7x31/cmdb
1
0
Fork 0
mirror of https://github.com/veops/cmdb.git synced 2025-08-07 16:20:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(api): auto discovery permission

Browse Source
This commit is contained in:
pycook
2024-06-21 12:47:12 +08:00
parent 3401fb6ac3
commit 4a42d26eef
1 changed files with 33 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
cmdb-api/api/lib/cmdb/auto_discovery/auto_discovery.py
View File

@@ -114,9 +114,17 @@ class AutoDiscoveryRuleCRUD(DBMixin):
if kwargs.get('is_plugin') and kwargs.get('plugin_script'): if kwargs.get('is_plugin') and kwargs.get('plugin_script'):
kwargs = check_plugin_script(**kwargs) kwargs = check_plugin_script(**kwargs)
acl = ACLManager(app_cli.app_name) acl = ACLManager(app_cli.app_name)
if not acl.has_permission(app_cli.op.Auto_Discovery, has_perm = True
app_cli.resource_type_name, try:
app_cli.op.create_plugin) and not is_app_admin(app_cli.app_name): if not acl.has_permission(app_cli.op.Auto_Discovery,
app_cli.resource_type_name,
app_cli.op.create_plugin) and not is_app_admin(app_cli.app_name):
has_perm = False
except Exception:
if not is_app_admin(app_cli.app_name):
return abort(403, ErrFormat.role_required.format(app_cli.admin_name))
if not has_perm:
return abort(403, ErrFormat.no_permission.format( return abort(403, ErrFormat.no_permission.format(
app_cli.op.Auto_Discovery, app_cli.op.create_plugin)) app_cli.op.Auto_Discovery, app_cli.op.create_plugin))
@@ -138,9 +146,17 @@ class AutoDiscoveryRuleCRUD(DBMixin):
if existed.is_plugin: if existed.is_plugin:
acl = ACLManager(app_cli.app_name) acl = ACLManager(app_cli.app_name)
if not acl.has_permission(app_cli.op.Auto_Discovery, has_perm = True
app_cli.resource_type_name, try:
app_cli.op.update_plugin) and not is_app_admin(app_cli.app_name): if not acl.has_permission(app_cli.op.Auto_Discovery,
app_cli.resource_type_name,
app_cli.op.update_plugin) and not is_app_admin(app_cli.app_name):
has_perm = False
except Exception:
if not is_app_admin(app_cli.app_name):
return abort(403, ErrFormat.role_required.format(app_cli.admin_name))
if not has_perm:
return abort(403, ErrFormat.no_permission.format( return abort(403, ErrFormat.no_permission.format(
app_cli.op.Auto_Discovery, app_cli.op.update_plugin)) app_cli.op.Auto_Discovery, app_cli.op.update_plugin))
@@ -165,9 +181,17 @@ class AutoDiscoveryRuleCRUD(DBMixin):
if existed.is_plugin: if existed.is_plugin:
acl = ACLManager(app_cli.app_name) acl = ACLManager(app_cli.app_name)
if not acl.has_permission(app_cli.op.Auto_Discovery, has_perm = True
app_cli.resource_type_name, try:
app_cli.op.delete_plugin) and not is_app_admin(app_cli.app_name): if not acl.has_permission(app_cli.op.Auto_Discovery,
app_cli.resource_type_name,
app_cli.op.delete_plugin) and not is_app_admin(app_cli.app_name):
has_perm = False
except Exception:
if not is_app_admin(app_cli.app_name):
return abort(403, ErrFormat.role_required.format(app_cli.admin_name))
if not has_perm:
return abort(403, ErrFormat.no_permission.format( return abort(403, ErrFormat.no_permission.format(
app_cli.op.Auto_Discovery, app_cli.op.delete_plugin)) app_cli.op.Auto_Discovery, app_cli.op.delete_plugin))