From f78cbe83eb12dc2d7e512a2d08c245c4f9779003 Mon Sep 17 00:00:00 2001
From: Sergio Betanzos <sbetanzos@opennebula.io>
Date: Fri, 27 May 2022 11:43:32 +0200
Subject: [PATCH] F #5422: Check user has access to view (#2097)

---
 .../client/components/Tabs/Common/Ownership.js | 18 ++++++++++++++----
 .../components/Tabs/Vm/Info/information.js     | 13 +++++++++++--
 2 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/src/fireedge/src/client/components/Tabs/Common/Ownership.js b/src/fireedge/src/client/components/Tabs/Common/Ownership.js
index 83c5d0d12c..56982e5dda 100644
--- a/src/fireedge/src/client/components/Tabs/Common/Ownership.js
+++ b/src/fireedge/src/client/components/Tabs/Common/Ownership.js
@@ -13,21 +13,28 @@
  * See the License for the specific language governing permissions and       *
  * limitations under the License.                                            *
  * ------------------------------------------------------------------------- */
-import { memo } from 'react'
+import { memo, useMemo } from 'react'
 import PropTypes from 'prop-types'
 import { generatePath } from 'react-router-dom'
 
+import { useViews } from 'client/features/Auth'
 import { useGetUsersQuery } from 'client/features/OneApi/user'
 import { useGetGroupsQuery } from 'client/features/OneApi/group'
 import { List } from 'client/components/Tabs/Common'
-import { T, SERVERADMIN_ID, ACTIONS } from 'client/constants'
+import { T, SERVERADMIN_ID, ACTIONS, RESOURCE_NAMES } from 'client/constants'
 import { PATH } from 'client/apps/sunstone/routesOne'
 
+const { USER, GROUP } = RESOURCE_NAMES
+
 const Ownership = memo(
   ({ actions, groupId, groupName, handleEdit, userId, userName }) => {
     const { data: users = [] } = useGetUsersQuery()
     const { data: groups = [] } = useGetGroupsQuery()
 
+    const { view, hasAccessToResource } = useViews()
+    const userAccess = useMemo(() => hasAccessToResource(USER), [view])
+    const groupAccess = useMemo(() => hasAccessToResource(GROUP), [view])
+
     const getUserOptions = () =>
       users
         ?.filter?.(({ ID } = {}) => ID !== SERVERADMIN_ID)
@@ -44,7 +51,8 @@ const Ownership = memo(
         name: T.Owner,
         value: userName,
         valueInOptionList: userId,
-        link: generatePath(PATH.SYSTEM.USERS.DETAIL, { id: userId }),
+        link:
+          userAccess && generatePath(PATH.SYSTEM.USERS.DETAIL, { id: userId }),
         canEdit: actions?.includes?.(ACTIONS.CHANGE_OWNER),
         handleGetOptionList: getUserOptions,
         handleEdit: (_, user) => handleEdit?.({ user }),
@@ -54,7 +62,9 @@ const Ownership = memo(
         name: T.Group,
         value: groupName,
         valueInOptionList: groupId,
-        link: generatePath(PATH.SYSTEM.GROUPS.DETAIL, { id: groupId }),
+        link:
+          groupAccess &&
+          generatePath(PATH.SYSTEM.GROUPS.DETAIL, { id: groupId }),
         canEdit: actions?.includes?.(ACTIONS.CHANGE_GROUP),
         handleGetOptionList: getGroupOptions,
         handleEdit: (_, group) => handleEdit?.({ group }),
diff --git a/src/fireedge/src/client/components/Tabs/Vm/Info/information.js b/src/fireedge/src/client/components/Tabs/Vm/Info/information.js
index 83a76e9f87..3b320741e1 100644
--- a/src/fireedge/src/client/components/Tabs/Vm/Info/information.js
+++ b/src/fireedge/src/client/components/Tabs/Vm/Info/information.js
@@ -13,11 +13,12 @@
  * See the License for the specific language governing permissions and       *
  * limitations under the License.                                            *
  * ------------------------------------------------------------------------- */
-import { ReactElement } from 'react'
+import { ReactElement, useMemo } from 'react'
 import PropTypes from 'prop-types'
 import { generatePath } from 'react-router-dom'
 import { Stack } from '@mui/material'
 
+import { useViews } from 'client/features/Auth'
 import { useGetClusterQuery } from 'client/features/OneApi/cluster'
 import { useRenameVmMutation } from 'client/features/OneApi/vm'
 
@@ -37,9 +38,11 @@ import {
   levelLockToString,
   timeToString,
 } from 'client/models/Helper'
-import { T, VM, VM_ACTIONS } from 'client/constants'
+import { T, VM, VM_ACTIONS, RESOURCE_NAMES } from 'client/constants'
 import { PATH } from 'client/apps/sunstone/routesOne'
 
+const { CLUSTER, HOST } = RESOURCE_NAMES
+
 /**
  * Renders mainly information tab.
  *
@@ -51,6 +54,10 @@ import { PATH } from 'client/apps/sunstone/routesOne'
 const InformationPanel = ({ vm = {}, actions }) => {
   const [renameVm] = useRenameVmMutation()
 
+  const { view, hasAccessToResource } = useViews()
+  const clusterAccess = useMemo(() => hasAccessToResource(CLUSTER), [view])
+  const hostAccess = useMemo(() => hasAccessToResource(HOST), [view])
+
   const { ID, NAME, RESCHED, STIME, ETIME, LOCK, DEPLOY_ID } = vm
   const { name: stateName, color: stateColor } = getState(vm)
 
@@ -137,6 +144,7 @@ const InformationPanel = ({ vm = {}, actions }) => {
       name: T.Host,
       value: `#${hostId} ${hostname}`,
       link:
+        hostAccess &&
         !Number.isNaN(+hostId) &&
         generatePath(PATH.INFRASTRUCTURE.HOSTS.DETAIL, { id: hostId }),
       dataCy: 'hostid',
@@ -145,6 +153,7 @@ const InformationPanel = ({ vm = {}, actions }) => {
       name: T.Cluster,
       value: `#${clusterId} ${clusterName}`,
       link:
+        clusterAccess &&
         !Number.isNaN(+clusterId) &&
         generatePath(PATH.INFRASTRUCTURE.CLUSTERS.DETAIL, { id: clusterId }),
       dataCy: 'clusterid',