From 49fee5d79ac7be0b16a7c7976f4610c357420735 Mon Sep 17 00:00:00 2001 From: xieqiang2020 Date: Wed, 13 Jan 2021 19:46:31 +0800 Subject: [PATCH 1/2] Filter subnets when listing subnets, creating instance and ocp Signed-off-by: xieqiang2020 --- web/clui/routes/instance.go | 8 +----- web/clui/routes/openshift.go | 1 + web/clui/routes/subnet.go | 1 + web/clui/templates/instances_new.tmpl | 40 +++----------------------- web/clui/templates/openshifts_new.tmpl | 2 ++ web/clui/templates/subnets.tmpl | 2 ++ 6 files changed, 11 insertions(+), 43 deletions(-) diff --git a/web/clui/routes/instance.go b/web/clui/routes/instance.go index 81ab0fa6..92b3f3ea 100644 --- a/web/clui/routes/instance.go +++ b/web/clui/routes/instance.go @@ -990,6 +990,7 @@ func (v *InstanceView) New(c *macaron.Context, store session.Store) { c.Data["Keys"] = keys c.Data["Hypers"] = hypers c.Data["Zones"] = zones + c.Data["UserID"] = store.Get("uid").(int64) c.HTML(200, "instances_new") } @@ -1272,13 +1273,6 @@ func (v *InstanceView) Create(c *macaron.Context, store session.Store) { c.HTML(http.StatusBadRequest, "error") return } - permit, err = memberShip.CheckAdmin(model.Writer, "subnets", int64(primaryID)) - if !permit { - log.Println("Not authorized to access subnet") - c.Data["ErrorMsg"] = "Need Write permissions" - c.HTML(http.StatusBadRequest, "error") - return - } primaryIP := c.QueryTrim("primaryip") ipAddr := strings.Split(primaryIP, "/")[0] primaryMac := c.QueryTrim("primarymac") diff --git a/web/clui/routes/openshift.go b/web/clui/routes/openshift.go index ee054d18..1f152f01 100644 --- a/web/clui/routes/openshift.go +++ b/web/clui/routes/openshift.go @@ -638,6 +638,7 @@ func (v *OpenshiftView) New(c *macaron.Context, store session.Store) { c.Data["Keys"] = keys c.Data["Subnets"] = subnets c.Data["Zones"] = zones + c.Data["UserID"] = store.Get("uid").(int64) c.HTML(200, "openshifts_new") } diff --git a/web/clui/routes/subnet.go b/web/clui/routes/subnet.go index b7bd36d5..5efc2010 100644 --- a/web/clui/routes/subnet.go +++ b/web/clui/routes/subnet.go @@ -557,6 +557,7 @@ func (v *SubnetView) List(c *macaron.Context, store session.Store) { c.Data["Total"] = total c.Data["Pages"] = pages c.Data["Query"] = query + c.Data["UserID"] = store.Get("uid").(int64) if c.Req.Header.Get("X-Json-Format") == "yes" { c.JSON(200, map[string]interface{}{ "subnets": subnets, diff --git a/web/clui/templates/instances_new.tmpl b/web/clui/templates/instances_new.tmpl index d41959ff..3adef5eb 100644 --- a/web/clui/templates/instances_new.tmpl +++ b/web/clui/templates/instances_new.tmpl @@ -177,23 +177,9 @@
- {{ if .IsAdmin }} - {{ range .Subnets }} -
- - {{.Name}} - -
- - {{ end }} - - {{ else }} - - {{ range .Subnets }} - - {{ if eq .Type "internal" }} + {{ if or (eq $.UserID .Owner) (eq .Type "public") }}
@@ -201,12 +187,10 @@
- {{ end }} + {{ end }} {{ end }} - {{ end }} -
@@ -243,23 +227,9 @@
- {{ if .IsAdmin }} - {{ range .Subnets }} -
- - {{.Name}} - -
- - {{ end }} - - {{ else }} - - {{ range .Subnets }} - - {{ if eq .Type "internal" }} + {{ if or (eq $.UserID .Owner) (eq .Type "public") }}
@@ -267,12 +237,10 @@
- {{ end }} + {{ end }} {{ end }} - {{ end }} -
diff --git a/web/clui/templates/openshifts_new.tmpl b/web/clui/templates/openshifts_new.tmpl index 743169e7..89814211 100644 --- a/web/clui/templates/openshifts_new.tmpl +++ b/web/clui/templates/openshifts_new.tmpl @@ -170,9 +170,11 @@
{{.i18n.Tr "Subnet"}}
{{ range .Subnets }} + {{ if or (eq $.UserID .Owner) (eq .Type "public") }}
{{.Name}}
+ {{ end }} {{ end }}
diff --git a/web/clui/templates/subnets.tmpl b/web/clui/templates/subnets.tmpl index 9b79b44b..ce36a9ac 100644 --- a/web/clui/templates/subnets.tmpl +++ b/web/clui/templates/subnets.tmpl @@ -40,6 +40,7 @@ {{ $Link := .Link }} {{ range .Subnets }} + {{ if or $.IsAdmin (eq $.UserID .Owner) }} {{ if $.IsAdmin }} {{.ID}} @@ -66,6 +67,7 @@
{{ end }} + {{ end }} From 6ee3500e9825b04f0c963ce0432793a06dca3ed1 Mon Sep 17 00:00:00 2001 From: xieqiang2020 Date: Fri, 15 Jan 2021 12:51:13 +0800 Subject: [PATCH 2/2] Filter subnets when querying db Signed-off-by: xieqiang2020 --- web/clui/routes/instance.go | 4 ++-- web/clui/routes/openshift.go | 4 ++-- web/clui/routes/subnet.go | 2 +- web/clui/templates/instances_new.tmpl | 8 -------- web/clui/templates/openshifts_new.tmpl | 2 -- web/clui/templates/subnets.tmpl | 6 +++--- 6 files changed, 8 insertions(+), 18 deletions(-) diff --git a/web/clui/routes/instance.go b/web/clui/routes/instance.go index 92b3f3ea..c10ffd9b 100644 --- a/web/clui/routes/instance.go +++ b/web/clui/routes/instance.go @@ -943,7 +943,8 @@ func (v *InstanceView) New(c *macaron.Context, store session.Store) { return } ctx := c.Req.Context() - _, subnets, err := subnetAdmin.List(ctx, 0, -1, "", "", "") + sql := fmt.Sprintf("type = 'public' or owner = %d", memberShip.OrgID) + _, subnets, err := subnetAdmin.List(ctx, 0, -1, "", "", sql) if err != nil { c.Data["ErrorMsg"] = err.Error() c.HTML(500, "500") @@ -990,7 +991,6 @@ func (v *InstanceView) New(c *macaron.Context, store session.Store) { c.Data["Keys"] = keys c.Data["Hypers"] = hypers c.Data["Zones"] = zones - c.Data["UserID"] = store.Get("uid").(int64) c.HTML(200, "instances_new") } diff --git a/web/clui/routes/openshift.go b/web/clui/routes/openshift.go index 1f152f01..fabd9160 100644 --- a/web/clui/routes/openshift.go +++ b/web/clui/routes/openshift.go @@ -621,7 +621,8 @@ func (v *OpenshiftView) New(c *macaron.Context, store session.Store) { c.HTML(500, "500") return } - _, subnets, err := subnetAdmin.List(ctx, 0, -1, "", "", "") + sql := fmt.Sprintf("type = 'public' or owner = %d", memberShip.OrgID) + _, subnets, err := subnetAdmin.List(ctx, 0, -1, "", "", sql) if err != nil { c.Data["ErrorMsg"] = err.Error() c.HTML(500, "500") @@ -638,7 +639,6 @@ func (v *OpenshiftView) New(c *macaron.Context, store session.Store) { c.Data["Keys"] = keys c.Data["Subnets"] = subnets c.Data["Zones"] = zones - c.Data["UserID"] = store.Get("uid").(int64) c.HTML(200, "openshifts_new") } diff --git a/web/clui/routes/subnet.go b/web/clui/routes/subnet.go index 5efc2010..353d64dd 100644 --- a/web/clui/routes/subnet.go +++ b/web/clui/routes/subnet.go @@ -496,7 +496,7 @@ func (a *SubnetAdmin) List(ctx context.Context, offset, limit int64, order, quer where := "" wm := memberShip.GetWhere() if wm != "" { - where = fmt.Sprintf("type != 'internal' or %s", wm) + where = fmt.Sprintf("type = 'public' or %s", wm) } subnets = []*model.Subnet{} if err = db.Model(&model.Subnet{}).Where(where).Where(query).Where(sql).Count(&total).Error; err != nil { diff --git a/web/clui/templates/instances_new.tmpl b/web/clui/templates/instances_new.tmpl index 3adef5eb..618b1a61 100644 --- a/web/clui/templates/instances_new.tmpl +++ b/web/clui/templates/instances_new.tmpl @@ -179,16 +179,12 @@ {{ range .Subnets }} - {{ if or (eq $.UserID .Owner) (eq .Type "public") }} -
{{.Name}}
- {{ end }} - {{ end }} @@ -229,16 +225,12 @@ {{ range .Subnets }} - {{ if or (eq $.UserID .Owner) (eq .Type "public") }} -
{{.Name}}
- {{ end }} - {{ end }} diff --git a/web/clui/templates/openshifts_new.tmpl b/web/clui/templates/openshifts_new.tmpl index 89814211..743169e7 100644 --- a/web/clui/templates/openshifts_new.tmpl +++ b/web/clui/templates/openshifts_new.tmpl @@ -170,11 +170,9 @@
{{.i18n.Tr "Subnet"}}
{{ range .Subnets }} - {{ if or (eq $.UserID .Owner) (eq .Type "public") }}
{{.Name}}
- {{ end }} {{ end }}
diff --git a/web/clui/templates/subnets.tmpl b/web/clui/templates/subnets.tmpl index ce36a9ac..2a716255 100644 --- a/web/clui/templates/subnets.tmpl +++ b/web/clui/templates/subnets.tmpl @@ -40,7 +40,7 @@ {{ $Link := .Link }} {{ range .Subnets }} - {{ if or $.IsAdmin (eq $.UserID .Owner) }} + {{ if or $.IsAdmin (eq $.UserID .Creater) }} {{ if $.IsAdmin }} {{.ID}} @@ -66,8 +66,8 @@ {{ end }}
- {{ end }} - {{ end }} + {{ end }} + {{ end }}