Module: check_mk
Branch: master
Commit: 929e2500544b22f67251f3c8429a65f127ac1405
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=929e2500544b22…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Tue May 16 09:45:20 2017 +0200
4683 New permission: Clear audit log
With this new permission you can configure read only access to the audit log to
users.
Change-Id: I78918d04269c802baac8ac539671fdaf9ccb394b
---
.werks/4683 | 11 +++++++++++
web/htdocs/wato.py | 14 +++++++++++---
2 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/.werks/4683 b/.werks/4683
new file mode 100644
index 0000000..9963af2
--- /dev/null
+++ b/.werks/4683
@@ -0,0 +1,11 @@
+Title: New permission: Clear audit log
+Level: 1
+Component: wato
+Compatible: compat
+Edition: cre
+Version: 1.5.0i1
+Date: 1494920680
+Class: feature
+
+With this new permission you can configure read only access to the audit log to
+users.
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index 558eb5b..e762ec4 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -4853,7 +4853,8 @@ class ModeAuditLog(WatoMode):
def buttons(self):
changelog_button()
home_button()
- if self._log_exists() and config.user.may("wato.auditlog") and
config.user.may("wato.edit"):
+ if self._log_exists() and config.user.may("wato.clear_auditlog") \
+ and config.user.may("wato.auditlog") and
config.user.may("wato.edit"):
html.context_button(_("Download"),
html.makeactionuri([("_action", "csv")]),
"download")
if config.user.may("wato.edit"):
@@ -4868,6 +4869,7 @@ class ModeAuditLog(WatoMode):
def action(self):
if html.var("_action") == "clear":
config.user.need_permission("wato.auditlog")
+ config.user.need_permission("wato.clear_auditlog")
config.user.need_permission("wato.edit")
return self._clear_audit_log_after_confirm()
@@ -17382,12 +17384,18 @@ def load_plugins(force):
config.declare_permission("wato.auditlog",
_("Audit Log"),
- _("Access to the historic audit log. A user with write "
- "access can delete the audit log. "
+ _("Access to the historic audit log. "
"The currently pending changes can be seen by all users "
"with access to WATO."),
[ "admin", ])
+ config.declare_permission("wato.clear_auditlog",
+ _("Clear audit Log"),
+ _("Clear the entries of the audit log. To be able to clear the audit log
"
+ "a user needs the generic WATO permission \"Make changes, perform
actions\", "
+ "the \"View audit log\" and this permission."),
+ [ "admin", ])
+
config.declare_permission("wato.hosts",
_("Host management"),
_("Access to the management of hosts and folders. This "