Module: check_mk
Branch: master
Commit: 51a61249f3a6c82d2e2283a8b6bd37bebd1c4ac5
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=51a61249f3a6c8…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Tue Apr 21 13:51:12 2015 +0200
#2181 Admins can now delete views/dashboards/reports created by other users
---
.werks/2181 | 9 +++++++++
ChangeLog | 2 ++
web/htdocs/default_permissions.py | 7 ++++++-
web/htdocs/visuals.py | 23 +++++++++++++++--------
4 files changed, 32 insertions(+), 9 deletions(-)
diff --git a/.werks/2181 b/.werks/2181
new file mode 100644
index 0000000..b1e4371
--- /dev/null
+++ b/.werks/2181
@@ -0,0 +1,9 @@
+Title: Admins can now delete views/dashboards/reports created by other users
+Level: 1
+Component: multisite
+Compatible: compat
+Version: 1.2.7i1
+Date: 1429617043
+Class: feature
+
+
diff --git a/ChangeLog b/ChangeLog
index 10eceb9..a06b707 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -354,6 +354,7 @@
* 2175 Added icon uploader, unified icon selection...
* 2200 New filter for (de-)selecting preliminary notifications to
"check-mk-notify"...
* 2209 New filter for selecting hosts/services in/out of their service period
+ * 2181 Admins can now delete views/dashboards/reports created by other users
* 1781 FIX: Fix broken grouping by host/service group in availability
* 1783 FIX: Finish the view "History of Scheduled Downtimes"...
* 1206 FIX: Hostname not longer shown as column in host views
@@ -460,6 +461,7 @@
* 1662 notification plugin spectrum: finalized script. now able to handle host
notications
* 1213 New Notification macros $SERVICEFORURL$ and $HOSTFORURL$...
* 2041 Notification Spooler can now handle incoming and outgoing persistent TCP
connections...
+ NOTE: Please refer to the migration notes!
* 2135 Allow to filter notification contacts based on values of custom macros...
* 1235 Added notification plugin for Braintower SMS Gateways...
* 2188 Rule based notification now allow match for notification comment...
diff --git a/web/htdocs/default_permissions.py b/web/htdocs/default_permissions.py
index edf0e01..865c5a2 100644
--- a/web/htdocs/default_permissions.py
+++ b/web/htdocs/default_permissions.py
@@ -151,7 +151,7 @@ def declare_visual_permissions(what, what_plural):
config.declare_permission("general.publish_" + what,
_("Publish %s") % what_plural,
- _("Make %s visible and usable for other users") % what_plural,
+ _("Make %s visible and usable for other users.") % what_plural,
[ "admin", "user" ])
config.declare_permission("general.see_user_" + what,
@@ -163,3 +163,8 @@ def declare_visual_permissions(what, what_plural):
_("Modify builtin %s") % what_plural,
_("Make own published %s override builtin %s for all users.") %
(what_plural, what_plural),
[ "admin" ])
+
+ config.declare_permission("general.delete_foreign_" + what,
+ _("Delete foreign %s") % what_plural,
+ _("Allows to delete %s created by other users.") % what_plural,
+ [ "admin" ])
diff --git a/web/htdocs/visuals.py b/web/htdocs/visuals.py
index e9cdbd6..08290cb 100644
--- a/web/htdocs/visuals.py
+++ b/web/htdocs/visuals.py
@@ -268,7 +268,12 @@ def page_list(what, title, visuals, custom_columns = [],
# Deletion of visuals
delname = html.var("_delete")
if delname and html.transaction_valid():
- deltitle = visuals[(config.user_id, delname)]['title']
+ if config.may('general.delete_foreign_%s' % what):
+ user_id = html.var('_user_id', config.user_id)
+ else:
+ user_id = config.user_id
+
+ deltitle = visuals[(user_id, delname)]['title']
try:
if check_deletable_handler:
@@ -276,7 +281,7 @@ def page_list(what, title, visuals, custom_columns = [],
c = html.confirm(_("Please confirm the deletion of
\"%s\".") % deltitle)
if c:
- del visuals[(config.user_id, delname)]
+ del visuals[(user_id, delname)]
save(what, visuals)
html.reload_sidebar()
elif c == False:
@@ -313,10 +318,6 @@ def page_list(what, title, visuals, custom_columns = [],
# Actions
table.cell(_('Actions'), css = 'buttons visuals')
- # Edit
- if owner == config.user_id:
- html.icon_button("edit_%s.py?load_name=%s" % (what_s,
visual_name), _("Edit"), "edit")
-
# Clone / Customize
buttontext = _("Create a customized copy of this")
backurl = html.urlencode(html.makeuri([]))
@@ -325,9 +326,15 @@ def page_list(what, title, visuals, custom_columns = [],
html.icon_button(clone_url, buttontext, "clone")
# Delete
+ if owner and (owner == config.user_id or
config.may('general.delete_foreign_%s' % what)):
+ add_vars = [('_delete', visual_name)]
+ if owner != config.user_id:
+ add_vars.append(('_user_id', owner))
+ html.icon_button(html.makeactionuri(add_vars), _("Delete!"),
"delete")
+
+ # Edit
if owner == config.user_id:
- html.icon_button(html.makeactionuri([('_delete', visual_name)]),
- _("Delete!"), "delete")
+ html.icon_button("edit_%s.py?load_name=%s" % (what_s,
visual_name), _("Edit"), "edit")
# Custom buttons - visual specific
if render_custom_buttons: