tenant view only shows sites the user should be able to see
diff --git a/planetstack/core/xoslib/methods/sliceplus.py b/planetstack/core/xoslib/methods/sliceplus.py
index 4d15d41..9e93e6d 100644
--- a/planetstack/core/xoslib/methods/sliceplus.py
+++ b/planetstack/core/xoslib/methods/sliceplus.py
@@ -45,6 +45,14 @@
site_allocation = DictionaryField(required=False)
users = ListField(required=False)
user_names = ListField(required=False) # readonly = True ?
+ current_user_can_see = serializers.SerializerMethodField("getCurrentUserCanSee")
+
+ def getCurrentUserCanSee(self, slice):
+ # user can 'see' the slice if he is the creator or he has a role
+ current_user = self.context['request'].user
+ if (slice.creator and slice.creator==current_user):
+ return True;
+ return (len(slice.getSliceInfo(current_user)["roles"]) > 0)
def getSliceInfo(self, slice):
return slice.getSliceInfo(user=self.context['request'].user)
@@ -58,9 +66,9 @@
model = SlicePlus
fields = ('humanReadableName', 'id','created','updated','enacted','name','enabled','omf_friendly','description','slice_url','site','max_slivers','service','network','mount_data_sets',
'default_image', 'default_flavor',
- 'serviceClass','creator','networks','sliceInfo','network_ports','backendIcon','backendHtml','site_allocation','users',"user_names")
+ 'serviceClass','creator','networks','sliceInfo','network_ports','backendIcon','backendHtml','site_allocation','users',"user_names","current_user_can_see")
-class SlicePlusList(PlusListCreateAPIView): #generics.ListCreateAPIView):
+class SlicePlusList(PlusListCreateAPIView):
queryset = SlicePlus.objects.select_related().all()
serializer_class = SlicePlusIdSerializer
@@ -68,7 +76,22 @@
method_name = "slicesplus"
def get_queryset(self):
- return SlicePlus.select_by_user(self.request.user)
+ current_user_can_see = self.request.QUERY_PARAMS.get('current_user_can_see', False)
+
+ slices = SlicePlus.select_by_user(self.request.user)
+
+ # If current_user_can_see is set, then filter the queryset to return
+ # only those slices that the user is either creator or has privilege
+ # on.
+ if (current_user_can_see):
+ slice_ids = []
+ for slice in slices:
+ if (self.request.user == slice.creator) or (len(slice.getSliceInfo(self.request.user)["roles"]) > 0):
+ slice_ids.append(slice.id)
+
+ slices = SlicePlus.objects.filter(id__in=slice_ids)
+
+ return slices
class SlicePlusDetail(PlusRetrieveUpdateDestroyAPIView):
queryset = SlicePlus.objects.select_related().all()
diff --git a/planetstack/core/xoslib/static/js/xosDeveloper_datatables.js b/planetstack/core/xoslib/static/js/xosDeveloper_datatables.js
index 4be4e0f..7d6ee3c 100644
--- a/planetstack/core/xoslib/static/js/xosDeveloper_datatables.js
+++ b/planetstack/core/xoslib/static/js/xosDeveloper_datatables.js
@@ -12,12 +12,16 @@
row = data.models[rowkey];
slicename = row.get("name");
sliceid = row.get("id");
- role = row.get("sliceInfo").roles[0];
+ role = row.get("sliceInfo").roles[0] || "";
slivercount = row.get("sliceInfo").sliverCount;
sitecount = row.get("sliceInfo").siteCount;
backendHtml = row.get("backendHtml")
- if (! role) {
+ //if (! role) {
+ // continue;
+ //}
+
+ if (! row.get("current_user_can_see") ) {
continue;
}
diff --git a/planetstack/core/xoslib/static/js/xosTenant.js b/planetstack/core/xoslib/static/js/xosTenant.js
index ae6f955..0182f9f 100644
--- a/planetstack/core/xoslib/static/js/xosTenant.js
+++ b/planetstack/core/xoslib/static/js/xosTenant.js
@@ -178,6 +178,9 @@
sliceChanged: function(id) {
XOSTenantApp.navToSlice(id);
},
+ filter: function(slice) {
+ return slice.attributes.current_user_can_see;
+ },
});
xos.sites.fetch();
diff --git a/planetstack/core/xoslib/static/js/xoslib/xos-backbone.js b/planetstack/core/xoslib/static/js/xoslib/xos-backbone.js
index d359f36..1ca1307 100644
--- a/planetstack/core/xoslib/static/js/xoslib/xos-backbone.js
+++ b/planetstack/core/xoslib/static/js/xoslib/xos-backbone.js
@@ -319,18 +319,12 @@
var url = this.urlRoot || ( models && models.length && models[0].urlRoot );
url && ( url += ( url.length > 0 && url.charAt( url.length - 1 ) === '/' ) ? '' : '/' );
- // Build a url to retrieve a set of models. This assume the last part of each model's idAttribute
- // (set to 'resource_uri') contains the model's id.
