Fixed permissions visualization related issue

2025-03-13 08:58:35 +03:00 · 2023-01-17 13:10:27 +01:00 · 2023-01-17 13:10:27 +01:00 · bf5a0069b8
commit bf5a0069b8
parent db1d0e2640
6 changed files with 21 additions and 17 deletions
--- a/server/src/uds/REST/methods/authenticators.py
+++ b/server/src/uds/REST/methods/authenticators.py
@ -69,9 +69,9 @@ class Authenticators(ModelHandler):
        {'name': {'title': _('Name'), 'visible': True, 'type': 'iconType'}},
        {'type_name': {'title': _('Type')}},
        {'comments': {'title': _('Comments')}},
-        {'priority': {'title': _('Priority'), 'type': 'numeric', 'width': '5em'}},
+        {'priority': {'title': _('Priority'), 'type': 'numeric', 'width': '5rem'}},
        {'small_name': {'title': _('Label')}},
-        {'users_count': {'title': _('Users'), 'type': 'numeric', 'width': '5em'}},
+        {'users_count': {'title': _('Users'), 'type': 'numeric', 'width': '1rem'}},
        {
            'mfa_name': {
                'title': _('MFA'),
--- a/server/src/uds/REST/methods/providers.py
+++ b/server/src/uds/REST/methods/providers.py
@ -150,9 +150,8 @@ class Providers(ModelHandler):
        """
        try:
            service = Service.objects.get(uuid=self._args[1])
-            perm = self.ensureAccess(
-                service.provider, permissions.PermissionType.READ
-            )  # Ensures that we can read this item
+            self.ensureAccess(service.provider, permissions.PermissionType.READ)
+            perm = self.getPermissions(service.provider)
            return DetailServices.serviceToDict(service, perm, True)
        except Exception:
            # logger.exception('Exception')
--- a/server/src/uds/REST/model.py
+++ b/server/src/uds/REST/model.py
@ -257,6 +257,11 @@ class BaseModelHandler(Handler):
        if not permissions.hasAccess(self._user, obj, permission, root):
            raise self.accessDenied()

+    def getPermissions(
+        self, obj: models.Model, root: bool = False
+    ) -> int:
+        return permissions.getEffectivePermission(self._user, obj, root)
+
    def typeInfo(self, type_: typing.Type['Module']) -> typing.Dict[str, typing.Any]:
        """
        Returns info about the type
--- a/server/src/uds/core/util/permissions.py
+++ b/server/src/uds/core/util/permissions.py
@ -60,7 +60,7 @@ def getPermissions(obj: 'Model') -> typing.List[models.Permissions]:


 def getEffectivePermission(
-    user: 'models.User', obj: 'Model', root: bool = False
+    user: 'models.User', obj: 'Model', for_type: bool = False
 ) -> PermissionType:
    try:
        if user.is_admin:
@ -68,7 +68,7 @@ def getEffectivePermission(

        # Just check permissions for staff members
        # root means for "object type" not for an object
-        if root is False:
+        if for_type is False:
            return models.Permissions.getPermissions(
                object_type=objtype.ObjectType.from_model(obj),
                user=user,
@ -116,9 +116,9 @@ def hasAccess(
    user: 'models.User',
    obj: 'Model',
    permission: PermissionType = PermissionType.ALL,
-    root: bool = False,
+    for_type: bool = False,
 ):
-    return getEffectivePermission(user, obj, root).includes(permission)
+    return getEffectivePermission(user, obj, for_type).includes(permission)


 def revokePermissionById(permUUID: str) -> None:
--- a/server/src/uds/models/user_service.py
+++ b/server/src/uds/models/user_service.py
@ -317,10 +317,10 @@ class UserService(UUIDModel):  # pylint: disable=too-many-public-methods
        Returns:
            Nothing
        """
-        self.src_ip = ip[:15]
-        self.src_hostname = hostname[:65]
+        self.src_ip = ip[:MAX_IPV6_LENGTH]
+        self.src_hostname = hostname[:MAX_DNS_NAME_LENGTH]

-        if(self.src_ip != ip or self.src_hostname != hostname):
+        if(len(ip) > MAX_IPV6_LENGTH or len(hostname) > MAX_DNS_NAME_LENGTH):
            logger.info('Truncated connection source data to %s/%s', self.src_ip, self.src_hostname)

        self.save(update_fields=['src_ip', 'src_hostname'])
@ -645,7 +645,7 @@ class UserService(UUIDModel):  # pylint: disable=too-many-public-methods
        )

    @staticmethod
-    def beforeDelete(sender, **kwargs):
+    def beforeDelete(sender, **kwargs) -> None:
        """
        Used to invoke the Service class "Destroy" before deleting it from database.

--- a/server/src/uds/services/Xen/xen_client/init.py
+++ b/server/src/uds/services/Xen/xen_client/init.py
@ -514,7 +514,7 @@ class XenServer:  # pylint: disable=too-many-public-methods
        tags = self.VM.get_tags(vmId)
        try:
            del tags[tags.index(TAG_TEMPLATE)]
-        except Exception:
+        except Exception:  # nosec: ignored, maybe tag is not pressent
            pass
        tags.append(TAG_MACHINE)
        self.VM.set_tags(vmId, tags)
@ -537,7 +537,7 @@ class XenServer:  # pylint: disable=too-many-public-methods
            tags = self.VM.get_tags(vmId)
            try:
                del tags[tags.index(TAG_MACHINE)]
-            except Exception:
+            except Exception:  # nosec: ignored, maybe tag is not pressent
                pass
            tags.append(TAG_TEMPLATE)
            self.VM.set_tags(vmId, tags)
@ -545,8 +545,8 @@ class XenServer:  # pylint: disable=too-many-public-methods
            # Set multiplier
            try:
                self.VM.set_HVM_shadow_multiplier(vmId, float(shadowMultiplier))
-            except Exception:
-                pass  # Can't set shadowMultiplier, nothing happens
+            except Exception:  # nosec: Can't set shadowMultiplier, nothing happens
+                pass  
        except XenAPI.Failure as e:
            raise XenFailure(e.details)