[checkmk-commits] Not checking permission of currently logged in user when acknowledging werks during wato init config creation

Module: check_mk Branch: master Commit: f71bf9fc03a02feaff4b8e3f55165b65c4aef1f5 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=f71bf9fc03a02f… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Wed Nov 2 14:47:13 2016 +0100 Not checking permission of currently logged in user when acknowledging werks during wato init config creation --- web/htdocs/userdb.py | 5 +++-- web/htdocs/wato.py | 2 +- web/htdocs/werks.py | 10 ++++++---- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/web/htdocs/userdb.py b/web/htdocs/userdb.py index 98bd108..734ccf3 100644 --- a/web/htdocs/userdb.py +++ b/web/htdocs/userdb.py @@ -665,7 +665,7 @@ def load_custom_attr(userid, key, conv_func, default = None): def save_custom_attr(userid, key, val): path = custom_attr_path(userid, key) make_nagios_directory(os.path.dirname(path)) - create_user_file(path, 'w').write('%s\n' % val) + store.save_file(path, '%s\n' % val) def remove_custom_attr(userid, key): @@ -780,7 +780,8 @@ def save_users(profiles): # authentication secret for local processes auth_file = user_dir + "/automation.secret" if "automation_secret" in user: - create_user_file(auth_file, "w").write("%s\n" % user["automation_secret"]) + with create_user_file(auth_file, "w") as f: + f.write("%s\n" % user["automation_secret"]) else: remove_user_file(auth_file) diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py index 1357b76..eb83b60 100644 --- a/web/htdocs/wato.py +++ b/web/htdocs/wato.py @@ -14632,7 +14632,7 @@ def create_sample_config(): # This is not really the correct place for such kind of action, but the best place we could # find to execute it only for new created sites. import werks - werks.acknowledge_all_werks() + werks.acknowledge_all_werks(check_permission=False) save_mkeventd_sample_config() diff --git a/web/htdocs/werks.py b/web/htdocs/werks.py index d88b928..fcb7a68 100644 --- a/web/htdocs/werks.py +++ b/web/htdocs/werks.py @@ -195,8 +195,10 @@ def acknowledge_werk(werk): acknowledge_werks([werk]) -def acknowledge_werks(werks): - config.user.need_permission("general.acknowledge_werks") +def acknowledge_werks(werks, check_permission=True): + if check_permission: + config.user.need_permission("general.acknowledge_werks") + ack_ids = load_acknowledgements() for werk in werks: ack_ids.append(werk["id"]) @@ -208,9 +210,9 @@ def save_acknowledgements(acknowledged_werks): store.save_data_to_file(acknowledgement_path, acknowledged_werks) -def acknowledge_all_werks(): +def acknowledge_all_werks(check_permission=True): load_werks() - acknowledge_werks(unacknowledged_incompatible_werks()) + acknowledge_werks(unacknowledged_incompatible_werks(), check_permission) def werk_is_pre_127(werk):