Refactored and renamed class WizardPermission and the code areas usin…

…g it. Corrections to RBAC messages. Sorted Messages.resx. Signed-off-by: Konstantina Chremmou <konstantina.chremmou@citrix.com>
ravager-dk · Nov 24, 2021 · e265e86 · e265e86
1 parent 6ed9e28
commit e265e86
Show file tree

Hide file tree

Showing 19 changed files with 404 additions and 369 deletions.
diff --git a/XenAdmin/Commands/Command.cs b/XenAdmin/Commands/Command.cs
@@ -37,6 +37,7 @@
 using XenAdmin.Actions;
 using XenAdmin.Core;
 using XenAdmin.Dialogs;
+using XenAdmin.Network;
 using XenAPI;
 
 
@@ -380,23 +381,6 @@ public void RunMultipleActions(IEnumerable<AsyncAction> actions, string title, s
             launcher.Run();
         }
 
-        /// <summary>
-        /// Check that the list of RBAC methods can be executed with the session's roles on the given VM
-        /// </summary>
-        /// <param name="vm">The VM to check roles on</param>
-        /// <param name="staticRbacDependencies">List of the methods to check</param>
-        /// <returns>true if the current roles can be used to execute the given methods</returns>
-        protected bool CheckRbacPermissions(VM vm, RbacMethodList staticRbacDependencies)
-        {
-            if (vm.Connection.Session.IsLocalSuperuser)
-                return true;
-
-            var currentRoles = vm.Connection.Session.Roles;
-            var validRoles = Role.ValidRoleList(staticRbacDependencies, vm.Connection);
-
-            return currentRoles.Any(currentRole => validRoles.Contains(currentRole));
-        }
-
         #region ICommand Members
 
         /// <summary>

diff --git a/XenAdmin/Commands/CopyTemplateCommand.cs b/XenAdmin/Commands/CopyTemplateCommand.cs
@@ -30,7 +30,10 @@
  */
 
 using System.Collections.Generic;
+using System.Linq;
+using XenAdmin.Actions;
 using XenAdmin.Actions.VMActions;
+using XenAdmin.Core;
 using XenAdmin.Dialogs;
 using XenAPI;
 
@@ -54,29 +57,42 @@ public CopyTemplateCommand(IMainWindow mainWindow, IEnumerable<SelectedItem> sel
         {
         }
 
+        private bool CheckRbacPermissions(VM vm, RbacMethodList methodList, string warningMessage)
+        {
+            if (vm.Connection.Session.IsLocalSuperuser)
+                return true;
+
+            var currentRoles = vm.Connection.Session.Roles;
+            var validRoles = Role.ValidRoleList(methodList, vm.Connection);
+
+            if (currentRoles.Any(currentRole => validRoles.Contains(currentRole)))
+                return true;
+
+            currentRoles.Sort();
+
+            using (var dlg = new ErrorDialog(string.Format(warningMessage, currentRoles[0].FriendlyName())))
+                dlg.ShowDialog(Parent);
+
+            return false;
+        }
+
         protected override void RunCore(SelectedItemCollection selection)
         {
             var template = (VM)selection[0].XenObject;
 
             if (CrossPoolCopyTemplateCommand.CanRun(template, null))
             {
-                if (!CheckRbacPermissions(template, VMCrossPoolMigrateAction.StaticRBACDependencies))
-                {
-                    using (var dlg = new ErrorDialog(Messages.RBAC_CROSS_POOL_MIGRATE_VM_BLOCKED))
-                        dlg.ShowDialog(Parent);
-                    return;
-                }
                 new CrossPoolCopyTemplateCommand(MainWindowCommandInterface, selection).Run();
             }
             else
             {
-                if (!CheckRbacPermissions(template, VMCopyAction.StaticRBACDependencies))
-                {
-                    using (var dlg = new ErrorDialog(Messages.RBAC_INTRA_POOL_COPY_VM_BLOCKED))
-                        dlg.ShowDialog(Parent);
-                    return;
-                }
-                new CopyVMDialog(template).ShowPerXenObject(template, Program.MainWindow);
+                var rbac = new RbacMethodList();
+                rbac.AddRange(SrRefreshAction.StaticRBACDependencies);
+                rbac.AddRange(VMCopyAction.StaticRBACDependencies);
+                rbac.AddRange(VMCloneAction.StaticRBACDependencies);
+
+                if (CheckRbacPermissions(template, rbac, Messages.RBAC_INTRA_POOL_COPY_TEMPLATE_BLOCKED))
+                    new CopyVMDialog(template).ShowPerXenObject(template, Program.MainWindow);
             }
         }
 

diff --git a/XenAdmin/Commands/CopyVMCommand.cs b/XenAdmin/Commands/CopyVMCommand.cs
@@ -30,7 +30,10 @@
  */
 
 using System.Collections.Generic;
+using System.Linq;
+using XenAdmin.Actions;
 using XenAdmin.Actions.VMActions;
+using XenAdmin.Core;
 using XenAdmin.Dialogs;
 using XenAPI;
 