- if ( models && models.length ) {
- var ids = _.map( models, function( model ) {
- var parts = _.compact( model.id.split('/') );
- return parts[ parts.length - 1 ];
- });
- url += 'set/' + ids.join(';') + '/';
- }
-
url && ( url += "?no_hyperlinks=1" );
+ if (this.currentUserCanSee) {
+ url && ( url += "¤t_user_can_see=1" );
+ }
+
return url;
},
@@ -364,6 +358,7 @@
function define_model(lib, attrs) {
modelName = attrs.modelName;
modelClassName = modelName;
+ collectionClass = attrs.collectionClass || XOSCollection;
collectionClassName = modelName + "Collection";
if (!attrs.addFields) {
@@ -411,7 +406,7 @@
collectionAttrs["model"] = lib[modelName];
- lib[collectionClassName] = XOSCollection.extend(collectionAttrs);
+ lib[collectionClassName] = collectionClass.extend(collectionAttrs);
lib[collectionName] = new lib[collectionClassName]();
lib.allCollectionNames.push(collectionName);
@@ -692,7 +687,10 @@
detailFields: [],
});
- this.tenant = function() { return this.tenantview.models[0].attributes; }
+ /* by default, have slicePlus only fetch the slices the user can see */
+ this.slicesPlus.currentUserCanSee = true;
+
+ this.tenant = function() { return this.tenantview.models[0].attributes; };
this.listObjects = function() { return this.allCollectionNames; };
diff --git a/planetstack/core/xoslib/static/js/xoslib/xosHelper.js b/planetstack/core/xoslib/static/js/xoslib/xosHelper.js
index 76254f6..7392843 100644
--- a/planetstack/core/xoslib/static/js/xoslib/xosHelper.js
+++ b/planetstack/core/xoslib/static/js/xoslib/xosHelper.js
@@ -4,6 +4,21 @@
},
});
+FilteredCompositeView = Marionette.CompositeView.extend( {
+ showCollection: function() {
+ var ChildView;
+ this.collection.each(function(child, index) {
+ filterFunc = this.options.filter || this.filter;
+ if (filterFunc && !filterFunc(child)) {
+ return;
+ }
+ ChildView = this.getChildView(child);
+ this.addChild(child, ChildView, index);
+ }, this);
+
+ },
+});
+
SliceSelectorOption = Marionette.ItemView.extend({
template: "#xos-sliceselector-option",
tagName: "option",
@@ -16,7 +31,7 @@
},
});
-SliceSelectorView = Marionette.CompositeView.extend({
+SliceSelectorView = FilteredCompositeView.extend({
template: "#xos-sliceselector-select",
childViewContainer: "select",
childView: SliceSelectorOption,
@@ -39,20 +54,6 @@
templateHelpers: function() { return {caption: this.options.caption || this.caption }; },
});
-FilteredCompositeView = Marionette.CompositeView.extend( {
- showCollection: function() {
- var ChildView;
- this.collection.each(function(child, index) {
- if (this.filter && !this.filter(child)) {
- return;
- }
- ChildView = this.getChildView(child);
- this.addChild(child, ChildView, index);
- }, this);
-
- },
-});
-
XOSRouter = Marionette.AppRouter.extend({
initialize: function() {
this.routeStack=[];