mirror of
https://github.com/retspen/webvirtcloud
synced 2024-12-24 23:25:24 +00:00
Add permission can view instances
This commit is contained in:
parent
12f0c70069
commit
c817d3e61a
4 changed files with 5 additions and 4 deletions
|
@ -41,7 +41,7 @@ def console(request):
|
|||
host = int(temptoken[0])
|
||||
uuid = temptoken[1]
|
||||
|
||||
if not request.user.is_superuser:
|
||||
if not request.user.is_superuser and not request.user.has_perm("instances.view_instances"):
|
||||
try:
|
||||
userInstance = UserInstance.objects.get(
|
||||
instance__compute_id=host, instance__uuid=uuid, user__id=request.user.id
|
||||
|
|
|
@ -214,6 +214,7 @@ class PermissionSet(models.Model):
|
|||
permissions = [
|
||||
('clone_instances', 'Can clone instances'),
|
||||
('passwordless_console', _('Can access console without password')),
|
||||
('view_instances', 'Can view instances'),
|
||||
]
|
||||
|
||||
managed = False
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
{% endif %}
|
||||
{% endfor %}
|
||||
<div class="col-lg-12">
|
||||
{% if app_settings.VIEW_INSTANCES_LIST_STYLE == 'grouped' and request.user.is_superuser %}
|
||||
{% if app_settings.VIEW_INSTANCES_LIST_STYLE == 'grouped' and request.user.is_superuser or 'instances.view_instances' in perms %}
|
||||
{% include 'allinstances_index_grouped.html' %}
|
||||
{% else %}
|
||||
{% include 'allinstances_index_nongrouped.html' %}
|
||||
|
|
|
@ -46,7 +46,7 @@ def index(request):
|
|||
for compute in computes:
|
||||
utils.refr(compute)
|
||||
|
||||
if request.user.is_superuser:
|
||||
if request.user.is_superuser or request.user.has_perm("instances.view_instances"):
|
||||
instances = Instance.objects.all().prefetch_related("userinstance_set")
|
||||
else:
|
||||
instances = Instance.objects.filter(userinstance__user=request.user).prefetch_related("userinstance_set")
|
||||
|
@ -237,7 +237,7 @@ def get_instance(user, pk):
|
|||
instance = get_object_or_404(Instance, pk=pk)
|
||||
user_instances = user.userinstance_set.all().values_list("instance", flat=True)
|
||||
|
||||
if user.is_superuser or instance.id in user_instances:
|
||||
if user.is_superuser or user.has_perm("instances.view_instances") or instance.id in user_instances:
|
||||
return instance
|
||||
else:
|
||||
raise Http404()
|
||||
|
|
Loading…
Reference in a new issue