Skip to content

Commit 7d2bb16

Browse files
jpnavarrojpnavarro
committed
New 'viewers' group, update all views to require editor or viewer privs as appropriate
1 parent fa0b562 commit 7d2bb16

File tree

2 files changed

+18
-5
lines changed

2 files changed

+18
-5
lines changed

Diff for: CHANGELOG

+3
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
v1.2.2 20221111 JP
2+
- New 'viewers' group, update all views to require editor or viewer privs as appropriate
3+
14
v1.2.1 20221111 JP
25
- Fix link form saving bug
36
- Make metrics entry dates Central time aware since log entries do have a UTC timzeone

Diff for: Operations_ServiceIndex_Django/services/views.py

+15-5
Original file line numberDiff line numberDiff line change
@@ -23,10 +23,14 @@
2323
def editors_check(user):
2424
return user.groups.filter(name='editors').exists()
2525

26+
def viewers_check(user):
27+
return user.groups.filter(name='editors').exists() or user.groups.filter(name='viewers').exists()
28+
2629
def unprivileged(request):
2730
return render(request, 'services/unprivileged.html')
2831

2932
@login_required
33+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
3034
def index(request):
3135
"""
3236
Main index view of list of services; can have one GET parameter specifying
@@ -273,7 +277,7 @@ def update_service(request):
273277

274278

275279
@login_required
276-
@user_passes_test(editors_check,login_url=reverse_lazy('services:unprivileged'))
280+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
277281
def export(request):
278282
"""
279283
Shows form for selecting fields; when fields are selected, renders plain
@@ -420,6 +424,7 @@ def custom(request):
420424
return render(request, 'services/export_choices.html', context)
421425

422426
@login_required
427+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
423428
def hosts(request, order_field='hostname'):
424429
# hosts = {}
425430
hosts = collections.OrderedDict()
@@ -468,6 +473,7 @@ def hosts(request, order_field='hostname'):
468473
return render(request, 'services/hosts.html', context)
469474

470475
@login_required
476+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
471477
def hosts_by_service(request):
472478
s = ''
473479
services = []
@@ -485,6 +491,7 @@ def hosts_by_service(request):
485491
return render(request, 'services/hosts_by_service.html', context)
486492

487493
@login_required
494+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
488495
def people(request):
489496
people = []
490497
# TODO this should not get ones that are deprecated
@@ -504,6 +511,7 @@ def people(request):
504511
return render(request, 'services/people.html', context)
505512

506513
@login_required
514+
@user_passes_test(editors_check,login_url=reverse_lazy('services:unprivileged'))
507515
def edit_staff(request, staff_id):
508516
staff = Staff.objects.get(pk=staff_id)
509517
if request.POST:
@@ -526,6 +534,7 @@ def edit_staff(request, staff_id):
526534

527535

528536
@login_required
537+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
529538
def metrics(request):
530539
start = None
531540
end = None
@@ -587,7 +596,7 @@ def metrics(request):
587596

588597

589598
@login_required
590-
@user_passes_test(editors_check,login_url=reverse_lazy('services:unprivileged'))
599+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
591600
def listing(request):
592601
"""
593602
This is used for text dump of all services with fields separated by pipes;
@@ -614,7 +623,7 @@ def listing(request):
614623
return response
615624

616625
@login_required
617-
@user_passes_test(editors_check,login_url=reverse_lazy('services:unprivileged'))
626+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
618627
def log_listing(request):
619628
"""
620629
This is used for text dump of all log entries;
@@ -635,6 +644,7 @@ def make_log_entry(username, service, msg):
635644
le.save()
636645

637646
@login_required
647+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
638648
def view_log(request):
639649
log = LogEntry.objects.all().order_by('-timestamp')
640650
context = {'page': 'view_log', 'log': log,
@@ -652,9 +662,8 @@ def edit_sorry(request):
652662
context = {'app_name': settings.APP_NAME}
653663
return render(request, 'services/edit_sorry.html', context)
654664

655-
# event testing
656665
@login_required
657-
@user_passes_test(editors_check,login_url=reverse_lazy('services:unprivileged'))
666+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
658667
def events(request):
659668
events = []
660669
for e in Event.objects.order_by('-created'):
@@ -771,6 +780,7 @@ def do_pdf(template_src, context_dict):
771780
return http.HttpResponse(result.getvalue(), mimetype='application/pdf')
772781
return http.HttpResponse('pdf error! %s' % cgi.escape(html))
773782

783+
@user_passes_test(viewers_check,login_url=reverse_lazy('services:unprivileged'))
774784
def make_pdf(request):
775785
services = []
776786
for s in Service.objects.order_by('name'):

0 commit comments

Comments
 (0)