From 5490ff0691472f08ae56fa46c36cb293771dc25f Mon Sep 17 00:00:00 2001
From: Udo Walter
Date: Thu, 28 Dec 2017 15:57:15 +0100
Subject: [vmstore] added permissions to choose internal, nfs or cifs vm
storage
---
modules-available/vmstore/lang/de/permissions.json | 5 +++++
modules-available/vmstore/lang/de/template-tags.json | 3 ++-
modules-available/vmstore/lang/en/permissions.json | 5 +++++
modules-available/vmstore/lang/en/template-tags.json | 3 ++-
modules-available/vmstore/page.inc.php | 12 +++++++++++-
modules-available/vmstore/permissions/permissions.json | 5 +++++
modules-available/vmstore/style.css | 12 ++++++++++++
modules-available/vmstore/templates/page-vmstore.html | 12 ++++++------
8 files changed, 48 insertions(+), 9 deletions(-)
create mode 100644 modules-available/vmstore/lang/de/permissions.json
create mode 100644 modules-available/vmstore/lang/en/permissions.json
create mode 100644 modules-available/vmstore/permissions/permissions.json
create mode 100644 modules-available/vmstore/style.css
(limited to 'modules-available/vmstore')
diff --git a/modules-available/vmstore/lang/de/permissions.json b/modules-available/vmstore/lang/de/permissions.json
new file mode 100644
index 00000000..f3148ea8
--- /dev/null
+++ b/modules-available/vmstore/lang/de/permissions.json
@@ -0,0 +1,5 @@
+{
+ "choose.internal": "Internen Speicher auswählen.",
+ "choose.nfs": "Einen NFS Netzwerkspeicher auswählen.",
+ "choose.cifs": "Einen CIFS Netzwerkspeicher auswählen."
+}
\ No newline at end of file
diff --git a/modules-available/vmstore/lang/de/template-tags.json b/modules-available/vmstore/lang/de/template-tags.json
index 16414809..d434566a 100644
--- a/modules-available/vmstore/lang/de/template-tags.json
+++ b/modules-available/vmstore/lang/de/template-tags.json
@@ -3,13 +3,14 @@
"lang_cifsHelp2": "Geben Sie f\u00fcr den Satellitenserver einen User mit Lese- und\r\nSchreibberechtigungen an. F\u00fcr die Clients sollte ein User angegeben\r\nwerden, der nur Leseberechtigungen auf dem Share besitzt. Am einfachsten\r\nerreichen Sie dies, indem Sie passwortlosen Gastzugriff mit Leserechten\r\nauf die Freigabe erlauben.",
"lang_cifsHelp3": "Wenn exklusiv DNBD3 verwendet wird, k\u00f6nnen Sie den passwortlosen\r\nGastzugriff deaktivieren und die Zeile \"Nur-Lese-Zugangsdaten\" leer\r\nlassen. Dies erh\u00f6ht die Sicherheit.",
"lang_configure": "Konfigurieren",
- "lang_intern": "Intern",
+ "lang_internal": "Intern",
"lang_nfsHelp1": "Ben\u00f6tigt wird ein NFSv4\/3-Share, der f\u00fcr den Satelliten-Server schreibbar, und f\u00fcr die Arbeitsstationen lesbar ist. Beispielkonfiguration auf dem NFS-Server, wenn der Satelliten-Server die Adresse 1.2.3.4 hat:",
"lang_nfsHelp2": "Alternative Konfiguration mittels all_squash. In diesem Fall muss das Verzeichnis auf dem Server dem Benutzer mit der uid 1234 geh\u00f6ren:",
"lang_nfsHelp3": "Die erste Zeile erlaubt den Lese- und Schreibzugriff des\r\nSatellitenservers. Die zweite Zeile erteilt allen anderen Rechnern\r\nausschlie\u00dflich Lesezugriff. Sie k\u00f6nnen dies nat\u00fcrlich auch auf\r\nspezielle Subnetze oder IP-Bereiche beschr\u00e4nken.",
"lang_nfsHelp4": "Wenn exklusiv DNBD3 verwendet wird, kann die zweite Zeile ausgelassen\r\nwerden. Dies erh\u00f6ht die Sicherheit.",
"lang_noAdditionalInformation": "Keine weitere Konfiguration notwendig",
"lang_password": "Passwort",
+ "lang_path": "Pfad",
"lang_readOnly": "Nur-Lese-Zugangsdaten",
"lang_readWrite": "Lese\/Schreib-Zugangsdaten",
"lang_username": "Benutzerkennung",
diff --git a/modules-available/vmstore/lang/en/permissions.json b/modules-available/vmstore/lang/en/permissions.json
new file mode 100644
index 00000000..00708f7d
--- /dev/null
+++ b/modules-available/vmstore/lang/en/permissions.json
@@ -0,0 +1,5 @@
+{
+ "choose.internal": "Choose internal storage.",
+ "choose.nfs": "Choose a NFS network storage.",
+ "choose.cifs": "Choose a CIFS network storage."
+}
\ No newline at end of file
diff --git a/modules-available/vmstore/lang/en/template-tags.json b/modules-available/vmstore/lang/en/template-tags.json
index 1072f10e..d78877b9 100644
--- a/modules-available/vmstore/lang/en/template-tags.json
+++ b/modules-available/vmstore/lang/en/template-tags.json
@@ -3,13 +3,14 @@
"lang_cifsHelp2": "Please provide user credentials with read\/write permissions which will be used by the server. For the clients, user credentials that allow read-only access is required. You could also enable passwordless guest login for read-only access.",
"lang_cifsHelp3": "If you want to use DNBD3 in exclusive mode, you can leave the read only credentials empty, to prevent people from browsing the share.",
"lang_configure": "Configure",
- "lang_intern": "Intern",
+ "lang_internal": "Internal",
"lang_nfsHelp1": "An NFSv4\/3-Share is required. It should be readable by all the workstations, and writable for the satellite server. An example, assuming the satellite server has IP address 1.2.3.4:",
"lang_nfsHelp2": "Alternate configuration using all_squash. The exported directory should be owned (and be writable) by the user with uid 1234.",
"lang_nfsHelp3": "The first line allows read\/write access for the satellite server. The second line grants read-only access for every other IP address. You could limit the second line to specific IP ranges only if desired.",
"lang_nfsHelp4": "If using DNBD3 in exclusive mode, you can remove the second line completely, so only the satellite server has access to the NFS store.",
"lang_noAdditionalInformation": "No additional cofiguration required",
"lang_password": "Password",
+ "lang_path": "Path",
"lang_readOnly": "Read-only Access",
"lang_readWrite": "Read\/Write Access",
"lang_username": "Username",
diff --git a/modules-available/vmstore/page.inc.php b/modules-available/vmstore/page.inc.php
index 3314bfe2..c3d5da77 100644
--- a/modules-available/vmstore/page.inc.php
+++ b/modules-available/vmstore/page.inc.php
@@ -8,7 +8,7 @@ class Page_VmStore extends Page
{
User::load();
- if (!User::hasPermission('superadmin')) {
+ if (!User::isLoggedIn()) {
Message::addError('main.no-permission');
Util::redirect('?do=Main');
}
@@ -33,6 +33,10 @@ class Page_VmStore extends Page
if (isset($vmstore['storetype'])) {
$vmstore['pre-' . $vmstore['storetype']] = 'checked';
}
+ $vmstore['internalAllowed'] = User::hasPermission("choose.internal");
+ $vmstore['nfsAllowed'] = User::hasPermission("choose.nfs");
+ $vmstore['cifsAllowed'] = User::hasPermission("choose.cifs");
+ $vmstore['saveAllowed'] = $vmstore['internalAllowed'] || $vmstore['nfsAllowed'] || $vmstore['cifsAllowed'];
Render::addTemplate('page-vmstore', $vmstore);
}
@@ -47,6 +51,12 @@ class Page_VmStore extends Page
Message::addError('main.value-invalid', 'type', $storetype);
Util::redirect('?do=VmStore');
}
+ if (($storetype === 'internal' && !User::hasPermission("choose.internal")) ||
+ ($storetype === 'nfs' && !User::hasPermission("choose.nfs")) ||
+ ($storetype === 'cifs' && !User::hasPermission("choose.cifs"))) {
+ Message::addError('main.no-permission');
+ Util::redirect('?do=VmStore');
+ }
// Validate syntax of nfs/cifs
if ($storetype === 'nfs' && !preg_match('#^\S+:\S+$#is', $vmstore['nfsaddr'])) {
Message::addError('main.value-invalid', 'nfsaddr', $vmstore['nfsaddr']);
diff --git a/modules-available/vmstore/permissions/permissions.json b/modules-available/vmstore/permissions/permissions.json
new file mode 100644
index 00000000..f2c22c72
--- /dev/null
+++ b/modules-available/vmstore/permissions/permissions.json
@@ -0,0 +1,5 @@
+[
+ "choose.internal",
+ "choose.nfs",
+ "choose.cifs"
+]
\ No newline at end of file
diff --git a/modules-available/vmstore/style.css b/modules-available/vmstore/style.css
new file mode 100644
index 00000000..cc38e8ed
--- /dev/null
+++ b/modules-available/vmstore/style.css
@@ -0,0 +1,12 @@
+.disabledPanel {
+ cursor: not-allowed;
+}
+
+.disabledPanel > .panel-heading, .disabledPanel > .panel-body {
+ pointer-events: none;
+ opacity: 0.8;
+}
+
+.disabledPanel > .panel-heading > .btn {
+ pointer-events: initial;
+}
\ No newline at end of file
diff --git a/modules-available/vmstore/templates/page-vmstore.html b/modules-available/vmstore/templates/page-vmstore.html
index 6156597b..fece8e24 100644
--- a/modules-available/vmstore/templates/page-vmstore.html
+++ b/modules-available/vmstore/templates/page-vmstore.html
@@ -9,11 +9,11 @@