Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Separate role access restrictions for catalog items #22573

Merged
merged 3 commits into from
Jul 7, 2023
Merged

Separate role access restrictions for catalog items #22573

merged 3 commits into from
Jul 7, 2023

Conversation

jaywcarman
Copy link
Member

@jaywcarman jaywcarman commented Jun 20, 2023
edited
Loading

Closes #22421

Previously user role access restriction for Catalog Items, Orchestration
Stacks, Key Pairs, Services, VMs, and Templates were set with a single
control (vm_restriction).

Break out the ability to set access restriction for catalog items
separately from other types.

This feature is useful when an administrator wants to give a group
access to a catalog item (service_template) but wants any services
ordered to be restricted to the individual users.

Corresponding PRs:

@jaywcarman
Add service template restrictions to roles
6072d2c 
With the ability to set access restrictions for service templates
separately from vms, the default user roles should set
:service_templates to the same value as :vms so that there is no change
to the default behavior.
@jaywcarman jaywcarman mentioned this pull request Jun 20, 2023
Merged
@jaywcarman
Copy link
Member Author

Line 109, Col 11 - Style/SafeNavigation - Use safe navigation (&.) instead of checking if an object exists before calling the method.

I copied the service_template_restriction method from the existing vm_restriction, so this rubocop applies to both. I thought I'd check the history before fixing it and found a message from the past! 😆

image

@jaywcarman jaywcarman force-pushed the separate_role_access_restrictions_for_service_templates branch from dd735cd to 4ee4e8c Compare June 20, 2023 13:30
@miq-bot
Copy link
Member

miq-bot commented Jun 20, 2023

Checked commits jaywcarman/manageiq@6072d2c~...4ee4e8c with ruby 2.6.10, rubocop 1.28.2, haml-lint 0.35.0, and yamllint
2 files checked, 0 offenses detected
Everything looks fine. 👍

@kbrock kbrock merged commit 49e9ccd into ManageIQ:master Jul 7, 2023
@Fryguy Fryguy mentioned this pull request Jul 7, 2023
Closed
@jaywcarman jaywcarman deleted the separate_role_access_restrictions_for_service_templates branch July 7, 2023 14:45
This was referenced Jul 11, 2023
Merged
Merged
@Fryguy Fryguy added this to the Quinteros milestone Jul 14, 2023
@jaywcarman jaywcarman mentioned this pull request Aug 10, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Fryguy Fryguy Fryguy left review comments

@agrare agrare Awaiting requested review from agrare agrare is a code owner

@bdunne bdunne Awaiting requested review from bdunne bdunne is a code owner

@kbrock kbrock Awaiting requested review from kbrock kbrock is a code owner

Assignees

@kbrock kbrock

Labels
core enhancement
Projects
Roadmap
Status: Quinteros
Milestone
Quinteros
Development

Successfully merging this pull request may close these issues.

There isn't an appropriate role to list all the catalog services in group but list only owned services
5 participants
@jaywcarman @miq-bot @Fryguy @kbrock @agrare