Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RBAC support for Automate Service Models #12369

Merged
merged 2 commits into from
Dec 5, 2016
Merged

RBAC support for Automate Service Models #12369

merged 2 commits into from
Dec 5, 2016

Conversation

mkanoor
Copy link
Contributor

@mkanoor mkanoor commented Nov 2, 2016
edited
Loading

Filters service model objects based on the current user passed into
Automate.
The previous PR was reverted.

Previously we were using DRb.front to access the front object from DRb client threads, this PR uses a thread variable that DRb server sets when dispatching new client request threads.

Links

mkanoor
mkanoor commented Nov 3, 2016
View reviewed changes
lib/miq_automation_engine/engine/drb_remote_invoker.rb
# See https://github.com/ruby/ruby/blob/trunk/lib/drb/drb.rb#L1658
# Previously we had used DRb.front but that gets compromised when multiple
# DRb servers are running in the same process.
def self.workspace
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Fryguy
This is the method that fetches the workspace. Please review

@miq-bot
Copy link
Member

miq-bot commented Nov 3, 2016

<pr_mergeability_checker />This pull request is not mergeable. Please rebase and repush.

@miq-bot
Copy link
Member

miq-bot commented Nov 19, 2016

<pr_mergeability_checker />This pull request is not mergeable. Please rebase and repush.

@mkanoor
Copy link
Contributor Author

mkanoor commented Nov 22, 2016

@gmcculloug @Fryguy
please review

gmcculloug
gmcculloug reviewed Nov 28, 2016
View reviewed changes
lib/miq_automation_engine/engine/miq_ae_service/miq_ae_service_rbac.rb
MiqAeEngine::MiqAeWorkspaceRuntime.current || MiqAeEngine::DrbRemoteInvoker.workspace
end

def workspace_from_drb_thread
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this method get used anywhere?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@gmcculloug
This was the old method which used the module function front to get to the workspace. I will get rid of it

lib/miq_automation_engine/engine/miq_ae_workspace.rb
@@ -60,12 +61,39 @@ def readonly?
@readonly
end

def self.current=(ws)
Thread.current.thread_variable_set(:current_workspace, ws)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is thread_variable_set needed or could you use Thread.current[: current_workspace] = ws.

Applies to the matching thread_variable_get below as well.

spec/lib/miq_automation_engine/miq_ae_service_spec.rb
@@ -168,49 +178,58 @@ module MiqAeServiceSpec

context "#create_notification!" do
it "invalid type" do
allow(workspace).to receive(:disable_rbac)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can move this into a before block for this context.

@miq-bot
Copy link
Member

miq-bot commented Nov 28, 2016

<pr_mergeability_checker />This pull request is not mergeable. Please rebase and repush.

@gmcculloug
Copy link
Member

@Fryguy Any thoughts before merging?

@miq-bot
Copy link
Member

miq-bot commented Nov 28, 2016

Checked commits mkanoor/manageiq@8c99cf0~...346be98 with ruby 2.2.5, rubocop 0.37.2, and haml-lint 0.16.1
9 files checked, 0 offenses detected
Everything looks good. 🍪

@gmcculloug gmcculloug merged commit b2cd625 into ManageIQ:master Dec 5, 2016
@gmcculloug gmcculloug added this to the Sprint 50 Ending Dec 5, 2016 milestone Dec 5, 2016
@mkanoor mkanoor mentioned this pull request Dec 9, 2016
Merged
simaishi pushed a commit that referenced this pull request Jan 9, 2017
@gmcculloug @simaishi
Merge pull request #12369 from mkanoor/rbac_tres
c180299 
RBAC support for Automate Service Models
(cherry picked from commit b2cd625)

https://bugzilla.redhat.com/show_bug.cgi?id=1411477
@simaishi
Copy link
Contributor

simaishi commented Jan 9, 2017

Euwe backport details:

$ git log -1
commit c180299f056015b1d11e0ec6a1ce82db95493ad4
Author: Greg McCullough <gmccullo@redhat.com>
Date:   Mon Dec 5 09:59:53 2016 -0500

    Merge pull request #12369 from mkanoor/rbac_tres
    
    RBAC support for Automate Service Models
    (cherry picked from commit b2cd6253905150f3a72d6da98cf0a1b3d8dc91b3)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1411477

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gmcculloug gmcculloug gmcculloug left review comments

Assignees

@gmcculloug gmcculloug

Labels
automate core/rbac enhancement euwe/backported
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mkanoor @miq-bot @gmcculloug @simaishi