[checkmk-commits] Check_MK Git: check_mk: Views: new permission general.see_user_views

Module: check_mk Branch: master Commit: 9281588f2b5c092e9297aa24aebcbf0543ea7caa URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=9281588f2b5c09… Author: Mathias Kettner <mk(a)mathias-kettner.de> Date: Wed Feb 27 13:55:49 2013 +0100 Views: new permission general.see_user_views --- ChangeLog | 3 +++ web/htdocs/default_permissions.py | 5 +++++ web/htdocs/views.py | 20 +++++++++++--------- 3 files changed, 19 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6e72926..6d1eedb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,9 +7,12 @@ * New availability view for arbitrary host/service collections * New option auth_by_http_header to use the value of a HTTP header variable for authentication (Useful in reverse proxy environments) + * New permission that is needed for seeing views that other users + have defined (per default this is contained in all roles) Event Console: * New rule feature: automatically delete event after actions + * New filter for maximum services level (minimum already existed) Checks & Agents: * solaris_mem: New check for memory and swap for Solaris agent diff --git a/web/htdocs/default_permissions.py b/web/htdocs/default_permissions.py index 43761d8..ce35a3c 100644 --- a/web/htdocs/default_permissions.py +++ b/web/htdocs/default_permissions.py @@ -67,6 +67,11 @@ def load(): _("Make views visible and usable for other users"), [ "admin", "user" ]) + config.declare_permission("general.see_user_views", + _("See user views"), + _("Is needed for seeing views that other users have created."), + [ "admin", "user", "guest" ]) + config.declare_permission("general.force_views", _("Modify builtin views"), _("Make own published views override builtin views for all users"), diff --git a/web/htdocs/views.py b/web/htdocs/views.py index d20b603..db2602f 100644 --- a/web/htdocs/views.py +++ b/web/htdocs/views.py @@ -293,15 +293,17 @@ def available_views(): views[n] = view # 4. other users views, if public. Sill make sure we honor permission - # for builtin views - for (u, n), view in html.multisite_views.items(): - if n not in views and view["public"] and config.user_may(u, "general.publish_views"): - # Is there a builtin view with the same name? If yes, honor permissions. - permname = "view.%s" % n - if config.permission_exists(permname) \ - and not config.may(permname): - continue - views[n] = view + # for builtin views. Also the permission "general.see_user_views" is + # necessary. + if config.may("general.see_user_views"): + for (u, n), view in html.multisite_views.items(): + if n not in views and view["public"] and config.user_may(u, "general.publish_views"): + # Is there a builtin view with the same name? If yes, honor permissions. + permname = "view.%s" % n + if config.permission_exists(permname) \ + and not config.may(permname): + continue + views[n] = view return views