summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--cobbler/modules/authz_ownership.py7
-rw-r--r--cobbler/webui/CobblerWeb.py5
-rw-r--r--setup.py1
-rw-r--r--webui_templates/enoaccess.tmpl2
-rw-r--r--webui_templates/ksfile_edit.tmpl33
-rw-r--r--webui_templates/ksfile_view.tmpl6
6 files changed, 44 insertions, 10 deletions
diff --git a/cobbler/modules/authz_ownership.py b/cobbler/modules/authz_ownership.py
index ff5c016..9e7a217 100644
--- a/cobbler/modules/authz_ownership.py
+++ b/cobbler/modules/authz_ownership.py
@@ -98,6 +98,13 @@ def authorize(api_handle,user,resource,arg1=None,arg2=None):
All users in the file are permitted by this module.
"""
+ # everybody can get read-only access to everything
+ # if they pass authorization, they don't have to be in users.conf
+ if resource is not None:
+ for x in [ "get", "read", "/cobbler/web" ]:
+ if resource.startswith(x):
+ return 1
+
user_groups = __parse_config()
# classify the type of operation
diff --git a/cobbler/webui/CobblerWeb.py b/cobbler/webui/CobblerWeb.py
index 2012708..f6afe2f 100644
--- a/cobbler/webui/CobblerWeb.py
+++ b/cobbler/webui/CobblerWeb.py
@@ -677,10 +677,15 @@ class CobblerWeb(object):
} )
def ksfile_edit(self, name=None,**spam):
+
+
if not self.__xmlrpc_setup():
return self.xmlrpc_auth_failure()
+
+ can_edit = self.remote.check_access_no_fail(self.token,"modify_kickstart",name)
return self.__render( 'ksfile_edit.tmpl', {
'name': name,
+ 'editable' : can_edit,
'ksdata': self.remote.read_or_write_kickstart_template(name,True,"",self.token)
} )
diff --git a/setup.py b/setup.py
index 3285b2f..51ffe80 100644
--- a/setup.py
+++ b/setup.py
@@ -159,7 +159,6 @@ if __name__ == "__main__":
# Web UI kickstart file editing
(wwwtmpl, ['webui_templates/ksfile_edit.tmpl']),
(wwwtmpl, ['webui_templates/ksfile_list.tmpl']),
- (wwwtmpl, ['webui_templates/ksfile_view.tmpl']),
# Web UI support files
(wwwgfx, ['docs/wui.html']),
diff --git a/webui_templates/enoaccess.tmpl b/webui_templates/enoaccess.tmpl
index 5af1ae3..b3a001e 100644
--- a/webui_templates/enoaccess.tmpl
+++ b/webui_templates/enoaccess.tmpl
@@ -5,6 +5,8 @@ WARNING: You do not have permission to make changes to this
object. To recieve access, contact your Cobbler server administrator.
</br>
+#if $owners != []
The access control list for this object is: <B><U>$myowners</U></B>.
+#end if
</blockquote>
diff --git a/webui_templates/ksfile_edit.tmpl b/webui_templates/ksfile_edit.tmpl
index 5e0c5ae..87c9f41 100644
--- a/webui_templates/ksfile_edit.tmpl
+++ b/webui_templates/ksfile_edit.tmpl
@@ -1,7 +1,22 @@
#extends cobbler.webui.master
-#attr $title = "Cobbler: Edit Kickstart File $ksfile"
+##attr $title = "Cobbler: Edit Kickstart File $ksfile"
#block body
+
+#if $editable != True
+<blockquote>
+NOTE: You do not have permission to make changes to this
+kickstart template and can only read it. It is possible that
+other Cobbler users has secured permissions on Cobbler
+profiles/systems that depend on this template -- changing this
+template would ultimately affect those profile/system records which
+you do not have access to. Alternatively, you may not have access
+to edit *any* kickstart templates. Contact your Cobbler server administrator
+if you need to resolve this.
+</blockquote>
+</br>
+#end if
+
<form method="post" action="$base_url?mode=ksfile_save">
<input type="hidden" name="name" value="$name"/>
<fieldset id="cform">
@@ -10,8 +25,20 @@
<pre><textarea rows="40" cols="120" name="ksdata" id="ksdata">$ksdata</textarea></pre>
<br/>
- <input type="submit" name="submit" value="Save"/>
- <input type="reset" name="reset" value="Reset"/>
+ #if $editable == True
+ <input type="submit" name="submit" value="Save"/>
+ <input type="reset" name="reset" value="Reset"/>
+ #end if
+
</fieldset>
</form>
+
+#if $editable == True
+<br/>
+<blockquote>
+NOTE: Run a cobbler sync to after making changes here in order
+for kickstart files to be regenerated.
+</blockquote>
+#end if
+
#end block body
diff --git a/webui_templates/ksfile_view.tmpl b/webui_templates/ksfile_view.tmpl
deleted file mode 100644
index b6abf67..0000000
--- a/webui_templates/ksfile_view.tmpl
+++ /dev/null
@@ -1,6 +0,0 @@
-#extends cobbler.webui.master
-
-#block body
-<pre class="config_data">$ksdata</pre>
-#end block body
-