commit d08fa3e2f0239b4a63c0988c29b3eb5a4977bdab Author: Ryan McCabe <rmccabe(a)redhat.com&gt; Date: Fri Sep 16 12:40:07 2011 -0400 Fix permission checks for actions using checkbox selection from the nodes list. luci/controllers/cluster.py | 49 ++++++++++++++++++++++++++---------------- 1 files changed, 30 insertions(+), 19 deletions(-) --- diff --git a/luci/controllers/cluster.py b/luci/controllers/cluster.py index 06fa612..e593e01 100644 --- a/luci/controllers/cluster.py +++ b/luci/controllers/cluster.py @@ -377,25 +377,6 @@ class IndividualClusterController(BaseController): # This processes all of the commands that we can apply to a node @expose("luci.templates.node") def nodes_cmd(self, command=None, **kw): - if command == 'Delete': - try: - permission_membership(self.name) - except NotAuthorizedError, e: - flash(e, status="warning") - redirect(tmpl_context.cluster_url) - elif command == 'Update Attributes': - try: - permission_config(self.name) - except NotAuthorizedError, e: - flash(e, status="warning") - redirect(tmpl_context.cluster_url) - else: - try: - permission_node_cmd(self.name) - except NotAuthorizedError, e: - flash(e, status="warning") - redirect(tmpl_context.cluster_url) - self.get_model() if not self.model: flash(_('Unable to contact any nodes in this cluster'), @@ -417,24 +398,48 @@ class IndividualClusterController(BaseController): redirect(tmpl_context.cluster_url) if command == 'Reboot': + try: + permission_node_cmd(self.name) + except NotAuthorizedError, e: + flash(e, status="warning") + redirect(tmpl_context.cluster_url) + log.info('User "%s" rebooted "%s" in cluster "%s"' % (self.username, ', '.join(cur_list), self.name)) flash(_("Rebooting %s") % ', '.join(cur_list), status='info') rh.cluster_node_reboot(self.name, cur_list) elif command == 'Join Cluster': + try: + permission_node_cmd(self.name) + except NotAuthorizedError, e: + flash(e, status="warning") + redirect(tmpl_context.cluster_url) + log.info('User "%s" started nodes "%s" in cluster "%s"' % (self.username, ', '.join(cur_list), self.name)) flash(_("Starting nodes: %s") % ', '.join(cur_list), status='info') rh.cluster_node_start(self.name, cur_list) elif command == 'Leave Cluster': + try: + permission_node_cmd(self.name) + except NotAuthorizedError, e: + flash(e, status="warning") + redirect(tmpl_context.cluster_url) + log.info('User "%s" stopped nodes "%s" in cluster "%s"' % (self.username, ', '.join(cur_list), self.name)) flash(_("Stopping nodes: %s") % ', '.join(cur_list), status='info') rh.cluster_node_stop(self.name, cur_list) elif command == 'Delete': + try: + permission_membership(self.name) + except NotAuthorizedError, e: + flash(e, status="warning") + redirect(tmpl_context.cluster_url) + if len(cur_list) == len(self.model.getNodes()): log.info('User "%s" deleted cluster "%s"' % (self.username, self.name)) @@ -459,6 +464,12 @@ class IndividualClusterController(BaseController): flash(_("Nodes must be stopped prior to being deleted"), status='error') elif command == 'Update Attributes': + try: + permission_config(self.name) + except NotAuthorizedError, e: + flash(e, status="warning") + redirect(tmpl_context.cluster_url) + vret = vcp.validate_node_prop_settings_form(cur_list[0], self.model, **kw) if vret[0] is True: log.info('User "%s" changed properties for node "%s" from cluster "%s"'