/// <summary> /// This gives either a friendly csv list of the sessions roles or a friendly string for Local root account. /// If Pre MR gives Pool Admin for AD users. /// </summary> public string FriendlyRoleDescription() { if (IsLocalSuperuser || XenAdmin.Core.Helpers.GetMaster(Connection).external_auth_type != Auth.AUTH_TYPE_AD) { return(Messages.AD_LOCAL_ROOT_ACCOUNT); } return(Role.FriendlyCSVRoleList(Roles)); }
/// <summary> /// Changes a techy RBAC Failure into a pretty print one that shows the roles that would be required to complete the failed action. /// Requires context such as the the connection and current session to populate these fields. /// </summary> /// <param name="failure">The Failure to update</param> /// <param name="Connection">The current connection</param> /// <param name="Session">The current session, passed separately because it could be an elevated session, different to the heartbeat</param> public static void ParseRBACFailure(Failure failure, IXenConnection Connection, Session Session) { List <Role> authRoles = Role.ValidRoleList(failure.ErrorDescription[1], Connection); failure.ErrorDescription[0] = Failure.RBAC_PERMISSION_DENIED_FRIENDLY; // Current Role(s) failure.ErrorDescription[1] = Session.FriendlyRoleDescription(); // Authorized roles failure.ErrorDescription[2] = Role.FriendlyCSVRoleList(authRoles); failure.Setup(); }
/// <summary> /// This overload is for the special case of us doing an action over multiple connections. Assumes the role requirement is the same across all conections. /// </summary> /// <param name="failure">The Failure to update</param> /// <param name="Sessions">One session per connection, the ones used to perform the action. Passed separately because they could be elevated sessions, different to the heartbeat</param> public static void ParseRBACFailure(Failure failure, Session[] Sessions) { List <Role> authRoles = Role.ValidRoleList(failure.ErrorDescription[1], Sessions[0].Connection); failure.ErrorDescription[0] = Failure.RBAC_PERMISSION_DENIED_FRIENDLY; // Current Role(s) StringBuilder sb = new StringBuilder(); foreach (Session s in Sessions) { sb.Append(string.Format(Messages.ROLE_ON_CONNECTION, s.FriendlyRoleDescription(), Helpers.GetName(s.Connection).Ellipsise(50))); sb.Append(", "); } string output = sb.ToString(); // remove trailing comma and space output = output.Substring(0, output.Length - 2); failure.ErrorDescription[1] = output; // Authorized roles failure.ErrorDescription[2] = Role.FriendlyCSVRoleList(authRoles); failure.Setup(); }