tenant view only shows sites the user should be able to see
Scott Baker [Wed, 21 Jan 2015 01:02:53 +0000 (17:02 -0800)]
planetstack/core/xoslib/methods/sliceplus.py
planetstack/core/xoslib/static/js/xosDeveloper_datatables.js
planetstack/core/xoslib/static/js/xosTenant.js
planetstack/core/xoslib/static/js/xoslib/xos-backbone.js
planetstack/core/xoslib/static/js/xoslib/xosHelper.js

index 4d15d41..9e93e6d 100644 (file)
@@ -45,6 +45,14 @@ class SlicePlusIdSerializer(serializers.ModelSerializer, PlusSerializerMixin):
         site_allocation = DictionaryField(required=False)\r
         users = ListField(required=False)\r
         user_names = ListField(required=False) # readonly = True ?\r
+        current_user_can_see = serializers.SerializerMethodField("getCurrentUserCanSee")\r
+\r
+        def getCurrentUserCanSee(self, slice):\r
+            # user can 'see' the slice if he is the creator or he has a role\r
+            current_user = self.context['request'].user\r
+            if (slice.creator and slice.creator==current_user):\r
+                return True;\r
+            return (len(slice.getSliceInfo(current_user)["roles"]) > 0)\r
 \r
         def getSliceInfo(self, slice):\r
             return slice.getSliceInfo(user=self.context['request'].user)\r
@@ -58,9 +66,9 @@ class SlicePlusIdSerializer(serializers.ModelSerializer, PlusSerializerMixin):
             model = SlicePlus\r
             fields = ('humanReadableName', 'id','created','updated','enacted','name','enabled','omf_friendly','description','slice_url','site','max_slivers','service','network','mount_data_sets',
                       'default_image', 'default_flavor',
-                      'serviceClass','creator','networks','sliceInfo','network_ports','backendIcon','backendHtml','site_allocation','users',"user_names")
+                      'serviceClass','creator','networks','sliceInfo','network_ports','backendIcon','backendHtml','site_allocation','users',"user_names","current_user_can_see")
 
-class SlicePlusList(PlusListCreateAPIView): #generics.ListCreateAPIView):
+class SlicePlusList(PlusListCreateAPIView):
     queryset = SlicePlus.objects.select_related().all()
     serializer_class = SlicePlusIdSerializer
 
@@ -68,7 +76,22 @@ class SlicePlusList(PlusListCreateAPIView): #generics.ListCreateAPIView):
     method_name = "slicesplus"
 
     def get_queryset(self):
-        return SlicePlus.select_by_user(self.request.user)
+        current_user_can_see = self.request.QUERY_PARAMS.get('current_user_can_see', False)
+
+        slices = SlicePlus.select_by_user(self.request.user)
+
+        # If current_user_can_see is set, then filter the queryset to return
+        # only those slices that the user is either creator or has privilege
+        # on.
+        if (current_user_can_see):
+            slice_ids = []
+            for slice in slices:
+                if (self.request.user == slice.creator) or (len(slice.getSliceInfo(self.request.user)["roles"]) > 0):
+                    slice_ids.append(slice.id)
+
+            slices = SlicePlus.objects.filter(id__in=slice_ids)
+
+        return slices
 
 class SlicePlusDetail(PlusRetrieveUpdateDestroyAPIView):
     queryset = SlicePlus.objects.select_related().all()
index 4be4e0f..7d6ee3c 100644 (file)
         row = data.models[rowkey];
         slicename = row.get("name");
         sliceid = row.get("id");
-        role = row.get("sliceInfo").roles[0];
+        role = row.get("sliceInfo").roles[0] || "";
         slivercount = row.get("sliceInfo").sliverCount;
         sitecount = row.get("sliceInfo").siteCount;
         backendHtml = row.get("backendHtml")
 
