Commit ffbd9baa by Őry Máté

dashboard: allow superuser start vm from any template

fixes #279
parent c766e690
...@@ -2121,22 +2121,26 @@ class VmCreate(LoginRequiredMixin, TemplateView): ...@@ -2121,22 +2121,26 @@ class VmCreate(LoginRequiredMixin, TemplateView):
raise PermissionDenied() raise PermissionDenied()
form_error = form is not None form_error = form is not None
template = ( if form_error template_pk = ( if form_error
else request.GET.get("template")) else request.GET.get("template"))
if template_pk:
template = get_object_or_404(InstanceTemplate, pk=template_pk)
if not template.has_level(request.user, 'user'):
raise PermissionDenied()
if form is None:
form = self.form_class(user=request.user, template=template)
templates = InstanceTemplate.get_objects_with_level( templates = InstanceTemplate.get_objects_with_level(
'user', request.user, disregard_superuser=True) 'user', request.user, disregard_superuser=True)
if form is None and template:
form = self.form_class(user=request.user,
context = self.get_context_data(**kwargs) context = self.get_context_data(**kwargs)
if template: if template_pk:
context.update({ context.update({
'template': 'dashboard/_vm-create-2.html', 'template': 'dashboard/_vm-create-2.html',
'box_title': _('Customize VM'), 'box_title': _('Customize VM'),
'ajax_title': True, 'ajax_title': True,
'vm_create_form': form, 'vm_create_form': form,
'template_o': templates.get(pk=template), 'template_o': template,
}) })
else: else:
context.update({ context.update({
...@@ -2162,18 +2166,15 @@ class VmCreate(LoginRequiredMixin, TemplateView): ...@@ -2162,18 +2166,15 @@ class VmCreate(LoginRequiredMixin, TemplateView):
def __create_customized(self, request, *args, **kwargs): def __create_customized(self, request, *args, **kwargs):
user = request.user user = request.user
# no form yet, using POST directly:
template = get_object_or_404(InstanceTemplate,
form = self.form_class( form = self.form_class(
request.POST, user=request.user, request.POST, user=request.user, template=template)
if not form.is_valid(): if not form.is_valid():
return self.get(request, form, *args, **kwargs) return self.get(request, form, *args, **kwargs)
post = form.cleaned_data post = form.cleaned_data
template = InstanceTemplate.objects.get(pk=post['template'])
# permission check
if not template.has_level(user, 'user'): if not template.has_level(user, 'user'):
raise PermissionDenied() raise PermissionDenied()
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment