diff --git a/org.jdrupes.vmoperator.common/src/org/jdrupes/vmoperator/common/VmDefinition.java b/org.jdrupes.vmoperator.common/src/org/jdrupes/vmoperator/common/VmDefinition.java index a42d2d4..5699017 100644 --- a/org.jdrupes.vmoperator.common/src/org/jdrupes/vmoperator/common/VmDefinition.java +++ b/org.jdrupes.vmoperator.common/src/org/jdrupes/vmoperator/common/VmDefinition.java @@ -377,10 +377,34 @@ public class VmDefinition extends K8sDynamicModel { * @param permissions the permissions * @return true, if successful */ + @SuppressWarnings("PMD.SimplifyBooleanReturns") public boolean consoleAccessible(String user, Set permissions) { - return !conditionStatus("ConsoleConnected").orElse(true) - || consoleUser().map(cu -> cu.equals(user)).orElse(true) - || permissions.contains(VmDefinition.Permission.TAKE_CONSOLE); + // If user has takeConsole permission, console is always accessible + if (permissions.contains(VmDefinition.Permission.TAKE_CONSOLE)) { + return true; + } + + // Check if an automatic login is requested. If so, allow access only + // if the log in has been established + var wantedLogIn = DataPath. get(spec(), "vm", "display", + "loggedInUser").orElse(null); + if (wantedLogIn != null + && !wantedLogIn.equals(status().get(Status.LOGGED_IN_USER))) { + return false; + } + + // If the console is not in use, allow access + if (!conditionStatus("ConsoleConnected").orElse(true)) { + return true; + } + + // If the console is in use by the user, allow access + if (consoleUser().map(cu -> cu.equals(user)).orElse(true)) { + return true; + } + + // Else deny access + return false; } /** diff --git a/org.jdrupes.vmoperator.vmaccess/resources/org/jdrupes/vmoperator/vmaccess/l10n.properties b/org.jdrupes.vmoperator.vmaccess/resources/org/jdrupes/vmoperator/vmaccess/l10n.properties index 8f4051e..6ec24aa 100644 --- a/org.jdrupes.vmoperator.vmaccess/resources/org/jdrupes/vmoperator/vmaccess/l10n.properties +++ b/org.jdrupes.vmoperator.vmaccess/resources/org/jdrupes/vmoperator/vmaccess/l10n.properties @@ -5,5 +5,5 @@ okayLabel = Apply and Close confirmResetTitle = Confirm reset confirmResetMsg = Resetting the VM may cause loss of data. \ Please confirm to continue. -consoleTakenNotification = Console access is locked by another user. +consoleInaccessibleNotification = Console is not ready or in use. poolEmptyNotification = No VM available. Please consult your administrator. diff --git a/org.jdrupes.vmoperator.vmaccess/resources/org/jdrupes/vmoperator/vmaccess/l10n_de.properties b/org.jdrupes.vmoperator.vmaccess/resources/org/jdrupes/vmoperator/vmaccess/l10n_de.properties index e51eb5e..28c01f0 100644 --- a/org.jdrupes.vmoperator.vmaccess/resources/org/jdrupes/vmoperator/vmaccess/l10n_de.properties +++ b/org.jdrupes.vmoperator.vmaccess/resources/org/jdrupes/vmoperator/vmaccess/l10n_de.properties @@ -11,7 +11,7 @@ Open\ console = Konsole anzeigen confirmResetTitle = Zurücksetzen bestätigen confirmResetMsg = Zurücksetzen der VM kann zu Datenverlust führen. \ Bitte bestätigen um fortzufahren. -consoleTakenNotification = Die Konsole wird von einem anderen Benutzer verwendet. +consoleInaccessibleNotification = Die Konsole ist nicht bereit oder belegt. poolEmptyNotification = Keine VM verfügbar. Wenden Sie sich bitte an den \ Systemadministrator. \ No newline at end of file diff --git a/org.jdrupes.vmoperator.vmaccess/src/org/jdrupes/vmoperator/vmaccess/VmAccess.java b/org.jdrupes.vmoperator.vmaccess/src/org/jdrupes/vmoperator/vmaccess/VmAccess.java index 74a9f76..d6d9e64 100644 --- a/org.jdrupes.vmoperator.vmaccess/src/org/jdrupes/vmoperator/vmaccess/VmAccess.java +++ b/org.jdrupes.vmoperator.vmaccess/src/org/jdrupes/vmoperator/vmaccess/VmAccess.java @@ -804,7 +804,7 @@ public class VmAccess extends FreeMarkerConlet { .map(ConsoleUser::getName).orElse(""); if (!vmDef.consoleAccessible(user, perms)) { channel.respond(new DisplayNotification( - resourceBundle.getString("consoleTakenNotification"), + resourceBundle.getString("consoleInaccessibleNotification"), Map.of("autoClose", 5_000, "type", "Warning"))); return; }