[Ovirt-devel] [PATCH server] Added roles and privileges for the cloud controller.
Scott Seago
sseago at redhat.com
Thu Apr 2 19:35:28 UTC 2009
Signed-off-by: Scott Seago <sseago at redhat.com>
---
src/app/models/privilege.rb | 3 ++
src/app/models/role.rb | 2 +-
.../migrate/038_add_cloud_role.rb} | 35 +++++++++++++-------
src/test/fixtures/privileges.yml | 4 ++
src/test/fixtures/roles.yml | 3 ++
5 files changed, 34 insertions(+), 13 deletions(-)
copy src/{app/models/privilege.rb => db/migrate/038_add_cloud_role.rb} (50%)
diff --git a/src/app/models/privilege.rb b/src/app/models/privilege.rb
index 7a30b8f..18c0f16 100644
--- a/src/app/models/privilege.rb
+++ b/src/app/models/privilege.rb
@@ -31,5 +31,8 @@ class Privilege < ActiveRecord::Base
VM_CONTROL = "vm_control"
VIEW = "view"
+ CLOUD_CREATE = "cloud_create"
+ CLOUD_VIEW = "cloud_view"
+
end
diff --git a/src/app/models/role.rb b/src/app/models/role.rb
index 969fbbe..c850d64 100644
--- a/src/app/models/role.rb
+++ b/src/app/models/role.rb
@@ -30,5 +30,5 @@ class Role < ActiveRecord::Base
ADMIN = "Administrator"
USER = "User"
MONITOR = "Monitor"
-
+ CLOUD_USER = "Cloud User"
end
diff --git a/src/app/models/privilege.rb b/src/db/migrate/038_add_cloud_role.rb
similarity index 50%
copy from src/app/models/privilege.rb
copy to src/db/migrate/038_add_cloud_role.rb
index 7a30b8f..2487f0c 100644
--- a/src/app/models/privilege.rb
+++ b/src/db/migrate/038_add_cloud_role.rb
@@ -17,19 +17,30 @@
# MA 02110-1301, USA. A copy of the GNU General Public License is
# also available at http://www.gnu.org/copyleft/gpl.html.
-class Privilege < ActiveRecord::Base
- has_and_belongs_to_many :roles
+class AddCloudRoles < ActiveRecord::Migration
+ def self.up
+ Role.transaction do
+ role_cloud_user = Role.new({:name => "Cloud User"})
+ role_cloud_user.save!
- validates_presence_of :name
- validates_uniqueness_of :name
-
-
- #default privileges
- PERM_SET = "set_perms"
- PERM_VIEW = "view_perms"
- MODIFY = "modify"
- VM_CONTROL = "vm_control"
- VIEW = "view"
+ priv_cloud_create = Privilege.new({:name => "cloud_create"})
+ priv_cloud_create.save!
+ priv_cloud_view = Privilege.new({:name => "cloud_view"})
+ priv_cloud_view.save!
+ priv_vm_control = Privilege.find_by_name("vm_control")
+ role_cloud_user.privileges = [priv_cloud_view,
+ priv_vm_control,
+ priv_cloud_create]
+ role_cloud_user.save!
+ end
+ end
+ def self.down
+ Role.transaction do
+ Role.find_by_name("Cloud User").destroy
+ Privilege.find_by_name("cloud_create").destroy
+ Privilege.find_by_name("cloud_view").destroy
+ end
+ end
end
diff --git a/src/test/fixtures/privileges.yml b/src/test/fixtures/privileges.yml
index 3f19584..54a24be 100644
--- a/src/test/fixtures/privileges.yml
+++ b/src/test/fixtures/privileges.yml
@@ -8,3 +8,7 @@ vm_control:
name: vm_control
view:
name: view
+cloud_create:
+ name: cloud_create
+cloud_view:
+ name: cloud_view
diff --git a/src/test/fixtures/roles.yml b/src/test/fixtures/roles.yml
index 774158d..e90851d 100644
--- a/src/test/fixtures/roles.yml
+++ b/src/test/fixtures/roles.yml
@@ -10,3 +10,6 @@ user:
monitor:
name: Monitor
privileges: view
+cloud_user:
+ name: Cloud User
+ privileges: cloud_view, vm_control, cloud_create
--
1.6.0.6
More information about the ovirt-devel
mailing list