Commit 9ee92053 by Guba Sándor

views/node: allow list with vm.view_statistics perms

parent 3c8b525a
...@@ -75,7 +75,7 @@ node_ops = OrderedDict([ ...@@ -75,7 +75,7 @@ node_ops = OrderedDict([
]) ])
class NodeDetailView(LoginRequiredMixin, SuperuserRequiredMixin, class NodeDetailView(LoginRequiredMixin,
GraphMixin, DetailView): GraphMixin, DetailView):
template_name = "dashboard/node-detail.html" template_name = "dashboard/node-detail.html"
model = Node model = Node
...@@ -83,6 +83,8 @@ class NodeDetailView(LoginRequiredMixin, SuperuserRequiredMixin, ...@@ -83,6 +83,8 @@ class NodeDetailView(LoginRequiredMixin, SuperuserRequiredMixin,
form_class = TraitForm form_class = TraitForm
def get_context_data(self, form=None, **kwargs): def get_context_data(self, form=None, **kwargs):
if not self.request.user.has_perm('vm.view_statistics'):
raise PermissionDenied()
if form is None: if form is None:
form = self.form_class() form = self.form_class()
context = super(NodeDetailView, self).get_context_data(**kwargs) context = super(NodeDetailView, self).get_context_data(**kwargs)
...@@ -98,6 +100,8 @@ class NodeDetailView(LoginRequiredMixin, SuperuserRequiredMixin, ...@@ -98,6 +100,8 @@ class NodeDetailView(LoginRequiredMixin, SuperuserRequiredMixin,
return context return context
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
if not request.user.is_superuser:
raise PermissionDenied()
if request.POST.get('new_name'): if request.POST.get('new_name'):
return self.__set_name(request) return self.__set_name(request)
if request.POST.get('to_remove'): if request.POST.get('to_remove'):
...@@ -145,13 +149,14 @@ class NodeDetailView(LoginRequiredMixin, SuperuserRequiredMixin, ...@@ -145,13 +149,14 @@ class NodeDetailView(LoginRequiredMixin, SuperuserRequiredMixin,
return redirect(self.object.get_absolute_url()) return redirect(self.object.get_absolute_url())
class NodeList(LoginRequiredMixin, SuperuserRequiredMixin, class NodeList(LoginRequiredMixin, GraphMixin, SingleTableView):
GraphMixin, SingleTableView):
template_name = "dashboard/node-list.html" template_name = "dashboard/node-list.html"
table_class = NodeListTable table_class = NodeListTable
table_pagination = False table_pagination = False
def get(self, *args, **kwargs): def get(self, *args, **kwargs):
if not self.request.user.has_perm('vm.view_statistics'):
raise PermissionDenied()
if self.request.is_ajax(): if self.request.is_ajax():
nodes = Node.objects.all() nodes = Node.objects.all()
nodes = [{ nodes = [{
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment