mirror of https://github.com/veops/cmdb.git
fix(api): auto discovery permission
This commit is contained in:
pycook
parent
ec912d3a65
commit
75cd7bde77
|
|
@ -114,9 +114,17 @@ class AutoDiscoveryRuleCRUD(DBMixin):
|
||||||
if kwargs.get('is_plugin') and kwargs.get('plugin_script'):
|
if kwargs.get('is_plugin') and kwargs.get('plugin_script'):
|
||||||
kwargs = check_plugin_script(**kwargs)
|
kwargs = check_plugin_script(**kwargs)
|
||||||
acl = ACLManager(app_cli.app_name)
|
acl = ACLManager(app_cli.app_name)
|
||||||
if not acl.has_permission(app_cli.op.Auto_Discovery,
|
has_perm = True
|
||||||
app_cli.resource_type_name,
|
try:
|
||||||
app_cli.op.create_plugin) and not is_app_admin(app_cli.app_name):
|
if not acl.has_permission(app_cli.op.Auto_Discovery,
|
||||||
|
app_cli.resource_type_name,
|
||||||
|
app_cli.op.create_plugin) and not is_app_admin(app_cli.app_name):
|
||||||
|
has_perm = False
|
||||||
|
except Exception:
|
||||||
|
if not is_app_admin(app_cli.app_name):
|
||||||
|
return abort(403, ErrFormat.role_required.format(app_cli.admin_name))
|
||||||
|
|
||||||
|
if not has_perm:
|
||||||
return abort(403, ErrFormat.no_permission.format(
|
return abort(403, ErrFormat.no_permission.format(
|
||||||
app_cli.op.Auto_Discovery, app_cli.op.create_plugin))
|
app_cli.op.Auto_Discovery, app_cli.op.create_plugin))
|
||||||
|
|
||||||
|
|
@ -138,9 +146,17 @@ class AutoDiscoveryRuleCRUD(DBMixin):
|
||||||
|
|
||||||
if existed.is_plugin:
|
if existed.is_plugin:
|
||||||
acl = ACLManager(app_cli.app_name)
|
acl = ACLManager(app_cli.app_name)
|
||||||
if not acl.has_permission(app_cli.op.Auto_Discovery,
|
has_perm = True
|
||||||
app_cli.resource_type_name,
|
try:
|
||||||
app_cli.op.update_plugin) and not is_app_admin(app_cli.app_name):
|
if not acl.has_permission(app_cli.op.Auto_Discovery,
|
||||||
|
app_cli.resource_type_name,
|
||||||
|
app_cli.op.update_plugin) and not is_app_admin(app_cli.app_name):
|
||||||
|
has_perm = False
|
||||||
|
except Exception:
|
||||||
|
if not is_app_admin(app_cli.app_name):
|
||||||
|
return abort(403, ErrFormat.role_required.format(app_cli.admin_name))
|
||||||
|
|
||||||
|
if not has_perm:
|
||||||
return abort(403, ErrFormat.no_permission.format(
|
return abort(403, ErrFormat.no_permission.format(
|
||||||
app_cli.op.Auto_Discovery, app_cli.op.update_plugin))
|
app_cli.op.Auto_Discovery, app_cli.op.update_plugin))
|
||||||
|
|
||||||
|
|
@ -165,9 +181,17 @@ class AutoDiscoveryRuleCRUD(DBMixin):
|
||||||
|
|
||||||
if existed.is_plugin:
|
if existed.is_plugin:
|
||||||
acl = ACLManager(app_cli.app_name)
|
acl = ACLManager(app_cli.app_name)
|
||||||
if not acl.has_permission(app_cli.op.Auto_Discovery,
|
has_perm = True
|
||||||
app_cli.resource_type_name,
|
try:
|
||||||
app_cli.op.delete_plugin) and not is_app_admin(app_cli.app_name):
|
if not acl.has_permission(app_cli.op.Auto_Discovery,
|
||||||
|
app_cli.resource_type_name,
|
||||||
|
app_cli.op.delete_plugin) and not is_app_admin(app_cli.app_name):
|
||||||
|
has_perm = False
|
||||||
|
except Exception:
|
||||||
|
if not is_app_admin(app_cli.app_name):
|
||||||
|
return abort(403, ErrFormat.role_required.format(app_cli.admin_name))
|
||||||
|
|
||||||
|
if not has_perm:
|
||||||
return abort(403, ErrFormat.no_permission.format(
|
return abort(403, ErrFormat.no_permission.format(
|
||||||
app_cli.op.Auto_Discovery, app_cli.op.delete_plugin))
|
app_cli.op.Auto_Discovery, app_cli.op.delete_plugin))
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue