CA-375942: Corrected RBAC check for create/destroy vTPM (rely on the actions' RBAC check instead of replicating it on the dialog).

Signed-off-by: Konstantina Chremmou <Konstantina.Chremmou@cloud.com>
2024-11-25 06:16:37 +01:00 · 2023-03-19 01:59:35 +00:00 · 2023-03-19 01:59:35 +00:00 · 8ede70ff99
commit 8ede70ff99
parent ef4ceaac3c
3 changed files with 0 additions and 78 deletions
--- a/XenAdmin/Dialogs/VtmpManagementDialog.cs
+++ b/XenAdmin/Dialogs/VtmpManagementDialog.cs
@ -155,21 +155,6 @@ namespace XenAdmin.Dialogs

        private void AddVtpm()
        {
-            if (!_vm.Connection.Session.IsLocalSuperuser && !Registry.DontSudo &&
-                _vm.Connection.Session.Roles.All(r => r.name_label != Role.MR_ROLE_VM_ADMIN))
-            {
-                var currentRoles = _vm.Connection.Session.Roles;
-                currentRoles.Sort();
-
-                var msg = string.Format(Messages.VTPM_RBAC_RESTRICTION_CREATE, currentRoles[0].FriendlyName(),
-                    Role.FriendlyName(Role.MR_ROLE_VM_ADMIN));
-
-                using (var dlg = new ErrorDialog(msg))
-                    dlg.ShowDialog(Parent);
-
-                return;
-            }
-
            var action = new NewVtpmAction(_vm.Connection, _vm);
            using (var dlg = new ActionProgressDialog(action, ProgressBarStyle.Marquee))
                dlg.ShowDialog(this);
@ -185,21 +170,6 @@ namespace XenAdmin.Dialogs
                    return;
            }

-            if (!_vm.Connection.Session.IsLocalSuperuser && !Registry.DontSudo &&
-                _vm.Connection.Session.Roles.All(r => r.name_label != Role.MR_ROLE_VM_ADMIN))
-            {
-                var currentRoles = _vm.Connection.Session.Roles;
-                currentRoles.Sort();
-
-                var msg = string.Format(Messages.VTPM_RBAC_RESTRICTION_REMOVE, currentRoles[0].FriendlyName(),
-                    Role.FriendlyName(Role.MR_ROLE_VM_ADMIN));
-
-                using (var dlg = new ErrorDialog(msg))
-                    dlg.ShowDialog(Parent);
-
-                return;
-            }
-
            var action = new RemoveVtpmAction(vtpm.Connection, vtpm, _vm);
            using (var dlg = new ActionProgressDialog(action, ProgressBarStyle.Marquee))
                dlg.ShowDialog(this);
--- a/XenModel/Messages.Designer.cs
+++ b/XenModel/Messages.Designer.cs
@ -40448,39 +40448,6 @@ namespace XenAdmin {
            }
        }
        
-        /// <summary>
-        ///   Looks up a localized string similar to A {0} user does not have sufficient permissions to attach a vTPM to a VM. Please login using an account with one of the following roles:
-        ///
-        ///{1}.
-        /// </summary>
-        public static string VTPM_RBAC_RESTRICTION_CREATE {
-            get {
-                return ResourceManager.GetString("VTPM_RBAC_RESTRICTION_CREATE", resourceCulture);
-            }
-        }
-        
-        /// <summary>
-        ///   Looks up a localized string similar to A {0} user does not have sufficient permissions to remove a vTPM from a VM. Please login using an account with one of the following roles:
-        ///
-        ///{1}.
-        /// </summary>
-        public static string VTPM_RBAC_RESTRICTION_REMOVE {
-            get {
-                return ResourceManager.GetString("VTPM_RBAC_RESTRICTION_REMOVE", resourceCulture);
-            }
-        }
-        
-        /// <summary>
-        ///   Looks up a localized string similar to A {0} user does not have sufficient permissions to reset the vTPM that is attached to a VM to its original state. Please login using an account with one of the following roles:
-        ///
-        ///{1}.
-        /// </summary>
-        public static string VTPM_RBAC_RESTRICTION_RESET {
-            get {
-                return ResourceManager.GetString("VTPM_RBAC_RESTRICTION_RESET", resourceCulture);
-            }
-        }
-        
        /// <summary>
        ///   Looks up a localized string similar to Remove vTPM.
        /// </summary>
--- a/XenModel/Messages.resx
+++ b/XenModel/Messages.resx
@ -13970,21 +13970,6 @@ Schedule:
  <data name="VTPM_POWER_STATE_WRONG_REMOVE" xml:space="preserve">
    <value>You need to shut down the VM before you can remove this vTPM.</value>
  </data>
-  <data name="VTPM_RBAC_RESTRICTION_CREATE" xml:space="preserve">
-    <value>A {0} user does not have sufficient permissions to attach a vTPM to a VM. Please login using an account with one of the following roles:
-
-{1}</value>
-  </data>
-  <data name="VTPM_RBAC_RESTRICTION_REMOVE" xml:space="preserve">
-    <value>A {0} user does not have sufficient permissions to remove a vTPM from a VM. Please login using an account with one of the following roles:
-
-{1}</value>
-  </data>
-  <data name="VTPM_RBAC_RESTRICTION_RESET" xml:space="preserve">
-    <value>A {0} user does not have sufficient permissions to reset the vTPM that is attached to a VM to its original state. Please login using an account with one of the following roles:
-
-{1}</value>
-  </data>
  <data name="VTPM_REMOVE" xml:space="preserve">
    <value>Remove vTPM</value>
  </data>