shaba/awx
1
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2024-11-01 16:51:11 +03:00
Code Releases Activity

restrict network_ui to inv admins

Browse Source
This commit is contained in:
AlanCoding 2018-05-17 12:46:40 -04:00
parent f6eeecf6d1
commit 969fb21e98
No known key found for this signature in database
GPG Key ID: FD2C3C012A72926B
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
awx/network_ui/consumers.py
View File

@ -3,6 +3,7 @@ import channels
from channels.auth import channel_session_user, channel_session_user_from_http from channels.auth import channel_session_user, channel_session_user_from_http
from awx.network_ui.models import Topology, Device, Link, Client, Interface from awx.network_ui.models import Topology, Device, Link, Client, Interface
from awx.network_ui.models import TopologyInventory from awx.network_ui.models import TopologyInventory
from awx.main.models.inventory import Inventory
import urlparse import urlparse
from django.db.models import Q from django.db.models import Q
from collections import defaultdict from collections import defaultdict
@ -217,6 +218,18 @@ def ws_connect(message):
data = urlparse.parse_qs(message.content['query_string']) data = urlparse.parse_qs(message.content['query_string'])
inventory_id = parse_inventory_id(data) inventory_id = parse_inventory_id(data)
try:
inventory = Inventory.objects.get(id=inventory_id)
except Inventory.DoesNotExist:
logger.error("User {} attempted connecting inventory_id {} that does not exist.".format(
message.user.id, inventory_id)
)
message.reply_channel.send({"close": True})
if message.user not in inventory.admin_role:
logger.warn("User {} attempted connecting to inventory_id {} without permission.".format(
message.user.id, inventory_id
))
message.reply_channel.send({"close": True})
topology_ids = list(TopologyInventory.objects.filter(inventory_id=inventory_id).values_list('pk', flat=True)) topology_ids = list(TopologyInventory.objects.filter(inventory_id=inventory_id).values_list('pk', flat=True))
topology_id = None topology_id = None
if len(topology_ids) > 0: if len(topology_ids) > 0: