commit d08fa3e2f0239b4a63c0988c29b3eb5a4977bdab
Author: Ryan McCabe <rmccabe(a)redhat.com>
Date: Fri Sep 16 12:40:07 2011 -0400
Fix permission checks for actions using checkbox
selection from the nodes list.
luci/controllers/cluster.py | 49 ++++++++++++++++++++++++++----------------
1 files changed, 30 insertions(+), 19 deletions(-)
---
diff --git a/luci/controllers/cluster.py b/luci/controllers/cluster.py
index 06fa612..e593e01 100644
--- a/luci/controllers/cluster.py
+++ b/luci/controllers/cluster.py
@@ -377,25 +377,6 @@ class IndividualClusterController(BaseController):
# This processes all of the commands that we can apply to a node
@expose("luci.templates.node")
def nodes_cmd(self, command=None, **kw):
- if command == 'Delete':
- try:
- permission_membership(self.name)
- except NotAuthorizedError, e:
- flash(e, status="warning")
- redirect(tmpl_context.cluster_url)
- elif command == 'Update Attributes':
- try:
- permission_config(self.name)
- except NotAuthorizedError, e:
- flash(e, status="warning")
- redirect(tmpl_context.cluster_url)
- else:
- try:
- permission_node_cmd(self.name)
- except NotAuthorizedError, e:
- flash(e, status="warning")
- redirect(tmpl_context.cluster_url)
-
self.get_model()
if not self.model:
flash(_('Unable to contact any nodes in this cluster'),
@@ -417,24 +398,48 @@ class IndividualClusterController(BaseController):
redirect(tmpl_context.cluster_url)
if command == 'Reboot':
+ try:
+ permission_node_cmd(self.name)
+ except NotAuthorizedError, e:
+ flash(e, status="warning")
+ redirect(tmpl_context.cluster_url)
+
log.info('User "%s" rebooted "%s" in cluster
"%s"'
% (self.username, ', '.join(cur_list), self.name))
flash(_("Rebooting %s") % ', '.join(cur_list),
status='info')
rh.cluster_node_reboot(self.name, cur_list)
elif command == 'Join Cluster':
+ try:
+ permission_node_cmd(self.name)
+ except NotAuthorizedError, e:
+ flash(e, status="warning")
+ redirect(tmpl_context.cluster_url)
+
log.info('User "%s" started nodes "%s" in cluster
"%s"'
% (self.username, ', '.join(cur_list), self.name))
flash(_("Starting nodes: %s") % ', '.join(cur_list),
status='info')
rh.cluster_node_start(self.name, cur_list)
elif command == 'Leave Cluster':
+ try:
+ permission_node_cmd(self.name)
+ except NotAuthorizedError, e:
+ flash(e, status="warning")
+ redirect(tmpl_context.cluster_url)
+
log.info('User "%s" stopped nodes "%s" in cluster
"%s"'
% (self.username, ', '.join(cur_list), self.name))
flash(_("Stopping nodes: %s") % ', '.join(cur_list),
status='info')
rh.cluster_node_stop(self.name, cur_list)
elif command == 'Delete':
+ try:
+ permission_membership(self.name)
+ except NotAuthorizedError, e:
+ flash(e, status="warning")
+ redirect(tmpl_context.cluster_url)
+
if len(cur_list) == len(self.model.getNodes()):
log.info('User "%s" deleted cluster "%s"'
% (self.username, self.name))
@@ -459,6 +464,12 @@ class IndividualClusterController(BaseController):
flash(_("Nodes must be stopped prior to being deleted"),
status='error')
elif command == 'Update Attributes':
+ try:
+ permission_config(self.name)
+ except NotAuthorizedError, e:
+ flash(e, status="warning")
+ redirect(tmpl_context.cluster_url)
+
vret = vcp.validate_node_prop_settings_form(cur_list[0], self.model, **kw)
if vret[0] is True:
log.info('User "%s" changed properties for node
"%s" from cluster "%s"'