diff options
author | Michael DeHaan <mdehaan@redhat.com> | 2008-04-02 16:32:26 -0400 |
---|---|---|
committer | Michael DeHaan <mdehaan@redhat.com> | 2008-04-02 16:32:26 -0400 |
commit | 511d6fc9976bd10344c920a4f03ba57da70527d9 (patch) | |
tree | 4af153653e94f663c4f49cbf5a55dcb322057b61 /cobbler/modules | |
parent | 8eff9bca139d66f86391362a28abdc07966817a3 (diff) | |
download | third_party-cobbler-511d6fc9976bd10344c920a4f03ba57da70527d9.tar.gz third_party-cobbler-511d6fc9976bd10344c920a4f03ba57da70527d9.tar.xz third_party-cobbler-511d6fc9976bd10344c920a4f03ba57da70527d9.zip |
Make changes in order to assure that users not in users.conf can still read
web content if cleared past the authentication layer. Also make changes
to the kickstart editor to indicate to users when they don't have permission
to edit kickstarts -- and to show possible causes.
Diffstat (limited to 'cobbler/modules')
-rw-r--r-- | cobbler/modules/authz_ownership.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/cobbler/modules/authz_ownership.py b/cobbler/modules/authz_ownership.py index ff5c016..9e7a217 100644 --- a/cobbler/modules/authz_ownership.py +++ b/cobbler/modules/authz_ownership.py @@ -98,6 +98,13 @@ def authorize(api_handle,user,resource,arg1=None,arg2=None): All users in the file are permitted by this module. """ + # everybody can get read-only access to everything + # if they pass authorization, they don't have to be in users.conf + if resource is not None: + for x in [ "get", "read", "/cobbler/web" ]: + if resource.startswith(x): + return 1 + user_groups = __parse_config() # classify the type of operation |