From: Tomas Sedovic <tomas(a)sedovic.cz>
https://bugzilla.redhat.com/show_bug.cgi?id=761134
---
src/app/controllers/images_controller.rb | 4 ++++
src/config/locales/en.yml | 1 +
src/features/image.feature | 29 ++++++++++++++++++-----------
3 files changed, 23 insertions(+), 11 deletions(-)
diff --git a/src/app/controllers/images_controller.rb b/src/app/controllers/images_controller.rb
index 66acd6d..5cf0994 100644
--- a/src/app/controllers/images_controller.rb
+++ b/src/app/controllers/images_controller.rb
@@ -109,6 +109,10 @@ class ImagesController < ApplicationController
else
file = params[:image_file]
xml_source = file && file.read
+ if xml_source.blank?
+ flash.now[:error] = t('images.flash.error.no_file')
+ render :new and return
+ end
end
begin
diff --git a/src/config/locales/en.yml b/src/config/locales/en.yml
index 1786fa2..99050d5 100644
--- a/src/config/locales/en.yml
+++ b/src/config/locales/en.yml
@@ -718,6 +718,7 @@ en:
not_found: Image not found
error:
invalid_url: Could not load the provided URL
+ no_file: You must specify the template XML file
new:
new_image: New Image
description:
diff --git a/src/features/image.feature b/src/features/image.feature
index ade5ab2..7cc4a24 100644
--- a/src/features/image.feature
+++ b/src/features/image.feature
@@ -1,18 +1,25 @@
+Feature: Manage Images
+ In order to manage my cloud infrastructure
+ As a user
+ I want to manage instances
+
+ Background:
+ Given I am an authorised user
+ And I am logged in
+
+ Scenario: Uploading a template without specifying the file
+ Given there is a pool family named "testpoolfamily"
+ And I am on the pool families page
+ And I follow "New Image"
+ Then I should be on the new image page
+ When I fill in "name" with "my template"
+ And I press "file_button"
+ Then I should see "You must specify the template XML file"
+
#
# FIXME - This test is failing, but fixing it requires fixing a larger bug: we don't
# use VCR the way we think we do when interacting with iwhd... That's a large can of worms.
#
-
-#Feature: Manage Images
-# In order to manage my cloud infrastructure
-# As a user
-# I want to manage instances
-
-# Background:
-# Given I am an authorised user
-# And I am logged in
-
-
# Scenario: Show image details
# Given there is an image
# And I am on the images page
--
1.7.6.4
In a follow-on patch, the secret_token.rb file will be removed from the
conductor rpm to remove a security hole. Thanks to matty_dubs for
pointing this out.
---
bin/aeolus-configure | 1 +
recipes/aeolus/manifests/conductor.pp | 7 ++++++-
recipes/aeolus/templates/secret_token.rb | 21 +++++++++++++++++++++
3 files changed, 28 insertions(+), 1 deletions(-)
create mode 100644 recipes/aeolus/templates/secret_token.rb
diff --git a/bin/aeolus-configure b/bin/aeolus-configure
index a1a59a0..9b57b99 100755
--- a/bin/aeolus-configure
+++ b/bin/aeolus-configure
@@ -67,6 +67,7 @@ echo "Launching aeolus configuration recipe..."
export FACTER_AEOLUS_ENABLE_HTTPS=true
export FACTER_AEOLUS_ENABLE_SECURITY=false
+export FACTER_RAILS_TOKEN=`</dev/urandom tr -dc a-f0-9 | head -c128`
NODE_ARRAY=(`echo $PUPPET_NODE | tr "," "\n"`)
for x in "${NODE_ARRAY[@]}"
diff --git a/recipes/aeolus/manifests/conductor.pp b/recipes/aeolus/manifests/conductor.pp
index aa56331..3eba07f 100644
--- a/recipes/aeolus/manifests/conductor.pp
+++ b/recipes/aeolus/manifests/conductor.pp
@@ -27,6 +27,10 @@ class aeolus::conductor inherits aeolus {
content => template("aeolus/conductor-settings.yml"),
require => Package['aeolus-conductor']}
+ file{"/usr/share/aeolus-conductor/config/initializers/secret_token.rb":
+ content => template("aeolus/secret_token.rb"),
+ require => Package['aeolus-conductor']}
+
file{"/rsyslog": ensure => 'directory' }
file{"/rsyslog/work":
ensure => 'directory',
@@ -65,7 +69,8 @@ class aeolus::conductor inherits aeolus {
Rails::Migrate::Db[migrate_aeolus_database],
Service['httpd'],
Apache::Site[aeolus-conductor], Exec[reload-apache],
- File['/usr/share/aeolus-conductor/config/settings.yml']] }
+ File['/usr/share/aeolus-conductor/config/settings.yml'],
+ File['/usr/share/aeolus-conductor/config/initializers/secret_token.rb']] }
### Initialize and start the aeolus database
# Right now we configure and start postgres, at some point I want
diff --git a/recipes/aeolus/templates/secret_token.rb b/recipes/aeolus/templates/secret_token.rb
new file mode 100644
index 0000000..30e8161
--- /dev/null
+++ b/recipes/aeolus/templates/secret_token.rb
@@ -0,0 +1,21 @@
+# Copyright 2011 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Conductor::Application.config.secret_token = '<%= rails_token %>'
--
1.7.6.4
From: Jan Provaznik <jprovazn(a)redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=761504
sort_column method now includes table name, this was problem for
non-admin users - selects were joined with columns from privilege table
which contains 'name' column too so there was conflict with default sort
column 'name'.
