ReadPermission
from ..exceptions import DashboardException
from ..rest_client import RequestException
-from ..security import Scope
+from ..security import Scope, Permission
+from ..services.auth import AuthManager, JwtManager
from ..services.ceph_service import CephService
from ..services.rgw_client import RgwClient
from ..tools import json_str_to_object
if user['tenant'] else user['user_id']
return user
+ @staticmethod
+ def _keys_allowed():
+ permissions = AuthManager.get_user(JwtManager.get_username()).permissions_dict()
+ edit_permissions = [Permission.CREATE, Permission.UPDATE, Permission.DELETE]
+ return Scope.RGW in permissions and Permission.READ in permissions[Scope.RGW] \
+ and len(set(edit_permissions).intersection(set(permissions[Scope.RGW]))) > 0
+
def list(self):
# type: () -> List[str]
users = [] # type: List[str]
def get(self, uid):
# type: (str) -> dict
result = self.proxy('GET', 'user', {'uid': uid})
+ if not self._keys_allowed():
+ del result['keys']
+ del result['swift_keys']
return self._append_uid(result)
@Endpoint()
class="bold">Full name</td>
<td>{{ user.display_name }}</td>
</tr>
- <tr *ngIf="user.email.length">
+ <tr *ngIf="user.email?.length">
<td i18n
class="bold">Email address</td>
<td>{{ user.email }}</td>
</div>
</tab>
- <tab i18n-heading
+ <tab *ngIf="keys.length"
+ i18n-heading
heading="Keys">
<cd-table [data]="keys"
[columns]="keysColumns"
import { configureTestBed, i18nProviders } from '../../../../testing/unit-test-helper';
import { CdTableSelection } from '../../../shared/models/cd-table-selection';
import { SharedModule } from '../../../shared/shared.module';
+import { RgwUserS3Key } from '../models/rgw-user-s3-key';
import { RgwUserDetailsComponent } from './rgw-user-details.component';
describe('RgwUserDetailsComponent', () => {
it('should create', () => {
expect(component).toBeTruthy();
+
+ const detailsTab = fixture.debugElement.nativeElement.querySelector('tab[heading="Details"]');
+ expect(detailsTab).toBeFalsy();
+ const keysTab = fixture.debugElement.nativeElement.querySelector('tab[heading="Keys"]');
+ expect(keysTab).toBeFalsy();
+ });
+
+ it('should show "Details" tab', () => {
+ component.selection.selected = [{ uid: 'myUsername' }];
+ fixture.detectChanges();
+
+ const detailsTab = fixture.debugElement.nativeElement.querySelector('tab[heading="Details"]');
+ expect(detailsTab).toBeTruthy();
+ const keysTab = fixture.debugElement.nativeElement.querySelector('tab[heading="Keys"]');
+ expect(keysTab).toBeFalsy();
+ });
+
+ it('should show "Keys" tab', () => {
+ const s3Key = new RgwUserS3Key();
+ component.selection.selected = [{ keys: [s3Key] }];
+ component.ngOnChanges();
+ fixture.detectChanges();
+
+ const detailsTab = fixture.debugElement.nativeElement.querySelector('tab[heading="Details"]');
+ expect(detailsTab).toBeTruthy();
+ const keysTab = fixture.debugElement.nativeElement.querySelector('tab[heading="Keys"]');
+ expect(keysTab).toBeTruthy();
});
it('should show correct "System" info', () => {
// Process the keys.
this.keys = [];
- this.user.keys.forEach((key: RgwUserS3Key) => {
- this.keys.push({
- id: this.keys.length + 1, // Create an unique identifier
- type: 'S3',
- username: key.user,
- ref: key
+ if (this.user.keys) {
+ this.user.keys.forEach((key: RgwUserS3Key) => {
+ this.keys.push({
+ id: this.keys.length + 1, // Create an unique identifier
+ type: 'S3',
+ username: key.user,
+ ref: key
+ });
});
- });
- this.user.swift_keys.forEach((key: RgwUserSwiftKey) => {
- this.keys.push({
- id: this.keys.length + 1, // Create an unique identifier
- type: 'Swift',
- username: key.user,
- ref: key
+ }
+ if (this.user.swift_keys) {
+ this.user.swift_keys.forEach((key: RgwUserSwiftKey) => {
+ this.keys.push({
+ id: this.keys.length + 1, // Create an unique identifier
+ type: 'Swift',
+ username: key.user,
+ ref: key
+ });
});
- });
+ }
+
this.keys = _.sortBy(this.keys, 'user');
}
}
}]
self._get('/test/api/rgw/user')
self.assertStatus(500)
+
+ @mock.patch('dashboard.controllers.rgw.RgwRESTController.proxy')
+ @mock.patch.object(RgwUser, '_keys_allowed')
+ def test_user_get_with_keys(self, keys_allowed, mock_proxy):
+ keys_allowed.return_value = True
+ mock_proxy.return_value = {
+ 'tenant': '',
+ 'user_id': 'my_user_id',
+ 'keys': [],
+ 'swift_keys': []
+ }
+ self._get('/test/api/rgw/user/testuser')
+ self.assertStatus(200)
+ self.assertInJsonBody('keys')
+ self.assertInJsonBody('swift_keys')
+
+ @mock.patch('dashboard.controllers.rgw.RgwRESTController.proxy')
+ @mock.patch.object(RgwUser, '_keys_allowed')
+ def test_user_get_without_keys(self, keys_allowed, mock_proxy):
+ keys_allowed.return_value = False
+ mock_proxy.return_value = {
+ 'tenant': '',
+ 'user_id': 'my_user_id',
+ 'keys': [],
+ 'swift_keys': []
+ }
+ self._get('/test/api/rgw/user/testuser')
+ self.assertStatus(200)
+ self.assertNotIn('keys', self.json_body())
+ self.assertNotIn('swift_keys', self.json_body())
projects / ceph.git / commitdiff