Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 717281 Details for
Bug 846451
Users with just Resource Group access cannot access alerts on their Groups
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
patch to resolve 846581 plus one other issue
rhq-846451-patch.txt (text/plain), 8.11 KB, created by
Mark Addy
on 2013-03-27 20:34:28 UTC
(
hide
)
Description:
patch to resolve 846581 plus one other issue
Filename:
MIME Type:
Creator:
Mark Addy
Created:
2013-03-27 20:34:28 UTC
Size:
8.11 KB
patch
obsolete
>diff --git a/modules/enterprise/gui/coregui/src/main/java/org/rhq/enterprise/gui/coregui/client/alert/AlertHistoryView.java b/modules/enterprise/gui/coregui/src/main/java/org/rhq/enterprise/gui/coregui/client/alert/AlertHistoryView. >index 9f28987..99fe3c4 100644 >--- a/modules/enterprise/gui/coregui/src/main/java/org/rhq/enterprise/gui/coregui/client/alert/AlertHistoryView.java >+++ b/modules/enterprise/gui/coregui/src/main/java/org/rhq/enterprise/gui/coregui/client/alert/AlertHistoryView.java >@@ -21,10 +21,13 @@ package org.rhq.enterprise.gui.coregui.client.alert; > > import java.util.ArrayList; > import java.util.Arrays; >+import java.util.Collection; > import java.util.LinkedHashMap; >+import java.util.List; > > import com.google.gwt.user.client.rpc.AsyncCallback; > import com.smartgwt.client.data.Criteria; >+import com.smartgwt.client.data.Record; > import com.smartgwt.client.data.ResultSet; > import com.smartgwt.client.data.SortSpecifier; > import com.smartgwt.client.types.SortDirection; >@@ -36,6 +39,7 @@ import com.smartgwt.client.widgets.grid.ListGridField; > import com.smartgwt.client.widgets.grid.ListGridRecord; > > import org.rhq.core.domain.alert.AlertPriority; >+import org.rhq.core.domain.authz.Permission; > import org.rhq.core.domain.common.EntityContext; > import org.rhq.core.domain.criteria.AlertCriteria; > import org.rhq.enterprise.gui.coregui.client.CoreGUI; >@@ -43,7 +47,8 @@ import org.rhq.enterprise.gui.coregui.client.IconEnum; > import org.rhq.enterprise.gui.coregui.client.ImageManager; > import org.rhq.enterprise.gui.coregui.client.components.form.DateFilterItem; > import org.rhq.enterprise.gui.coregui.client.components.form.EnumSelectItem; >-import org.rhq.enterprise.gui.coregui.client.components.table.AbstractTableAction; >+import org.rhq.enterprise.gui.coregui.client.components.table.RecordExtractor; >+import org.rhq.enterprise.gui.coregui.client.components.table.ResourceAuthorizedTableAction; > import org.rhq.enterprise.gui.coregui.client.components.table.TableAction; > import org.rhq.enterprise.gui.coregui.client.components.table.TableActionEnablement; > import org.rhq.enterprise.gui.coregui.client.components.table.TableSection; >@@ -162,17 +167,52 @@ public class AlertHistoryView extends TableSection<AlertDataSource> implements H > } > > protected void setupTableInteractions(final boolean hasWriteAccess) { >- TableActionEnablement singleTargetEnablement = hasWriteAccess ? TableActionEnablement.ANY >- : TableActionEnablement.NEVER; > >- addTableAction(MSG.common_button_delete(), MSG.view_alerts_delete_confirm(), new AbstractTableAction( >- singleTargetEnablement) { >+ addTableAction(MSG.common_button_delete(), MSG.view_alerts_delete_confirm(), new ResourceAuthorizedTableAction( >+ AlertHistoryView.this, TableActionEnablement.ANY, Permission.MANAGE_ALERTS, new RecordExtractor<Integer>() { >+ public Collection<Integer> extract(Record[] records) { >+ List<Integer> result = new ArrayList<Integer>(records.length); >+ for (Record record : records) { >+ result.add(record.getAttributeAsInt("resourceId")); >+ } >+ return result; >+ } >+ }) { >+ >+ @Override >+ public boolean isEnabled(ListGridRecord[] selection) { >+ if (hasWriteAccess) { >+ return true; >+ } >+ return super.isEnabled(selection); >+ } >+ >+ @Override > public void executeAction(ListGridRecord[] selection, Object actionValue) { > delete(selection); > } > }); >- addTableAction(MSG.common_button_ack(), MSG.view_alerts_ack_confirm(), new