Add permission can view instances

2025-07-31 12:41:08 +00:00 · 2022-06-13 09:58:46 +02:00 · 2022-06-13 09:58:46 +02:00 · c817d3e61a
commit c817d3e61a
parent 12f0c70069
4 changed files with 5 additions and 4 deletions
--- a/console/views.py
+++ b/console/views.py
@ -41,7 +41,7 @@ def console(request):
        host = int(temptoken[0])
        uuid = temptoken[1]

-        if not request.user.is_superuser:
+        if not request.user.is_superuser and not request.user.has_perm("instances.view_instances"):
            try:
                userInstance = UserInstance.objects.get(
                    instance__compute_id=host, instance__uuid=uuid, user__id=request.user.id
--- a/instances/models.py
+++ b/instances/models.py
@ -214,6 +214,7 @@ class PermissionSet(models.Model):
        permissions = [
            ('clone_instances', 'Can clone instances'),
            ('passwordless_console', _('Can access console without password')),
+            ('view_instances', 'Can view instances'),
        ]

        managed = False
--- a/instances/templates/allinstances.html
+++ b/instances/templates/allinstances.html
@ -25,7 +25,7 @@
        {% endif %}
    {% endfor %}
    <div class="col-lg-12">
-        {% if app_settings.VIEW_INSTANCES_LIST_STYLE == 'grouped' and request.user.is_superuser %}
+        {% if app_settings.VIEW_INSTANCES_LIST_STYLE == 'grouped' and request.user.is_superuser or 'instances.view_instances' in perms %}
            {% include 'allinstances_index_grouped.html' %}
        {% else %}
            {% include 'allinstances_index_nongrouped.html' %}
--- a/instances/views.py
+++ b/instances/views.py
@ -46,7 +46,7 @@ def index(request):
    for compute in computes:
        utils.refr(compute)

-    if request.user.is_superuser:
+    if request.user.is_superuser or request.user.has_perm("instances.view_instances"):
        instances = Instance.objects.all().prefetch_related("userinstance_set")
    else:
        instances = Instance.objects.filter(userinstance__user=request.user).prefetch_related("userinstance_set")
@ -237,7 +237,7 @@ def get_instance(user, pk):
    instance = get_object_or_404(Instance, pk=pk)
    user_instances = user.userinstance_set.all().values_list("instance", flat=True)

-    if user.is_superuser or instance.id in user_instances:
+    if user.is_superuser or user.has_perm("instances.view_instances") or instance.id in user_instances:
        return instance
    else:
        raise Http404()