[Ovirt-devel] [PATCH] permission denormalization. (revised)

[Jason Guiditta]

This partially works for me, but noticed a couple of things.  

*  when viewing the users grid, the column with 'inherited/direct' has
no header.  This may be ok, but when you mouse over it, you get a
clickable arrow that drops down a box that can't be fully seen
(attaching screenshot, hard to describe)
*  Not sure where this breaks exactly, but when I log in as a user with
no permissions, I still get all nodes returned in the tree (so
fetch_json must not be filtering right).  However, when I click on one
of them, I see rails attempting to reroute me to /login. Similarly, get
the full tree for a valid user with a small set of permissions, and can
go only to approve pools (though I still see them in the tree).
*  Search results return items my user does not have permission for.
Again, I cannot click on them, so that part of security is there. (I
think this is covered in the next patch, which I have not tested yet).
* I have not been able to test granting a new permission as my developer
appliance has not yet successfully reinstalled.  I kept getting the
error:
'ERROR:root:Unable to create appliance : Failed to find package 'curl' :
No package(s) available to install'
Trying a full reinstall but am pretty much done for the day/week (it has
been running a 1/2 hour is is maybe halfway through).  I'll check in on
it later this after and give feedback if it is successful.

-j
-------------- next part --------------
A non-text attachment was scrubbed...
Name: user_access.png
Type: image/png
Size: 106672 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/ovirt-devel/attachments/20080807/663790e4/attachment.png>