AbstractTableAction( >- singleTargetEnablement) { >+ >+ addTableAction(MSG.common_button_ack(), MSG.view_alerts_ack_confirm(), new ResourceAuthorizedTableAction( >+ AlertHistoryView.this, TableActionEnablement.ANY, Permission.MANAGE_ALERTS, new RecordExtractor<Integer>() { >+ public Collection<Integer> extract(Record[] records) { >+ List<Integer> result = new ArrayList<Integer>(records.length); >+ for (Record record : records) { >+ result.add(record.getAttributeAsInt("resourceId")); >+ } >+ return result; >+ } >+ }) { >+ >+ @Override >+ public boolean isEnabled(ListGridRecord[] selection) { >+ if (hasWriteAccess) { >+ return true; >+ } >+ return super.isEnabled(selection); >+ } >+ >+ @Override > public void executeAction(ListGridRecord[] selection, Object actionValue) { > acknowledge(selection); > } >diff --git a/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/alert/AlertDefinitionManagerBean.java b/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/alert/AlertDefinitionManagerBean.java >index 7105d7f..5de2b2d 100644 >--- a/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/alert/AlertDefinitionManagerBean.java >+++ b/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/alert/AlertDefinitionManagerBean.java >@@ -784,7 +784,7 @@ public class AlertDefinitionManagerBean implements AlertDefinitionManagerLocal, > if (!authorizationManager.isInventoryManager(subject) && !criteria.isTemplateCriteria()) { > > // otherwise, for group alert defs ensure group view authz and for everything else, assume resource view authz >- AuthorizationTokenType tokenType = criteria.isGroupCriteria() ? AuthorizationTokenType.GROUP >+ AuthorizationTokenType tokenType = criteria.isGroupCriteria() ? AuthorizationTokenType.RESOURCE_GROUP > : AuthorizationTokenType.RESOURCE; > > generator.setAuthorizationResourceFragment(tokenType, subject.getId()); >diff --git a/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/util/CriteriaQueryGenerator.java b/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/util/CriteriaQueryGenerator.java >index 8f0d2cc..3d0ac55 100644 >--- a/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/util/CriteriaQueryGenerator.java >+++ b/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/util/CriteriaQueryGenerator.java >@@ -68,7 +68,8 @@ public final class CriteriaQueryGenerator { > > public enum AuthorizationTokenType { > RESOURCE, // specifies the resource alias to join on for standard res-group-role-subject authorization checking >- GROUP; // specifies the group alias to join on for standard group-role-subject authorization checking >+ GROUP, // specifies the group alias to join on for standard group-role-subject authorization checking >+ RESOURCE_GROUP; // specifies the group alias to join on for non standard group-role-subject authorization checking (AlertDefinition) > } > > private Criteria criteria; >@@ -120,6 +121,8 @@ public final class CriteriaQueryGenerator { > defaultFragment = "resource"; > } else if (type == AuthorizationTokenType.GROUP) { > defaultFragment = "group"; >+ } else if (type == AuthorizationTokenType.RESOURCE_GROUP) { >+ defaultFragment = "resourceGroup"; > } > setAuthorizationResourceFragment(type, defaultFragment, subjectId); > } >@@ -165,7 +168,7 @@ public final class CriteriaQueryGenerator { > this.authorizationSubjectId = subjectId; > if (type == AuthorizationTokenType.RESOURCE) { > setAuthorizationCustomConditionFragment(getEnhancedResourceAuthorizationWhereFragment(fragment, subjectId)); >- } else if (type == AuthorizationTokenType.GROUP) { >+ } else if (type == AuthorizationTokenType.GROUP || type == AuthorizationTokenType.RESOURCE_GROUP) { > // support for: 1) role-based for groups, 2) role-based for containing cluster groups, 3) private groups > setAuthorizationCustomConditionFragment(getEnhancedGroupAuthorizationWhereFragment(fragment, subjectId)); > } else { >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=717281">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 846451
: 717281 |
762536
|
762538
|
803399