Module: check_mk
Branch: master
Commit: 04f853c92821e74d279090afa4127918a5cfeeea
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=04f853c92821e7…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Thu Dec 22 14:47:44 2011 +0100
WATO - Improved the new auth api
---
web/plugins/wato/auth.py | 33 +++++++++++++++++++++++++++++++--
1 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/web/plugins/wato/auth.py b/web/plugins/wato/auth.py
index 229a08d..91ae7fc 100644
--- a/web/plugins/wato/auth.py
+++ b/web/plugins/wato/auth.py
@@ -39,6 +39,12 @@
# user_permissions(<USER_NAME>)
# Returns an array of all permissions of the user
#
+# roles_with_permission(<PERMISSION>)
+# Returns an array of rolenames with the given permission
+#
+# users_with_permission(<PERMISSION>)
+# Returns an array of usernames with the given permission
+#
# may(<USER_NAME>, <PERMISSION>)
# Returns true/false wether or not the user is permitted
@@ -67,8 +73,8 @@ def parse_php(data, lvl = 1):
def create_php_file(users, role_permissions):
- file(g_auth_base_dir + '/auth.php', 'w').write('''
-<?php
+ file(g_auth_base_dir + '/auth.php',
'w').write('''<?php
+global $mk_users, $mk_roles;
$mk_users = %s;
$mk_roles = %s;
@@ -107,6 +113,29 @@ function users_with_role($want_role) {
return $result;
}
+function roles_with_permission($want_permission) {
+ global $mk_roles;
+ $result = array();
+ foreach($mk_roles AS $rolename => $role) {
+ foreach($role AS $permission) {
+ if($permission == $want_permission) {
+ $result[] = $rolename;
+ break;
+ }
+ }
+ }
+ return $result;
+}
+
+function users_with_permission($need_permission) {
+ global $mk_users;
+ $result = array();
+ foreach(roles_with_permission($need_permission) AS $rolename) {
+ $result = array_merge($result, users_with_role($rolename));
+ }
+ return $result;
+}
+
function may($username, $need_permission) {
global $mk_roles;
foreach(user_roles($username) AS $role) {