@@ -54,29 +57,42 @@ public CopyVMCommand(IMainWindow mainWindow, IEnumerable<SelectedItem> selection
         {
         }
 
+        private bool CheckRbacPermissions(VM vm, RbacMethodList methodList, string warningMessage)
+        {
+            if (vm.Connection.Session.IsLocalSuperuser)
+                return true;
+
+            var currentRoles = vm.Connection.Session.Roles;
+            var validRoles = Role.ValidRoleList(methodList, vm.Connection);
+
+            if (currentRoles.Any(currentRole => validRoles.Contains(currentRole)))
+                return true;
+
+            currentRoles.Sort();
+
+            using (var dlg = new ErrorDialog(string.Format(warningMessage, currentRoles[0].FriendlyName())))
+                dlg.ShowDialog(Parent);
+
+            return false;
+        }
+
         protected override void RunCore(SelectedItemCollection selection)
         {
             var vm = (VM)selection[0].XenObject;
 
             if (CrossPoolCopyVMCommand.CanRun(vm, null))
             {
-                if (!CheckRbacPermissions(vm, VMCrossPoolMigrateAction.StaticRBACDependencies))
-                {
-                    using (var dlg = new ErrorDialog(Messages.RBAC_CROSS_POOL_MIGRATE_VM_BLOCKED))
-                        dlg.ShowDialog(Parent);
-                    return;
-                }
                 new CrossPoolCopyVMCommand(MainWindowCommandInterface, selection).Run();
             }
             else
             {
-                if (!CheckRbacPermissions(vm, VMCopyAction.StaticRBACDependencies))
-                {
-                    using (var dlg = new ErrorDialog(Messages.RBAC_INTRA_POOL_COPY_VM_BLOCKED))
-                        dlg.ShowDialog(Parent);
-                    return;
-                }
-                new CopyVMDialog(vm).ShowPerXenObject(vm, Program.MainWindow);
+                var rbac = new RbacMethodList();
+                rbac.AddRange(SrRefreshAction.StaticRBACDependencies);
+                rbac.AddRange(VMCopyAction.StaticRBACDependencies);
+                rbac.AddRange(VMCloneAction.StaticRBACDependencies);
+
+                if (CheckRbacPermissions(vm, rbac, Messages.RBAC_INTRA_POOL_COPY_VM_BLOCKED))
+                    new CopyVMDialog(vm).ShowPerXenObject(vm, Program.MainWindow);
             }
         }
 

diff --git a/XenAdmin/Wizards/BugToolWizardFiles/BugToolWizard.cs b/XenAdmin/Wizards/BugToolWizardFiles/BugToolWizard.cs
@@ -146,7 +146,8 @@ protected override void UpdateWizardContent(XenTabPage senderPage)
 
                 if (selectedHostsConnections.Any(Helpers.ConnectionRequiresRbac))
                 {
-                    rbacWarningPage.AddApiMethodsCheck(selectedHostsConnections, SingleHostStatusAction.StaticRBACDependencies, Messages.RBAC_GET_SYSTEM_STATUS_BLOCKED);
+                    rbacWarningPage.SetPermissionChecks(selectedHostsConnections,
+                        new WizardRbacCheck(Messages.RBAC_GET_SYSTEM_STATUS_BLOCKED, SingleHostStatusAction.StaticRBACDependencies) {Blocking = true});
                     AddAfterPage(bugToolPageSelectHosts1, rbacWarningPage);
                 }
             }

diff --git a/XenAdmin/Wizards/CrossPoolMigrateWizard/CrossPoolMigrateWizard.cs b/XenAdmin/Wizards/CrossPoolMigrateWizard/CrossPoolMigrateWizard.cs
@@ -356,9 +356,16 @@ protected override void UpdateWizardContent(XenTabPage page)
 
                 if (Helpers.ConnectionRequiresRbac(xenConnection) || Helpers.ConnectionRequiresRbac(TargetConnection))
                 {
-                    m_pageTargetRbac.AddApiMethodsCheck(new List<IXenConnection> { xenConnection, TargetConnection },
-                        VMCrossPoolMigrateAction.StaticRBACDependencies,
-                        Messages.RBAC_CROSS_POOL_MIGRATE_VM_BLOCKED);
+                    var message = wizardMode == WizardMode.Copy
+                        ? m_vmMappings.Any(IsTemplate)
+                            ? Messages.RBAC_CROSS_POOL_COPY_TEMPLATE_BLOCKED
+                            : Messages.RBAC_CROSS_POOL_COPY_VM_BLOCKED
+                        : m_vmMappings.Any(IsTemplate)
+                            ? Messages.RBAC_CROSS_POOL_MIGRATE_TEMPLATE_BLOCKED
+                            : Messages.RBAC_CROSS_POOL_MIGRATE_VM_BLOCKED;
+
+                    m_pageTargetRbac.SetPermissionChecks(new List<IXenConnection> {xenConnection, TargetConnection},
+                        new WizardRbacCheck(message, VMCrossPoolMigrateAction.StaticRBACDependencies) {Blocking = true});
                     AddAfterPage(m_pageDestination, m_pageTargetRbac);
                 }
 
