Merge pull request #8969 from GilbertCherrie/fix_settings_permissions

Fix settings permissions
ManageIQ · Nov 29, 2023 · 4d3bb27 · 4d3bb27
2 parents c465111 + 71f5e1a
commit 4d3bb27
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 12 deletions.
diff --git a/app/controllers/configuration_controller.rb b/app/controllers/configuration_controller.rb
@@ -70,7 +70,7 @@ def edit
 
   # New tab was pressed
   def change_tab
-    assert_privileges('my_settings_admin')
+    assert_privileges('my_settings_view')
     @tabform = "ui_" + params['uib-tab'] if params['uib-tab'] != "5"
     edit
     render :action => "show"
@@ -127,7 +127,7 @@ def theme_changed
   end
 
   def update
-    assert_privileges('my_settings_admin')
+    assert_privileges('my_settings_default_filters')
     if params["save"]
       get_form_vars if @tabform != "ui_3"
       case @tabform
@@ -213,7 +213,7 @@ def get_hr_str(hr)
   end
 
   def timeprofile_new
-    assert_privileges("timeprofile_new")
+    assert_privileges("my_settings_time_profiles")
     @all_timezones = ActiveSupport::TimeZone.all.collect { |tz| ["(GMT#{tz.formatted_offset}) #{tz.name}", tz.name] }.freeze
     @timeprofile = TimeProfile.new
     @timeprofile_action = "timeprofile_new"
@@ -225,7 +225,7 @@ def timeprofile_new
   end
 
   def timeprofile_edit
-    assert_privileges("tp_edit")
+    assert_privileges("my_settings_time_profiles")
     @all_timezones = ActiveSupport::TimeZone.all.collect { |tz| ["(GMT#{tz.formatted_offset}) #{tz.name}", tz.name] }.freeze
     @timeprofile = TimeProfile.find(params[:id])
     @timeprofile_action = "timeprofile_edit"
@@ -249,7 +249,7 @@ def timeprofile_edit
 
   # Delete all selected or single displayed VM(s)
   def timeprofile_delete
-    assert_privileges("tp_delete")
+    assert_privileges("my_settings_time_profiles")
     timeprofiles = []
     unless params[:id] # showing a list, scan all selected timeprofiles
       timeprofiles = find_checked_items
@@ -278,7 +278,7 @@ def timeprofile_delete
   end
 
   def timeprofile_copy
-    assert_privileges("tp_copy")
+    assert_privileges("my_settings_time_profiles")
     session[:set_copy] = "copy"
     @all_timezones = ActiveSupport::TimeZone.all.collect { |tz| ["(GMT#{tz.formatted_offset}) #{tz.name}", tz.name] }.freeze
     @in_a_form = true
@@ -379,7 +379,7 @@ def build_tabs
     end
 
     @active_tab = @tabform.split("_").last
-
+    @labels = [_("Visual"), _("Default Filters"), _("Time Profiles")]
     @tabs = []
     @tabs.push(["1", _("Visual")])          if role_allows?(:feature => "my_settings_visuals")
     @tabs.push(["3", _("Default Filters")]) if role_allows?(:feature => "my_settings_default_filters")

diff --git a/app/presenters/menu/default_menu.rb b/app/presenters/menu/default_menu.rb
@@ -231,7 +231,7 @@ def automate_menu_section
 
       def settings_menu_section
         Menu::Section.new(:set, N_("Settings"), 'carbon--Settings', [
-          Menu::Item.new('configuration', N_('My Settings'), 'my_settings', {:feature => 'my_settings', :any => true}, '/configuration/index'),
+          Menu::Item.new('configuration', N_('My Settings'), 'my_settings', {:feature => 'my_settings_view', :any => true}, '/configuration/index'),
           Menu::Item.new('ops_explorer', N_('Application Settings'), 'ops_explorer', {:feature => 'ops_explorer', :any => true}, '/ops/explorer'),
           Menu::Item.new('my_tasks', N_('Tasks'), 'tasks', {:feature => 'tasks', :any => true}, '/miq_task/index?jobs_tab=tasks'),
           help_documentation,

diff --git a/app/views/configuration/_ui_3.html.haml b/app/views/configuration/_ui_3.html.haml
@@ -1,5 +1,5 @@
 = render :partial => "layouts/flash_msg"
-%div{:id => @tabs[1][1].split(" ")[0], 'role' => 'tabpanel', 'aria-labelledby' =>"#{@tabs[1][1].split(" ")[0]}_tab"}
+%div{:id => @labels[1], 'role' => 'tabpanel', 'aria-labelledby' =>"#{@labels[1]}_tab"}
   = form_tag({:action => 'update'},
              :id     => "config_form",
              :method => :post) do

diff --git a/app/views/configuration/_ui_4.html.haml b/app/views/configuration/_ui_4.html.haml
@@ -1,6 +1,5 @@
 = render :partial => "layouts/flash_msg"
-
-%div{:id => @tabs[2][1].split(" ")[0], 'role' => 'tabpanel', 'aria-labelledby' =>"#{@tabs[2][1].split(" ")[0]}_tab"}
+%div{:id => @labels[2], 'role' => 'tabpanel', 'aria-labelledby' => "#{@labels[2]}_tab"}
   %div{:style => "padding-top:10px"}
     - if @timeprofiles.empty?
       = render :partial => 'layouts/info_msg', :locals => {:message => _("No Records Found.")}

diff --git a/app/views/configuration/show.html.haml b/app/views/configuration/show.html.haml
@@ -1,7 +1,7 @@
 #main_div
   - case @tabform
   - when 'ui_1'
-    %div{:id => @tabs[0][1], 'role' => 'tabpanel', 'aria-labelledby' =>"#{@tabs[0][1]}_tab"}
+    %div{:id => @labels[0], 'role' => 'tabpanel', 'aria-labelledby' =>"#{@labels[0]}_tab"}
       = render :partial => "layouts/flash_msg"
       = react 'VisualSettingsForm', :recordId => current_user.id.to_s
   - when 'ui_3'