Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gutyán Gábor
/
circlestack
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
46d06df9
authored
Apr 03, 2018
by
Szabolcs Gelencser
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add policy middleware, use it in requests tab
parent
6676d3c2
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
53 additions
and
11 deletions
+53
-11
.idea/workspace.xml
+0
-0
circle/circle/middleware.py
+15
-0
circle/circle/os_policies/circle_policy.json
+7
-2
circle/circle/settings/base.py
+3
-2
circle/dashboard/templates/dashboard/base.html
+9
-7
circle/request/migrations/0005_auto_20180403_1342.py
+19
-0
No files found.
.idea/workspace.xml
View file @
46d06df9
This diff is collapsed.
Click to expand it.
circle/circle/middleware.py
0 → 100644
View file @
46d06df9
class
PolicyMiddleware
(
object
):
def
process_request
(
self
,
request
):
user
=
request
.
user
if
hasattr
(
user
,
'project_id'
):
setattr
(
user
,
'permissions'
,
{})
from
django.utils.module_loading
import
import_string
check
=
import_string
(
"openstack_auth.policy.check"
)
has_perm_request_decide
=
check
(((
"circle"
,
"request:decide"
),),
request
,
{
'project_id'
:
user
.
project_id
})
user
.
permissions
[
"request_decide"
]
=
has_perm_request_decide
\ No newline at end of file
circle/circle/os_policies/circle_policy.json
View file @
46d06df9
{
"admin_or_owner"
:
"is_admin:True or (role:admin and is_admin_project:True) or project_id:%(project_id)s"
,
"admin"
:
"is_admin:True or (role:admin and is_admin_project:True)"
,
"owner"
:
"project_id:%(project_id)s"
,
"circle_admin"
:
"role:circle_admin and project_id:%(project_id)s"
,
"template:create"
:
"rule:admin_or_owner"
"template:create"
:
"rule:admin or rule:owner or rule:circle_admin"
,
"request:decide"
:
"rule:admin or rule:circle_admin"
}
\ No newline at end of file
circle/circle/settings/base.py
View file @
46d06df9
...
...
@@ -336,6 +336,7 @@ MIDDLEWARE_CLASSES = (
'django.contrib.auth.middleware.AuthenticationMiddleware'
,
'django.contrib.messages.middleware.MessageMiddleware'
,
'django.middleware.clickjacking.XFrameOptionsMiddleware'
,
'circle.middleware.PolicyMiddleware'
)
########## END MIDDLEWARE CONFIGURATION
...
...
@@ -580,4 +581,4 @@ DEFAULT_SUBNETPOOL_PREFIXES = (
)
DEFAULT_SUBNETPOOL_PREFIX_LEN
=
20
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN
=
"bme"
\ No newline at end of file
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN
=
"Default"
\ No newline at end of file
circle/dashboard/templates/dashboard/base.html
View file @
46d06df9
...
...
@@ -49,13 +49,15 @@
{#
<span
class=
"hidden-sm"
>
{% trans "Network" %}
</span>
#}
{#
</a>
#}
{#
</li>
#}
{#
<li>
#}
{#
<a
href=
"{% url "
request
.
views
.
request-list
"
%}"
>
#}
{#
<i
class=
"fa fa-phone"
></i>
#}
{#
<span
class=
"hidden-sm"
>
{% trans "Requests" %}
</span>
#}
{#
</a>
#}
{#
</li>
#}
{# {% endif %}#}
{% if view.request.user.permissions.request_decide %}
<li>
<a
href=
"{% url "
request
.
views
.
request-list
"
%}"
>
<i
class=
"fa fa-phone"
></i>
<span
class=
"hidden-sm"
>
{% trans "Requests" %}
</span>
</a>
</li>
{% endif %}
{# {% endif %}#}
{#
<li>
#}
{#
<a
href=
"{% url "
dashboard
.
views
.
profile-preferences
"
%}"
>
#}
...
...
circle/request/migrations/0005_auto_20180403_1342.py
0 → 100644
View file @
46d06df9
# -*- coding: utf-8 -*-
# Generated by Django 1.11.6 on 2018-04-03 11:42
from
__future__
import
unicode_literals
from
django.db
import
migrations
class
Migration
(
migrations
.
Migration
):
dependencies
=
[
(
'request'
,
'0004_auto_20150629_1605'
),
]
operations
=
[
migrations
.
AlterModelOptions
(
name
=
'request'
,
options
=
{
'permissions'
:
((
'can_decide_request'
,
'Can decide to accept/decline request'
),)},
),
]
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment