Add privilege check to power operation button
Disables power operation buttons for users with
"Read-only" privileges. This change ensures that only "Operator" and
administrative users can perform power operations, preventing
unauthorized actions and enhancing system security.
Change-Id: I515ede092cef3c82a110d9534d9f8d3d6afc3135
Signed-off-by: Aravinth S <aravinths@ami.com>
diff --git a/src/store/modules/GlobalStore.js b/src/store/modules/GlobalStore.js
index ed3e381..e42367b 100644
--- a/src/store/modules/GlobalStore.js
+++ b/src/store/modules/GlobalStore.js
@@ -7,6 +7,12 @@
diagnosticMode: 'xyz.openbmc_project.State.Host.HostState.DiagnosticMode',
};
+const privilegesId = {
+ admin: 'Administrator',
+ operator: 'Operator',
+ readOnly: 'ReadOnly',
+};
+
const serverStateMapper = (hostState) => {
switch (hostState) {
case HOST_STATE.on:
@@ -137,5 +143,6 @@
},
},
};
+export { GlobalStore, serverStateMapper, privilegesId };
export default GlobalStore;
diff --git a/src/views/Operations/ServerPowerOperations/BootSettings.vue b/src/views/Operations/ServerPowerOperations/BootSettings.vue
index 48ce71c..ea66baa 100644
--- a/src/views/Operations/ServerPowerOperations/BootSettings.vue
+++ b/src/views/Operations/ServerPowerOperations/BootSettings.vue
@@ -42,7 +42,12 @@
{{ $t('global.status.enabled') }}
</b-form-checkbox>
</b-form-group>
- <b-button variant="primary" type="submit" class="mb-3">
+ <b-button
+ variant="primary"
+ type="submit"
+ class="mb-3"
+ :disabled="isButtonDisable"
+ >
{{ $t('global.action.save') }}
</b-button>
</b-form>
@@ -59,6 +64,13 @@
export default {
name: 'BootSettings',
mixins: [BVToastMixin, LoadingBarMixin],
+ props: {
+ isButtonDisable: {
+ required: true,
+ type: Boolean,
+ default: false,
+ },
+ },
setup() {
return {
v$: useVuelidate(),
diff --git a/src/views/Operations/ServerPowerOperations/ServerPowerOperations.vue b/src/views/Operations/ServerPowerOperations/ServerPowerOperations.vue
index 491dc7f..8dca96e 100644
--- a/src/views/Operations/ServerPowerOperations/ServerPowerOperations.vue
+++ b/src/views/Operations/ServerPowerOperations/ServerPowerOperations.vue
@@ -59,7 +59,7 @@
<page-section
:section-title="$t('pageServerPowerOperations.serverBootSettings')"
>
- <boot-settings />
+ <boot-settings :is-button-disable="isButtonDisable" />
</page-section>
</b-col>
<b-col sm="8" md="6" xl="7">
@@ -78,6 +78,7 @@
<b-button
variant="primary"
data-test-id="serverPowerOperations-button-powerOn"
+ :disabled="isButtonDisable"
@click="powerOn"
>
{{ $t('pageServerPowerOperations.powerOn') }}
@@ -116,6 +117,7 @@
variant="primary"
type="submit"
data-test-id="serverPowerOperations-button-reboot"
+ :disabled="isButtonDisable"
>
{{ $t('pageServerPowerOperations.reboot') }}
</b-button>
@@ -154,6 +156,7 @@
variant="primary"
type="submit"
data-test-id="serverPowerOperations-button-shutDown"
+ :disabled="isButtonDisable"
>
{{ $t('pageServerPowerOperations.shutDown') }}
</b-button>
@@ -175,6 +178,8 @@
import InfoTooltip from '@/components/Global/InfoTooltip';
import { useI18n } from 'vue-i18n';
import i18n from '@/i18n';
+import { privilegesId } from '@/store/modules/GlobalStore';
+import { mapGetters } from 'vuex';
export default {
name: 'ServerPowerOperations',
@@ -194,6 +199,10 @@
};
},
computed: {
+ ...mapGetters('global', ['userPrivilege']),
+ isButtonDisable() {
+ return this.userPrivilege === privilegesId.readOnly;
+ },
serverStatus() {
return this.$store.getters['global/serverStatus'];
},