Module: check_mk
Branch: master
Commit: 9281588f2b5c092e9297aa24aebcbf0543ea7caa
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=9281588f2b5c09…
Author: Mathias Kettner <mk(a)mathias-kettner.de>
Date: Wed Feb 27 13:55:49 2013 +0100
Views: new permission general.see_user_views
---
ChangeLog | 3 +++
web/htdocs/default_permissions.py | 5 +++++
web/htdocs/views.py | 20 +++++++++++---------
3 files changed, 19 insertions(+), 9 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 6e72926..6d1eedb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,9 +7,12 @@
* New availability view for arbitrary host/service collections
* New option auth_by_http_header to use the value of a HTTP header
variable for authentication (Useful in reverse proxy environments)
+ * New permission that is needed for seeing views that other users
+ have defined (per default this is contained in all roles)
Event Console:
* New rule feature: automatically delete event after actions
+ * New filter for maximum services level (minimum already existed)
Checks & Agents:
* solaris_mem: New check for memory and swap for Solaris agent
diff --git a/web/htdocs/default_permissions.py b/web/htdocs/default_permissions.py
index 43761d8..ce35a3c 100644
--- a/web/htdocs/default_permissions.py
+++ b/web/htdocs/default_permissions.py
@@ -67,6 +67,11 @@ def load():
_("Make views visible and usable for other users"),
[ "admin", "user" ])
+ config.declare_permission("general.see_user_views",
+ _("See user views"),
+ _("Is needed for seeing views that other users have created."),
+ [ "admin", "user", "guest" ])
+
config.declare_permission("general.force_views",
_("Modify builtin views"),
_("Make own published views override builtin views for all users"),
diff --git a/web/htdocs/views.py b/web/htdocs/views.py
index d20b603..db2602f 100644
--- a/web/htdocs/views.py
+++ b/web/htdocs/views.py
@@ -293,15 +293,17 @@ def available_views():
views[n] = view
# 4. other users views, if public. Sill make sure we honor permission
- # for builtin views
- for (u, n), view in html.multisite_views.items():
- if n not in views and view["public"] and config.user_may(u,
"general.publish_views"):
- # Is there a builtin view with the same name? If yes, honor permissions.
- permname = "view.%s" % n
- if config.permission_exists(permname) \
- and not config.may(permname):
- continue
- views[n] = view
+ # for builtin views. Also the permission "general.see_user_views" is
+ # necessary.
+ if config.may("general.see_user_views"):
+ for (u, n), view in html.multisite_views.items():
+ if n not in views and view["public"] and config.user_may(u,
"general.publish_views"):
+ # Is there a builtin view with the same name? If yes, honor permissions.
+ permname = "view.%s" % n
+ if config.permission_exists(permname) \
+ and not config.may(permname):
+ continue
+ views[n] = view
return views