diff options
| author | Simon Rettberg | 2018-02-26 10:32:56 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2018-02-26 10:32:56 +0100 |
| commit | e92f67936eaae163aa2ac207384bddf8f483d85c (patch) | |
| tree | f9ca8a58a82d4eafbea3c78a59c4d58cab5e141e | |
| parent | [baseconfig] Add permissions (diff) | |
| download | slx-admin-e92f67936eaae163aa2ac207384bddf8f483d85c.tar.gz slx-admin-e92f67936eaae163aa2ac207384bddf8f483d85c.tar.xz slx-admin-e92f67936eaae163aa2ac207384bddf8f483d85c.zip | |
[dnbd3] Add permissions
| -rw-r--r-- | modules-available/dnbd3/page.inc.php | 38 | ||||
| -rw-r--r-- | modules-available/dnbd3/permissions/permissions.json | 20 | ||||
| -rw-r--r-- | modules-available/dnbd3/templates/page-serverlist.html | 30 |
3 files changed, 72 insertions, 16 deletions
diff --git a/modules-available/dnbd3/page.inc.php b/modules-available/dnbd3/page.inc.php index 1fa38805..d27afe01 100644 --- a/modules-available/dnbd3/page.inc.php +++ b/modules-available/dnbd3/page.inc.php @@ -11,8 +11,10 @@ class Page_Dnbd3 extends Page Message::addError('main.no-permission'); Util::redirect('?do=Main'); } + $action = Request::post('action', false, 'string'); if ($action === 'refresh') { + User::assertPermission('refresh'); Dnbd3Util::updateServerStatus(); } elseif ($action === 'delserver') { $this->deleteServer(); @@ -37,6 +39,7 @@ class Page_Dnbd3 extends Page Message::addError('not-automatic-server', $server['ip']); return; } + User::assertPermission('configure.proxy'); $bgr = Request::post('bgr', false, 'bool'); $firewall = Request::post('firewall', false, 'bool'); $overrideIp = false; @@ -73,6 +76,7 @@ class Page_Dnbd3 extends Page private function toggleUsage() { + User::assertPermission('toggle-usage'); $enabled = Request::post('enabled', false, 'bool'); $nfs = Request::post('with-nfs', false, 'bool'); $task = Dnbd3::setEnabled($enabled); @@ -83,6 +87,11 @@ class Page_Dnbd3 extends Page private function saveServerLocations() { $server = $this->getServerById(); + if (isset($server['machineuuid'])) { + User::assertPermission('configure.proxy'); + } else { + User::assertPermission('configure.external'); + } $locids = Request::post('location', [], 'array'); if (empty($locids)) { Database::exec('DELETE FROM dnbd3_server_x_location WHERE serverid = :serverid', @@ -99,6 +108,7 @@ class Page_Dnbd3 extends Page private function addServer() { + User::assertPermission('configure.external'); $ip = Request::post('newip', false, 'string'); if ($ip === false) { Message::addError('main.parameter-missing', 'ip'); @@ -129,7 +139,10 @@ class Page_Dnbd3 extends Page if ($server['fixedip'] === '<self>') return; if (!is_null($server['machineuuid'])) { + User::assertPermission('configure.proxy'); RunMode::setRunMode($server['machineuuid'], 'dnbd3', null, null, null); + } else { + User::assertPermission('configure.external'); } Database::exec('DELETE FROM dnbd3_server WHERE serverid = :serverid', array('serverid' => $server['serverid'])); @@ -156,6 +169,7 @@ class Page_Dnbd3 extends Page private function showServerList() { + User::assertPermission('view.list'); $dynClients = RunMode::getForMode(Page::getModule(), 'proxy', true, true); $res = Database::simpleQuery('SELECT s.serverid, s.machineuuid, s.fixedip, s.lastseen AS dnbd3lastseen, s.uptime, s.totalup, s.totaldown, s.clientcount, s.disktotal, s.diskfree, Count(sxl.locationid) AS locations, @@ -166,6 +180,8 @@ class Page_Dnbd3 extends Page $servers = array(); $sort = array(); $NOW = time(); + $permExt = User::hasPermission('configure.external'); + $permRunmode = User::hasPermission('configure.proxy'); while ($server = $res->fetch(PDO::FETCH_ASSOC)) { if (isset($dynClients[$server['machineuuid']])) { $server += $dynClients[$server['machineuuid']]; @@ -200,6 +216,10 @@ class Page_Dnbd3 extends Page } else { $sort[] = $server['fixedip'] . '.' . $server['machineuuid']; } + // Permission to edit + if (!