Well, DashboardService is not the class using it. So we can add it somewhere which will not use it and rely on other code inheriting from there .. or we can add it to the places actually using it, reducing confusion and the burden for future refactoring :). But you're right, there's no technical reason this would not work on DashboardService now.

@miq-bot
Copy link
Member

miq-bot commented May 14, 2018

Checked commits https://github.com/himdel/manageiq-ui-classic/compare/2a67164f151d5acc4d2d4c4bdcd34d48107b0637~...d020a346eacce2dcb56d37e314e488783c099b38 with ruby 2.3.3, rubocop 0.52.1, haml-lint 0.20.0, and yamllint 1.10.0
3 files checked, 0 offenses detected
Everything looks fine. ⭐

@mzazrivec mzazrivec self-assigned this May 15, 2018
@mzazrivec mzazrivec added this to the Sprint 86 Ending May 21, 2018 milestone May 15, 2018
@mzazrivec mzazrivec merged commit b612b8f into ManageIQ:master May 15, 2018
@himdel himdel deleted the dashboard-rbac branch May 15, 2018 10:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felipedf felipedf felipedf left review comments

@skateman skateman skateman approved these changes

Assignees

@mzazrivec mzazrivec

Labels
bug dashboards
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@himdel @mzazrivec @miq-bot @skateman @felipedf