Also removed pagination from listing pool families - pagination is obviusly
not used in a view and privilege target_type changed to 'Pool' when listing
pool families for a user.
---
src/app/controllers/application_controller.rb | 5 ++-
.../controllers/hardware_profiles_controller.rb | 2 +-
src/app/controllers/pool_families_controller.rb | 7 +---
src/features/pool_family.feature | 37 ++++++++++++++-----
src/features/step_definitions/pool_family_steps.rb | 5 +++
src/spec/factories/permission.rb | 6 +++
src/spec/factories/user.rb | 3 ++
7 files changed, 47 insertions(+), 18 deletions(-)
diff --git a/src/app/controllers/application_controller.rb b/src/app/controllers/application_controller.rb
index 16fa71d..62ee98a 100644
--- a/src/app/controllers/application_controller.rb
+++ b/src/app/controllers/application_controller.rb
@@ -272,8 +272,9 @@ class ApplicationController < ActionController::Base
end
end
- def sort_column(model, default="name")
- model.column_names.include?(params[:order_field]) ? params[:order_field] : default
+ def sort_column(model, default = nil)
+ return params[:order_field] if model.column_names.include?(params[:order_field])
+ return default || "#{model.quoted_table_name}.name"
end
def sort_direction
diff --git a/src/app/controllers/hardware_profiles_controller.rb b/src/app/controllers/hardware_profiles_controller.rb
index e490adb..62b2056 100644
--- a/src/app/controllers/hardware_profiles_controller.rb
+++ b/src/app/controllers/hardware_profiles_controller.rb
@@ -207,7 +207,7 @@ class HardwareProfilesController < ApplicationController
def load_hardware_profiles
sort_order = sort_direction
- sort_field = sort_column(HardwareProfile)
+ sort_field = sort_column(HardwareProfile, 'name')
if sort_field == "name"
@hardware_profiles = HardwareProfile.list_for_user(current_user, Privilege::VIEW).where('provider_id IS NULL', {}).apply_filters(:preset_filter_id => params[:hardware_profiles_preset_filter], :search_filter => params[:hardware_profiles_search]).order("hardware_profiles.name #{sort_direction}")
else
diff --git a/src/app/controllers/pool_families_controller.rb b/src/app/controllers/pool_families_controller.rb
index 7823c7e..7a109df 100644
--- a/src/app/controllers/pool_families_controller.rb
+++ b/src/app/controllers/pool_families_controller.rb
@@ -19,14 +19,13 @@ require 'will_paginate/array'
class PoolFamiliesController < ApplicationController
before_filter :require_user
before_filter :set_params_and_header, :only => [:index, :show]
- before_filter :load_pool_families, :only =>[:show]
+ before_filter :load_pool_families, :only =>[:index, :show]
before_filter :load_tab_captions_and_details_tab, :only => [:show]
def index
clear_breadcrumbs
save_breadcrumb(pool_families_path)
set_admin_environments_tabs 'pool_families'
- load_pool_families
respond_to do |format|
format.html
format.js { render :partial => 'list' }
@@ -213,9 +212,7 @@ class PoolFamiliesController < ApplicationController
end
def load_pool_families
- @pool_families = PoolFamily.list_for_user(current_user, Privilege::VIEW).paginate(
- :page => params[:page] || 1,
- :order => (sort_column(PoolFamily) + ' ' + sort_direction))
+ @pool_families = PoolFamily.list_for_user(current_user, Privilege::VIEW, Pool).order(sort_column(PoolFamily) + ' ' + sort_direction)
end
def load_pool_family_tabs
diff --git a/src/features/pool_family.feature b/src/features/pool_family.feature
index a14767b..8dabd87 100644
--- a/src/features/pool_family.feature
+++ b/src/features/pool_family.feature
@@ -3,12 +3,10 @@ Feature: Pool Families
As a user
I want to manage pool families
- Background:
+ Scenario: List pool families
Given I am an authorised user
And I am logged in
-
- Scenario: List pool families
- Given I am on the homepage
+ And I am on the homepage
And there are these pool families:
| name |
| pool_family1 |
@@ -20,14 +18,25 @@ Feature: Pool Families
| pool_family2 |
| pool_family3 |
+ Scenario: List pool families as unprivileged user
+ Given I am logged in
+ And I can view pool family "testpoolfamily"
+ When I go to the pool families page
+ Then I should see "Pool Families"
+ And I should see "testpoolfamily"
+
Scenario: Show pool family details
- Given there is a pool family named "testpoolfamily"
+ Given I am an authorised user
+ And I am logged in
+ And there is a pool family named "testpoolfamily"
And I am on the pool families page
When I follow "testpoolfamily"
Then I should see "Pools"
Scenario: Create a new Pool family
- Given I am on the pool families page
+ Given I am an authorised user
+ And I am logged in
+ And I am on the pool families page
And there is not a pool family named "testpoolfamily"
When I follow "new_pool_family_button"
Then I should be on the new pool family page
@@ -39,7 +48,9 @@ Feature: Pool Families
And I should have a pool family named "testpoolfamily"
Scenario: Delete a pool family
- Given I am on the homepage
+ Given I am an authorised user
+ And I am logged in
+ And I am on the homepage
And there is a pool family named "poolfamily1"
When I go to the pool families page
And I follow "poolfamily1"
@@ -47,7 +58,9 @@ Feature: Pool Families
Then there should not exist a pool family named "poolfamily1"
Scenario: Disallow deletion of default pool family
- Given I am on the pool families page
+ Given I am an authorised user
+ And I am logged in
+ And I am on the pool families page
Then I should see "default"
When I follow "default"
And I press "delete_pool_family_button"
@@ -81,7 +94,9 @@ Feature: Pool Families
# And I should see "third_family"
Scenario: Add provider account to pool family
- Given there is a pool family named "testpoolfamily"
+ Given I am an authorised user
+ And I am logged in
+ And there is a pool family named "testpoolfamily"
And there is a provider named "testprovider"
And there is a provider account named "testaccount"
And I am on the pool family provider accounts page
@@ -93,7 +108,9 @@ Feature: Pool Families
And I should see "testaccount"
Scenario: Remove provider account from pool family
- Given there is a pool family named "testpoolfamily"
+ Given I am an authorised user
+ And I am logged in
+ And there is a pool family named "testpoolfamily"
And there is a provider named "testprovider"
And there is a provider account named "testaccount"
And there is a provider account "testaccount" related to pool family "testpoolfamily"
diff --git a/src/features/step_definitions/pool_family_steps.rb b/src/features/step_definitions/pool_family_steps.rb
index 48de421..82a1645 100644
--- a/src/features/step_definitions/pool_family_steps.rb
+++ b/src/features/step_definitions/pool_family_steps.rb
@@ -61,3 +61,8 @@ Then /^there should not exist a provider account assigned to "([^"]*)"$/ do |nam
@pool_family = PoolFamily.find_by_name(name)
@pool_family.provider_accounts.count == 0
end
+
+Given /^I can view pool family "([^"]*)"$/ do |arg1|
+ pool_family = PoolFamily.find_by_name(arg1) || FactoryGirl.create(:pool_family, :name => arg1)
+ perm = FactoryGirl.create(:pool_family_user_permission, :permission_object => pool_family, :user => @user)
+end
diff --git a/src/spec/factories/permission.rb b/src/spec/factories/permission.rb
index d69930a..1a1f025 100644
--- a/src/spec/factories/permission.rb
+++ b/src/spec/factories/permission.rb
@@ -50,4 +50,10 @@ FactoryGirl.define do
user { |r| r.association(:pool_user2) }
end
+ factory :pool_family_user_permission, :parent => :permission do
+ role { |r| Role.first(:conditions => ['name = ?', 'Pool Family User']) || FactoryGirl.create(:role, :name => 'Pool Family User') }
+ permission_object { |r| r.association(:pool_family) }
+ user { |r| r.association(:pool_family_user) }
+ end
+
end
diff --git a/src/spec/factories/user.rb b/src/spec/factories/user.rb
index b5e1369..5ca512d 100644
--- a/src/spec/factories/user.rb
+++ b/src/spec/factories/user.rb
@@ -58,4 +58,7 @@ FactoryGirl.define do
sequence(:login) { |n| "pool_user2#{n}" }
end
+ factory :pool_family_user, :parent => :user do
+ sequence(:login) { |n| "pool_family_user#{n}" }
+ end
end
--
1.7.6