@@ -403,23 +410,24 @@ protected override void UpdateWizardContent(XenTabPage page)
                     AddAfterPage(m_pageCopyMode, m_pageIntraPoolCopy);
                     if (Helpers.ConnectionRequiresRbac(xenConnection))
                     {
-                        m_pageTargetRbac.AddApiMethodsCheck(xenConnection,
-                            VMCopyAction.StaticRBACDependencies,
-                            Messages.RBAC_INTRA_POOL_COPY_VM_BLOCKED);
+                        var message = m_vmMappings.Any(IsTemplate)
+                            ? Messages.RBAC_INTRA_POOL_COPY_TEMPLATE_BLOCKED
+                            : Messages.RBAC_INTRA_POOL_COPY_VM_BLOCKED;
+
+                        var rbac = new RbacMethodList();
+                        rbac.AddRange(VMCopyAction.StaticRBACDependencies);
+                        rbac.AddRange(VMCloneAction.StaticRBACDependencies);
+                        rbac.AddRange(SrRefreshAction.StaticRBACDependencies);
+
+                        m_pageTargetRbac.SetPermissionChecks(xenConnection,
+                            new WizardRbacCheck(message, rbac) {Blocking = true});
                         AddAfterPage(m_pageCopyMode, m_pageTargetRbac);
                     }
                 }
                 else
                 {
                     RemovePagesFrom(1);
                     AddAfterPage(m_pageCopyMode, m_pageDestination, m_pageStorage, m_pageFinish);
-                    if (Helpers.ConnectionRequiresRbac(xenConnection))
-                    {
-                        m_pageTargetRbac.AddApiMethodsCheck(xenConnection,
-                            VMCloneAction.StaticRBACDependencies,
-                            Messages.RBAC_CROSS_POOL_CLONE_VM_BLOCKED);
-                        AddAfterPage(m_pageCopyMode, m_pageTargetRbac);
-                    }
                 }
             }
             if (type != typeof(CrossPoolMigrateFinishPage))

diff --git a/XenAdmin/Wizards/DRWizards/DRFailoverWizard.cs b/XenAdmin/Wizards/DRWizards/DRFailoverWizard.cs
@@ -86,7 +86,8 @@ public DRFailoverWizard(Pool pool, DRWizardType wizardType)
 
             if (Helpers.ConnectionRequiresRbac(Pool.Connection))
             {
-                RBACWarningPage.AddApiMethodsCheck(Pool.Connection, "DR_task.async_create", Messages.RBAC_DR_WIZARD_MESSAGE);
+                RBACWarningPage.SetPermissionChecks(Pool.Connection,
+                    new WizardRbacCheck(Messages.RBAC_DR_WIZARD_MESSAGE, "DR_task.async_create") {Blocking = true});
                 AddPage(RBACWarningPage, 0);
             }
 

diff --git a/XenAdmin/Wizards/ExportWizard/ExportApplianceWizard.cs b/XenAdmin/Wizards/ExportWizard/ExportApplianceWizard.cs
@@ -145,10 +145,8 @@ protected override void UpdateWizardContent(XenTabPage page)
 			            AddAfterPage(m_pageExportSelectVMs, ovfPages);
 			        }
 
-                    if (!Helpers.ConnectionRequiresRbac(xenConnection))
-                        return;
-
-                    AddRbacPage();
+                    if (Helpers.ConnectionRequiresRbac(xenConnection))
+                        AddRbacPage();
                 }
 
 			    m_pageExportSelectVMs.ExportAsXva = (bool)m_exportAsXva;
@@ -167,14 +165,13 @@ protected override void UpdateWizardContent(XenTabPage page)
 
         private void AddRbacPage()
         {
-            var exportAsXva = m_exportAsXva != null && (bool) m_exportAsXva;
+            var exportAsXva = m_exportAsXva.HasValue && m_exportAsXva.Value;
 
-            var rbacDependencies = exportAsXva
-                ? ExportVmAction.StaticRBACDependencies
-                : ApplianceAction.StaticRBACDependencies;
-            var check = exportAsXva ? Messages.RBAC_WARNING_EXPORT_WIZARD_XVA : Messages.RBAC_WARNING_EXPORT_WIZARD_APPLIANCE;
+            var rbacDependencies = exportAsXva ? ExportVmAction.StaticRBACDependencies : ApplianceAction.StaticRBACDependencies;
+            var message = exportAsXva ? Messages.RBAC_WARNING_EXPORT_WIZARD_XVA : Messages.RBAC_WARNING_EXPORT_WIZARD_APPLIANCE;
 
-            m_pageRbac.AddApiMethodsCheck(xenConnection, rbacDependencies, check);
+            m_pageRbac.SetPermissionChecks(xenConnection,
+                new WizardRbacCheck(message, rbacDependencies) {Blocking = true});
 
             AddAfterPage(m_pageExportAppliance, m_pageRbac);
         }