Revision 0c6b774c
Mise à jour des prédicats d'autorisation pour l'accès aux méthodes de VigiGraph.
L'accès nécessite d'avoir la permission "vigigraph-read" ou d'appartenir au groupe "managers".
git-svn-id: https://vigilo-dev.si.c-s.fr/svn@3026 b22e2e97-25c9-44ff-b637-2e5ceca36478
vigigraph/controllers/root.py | ||
---|---|---|
4 | 4 |
|
5 | 5 |
import logging |
6 | 6 |
from tg import expose, flash, require, request, redirect |
7 |
from pylons.i18n import ugettext as _ |
|
8 |
from repoze.what.predicates import Any, not_anonymous |
|
7 |
from pylons.i18n import ugettext as _, lazy_ugettext as l_ |
|
8 |
from repoze.what.predicates import Any, All, not_anonymous, \ |
|
9 |
has_permission, in_group |
|
9 | 10 |
|
10 | 11 |
from vigilo.turbogears.controllers import BaseController |
11 | 12 |
from vigilo.turbogears.controllers.error import ErrorController |
... | ... | |
27 | 28 |
rrdgraph = ProxyController('rrdgraph', '/rrdgraph/') |
28 | 29 |
|
29 | 30 |
@expose('index.html') |
30 |
@require(Any(not_anonymous(), msg=_("You need to be authenticated"))) |
|
31 |
@require(All( |
|
32 |
not_anonymous(msg=l_("You need to be authenticated")), |
|
33 |
Any( |
|
34 |
in_group('managers'), |
|
35 |
has_permission('vigigraph-read', |
|
36 |
msg=l_("You don't have read access on VigiGraph")), |
|
37 |
) |
|
38 |
)) |
|
31 | 39 |
def index(self): |
32 | 40 |
"""Handle the front-page.""" |
33 | 41 |
return dict(page='index') |
... | ... | |
71 | 79 |
}) |
72 | 80 |
flash(_('We hope to see you soon!')) |
73 | 81 |
redirect(came_from) |
82 |
|
vigigraph/controllers/rpc.py | ||
---|---|---|
14 | 14 |
from tg import expose, request, redirect, tmpl_context, \ |
15 | 15 |
config, validate, flash |
16 | 16 |
from tg.decorators import paginate |
17 |
from repoze.what.predicates import not_anonymous |
|
17 |
from repoze.what.predicates import not_anonymous, has_permission, \ |
|
18 |
in_group, Any, All |
|
18 | 19 |
from formencode import validators, schema |
19 | 20 |
from sqlalchemy import or_ |
20 | 21 |
|
... | ... | |
47 | 48 |
""" |
48 | 49 |
|
49 | 50 |
# L'accès à ce contrôleur nécessite d'être identifié. |
50 |
allow_only = not_anonymous(l_("You need to be authenticated")) |
|
51 |
allow_only = All( |
|
52 |
not_anonymous(msg=l_("You need to be authenticated")), |
|
53 |
Any( |
|
54 |
in_group('managers'), |
|
55 |
has_permission('vigigraph-read', |
|
56 |
msg=l_("You don't have read access on VigiGraph")), |
|
57 |
), |
|
58 |
) |
|
51 | 59 |
|
52 | 60 |
presets = [ |
53 | 61 |
{"caption" : _("Last %d hours") % 12, "duration" : 43200}, |
... | ... | |
742 | 750 |
LowLevelService.idservice, |
743 | 751 |
)), |
744 | 752 |
).filter(SUPITEM_GROUP_TABLE.c.idgroup.in_(supitemgroups) |
745 |
).filter(Host.name.like(query+'%')
|
|
753 |
).filter(Host.name.like(query + '%')
|
|
746 | 754 |
).order_by( |
747 | 755 |
Host.name.asc(), |
748 | 756 |
) |
Also available in: Unified diff