($permExt && is_null($server['machineuuid'])) && !($permRunmode && !is_null($server['machineuuid']))) { + $server['edit_disabled'] = 'disabled'; + } $servers[] = $server; } foreach ($dynClients as $server) { @@ -208,20 +228,23 @@ class Page_Dnbd3 extends Page Database::exec('INSERT INTO dnbd3_server (machineuuid) VALUES (:uuid)', array('uuid' => $server['machineuuid'])); } array_multisort($sort, SORT_ASC, $servers); - Render::addTemplate('page-serverlist', array( + $data = array( 'list' => $servers, 'enabled' => Dnbd3::isEnabled(), 'enabled_checked_s' => Dnbd3::isEnabled() ? 'checked' : '', 'nfs_checked_s' => Dnbd3::hasNfsFallback() ? 'checked' : '', 'rebootcontrol' => Module::isAvailable('rebootcontrol', false) - )); + ); + Permission::addGlobalTags($data['perms'], null, ['view.details', 'refresh', 'toggle-usage', 'configure.proxy', 'configure.external']); + Render::addTemplate('page-serverlist', $data); } private function showProxyDetails() { + User::assertPermission('view.details'); $server = $this->getServerById(); Render::addTemplate('page-proxy-header', $server); - $stats = Dnbd3Rpc::query($server['ip'], 5003,true, true, false, true); + $stats = Dnbd3Rpc::query($server['ip'], 5003, true, true, false, true); if (!is_array($stats) || !isset($stats['runId'])) { Message::addError('server-unreachable'); return; @@ -230,8 +253,8 @@ class Page_Dnbd3 extends Page $stats['bytesReceived_s'] = Util::readableFileSize($stats['bytesReceived']); $stats['uptime_s'] = floor($stats['uptime'] / 86400) . 'd ' . gmdate('H:i:s', $stats['uptime']); Render::addTemplate('page-proxy-stats', $stats); - // TODO $images = Dnbd3Rpc::query($server['ip'], 5003,false, false, true); - $confAlts = Dnbd3Rpc::query($server['ip'], 5003,false, false, false, false, true, true); + // TODO $images = Dnbd3Rpc::query($server['ip'], 5003, false, false, true); + $confAlts = Dnbd3Rpc::query($server['ip'], 5003, false, false, false, false, true, true); $ips = array(); $sort = array(); foreach ($stats['clients'] as &$c) { @@ -293,6 +316,11 @@ class Page_Dnbd3 extends Page private function showServerLocationEdit() { $server = $this->getServerById(); + if (isset($server['machineuuid'])) { + User::assertPermission('configure.proxy'); + } else { + User::assertPermission('configure.external'); + } // Get selected ones $res = Database::simpleQuery('SELECT locationid FROM dnbd3_server_x_location WHERE serverid = :serverid', array('serverid' => $server['serverid'])); diff --git a/modules-available/dnbd3/permissions/permissions.json b/modules-available/dnbd3/permissions/permissions.json new file mode 100644 index 00000000..5e16b290 --- /dev/null +++ b/modules-available/dnbd3/permissions/permissions.json @@ -0,0 +1,20 @@ +{ + "toggle-usage": { + "location-aware": false + }, + "refresh": { + "location-aware": false + }, + "view.list": { + "location-aware": false + }, + "view.details": { + "location-aware": false + }, + "configure.proxy": { + "location-aware": false + }, + "configure.external": { + "location-aware": false + } +}
\ No newline at end of file diff --git a/modules-available/dnbd3/templates/page-serverlist.html b/modules-available/dnbd3/templates/page-serverlist.html index c5905dcd..118da8d2 100644 --- a/modules-available/dnbd3/templates/page-serverlist.html +++ b/modules-available/dnbd3/templates/page-serverlist.html @@ -15,14 +15,14 @@ <form method="post" action="?do=dnbd3"> <input type="hidden" name="token" value="{{token}}"> <div class="checkbox"> - <input id="enable-dnbd3" type="checkbox" name="enabled" {{enabled_checked_s}}> + <input id="enable-dnbd3" type="checkbox" name="enabled" {{enabled_checked_s}} {{perms.toggle-usage.disabled}}> <label for="enable-dnbd3">{{lang_enableDnbd3}}</label> </div> <div class="checkbox"> - <input id="allow-nfs" type="checkbox" name="with-nfs" {{nfs_checked_s}}> + <input id="allow-nfs" type="checkbox" name="with-nfs" {{nfs_checked_s}} {{perms.toggle-usage.disabled}}> <label for="allow-nfs">{{lang_allowNfsFallback}}</label> </div> - <button type="submit" name="action" value="toggle-usage" class="btn btn-success"> + <button type="submit" name="action" value="toggle-usage" class="btn btn-success" {{perms.toggle-usage.disabled}}> <span class="glyphicon glyphicon-floppy-disk"></span> {{lang_save}} </button> @@ -36,7 +36,9 @@ <input type="hidden" name="action" value="refresh"> <h2> {{lang_serverList}} - <button id="refbtn" type="submit" class="btn btn-default"><span class="glyphicon glyphicon-refresh"></span></button> + <button id="refbtn" type="submit" class="btn btn-default" {{perms.refresh.disabled}}> + <span class="glyphicon glyphicon-refresh"></span> + </button> </h2> </form> @@ -78,14 +80,18 @@ </td> <td class="{{#self}}slx-bold{{/self}}"> {{#machineuuid}} - <a class="pull-right btn btn-default btn-xs" href="?do=Statistics&uuid={{machineuuid}}"> + <a class="pull-right btn btn-default btn-xs" href="?do=statistics&uuid={{machineuuid}}"> <span class="glyphicon glyphicon-eye-open"></span> </a> {{/machineuuid}} + {{^perms.view.details.disabled}} <a href="?do=dnbd3&show=proxy&server={{serverid}}"> + {{/perms.view.details.disabled}} {{fixedip}} <span class="small">{{clientip}}</span> + {{^perms.view.details.disabled}} </a> + {{/perms.view.details.disabled}} <div class="small">{{hostname}}</div> </td> <td data-sort="int" data-sort-default="desc" data-sort-value="{{disktotal}}"> @@ -123,7 +129,7 @@ {{#locations}} {{locations}} {{/locations}} - <a href="?do=dnbd3&show=locations&server={{serverid}}" class="btn btn-default btn-xs"> + <a href="?do=dnbd3&show=locations&server={{serverid}}" class="btn btn-default btn-xs {{edit_disabled}}"> <span class="glyphicon glyphicon-map-marker"></span> </a> {{/self}} @@ -132,17 +138,19 @@ {{#machineuuid}} {{#rebootcontrol}} <button class="btn btn-warning btn-xs reboot-btn" type="button" data-id="{{serverid}}" - data-toggle="modal" data-target="#server-reboot-modal" title="{{lang_reboot}}"> + data-toggle="modal" data-target="#server-reboot-modal" title="{{lang_reboot}}" + {{perms.configure.proxy.disabled}}> <span class="glyphicon glyphicon-repeat"></span> </button> {{/rebootcontrol}} <button class="btn btn-default btn-xs edit-btn" type="button" data-id="{{serverid}}" - data-toggle="modal" data-target="#server-edit-modal" title="{{lang_settings}}"> + data-toggle="modal" data-target="#server-edit-modal" title="{{lang_settings}}" + {{perms.configure.proxy.disabled}}> <span class="glyphicon glyphicon-cog"></span> </button> {{/machineuuid}} {{^self}} - <button class="btn btn-danger btn-xs" name="server" value="{{serverid}}" + <button class="btn btn-danger btn-xs {{edit_disabled}}" name="server" value="{{serverid}}" onclick="return confirm('{{lang_wantToDelete}}')" title="{{lang_delete}}"> <span class="glyphicon glyphicon-trash"></span> </button> @@ -156,7 +164,7 @@ <div class="btn-toolbar pull-right"> <div class="btn-group"> - <button type="button" class="btn btn-success" data-toggle="modal" data-target="#add-modal"> + <button type="button" class="btn btn-success" data-toggle="modal" data-target="#add-modal" {{perms.configure.external.disabled}}> <span class="glyphicon glyphicon-plus"></span> {{lang_externalServerAdd}} </button> @@ -165,7 +173,7 @@ </button> </div> <div class="btn-group"> - <a class="btn btn-success" href="?do=runmode&module=dnbd3&modeid=proxy&redirect=?do=dnbd3"> + <a class="btn btn-success {{perms.configure.proxy.disabled}}" href="?do=runmode&module=dnbd3&modeid=proxy&redirect=?do=dnbd3"> <span class="glyphicon glyphicon-plus"></span> {{lang_managedServerAdd}} </a> |