1
0
mirror of https://github.com/OpenNebula/one.git synced 2025-01-13 13:17:39 +03:00

F : Users can instantiate a VM template as another user/group

This commit is contained in:
juanmont 2018-04-04 14:49:44 +02:00 committed by Ruben S. Montero
parent a875657120
commit 4b149ac5f5
12 changed files with 230 additions and 4 deletions

@ -381,6 +381,12 @@ protected:
static void quota_rollback(Template * tmpl, Quotas::QuotaType qtype,
RequestAttributes& att);
/**
* @param tmpl describing the object
* @param att the specific request attributes
*/
ErrorCode as_uid_gid(Template * tmpl, RequestAttributes& att);
private:
/* ---------------------------------------------------------------------- */
/* Functions to manage user and group quotas */

@ -361,6 +361,18 @@ EOT
:format => String,
:description => "In a vCenter environment sets the the VMs and Template folder where the VM will be placed in." \
" The path uses slashes to separate folders. For example: --vcenter_vm_folder \"/Management/VMs\""
},
{
:name => 'as_uid',
:large => '--as_uid uid',
:format => Integer,
:description => 'The User ID to instantiate the VM'
},
{
:name => 'as_gid',
:large => '--as_gid gid',
:format => Integer,
:description => 'The Group ID to instantiate the VM'
}
]
@ -1098,6 +1110,9 @@ EOT
template<<"MEMORY=#{options[:memory]}\n" if options[:memory]
template<<"#{options[:raw]}\n" if options[:raw]
template<<"AS_UID=#{options[:as_uid]}\n" if options[:as_uid]
template<<"AS_GID=#{options[:as_gid]}\n" if options[:as_gid]
if options[:disk]
res=create_disk_net(options[:disk], 'DISK', 'IMAGE')
return res if res.first!=0

@ -851,3 +851,93 @@ int Request::get_info(
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */
Request::ErrorCode Request::as_uid_gid(Template * tmpl,
RequestAttributes& att)
{
string gname;
string uname;
PoolObjectAuth uperms;
PoolObjectAuth gperms;
int uid = att.uid, as_uid = -1, as_gid = -1;
set<int> gids = att.group_ids;
int rc;
UserPool * upool = Nebula::instance().get_upool();
GroupPool * gpool = Nebula::instance().get_gpool();
if ( tmpl->get("AS_UID", as_uid) )
{
tmpl->erase("AS_UID");
rc = get_info(upool, as_uid, PoolObjectSQL::USER, att, uperms, uname,true);
if ( rc == -1 )
{
return NO_EXISTS;
}
}
else
{
as_uid = -1;
}
if ( tmpl->get("AS_GID", as_gid) )
{
tmpl->erase("AS_GID");
rc = get_info(gpool, as_gid, PoolObjectSQL::GROUP, att, gperms, gname,true);
if ( rc == -1 )
{
return NO_EXISTS;
}
}
else
{
as_gid = -1;
}
if ( as_gid == -1 && as_uid == -1)
{
return SUCCESS;
}
if ( uid != 0 )
{
AuthRequest ar(uid, gids);
if (as_uid > 0)
{
ar.add_auth(AuthRequest::MANAGE, uperms); // MANAGE USER
}
if (as_gid > 0)
{
ar.add_auth(AuthRequest::MANAGE, gperms); // MANAGE GROUP
}
if (UserPool::authorize(ar) == -1)
{
att.resp_msg = ar.message;
return AUTHORIZATION;
}
}
if ( as_uid > 0 )
{
att.uid = as_uid;
att.uname = uname;
}
if ( as_gid > 0 )
{
att.gid = as_gid;
att.gname = gname;
att.group_ids.clear();
att.group_ids.insert(as_gid);
}
return SUCCESS;
}
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */

@ -169,6 +169,14 @@ Request::ErrorCode VMTemplateInstantiate::request_execute(int id, string name,
tmpl->merge(extra_attrs);
}
ec = as_uid_gid(tmpl, att);
if ( ec != SUCCESS )
{
delete tmpl;
return ec;
}
/* ---------------------------------------------------------------------- */
/* Store the template attributes in the VM */
/* ---------------------------------------------------------------------- */

@ -75,6 +75,12 @@ features:
# True to show the attributes info (VM & VRouters)
show_attributes_info: true
# True to show the user datatable to instantiate VM
show_as_uid_instantiate: true
# True to show the group datatable to instantiate VM
show_as_gid_instantiate: true
tabs:
dashboard-tab:
# The following widgets can be used inside any of the '_per_row' settings

@ -75,6 +75,12 @@ features:
# True to show the attributes info (VM & VRouters)
show_attributes_info: true
# True to show the user datatable to instantiate VM
show_as_uid_instantiate: true
# True to show the group datatable to instantiate VM
show_as_gid_instantiate: true
tabs:
dashboard-tab:
# The following widgets can be used inside any of the '_per_row' settings

@ -75,6 +75,12 @@ features:
# True to show the attributes info (VM & VRouters)
show_attributes_info: true
# True to show the user datatable to instantiate VM
show_as_uid_instantiate: true
# True to show the group datatable to instantiate VM
show_as_gid_instantiate: true
tabs:
dashboard-tab:
# The following widgets can be used inside any of the '_per_row' settings

@ -75,6 +75,12 @@ features:
# True to show the attributes info (VM & VRouters)
show_attributes_info: true
# True to show the user datatable to instantiate VM
show_as_uid_instantiate: true
# True to show the group datatable to instantiate VM
show_as_gid_instantiate: true
tabs:
dashboard-tab:
# The following widgets can be used inside any of the '_per_row' settings

@ -75,6 +75,12 @@ features:
# True to show the attributes info (VM & VRouters)
show_attributes_info: true
# True to show the user datatable to instantiate VM
show_as_uid_instantiate: true
# True to show the group datatable to instantiate VM
show_as_gid_instantiate: true
tabs:
dashboard-tab:
# The following widgets can be used inside any of the '_per_row' settings

@ -75,6 +75,12 @@ features:
# True to show the attributes info (VM & VRouters)
show_attributes_info: true
# True to show the user datatable to instantiate VM
show_as_uid_instantiate: true
# True to show the group datatable to instantiate VM
show_as_gid_instantiate: true
tabs:
dashboard-tab:
# The following widgets can be used inside any of the '_per_row' settings

@ -38,6 +38,8 @@ define(function(require) {
var Config = require("sunstone-config");
var HostsTable = require("tabs/hosts-tab/datatable");
var DatastoresTable = require("tabs/datastores-tab/datatable");
var UsersTable = require("tabs/users-tab/datatable");
var GroupTable = require("tabs/groups-tab/datatable");
var Humanize = require("utils/humanize");
var TemplateUtils = require("utils/template-utils");
var UniqueId = require("utils/unique-id");
@ -279,6 +281,16 @@ define(function(require) {
tmp_json.SCHED_DS_REQUIREMENTS = [];
}
var as_uid = that.usersTable.retrieveResourceTableSelect();
if (as_uid){
tmp_json.AS_UID = as_uid;
}
var as_gid = that.groupTable.retrieveResourceTableSelect();
if (as_gid){
tmp_json.AS_GID = as_gid;
}
var nics = [];
var pcis = [];
@ -411,19 +423,32 @@ define(function(require) {
}
};
var options_unique = {
"select": true,
"selectOptions": {
"multiple_choice": false
}
};
that.hostsTable = new HostsTable("HostsTable" + UniqueId.id(), options);
that.datastoresTable = new DatastoresTable("DatastoresTable" + UniqueId.id(), options);
that.usersTable = new UsersTable("UsersTable" + UniqueId.id(), options_unique);
that.groupTable = new GroupTable("GroupTable" + UniqueId.id(), options_unique);
templatesContext.append(
TemplateRowHTML(
{ element: template_json.VMTEMPLATE,
capacityInputsHTML: CapacityInputs.html(),
hostsDatatable: that.hostsTable.dataTableHTML,
dsDatatable: that.datastoresTable.dataTableHTML
dsDatatable: that.datastoresTable.dataTableHTML,
usersDatatable: that.usersTable.dataTableHTML,
groupDatatable: that.groupTable.dataTableHTML
}) );
$(".provision_host_selector" + template_json.VMTEMPLATE.ID, context).data("hostsTable", that.hostsTable);
$(".provision_ds_selector" + template_json.VMTEMPLATE.ID, context).data("dsTable", that.datastoresTable);
$(".provision_uid_selector" + template_json.VMTEMPLATE.ID, context).data("usersTable", that.usersTable);
$(".provision_gid_selector" + template_json.VMTEMPLATE.ID, context).data("groupTable", that.groupTable);
var actions = Actions.fromJSONtoActionsTable(template_json.VMTEMPLATE.TEMPLATE.SCHED_ACTION);
$("#sched_inst_actions_body").append(actions);
@ -448,6 +473,12 @@ define(function(require) {
that.datastoresTable.filter("system", 10);
that.datastoresTable.refreshResourceTableSelect();
//select_options
that.usersTable.initialize();
that.usersTable.refreshResourceTableSelect();
that.groupTable.initialize();
that.groupTable.refreshResourceTableSelect();
var reqJSON = template_json.VMTEMPLATE.TEMPLATE.SCHED_REQUIREMENTS;
if (reqJSON) {
$("#SCHED_REQUIREMENTS" + template_json.VMTEMPLATE.ID, context).val(reqJSON);
@ -478,6 +509,22 @@ define(function(require) {
that.datastoresTable.selectResourceTableSelect(selectedResources);
}
var asuidJSON = template_json.VMTEMPLATE.TEMPLATE.AS_UID;
if (asuidJSON) {
var selectedResources = {
ids : asuidJSON
};
that.usersTable.selectResourceTableSelect(selectedResources);
}
var asgidJSON = template_json.VMTEMPLATE.TEMPLATE.AS_GID;
if (asgidJSON) {
var selectedResources = {
ids : asgidJSON
};
that.groupTable.selectResourceTableSelect(selectedResources);
}
DisksResize.insert({
template_base_json: that.template_base_objects[template_json.VMTEMPLATE.ID],
template_json: template_json,

@ -57,12 +57,36 @@
</div>
{{/isFeatureEnabled}}
{{#advancedSection (tr "Advanced options") }}
{{#isFeatureEnabled "show_as_uid_instantiate"}}
<div class="row">
<div class="small-12 columns usersContext{{element.ID}}">
<fieldset>
<legend>
<i class="fas fa-user"></i> {{tr "Instantiate as a different user"}}
</legend>
<div class="provision_uid_selector{{element.ID}}" data-tab-content>{{{usersDatatable}}}</div>
</fieldset>
</div>
</div>
{{/isFeatureEnabled}}
{{#isFeatureEnabled "show_as_gid_instantiate"}}
<div class="row">
<div class="small-12 columns groupContext{{element.ID}}">
<fieldset>
<legend>
<i class="fas fa-users"></i> {{tr "Instantiate as a different group"}}
</legend>
<div class="provision_gid_selector{{element.ID}}" data-tab-content>{{{groupDatatable}}}</div>
</fieldset>
</div>
</div>
{{/isFeatureEnabled}}
{{#isFeatureEnabled "show_host_instantiate"}}
<div class="row">
<div class="small-12 columns hostContext{{element.ID}}">
<fieldset>
<legend>
<i class="fas fa-globe"></i> {{tr "Host"}}
<i class="fas fa-hdd"></i> {{tr "Host"}}
</legend>
<div class="provision_host_selector{{element.ID}}" data-tab-content>{{{hostsDatatable}}}</div>
<div class="row">
@ -83,7 +107,7 @@
<div class="small-12 columns dsContext{{element.ID}}">
<fieldset>
<legend>
<i class="fas fa-globe"></i> {{tr "Datastore"}}
<i class="fas fa-folder-open"></i> {{tr "Datastore"}}
</legend>
<div class="provision_ds_selector{{element.ID}}" data-tab-content>{{{dsDatatable}}}</div>
<div class="row">
@ -103,7 +127,7 @@
<div class="large-12 columns actionContext{{element.ID}}">
<fieldset>
<legend>
<i class="fas fa-globe"></i> {{tr "Actions"}}
<i class="fas fa-calendar-alt"></i> {{tr "Actions"}}
</legend>
<table id="scheduling_inst_actions_table" class="info_table dataTable">
<thead>