Add RBAC check

ManageIQ · Jun 19, 2017 · 56724b1 · 56724b1
1 parent 2d93b57
commit 56724b1
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 14 deletions.
diff --git a/app/controllers/mixins/actions/vm_actions/right_size.rb b/app/controllers/mixins/actions/vm_actions/right_size.rb
@@ -6,28 +6,26 @@ def vm_right_size
           assert_privileges(params[:pressed])
           # check to see if coming from show_list or drilled into vms from another CI
           rec_cls = "vm"
-          recs = params[:display] ? find_checked_ids_with_rbac(VmOrTemplate) : [find_id_with_rbac(VmOrTemplate, params[:id]).to_i]
-          if recs.length < 1
-            add_flash(_("One or more %{model} must be selected to Right-Size Recommendations") %
+          record = find_records_with_rbac(VmOrTemplate, checked_or_params).first
+          if record.nil?
+            add_flash(_("One %{model} must be selected to Right-Size Recommendations") %
               {:model => ui_lookup(:table => request.parameters[:controller])}, :error)
             @refresh_div = "flash_msg_div"
             @refresh_partial = "layouts/flash_msg"
             return
-          else
-            if VmOrTemplate.includes_template?(recs)
-              add_flash(_("Right-Size Recommendations does not apply to selected %{model}") %
-                {:model => ui_lookup(:table => "miq_template")}, :error)
-              javascript_flash(:scroll_top => true)
-              return
-            end
+          elsif record.template?
+            add_flash(_("Right-Size Recommendations does not apply to selected %{model}") %
+              {:model => ui_lookup(:table => "miq_template")}, :error)
+            javascript_flash(:scroll_top => true)
+            return
           end
           if @explorer
             @refresh_partial = "vm_common/right_size"
-            right_size
+            right_size(record)
             replace_right_cell if @orig_action == "x_history"
           else
             if role_allows?(:feature => "vm_right_size")
-              javascript_redirect :controller => rec_cls.to_s, :action => 'right_size', :id => recs[0], :escape => false # redirect to build the ownership screen
+              javascript_redirect :controller => rec_cls.to_s, :action => 'right_size', :id => record.id, :escape => false # redirect to build the ownership screen
             else
               head :ok
             end

diff --git a/app/controllers/vm_common.rb b/app/controllers/vm_common.rb
@@ -538,8 +538,8 @@ def policy_options
   end
 
   # Set right_size selected db records
-  def right_size
-    @record = Vm.find_by_id(params[:id])
+  def right_size(record = nil)
+    @record ||= record ? record : find_records_with_rbac(params[:id]).first
     @lastaction = "right_size"
     @rightsize = true
     @in_a_form = true