You will need to drop your database and re-run the migrations after this.
Signed-off-by: Scott Seago sseago@redhat.com --- src/app/controllers/permissions_controller.rb | 6 ++-- src/app/models/base_permission_object.rb | 35 ++++++++++++++++++++ src/app/models/base_portal_object.rb | 35 -------------------- src/app/models/permission.rb | 18 +++++----- src/app/models/permissioned_object.rb | 2 +- src/app/services/application_service.rb | 4 +- src/app/views/layouts/_main_nav.html.erb | 4 +- src/db/migrate/20091008153058_create_roles.rb | 4 +- ...0091019215838_create_base_permission_objects.rb | 14 ++++++++ .../20091019215838_create_base_portal_objects.rb | 14 -------- src/lib/tasks/dc_tasks.rake | 2 +- src/spec/factories/permission.rb | 2 +- src/spec/fixtures/base_permission_objects.yml | 2 + src/spec/fixtures/base_portal_objects.yml | 2 - src/spec/fixtures/roles.yml | 4 +- src/test/fixtures/base_permission_objects.yml | 9 +++++ src/test/fixtures/base_portal_objects.yml | 9 ----- src/test/fixtures/permissions.yml | 2 +- src/test/fixtures/roles.yml | 4 +- src/test/unit/base_permission_object_test.rb | 8 ++++ src/test/unit/base_portal_object_test.rb | 8 ---- 21 files changed, 94 insertions(+), 94 deletions(-) create mode 100644 src/app/models/base_permission_object.rb delete mode 100644 src/app/models/base_portal_object.rb create mode 100644 src/db/migrate/20091019215838_create_base_permission_objects.rb delete mode 100644 src/db/migrate/20091019215838_create_base_portal_objects.rb create mode 100644 src/spec/fixtures/base_permission_objects.yml delete mode 100644 src/spec/fixtures/base_portal_objects.yml create mode 100644 src/test/fixtures/base_permission_objects.yml delete mode 100644 src/test/fixtures/base_portal_objects.yml create mode 100644 src/test/unit/base_permission_object_test.rb delete mode 100644 src/test/unit/base_portal_object_test.rb
diff --git a/src/app/controllers/permissions_controller.rb b/src/app/controllers/permissions_controller.rb index 9d9b2a9..c068849 100644 --- a/src/app/controllers/permissions_controller.rb +++ b/src/app/controllers/permissions_controller.rb @@ -73,10 +73,10 @@ class PermissionsController < ApplicationController @permission_object = Provider.find params[:provider_id] elsif !params[:cloud_account_id].nil? @permission_object = CloudAccount.find params[:cloud_account_id] - elsif !params[:base_portal_object_id].nil? - @permission_object = BasePortalObject.find params[:base_portal_object_id] + elsif !params[:base_permission_object_id].nil? + @permission_object = BasePermissionObject.find params[:base_permission_object_id] else - @permission_object = BasePortalObject.general_permission_scope + @permission_object = BasePermissionObject.general_permission_scope end
raise ActiveRecord::RecordNotFound if @permission_object.nil? diff --git a/src/app/models/base_permission_object.rb b/src/app/models/base_permission_object.rb new file mode 100644 index 0000000..5d64613 --- /dev/null +++ b/src/app/models/base_permission_object.rb @@ -0,0 +1,35 @@ +# +# Copyright (C) 2009 Red Hat, Inc. +# Written by Scott Seago sseago@redhat.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, +# MA 02110-1301, USA. A copy of the GNU General Public License is +# also available at http://www.gnu.org/copyleft/gpl.html. + +class BasePermissionObject < ActiveRecord::Base + + include PermissionedObject + has_many :permissions, :as => :permission_object, :dependent => :destroy, + :include => [:role], + :order => "permissions.id ASC" + + validates_presence_of :name + validates_uniqueness_of :name + + GENERAL_PERMISSION_SCOPE = "general_permission_scope" + + def self.general_permission_scope + self.find_by_name(GENERAL_PERMISSION_SCOPE) + end +end diff --git a/src/app/models/base_portal_object.rb b/src/app/models/base_portal_object.rb deleted file mode 100644 index 