Skip to content

Commit

Permalink
Merge pull request #14041 from lpichler/add_rbac_for_rss_feed
Browse files Browse the repository at this point in the history
Add RBAC for rss feeds
  • Loading branch information
kbrock authored Mar 3, 2017
2 parents 9230b2c + 74351e9 commit 6eea127
Show file tree
Hide file tree
Showing 5 changed files with 60 additions and 8 deletions.
8 changes: 4 additions & 4 deletions app/models/miq_widget/rss_content.rb
Original file line number Diff line number Diff line change
Expand Up @@ -9,22 +9,22 @@ def external?
resource.nil?
end

def generate(_user_or_group)
def generate(user_or_group)
opts = {:tz => timezone}

data = if external?
opts[:limit_to_count] = widget_options[:row_count] || 5
external_feed
else
internal_feed
internal_feed(user_or_group)
end

RssFeed.to_html(data, opts)
end

def internal_feed
def internal_feed(user_or_group)
resource.options[:limit_to_count] = widget_options[:row_count] || 5
SimpleRSS.parse(resource.generate)
SimpleRSS.parse(resource.generate(nil, nil, nil, user_or_group))
end

def external_feed
Expand Down
11 changes: 9 additions & 2 deletions app/models/rss_feed.rb
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ def url(host = nil)
"#{host_url}#{link}"
end

def generate(host = nil, local = false, proto = nil)
def generate(host = nil, local = false, proto = nil, user_or_group = nil)
proto ||= ::Settings.webservices.consume_protocol
host_url = host.nil? ? "#{proto}://localhost:3000" : "#{proto}://" + host

Expand All @@ -35,7 +35,14 @@ def generate(host = nil, local = false, proto = nil)
}
}

feed = Rss.rss_feed_for(find_items, options)
rbac_options = {}
if user_or_group
user_or_group_key = user_or_group.kind_of?(User) ? :user : :miq_group
rbac_options[user_or_group_key] = user_or_group
end

filtered_items = Rbac::Filterer.filtered(find_items, rbac_options)
feed = Rss.rss_feed_for(filtered_items, options)
local ? feed : {:text => feed, :content_type => Mime[:rss]}
end

Expand Down
2 changes: 1 addition & 1 deletion product/alerts/rss/newest_vms.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ item_class: Vm
search_method:
limit_to_time:
limit_to_count:
orderby: "created_on DESC"
orderby: "vms.created_on DESC"

# Included tables and columns for query performance
include:
Expand Down
2 changes: 1 addition & 1 deletion spec/models/rss_feed/data/newest_vms.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ item_class: Vm
search_method:
limit_to_time:
limit_to_count:
orderby: "created_on DESC"
orderby: "vms.created_on DESC"

# Included tables and columns for query performance
include:
Expand Down
45 changes: 45 additions & 0 deletions spec/models/rss_feed/rss_feed_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,51 @@

before(:each) { Kernel.silence_warnings { RssFeed.const_set(:YML_DIR, Y_DIR) } }

context "with vms" do
before do
Tenant.seed
allow(User).to receive_messages(:server_timezone => "UTC")
RssFeed.sync_from_yml_file("newest_vms")
end

let(:owner_tenant) { FactoryGirl.create(:tenant) }
let(:owner_group) { FactoryGirl.create(:miq_group, :tenant => owner_tenant) }
let(:owner_user) { FactoryGirl.create(:user, :miq_groups => [owner_group]) }
let!(:owned_vm) { FactoryGirl.create(:vm_vmware, :tenant => owner_tenant) }
let!(:tenant_root_vm) { FactoryGirl.create(:vm_vmware, :tenant => Tenant.root_tenant) }
let(:rss_feed) { RssFeed.find_by(:name => "newest_vms") }

it "#generate 1 vms with owner_tenant tenant in newest_vms rss" do
[owner_group, owner_user].each do |user_or_group|
User.with_user(owner_user) do
feed_container = rss_feed.generate(nil, nil, nil, user_or_group)

expect(feed_container[:text]).to eq <<-EOXML
<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<rss version=\"2.0\">
<channel>
<title>Recently Discovered VMs</title>
<link>https://localhost:3000/alert/rss?feed=newest_vms</link>
<description>Virtual machines added</description>
<language>en-us</language>
<ttl>40</ttl>
<item>
<title>#{owned_vm.name} - location unknown</title>
<description>#{owned_vm.name} is a #{owned_vm.vendor_display} VM located at "#{owned_vm.location}"</description>
<pubDate>#{owned_vm.created_on.rfc2822}</pubDate>
<guid>https://localhost:3000/vm/show/#{owned_vm.id}</guid>
<link>https://localhost:3000/vm/show/#{owned_vm.id}</link>
</item>
</channel>
</rss>
EOXML

expect(feed_container[:content_type]).to eq('application/rss+xml')
end
end
end
end

context "with 2 hosts" do
before(:each) do
@host1 = FactoryGirl.create(:host, :created_on => Time.utc(2013, 1, 1, 0, 0, 0))
Expand Down

0 comments on commit 6eea127

Please sign in to comment.