Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added RBAC check in catalog controller #887

Merged
merged 2 commits into from
Apr 3, 2017
Merged

Added RBAC check in catalog controller #887

merged 2 commits into from
Apr 3, 2017

Conversation

romanblanco
Copy link
Member

romanblanco
romanblanco commented Apr 3, 2017
View reviewed changes
app/controllers/catalog_controller.rb Outdated
@@ -707,7 +707,7 @@ def ot_copy_submit

def ot_remove_submit
assert_privileges("orchestration_template_remove")
checked = find_checked_items
checked = find_checked_ids_with_rbac(OrchestrationTemplate)
checked[0] = params[:id] if checked.blank? && params[:id]
elements = OrchestrationTemplate.where(:id => checked)
Copy link
Member Author

@romanblanco romanblanco Apr 3, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hm, looking at this, I'm thinking using find_checked_records_with_rbac may be better here. ☝️
That way I don't need to check params[:id] for RBAC too.

@miq-bot
Copy link
Member

miq-bot commented Apr 3, 2017

Checked commits romanblanco/manageiq-ui-classic@167e9b4~...7282a0c with ruby 2.2.6, rubocop 0.47.1, and haml-lint 0.20.0
2 files checked, 1 offense detected

app/controllers/application_controller.rb

@martinpovolny martinpovolny merged commit 4425e78 into ManageIQ:master Apr 3, 2017
@martinpovolny martinpovolny added this to the Sprint 58 Ending Apr 10, 2017 milestone Apr 3, 2017
@romanblanco romanblanco deleted the fix_rbac_catalog branch April 3, 2017 14:46
simaishi pushed a commit that referenced this pull request Apr 3, 2017
@martinpovolny @simaishi
Merge pull request #887 from romanblanco/fix_rbac_catalog
4aac31f 
Added RBAC check in catalog controller
(cherry picked from commit 4425e78)
@simaishi
Copy link
Contributor

simaishi commented Apr 3, 2017

Fine backport details:

$ git log -1
commit 4aac31fe59486d5d637a346c6eeb89e8d3fb5213
Author: Martin Povolny <mpovolny@redhat.com>
Date:   Mon Apr 3 16:05:13 2017 +0200

    Merge pull request #887 from romanblanco/fix_rbac_catalog
    
    Added RBAC check in catalog controller
    (cherry picked from commit 4425e7872fac2b41a4d838eec7e65bbe86281df0)

@martinpovolny martinpovolny mentioned this pull request Jun 6, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@martinpovolny martinpovolny

Labels
bug fine/backported rbac
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@romanblanco @miq-bot @simaishi @martinpovolny