Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Fukász Rómeó Ervin
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
abfd7a2b
authored
Aug 28, 2014
by
Őry Máté
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
common: add Operation.superuser_required
parent
9b8d6f51
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
8 additions
and
15 deletions
+8
-15
circle/common/operations.py
+6
-2
circle/vm/operations.py
+2
-13
No files found.
circle/common/operations.py
View file @
abfd7a2b
...
@@ -18,10 +18,10 @@
...
@@ -18,10 +18,10 @@
from
inspect
import
getargspec
from
inspect
import
getargspec
from
logging
import
getLogger
from
logging
import
getLogger
from
.models
import
activity_context
,
has_suffix
from
django.core.exceptions
import
PermissionDenied
,
ImproperlyConfigured
from
django.core.exceptions
import
PermissionDenied
,
ImproperlyConfigured
from
django.utils.translation
import
ugettext_noop
from
.models
import
activity_context
,
has_suffix
,
humanize_exception
logger
=
getLogger
(
__name__
)
logger
=
getLogger
(
__name__
)
...
@@ -31,6 +31,7 @@ class Operation(object):
...
@@ -31,6 +31,7 @@ class Operation(object):
"""
"""
async_queue
=
'localhost.man'
async_queue
=
'localhost.man'
required_perms
=
None
required_perms
=
None
superuser_required
=
False
do_not_call_in_templates
=
True
do_not_call_in_templates
=
True
abortable
=
False
abortable
=
False
has_percentage
=
False
has_percentage
=
False
...
@@ -154,6 +155,9 @@ class Operation(object):
...
@@ -154,6 +155,9 @@ class Operation(object):
if
not
user
.
has_perms
(
cls
.
required_perms
):
if
not
user
.
has_perms
(
cls
.
required_perms
):
raise
PermissionDenied
(
"
%
s doesn't have the required permissions."
raise
PermissionDenied
(
"
%
s doesn't have the required permissions."
%
user
)
%
user
)
if
cls
.
superuser_required
and
not
user
.
is_superuser
:
raise
humanize_exception
(
ugettext_noop
(
"Superuser privileges are required."
),
PermissionDenied
())
def
check_auth
(
self
,
user
):
def
check_auth
(
self
,
user
):
"""Check if user is permitted to run this operation on this instance
"""Check if user is permitted to run this operation on this instance
...
...
circle/vm/operations.py
View file @
abfd7a2b
...
@@ -366,6 +366,7 @@ class MigrateOperation(InstanceOperation):
...
@@ -366,6 +366,7 @@ class MigrateOperation(InstanceOperation):
description
=
_
(
"Move virtual machine to an other worker node with a few "
description
=
_
(
"Move virtual machine to an other worker node with a few "
"seconds of interruption (live migration)."
)
"seconds of interruption (live migration)."
)
required_perms
=
()
required_perms
=
()
superuser_required
=
True
accept_states
=
(
'RUNNING'
,
)
accept_states
=
(
'RUNNING'
,
)
def
rollback
(
self
,
activity
):
def
rollback
(
self
,
activity
):
...
@@ -374,12 +375,6 @@ class MigrateOperation(InstanceOperation):
...
@@ -374,12 +375,6 @@ class MigrateOperation(InstanceOperation):
"redeploy network (rollback)"
)):
"redeploy network (rollback)"
)):
self
.
instance
.
deploy_net
()
self
.
instance
.
deploy_net
()
def
check_auth
(
self
,
user
):
if
not
user
.
is_superuser
:
raise
PermissionDenied
()
super
(
MigrateOperation
,
self
)
.
check_auth
(
user
=
user
)
def
_operation
(
self
,
activity
,
to_node
=
None
,
timeout
=
120
):
def
_operation
(
self
,
activity
,
to_node
=
None
,
timeout
=
120
):
if
not
to_node
:
if
not
to_node
:
with
activity
.
sub_activity
(
'scheduling'
,
with
activity
.
sub_activity
(
'scheduling'
,
...
@@ -843,6 +838,7 @@ class FlushOperation(NodeOperation):
...
@@ -843,6 +838,7 @@ class FlushOperation(NodeOperation):
name
=
_
(
"flush"
)
name
=
_
(
"flush"
)
description
=
_
(
"Disable node and move all instances to other ones."
)
description
=
_
(
"Disable node and move all instances to other ones."
)
required_perms
=
()
required_perms
=
()
superuser_required
=
True
def
on_abort
(
self
,
activity
,
error
):
def
on_abort
(
self
,
activity
,
error
):
from
manager.scheduler
import
TraitsUnsatisfiableException
from
manager.scheduler
import
TraitsUnsatisfiableException
...
@@ -850,13 +846,6 @@ class FlushOperation(NodeOperation):
...
@@ -850,13 +846,6 @@ class FlushOperation(NodeOperation):
if
self
.
node_enabled
:
if
self
.
node_enabled
:
self
.
node
.
enable
(
activity
.
user
,
activity
)
self
.
node
.
enable
(
activity
.
user
,
activity
)
def
check_auth
(
self
,
user
):
if
not
user
.
is_superuser
:
raise
humanize_exception
(
ugettext_noop
(
"Superuser privileges are required."
),
PermissionDenied
())
super
(
FlushOperation
,
self
)
.
check_auth
(
user
=
user
)
def
_operation
(
self
,
activity
,
user
):
def
_operation
(
self
,
activity
,
user
):
self
.
node_enabled
=
self
.
node
.
enabled
self
.
node_enabled
=
self
.
node
.
enabled
self
.
node
.
disable
(
user
,
activity
)
self
.
node
.
disable
(
user
,
activity
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment