TableTab ignores Table permissions

Bug #1431049 reported by Romain Hardouin
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
In Progress
Rob Cresswell

Bug Description

TableTab ignores permissions set on table(s) listed in table_classes attribute.

When defining a TableTab we specify one or more DataTable via table_classes attribute:

class MyTab(tabs.TableTab):
    table_classes = [SimpleTable, ProtectedTable]

If ProtectedTable has permissions set in inner Meta classe like so:

class ProtectedTable(tables.DataTable):
    class Meta(object):
        permissions = ['openstack.roles.admin']

Permission should be honored and, in this example, only an admin must
able to view the table ProtectedTable.

How to reproduce

An easy way to reproduce it is to change permission on an existing table used in a tab.
For instance, change permission of VolumeSnapshotsTable to something invalid:

class VolumeSnapshotsTable(volume_tables.VolumesTableBase):
    class Meta(object):
        permissions = ['invalid']

Then go to: Compute > Volumes > Volume Snapshots.
You will see the corresponding table.

Tags: horizon-core
Changed in horizon:
assignee: nobody → Romain Hardouin (romain-hardouin)
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master

Changed in horizon:
status: New → In Progress
tags: added: horizon-core
Changed in horizon:
assignee: Romain Hardouin (romain-hardouin) → Rob Cresswell (robcresswell)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on horizon (master)

Change abandoned by David Lyle (<email address hidden>) on branch: master
Reason: This review is > 4 weeks without comment, and failed Jenkins the last time it was checked. We are abandoning this for now. Feel free to reactivate the review by pressing the restore button and leaving a 'recheck' comment to get fresh test results.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers