Merge branch 'issue-437' into 'master'

Fix add port permissions closes #437 See merge request !359

Merge branch 'issue-437' into 'master'
Fix add port permissions closes #437 See merge request !359
13d89bae · Kálmán Viktor · 50ac15ee · b2bb54c4 · 13d89bae · 13d89bae
Commit 13d89bae authored Mar 03, 2016 by Kálmán Viktor
Showing with 11 additions and 5 deletions

circle/common/operations.py
+3 -2

circle/dashboard/templates/dashboard/vm-detail/_network-port-add.html
+1 -1

circle/dashboard/templates/dashboard/vm-detail/network.html
+5 -2

circle/vm/operations.py
+2 -0

No files found.
--- a/circle/common/operations.py
+++ b/circle/common/operations.py
@@ -175,8 +175,9 @@ class Operation(object):
            raise ImproperlyConfigured(
                "Set required_perms to () if none needed.")
        if not user.has_perms(cls.required_perms):
-            raise PermissionDenied(
+            raise humanize_exception(ugettext_noop(
-                u"%s doesn't have the required permissions." % user)
+                "You don't have the required permissions."),
+                PermissionDenied())
        if cls.superuser_required and not user.is_superuser:
            raise humanize_exception(ugettext_noop(
                "Superuser privileges are required."), PermissionDenied())

--- a/circle/dashboard/templates/dashboard/vm-detail/_network-port-add.html
+++ b/circle/dashboard/templates/dashboard/vm-detail/_network-port-add.html
@@ -13,7 +13,7 @@
      <select class="form-control" name="proto" style="width: 70px;"><option>tcp</option><option>udp</option></select>
      <div class="input-group-btn">
        <button type="submit" class="btn btn-success btn-sm
-          {% if not is_operator %}disabled{% endif %}">
+          {% if not op.add_port %}disabled{% endif %}">
          <span class="hidden-xs">{% trans "Add" %}</span>
          <span class="visible-xs"><i class="fa fa-plus-circle"></i></span>
        </button>

--- a/circle/dashboard/templates/dashboard/vm-detail/network.html
+++ b/circle/dashboard/templates/dashboard/vm-detail/network.html
@@ -83,7 +83,8 @@
                        <span class="operation-wrapper">
                          <a href="{{ op.remove_port.get_url }}?rule={{ l.ipv4.pk }}"
                             class="btn btn-link btn-xs operation"
-                             title="{% trans "Remove" %}">
+                             title="{% trans "Remove" %}"
+                             {% if not op.remove_port %}disabled{% endif %}>
                            <i class="fa fa-times"><span class="sr-only">{% trans "Remove" %}</span></i>
                          </a>
                        </span>
@@ -118,7 +119,9 @@
                        {{ l.private }}/{{ l.proto }}
                      </td>
                      <td>
-                        <a href="{{ op.remove_port.get_url }}?rule={{ l.ipv4.pk }}" class="btn btn-link btn-xs vm-details-remove-port" data-rule="{{ l.ipv6.pk }}" title="{% trans "Remove" %}"><i class="fa fa-times"><span class="sr-only">{% trans "Remove" %}</span></i></a>
+                        <a href="{{ op.remove_port.get_url }}?rule={{ l.ipv4.pk }}" class="btn btn-link btn-xs vm-details-remove-port" data-rule="{{ l.ipv6.pk }}" title="{% trans "Remove" %}" {% if not op.remove_port %}disabled{% endif %}>
+                          <i class="fa fa-times"><span class="sr-only">{% trans "Remove" %}</span></i>
+                        </a>
                      </td>
                    </tr>
                  {% endif %}

--- a/circle/vm/operations.py
+++ b/circle/vm/operations.py
@@ -629,6 +629,7 @@ class RemovePortOperation(InstanceOperation):
    name = _("close port")
    description = _("Close the specified port.")
    concurrency_check = False
+    acl_level = "operator"
    required_perms = ('vm.config_ports', )
    def _operation(self, activity, rule):
@@ -647,6 +648,7 @@ class AddPortOperation(InstanceOperation):
    name = _("open port")
    description = _("Open the specified port.")
    concurrency_check = False
+    acl_level = "operator"
    required_perms = ('vm.config_ports', )
    def _operation(self, activity, host, proto, port):