422f5dd..0000000 --- a/src/app/models/base_portal_object.rb +++ /dev/null @@ -1,35 +0,0 @@ -# -# Copyright (C) 2009 Red Hat, Inc. -# Written by Scott Seago sseago@redhat.com -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -# MA 02110-1301, USA. A copy of the GNU General Public License is -# also available at http://www.gnu.org/copyleft/gpl.html. - -class BasePortalObject < ActiveRecord::Base - - include PermissionedObject - has_many :permissions, :as => :permission_object, :dependent => :destroy, - :include => [:role], - :order => "permissions.id ASC" - - validates_presence_of :name - validates_uniqueness_of :name - - GENERAL_PERMISSION_SCOPE = "general_permission_scope" - - def self.general_permission_scope - self.find_by_name(GENERAL_PERMISSION_SCOPE) - end -end diff --git a/src/app/models/permission.rb b/src/app/models/permission.rb index c77061f..349b6a7 100644 --- a/src/app/models/permission.rb +++ b/src/app/models/permission.rb @@ -27,15 +27,15 @@ class Permission < ActiveRecord::Base validates_uniqueness_of :user_id, :scope => [:permission_object_id, :permission_object_type]
- belongs_to :permission_object, :polymorphic => true + belongs_to :permission_object, :polymorphic => true # type-specific associations - belongs_to :pool, :class_name => "Pool", - :foreign_key => "permission_object_id" - belongs_to :provider, :class_name => "Provider", - :foreign_key => "permission_object_id" - belongs_to :cloud_account, :class_name => "CloudAccount", - :foreign_key => "permission_object_id" - belongs_to :base_portal_object, :class_name => "BasePortalObject", - :foreign_key => "permission_object_id" + belongs_to :pool, :class_name => "Pool", + :foreign_key => "permission_object_id" + belongs_to :provider, :class_name => "Provider", + :foreign_key => "permission_object_id" + belongs_to :cloud_account, :class_name => "CloudAccount", + :foreign_key => "permission_object_id" + belongs_to :base_permission_object, :class_name => "BasePermissionObject", + :foreign_key => "permission_object_id"
end diff --git a/src/app/models/permissioned_object.rb b/src/app/models/permissioned_object.rb index a253410..b4a3037 100644 --- a/src/app/models/permissioned_object.rb +++ b/src/app/models/permissioned_object.rb @@ -86,7 +86,7 @@ module PermissionedObject def self.included(base) base.class_eval do def self.list_for_user(user, privilege) - if BasePortalObject.general_permission_scope.has_privilege(user, privilege) + if BasePermissionObject.general_permission_scope.has_privilege(user, privilege) all else find(:all, :include => {:permissions => {:role => :privileges}}, diff --git a/src/app/services/application_service.rb b/src/app/services/application_service.rb index f72f83d..3315fb1 100644 --- a/src/app/services/application_service.rb +++ b/src/app/services/application_service.rb @@ -42,8 +42,8 @@ module ApplicationService
def check_privilege(privilege, perm_obj) ((perm_obj and perm_obj.has_privilege(@current_user, privilege)) or - BasePortalObject.general_permission_scope.has_privilege(@current_user, - privilege)) + BasePermissionObject.general_permission_scope.has_privilege(@current_user, + privilege)) end def authorized?(privilege, perm_obj=nil) @perm_obj = perm_obj diff --git a/src/app/views/layouts/_main_nav.html.erb b/src/app/views/layouts/_main_nav.html.erb index 0e14f4a..0155bd6 100644 --- a/src/app/views/layouts/_main_nav.html.erb +++ b/src/app/views/layouts/_main_nav.html.erb @@ -2,8 +2,8 @@
<%=link_to "Add a pool", {:controller => "pool", :action => "new"}, :class => "actionlink" %>
-<%= link_to "Add a user", {:controller => "users", :action => "new"}, :class=>"actionlink" if has_user_modify?(BasePortalObject.general_permission_scope) %> -<%= link_to "User access", {:controller => "permissions", :action => "list"}, :class=>"actionlink" if has_view_perms?(BasePortalObject.general_permission_scope) %> +<%= link_to "Add a user", {:controller => "users", :action => "new"}, :class=>"actionlink" if has_user_modify?(BasePermissionObject.general_permission_scope) %> +<%= link_to "User access", {:controller => "permissions", :action => "list"}, :class=>"actionlink" if has_view_perms?(BasePermissionObject.general_permission_scope) %> <h3>Providers</h3> <ul id="providers"> <% cur_id = params[:id].to_i %> diff --git a/src/db/migrate/20091008153058_create_roles.rb b/src/db/migrate/20091008153058_create_roles.rb index 3e578c8..5234c90 100644 --- a/src/db/migrate/20091008153058_create_roles.rb +++ b/src/db/migrate/20091008153058_create_roles.rb @@ -104,11 +104,11 @@ class CreateRoles < ActiveRecord::Migration {:role_scope => "CloudAccount", :privileges => ["account_view"]}, "Provider Creator" => - {:role_scope => "BasePortalObject", + {:role_scope => "BasePermissionObject", :privileges => ["provider_modify", "provider_view"]}, "Administrator" => - {:role_scope => "BasePortalObject", + {:role_scope => "BasePermissionObject", :privileges => ["provider_modify", "provider_view", "account_modify", diff --git a/src/db/migrate/20091019215838_create_base_permission_objects.rb b/src/db/migrate/20091019215838_create_base_permission_objects.rb new file mode 100644 index 0000000..0318ee7 --- /dev/null +++ b/src/db/migrate/20091019215838_create_base_permission_objects.rb @@ -0,0 +1,14 @@ +class CreateBasePermissionObjects < ActiveRecord::Migration + def self.up + create_table :base_permission_objects do |t| + t.string :name, :null => false + t.timestamps + end + + BasePermissionObject.new({:name => "general_permission_scope"}).save! + end + + def self.down + drop_table :base_permission_objects + end +end diff --git a/src/db/migrate/20091019215838_create_base_portal_objects.rb b/src/db/migrate/20091019215838_create_base_portal_objects.rb deleted file mode 100644 index badea5d..0000000 --- a/src/db/migrate/20091019215838_create_base_portal_objects.rb +++ /dev/null @@ -1,14 +0,0 @@ -class CreateBasePortalObjects < ActiveRecord::Migration - def self.up - create_table :base_portal_objects do |t| - t.string :name, :null => false - t.timestamps - end - - BasePortalObject.new({:name => "general_permission_scope"}).save! - end - - def self.down - drop_table :base_portal_objects - end -end diff --git a/src/lib/tasks/dc_tasks.rake b/src/lib/tasks/dc_tasks.rake index 1621a06..4c1a9e0 100644 --- a/src/lib/tasks/dc_tasks.rake +++ b/src/lib/tasks/dc_tasks.rake @@ -20,7 +20,7 @@ namespace :dc do end
user.permissions << Permission.new(:role => Role.find_by_name('Administrator'), - :permission_object => BasePortalObject.general_permission_scope + :permission_object => BasePermissionObject.general_permission_scope ) puts "Granting administrator privileges for #{args.login}..." end diff --git a/src/spec/factories/permission.rb b/src/spec/factories/permission.rb index 293f459..0aad3a2 100644 --- a/src/spec/factories/permission.rb +++ b/src/spec/factories/permission.rb @@ -4,7 +4,7 @@ end
Factory.define :admin_permission, :parent => :permission do |p| p.role { |r| Role.find(:first, :conditions => ['name = ?', 'Administrator']) } - p.permission_object { |r| BasePortalObject.general_permission_scope } + p.permission_object { |r| BasePermissionObject.general_permission_scope } p.user { |u| u.association(:admin_user) } end
diff --git a/src/spec/fixtures/base_permission_objects.yml b/src/spec/fixtures/base_permission_objects.yml new file mode 100644 index 0000000..a520969 --- /dev/null +++ b/src/spec/fixtures/base_permission_objects.yml @@ -0,0 +1,2 @@ +general_permission_scope: + name: 'general_permission_scope' diff --git a/src/spec/fixtures/base_portal_objects.yml b/src/spec/fixtures/base_portal_objects.yml deleted file mode 100644 index a520969..0000000 --- a/src/spec/fixtures/base_portal_objects.yml +++ /dev/null @@ -1,2 +0,0 @@ -general_permission_scope: - name: 'general_permission_scope' diff --git a/src/spec/fixtures/roles.yml b/src/spec/fixtures/roles.yml index aafe654..5c72efb 100644 --- a/src/spec/fixtures/roles.yml +++ b/src/spec/fixtures/roles.yml @@ -47,9 +47,9 @@ account_viewer: privileges: account_view provider_creator: name: Provider Creator - scope: BasePortalObject + scope: BasePermissionObject privileges: provider_modify, provider_view, stats_view administrator: name: Administrator - scope: BasePortalObject + scope: BasePermissionObject privileges: provider_modify, provider_view, account_modify, account_add, account_view, user_modify, user_view, set_perms, view_perms, pool_modify, pool_view, quota_modify, quota_view, stats_view, instance_modify, instance_control, instance_view diff --git a/src/test/fixtures/base_permission_objects.yml b/src/test/fixtures/base_permission_objects.yml new file mode 100644 index 0000000..4cf58b8 --- /dev/null +++ b/src/test/fixtures/base_permission_objects.yml @@ -0,0 +1,9 @@ +# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html + +# one: +# column: value +# +# two: +# column: value +base_permission_object: + name: general_permission_scope \ No newline at end of file diff --git a/src/test/fixtures/base_portal_objects.yml b/src/test/fixtures/base_portal_objects.yml deleted file mode 100644 index 7e9b357..0000000 --- a/src/test/fixtures/base_portal_objects.yml +++ /dev/null @@ -1,9 +0,0 @@ -# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html - -# one: -# column: value -# -# two: -# column: value -base_portal_object: - name: general_permission_scope \ No newline at end of file diff --git a/src/test/fixtures/permissions.yml b/src/test/fixtures/permissions.yml index 2e889db..4fba11c 100644 --- a/src/test/fixtures/permissions.yml +++ b/src/test/fixtures/permissions.yml @@ -3,7 +3,7 @@ admin_permission: role: site_administrator user: test_admin - permission_object: base_portal_object (BasePortalObject) + permission_object: base_permission_object (BasePermissionObject) user_permission: role: instance_creator_and_user user: test_user diff --git a/src/test/fixtures/roles.yml b/src/test/fixtures/roles.yml index 1391546..5ec515b 100644 --- a/src/test/fixtures/roles.yml +++ b/src/test/fixtures/roles.yml @@ -39,9 +39,9 @@ account_user: privileges: account_view provider_administrator: name: Provider Administrator - scope: BasePortalObject + scope: BasePermissionObject privileges: provider_modify, provider_view, stats_view site_administrator: name: Site Administrator - scope: BasePortalObject + scope: BasePermissionObject privileges: provider_modify, provider_view, account_modify, account_view, user_modify, user_view, set_perms, view_perms, pool_modify, pool_view, quota_modify, quota_view, stats_view, instance_modify, instance_control, instance_view diff --git a/src/test/unit/base_permission_object_test.rb b/src/test/unit/base_permission_object_test.rb new file mode 100644 index 0000000..1dcd1be --- /dev/null +++ b/src/test/unit/base_permission_object_test.rb @@ -0,0 +1,8 @@ +require 'test_helper' + +class BasePermissionObjectTest < ActiveSupport::TestCase + # Replace this with your real tests. + test "the truth" do + assert true + end +end diff --git a/src/test/unit/base_portal_object_test.rb b/src/test/unit/base_portal_object_test.rb deleted file mode 100644 index e6e4b9d..0000000 --- a/src/test/unit/base_portal_object_test.rb +++ /dev/null @@ -1,8 +0,0 @@ -require 'test_helper' - -class BasePortalObjectTest < ActiveSupport::TestCase - # Replace this with your real tests. - test "the truth" do - assert true - end -end
On Mon, Apr 5, 2010 at 12:35 PM, Scott Seago sseago@redhat.com wrote:
You will need to drop your database and re-run the migrations after this.
ACK, this all seems to work fine.
deltacloud-devel@lists.fedorahosted.org