M #~: delete restricted values user (#2302)

src/fireedge/src/client/components/Forms/VmTemplate/InstantiateForm/Steps/index.js

@@ -23,7 +23,7 @@ import ExtraConfiguration, {
   STEP_ID as EXTRA_ID,
 } from 'client/components/Forms/VmTemplate/InstantiateForm/Steps/ExtraConfiguration'
 import { jsonToXml, userInputsToArray } from 'client/models/Helper'
-import { createSteps } from 'client/utils'
+import { createSteps, deleteObjectKeys } from 'client/utils'
 
 const Steps = createSteps(
   (vmTemplate) => {
@@ -49,13 +49,38 @@ const Steps = createSteps(
 
       return initialValue
     },
-    transformBeforeSubmit: (formData, vmTemplate) => {
+    transformBeforeSubmit: (
+      formData,
+      vmTemplate,
+      stepProps,
+      adminGroup,
+      oneConfig
+    ) => {
       const {
         [BASIC_ID]: { name, instances, hold, persistent, ...restOfConfig } = {},
         [USER_INPUTS_ID]: userInputs,
         [EXTRA_ID]: extraTemplate = {},
       } = formData ?? {}
 
+      if (!adminGroup) {
+        const vmRestrictedAttributes = oneConfig?.VM_RESTRICTED_ATTR ?? []
+        vmRestrictedAttributes.forEach((restrictedAttr) => {
+          const splitedAttr = restrictedAttr.split('/')
+
+          /**
+           * For now, we will delete only the DISK attributes as we have to
+           * investigate the core behavior related to each of them (i.e.:
+           * Disk restricted attributes expect to be deleted, but NIC ones
+           * must be kept unchanged).
+           *
+           * TODO: Review each VM_RESTRICTED_ATTR behavior to implement
+           * the corresponding logic for them
+           */
+          if (splitedAttr[0] !== 'DISK') return
+          deleteObjectKeys(splitedAttr, extraTemplate)
+        })
+      }
+
       // merge with template disks to get TYPE attribute
       const templateXML = jsonToXml({
         ...userInputs,

src/fireedge/src/client/components/HOC/AsyncLoadForm.js

@@ -17,7 +17,8 @@ import { useMemo, useCallback, ReactElement } from 'react'
 import PropTypes from 'prop-types'
 import loadable, { LoadableLibrary } from '@loadable/component'
 import { Backdrop, CircularProgress } from '@mui/material'
-
+import { useAuth } from 'client/features/Auth'
+import { useGetOneConfigQuery } from 'client/features/OneApi/system'
 import { CreateFormCallback, CreateStepsCallback } from 'client/utils/schema'
 
 /**
@@ -97,9 +98,25 @@ const MemoizedForm = ({
     []
   )
 
+  const { data: oneConfig = {} } = useGetOneConfigQuery()
+
+  const { user } = useAuth()
+  const userGroup = Array.isArray(user?.GROUPS?.ID)
+    ? user?.GROUPS?.ID
+    : [user?.GROUPS?.ID]
+  const adminGroup = userGroup?.includes?.('0')
+
   const handleTriggerSubmit = useCallback(
     (data) =>
-      onSubmit(transformBeforeSubmit?.(data, initialValues, stepProps) ?? data),
+      onSubmit(
+        transformBeforeSubmit?.(
+          data,
+          initialValues,
+          stepProps,
+          adminGroup,
+          oneConfig
+        ) ?? data
+      ),
     [transformBeforeSubmit]
   )
 

src/fireedge/src/client/utils/helpers.js

@@ -301,6 +301,28 @@ export const get = (obj, path, defaultValue = undefined) => {
   return result === undefined || result === obj ? defaultValue : result
 }
 
+/**
+ * Deletes a given key from an object.
+ *
+ * @param {string[]} attr - Array with the path to be deleted
+ * @param {object} originalTemplate - Template to be modified
+ */
+export const deleteObjectKeys = (attr, originalTemplate = {}) => {
+  const keyToDelete = attr.pop()
+  let template = originalTemplate || {}
+  // TODO: Consider the case when restricted attributes is inside an array and goes deeper
+  attr.forEach((key) => {
+    if (Array.isArray(template?.[key])) {
+      template?.[key].forEach((element) => {
+        element && delete element[keyToDelete]
+      })
+    } else {
+      template = template[key]
+    }
+  })
+  template && delete template[keyToDelete]
+}
+
 /**
  * Set a value of property in object by his path.
  *

src/fireedge/src/server/routes/api/system/functions.js

@@ -36,6 +36,7 @@ const ALLOWED_KEYS_ONED_CONF = [
   'IM_MAD',
   'AUTH_MAD',
   'FEDERATION',
+  'VM_RESTRICTED_ATTR',
 ]
 
 /**