-        if (! role) {
+        //if (! role) {
+        //    continue;
+        //}
+
+        if (! row.get("current_user_can_see") ) {
             continue;
         }
 
index ae6f955..0182f9f 100644 (file)
@@ -178,6 +178,9 @@ XOSTenantApp.buildViews = function() {
          sliceChanged: function(id) {\r
              XOSTenantApp.navToSlice(id);\r
          },\r
+         filter: function(slice) {\r
+             return slice.attributes.current_user_can_see;\r
+         },\r
      });\r
 \r
      xos.sites.fetch();\r
index d359f36..1ca1307 100644 (file)
@@ -319,18 +319,12 @@ if (! window.XOSLIB_LOADED ) {
                     var url = this.urlRoot || ( models && models.length && models[0].urlRoot );
                     url && ( url += ( url.length > 0 && url.charAt( url.length - 1 ) === '/' ) ? '' : '/' );
 
-                    // Build a url to retrieve a set of models. This assume the last part of each model's idAttribute
-                    // (set to 'resource_uri') contains the model's id.
-                    if ( models && models.length ) {
-                            var ids = _.map( models, function( model ) {
-                                            var parts = _.compact( model.id.split('/') );
-                                            return parts[ parts.length - 1 ];
-                                    });
-                            url += 'set/' + ids.join(';') + '/';
-                    }
-
                     url && ( url += "?no_hyperlinks=1" );
 
+                    if (this.currentUserCanSee) {
+                        url && ( url += "&current_user_can_see=1" );
+                    }
+
                     return url;
             },
 
@@ -364,6 +358,7 @@ if (! window.XOSLIB_LOADED ) {
     function define_model(lib, attrs) {
         modelName = attrs.modelName;
         modelClassName = modelName;
+        collectionClass = attrs.collectionClass || XOSCollection;
         collectionClassName = modelName + "Collection";
 
         if (!attrs.addFields) {
@@ -411,7 +406,7 @@ if (! window.XOSLIB_LOADED ) {
 
         collectionAttrs["model"] = lib[modelName];
 
-        lib[collectionClassName] = XOSCollection.extend(collectionAttrs);
+        lib[collectionClassName] = collectionClass.extend(collectionAttrs);
         lib[collectionName] = new lib[collectionClassName]();
 
         lib.allCollectionNames.push(collectionName);
@@ -692,7 +687,10 @@ if (! window.XOSLIB_LOADED ) {
                             detailFields: [],
                             });
 
-        this.tenant = function() { return this.tenantview.models[0].attributes; }
+        /* by default, have slicePlus only fetch the slices the user can see */
+        this.slicesPlus.currentUserCanSee = true;
+
+        this.tenant = function() { return this.tenantview.models[0].attributes; };
 
         this.listObjects = function() { return this.allCollectionNames; };
 
index 76254f6..7392843 100644 (file)
@@ -4,6 +4,21 @@ HTMLView = Marionette.ItemView.extend({
   },
 });
 
+FilteredCompositeView = Marionette.CompositeView.extend( {
+    showCollection: function() {
+      var ChildView;
+      this.collection.each(function(child, index) {
+        filterFunc = this.options.filter || this.filter;
+        if (filterFunc && !filterFunc(child)) {
+            return;
+        }
+        ChildView = this.getChildView(child);
+        this.addChild(child, ChildView, index);
+      }, this);
+
+    },
+});
+
 SliceSelectorOption = Marionette.ItemView.extend({
     template: "#xos-sliceselector-option",
     tagName: "option",
@@ -16,7 +31,7 @@ SliceSelectorOption = Marionette.ItemView.extend({
     },
 });
 
-SliceSelectorView = Marionette.CompositeView.extend({
+SliceSelectorView = FilteredCompositeView.extend({
     template: "#xos-sliceselector-select",
     childViewContainer: "select",
     childView: SliceSelectorOption,
@@ -39,20 +54,6 @@ SliceSelectorView = Marionette.CompositeView.extend({
     templateHelpers: function() { return {caption: this.options.caption || this.caption }; },
 });
 
-FilteredCompositeView = Marionette.CompositeView.extend( {
-    showCollection: function() {
-      var ChildView;
-      this.collection.each(function(child, index) {
-        if (this.filter && !this.filter(child)) {
-            return;
-        }
-        ChildView = this.getChildView(child);
-        this.addChild(child, ChildView, index);
-      }, this);
-
-    },
-});
-
 XOSRouter = Marionette.AppRouter.extend({
         initialize: function() {\r
             this.routeStack=[];\r