pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add new permission

Browse Source
This commit is contained in:
Montana 2019-01-07 16:11:07 -05:00 committed by leigh-mil
parent ef6d9a2c5f
commit 81af9f1c99
6 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
atst/domain/audit_log.py
View File

@ -37,7 +37,7 @@ class AuditLog(object):
@classmethod @classmethod
def get_workspace_events(cls, user, workspace_id, pagination_opts): def get_workspace_events(cls, user, workspace_id, pagination_opts):
Authorization.check_atat_permission( Authorization.check_atat_permission(
user, Permissions.VIEW_AUDIT_LOG, "view audit log" user, Permissions.VIEW_WORKSPACE_AUDIT_LOG, "view audit log"
) )
return AuditEventQuery.get_ws_events(workspace_id, pagination_opts) return AuditEventQuery.get_ws_events(workspace_id, pagination_opts)

3
atst/domain/roles.py
View File

@ -44,6 +44,7 @@ ATAT_ROLES = [
Permissions.ADD_TAG_TO_WORKSPACE, Permissions.ADD_TAG_TO_WORKSPACE,
Permissions.REMOVE_TAG_FROM_WORKSPACE, Permissions.REMOVE_TAG_FROM_WORKSPACE,
Permissions.VIEW_AUDIT_LOG, Permissions.VIEW_AUDIT_LOG,
Permissions.VIEW_WORKSPACE_AUDIT_LOG,
], ],
}, },
{ {
@ -84,6 +85,7 @@ WORKSPACE_ROLES = [
Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION, Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
Permissions.VIEW_ENVIRONMENT_IN_APPLICATION, Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
Permissions.RENAME_ENVIRONMENT_IN_APPLICATION, Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
Permissions.VIEW_WORKSPACE_AUDIT_LOG,
], ],
}, },
{ {
@ -111,6 +113,7 @@ WORKSPACE_ROLES = [
Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION, Permissions.DEACTIVATE_ENVIRONMENT_IN_APPLICATION,
Permissions.VIEW_ENVIRONMENT_IN_APPLICATION, Permissions.VIEW_ENVIRONMENT_IN_APPLICATION,
Permissions.RENAME_ENVIRONMENT_IN_APPLICATION, Permissions.RENAME_ENVIRONMENT_IN_APPLICATION,
Permissions.VIEW_WORKSPACE_AUDIT_LOG,
], ],
}, },
{ {

1
atst/models/permissions.py
View File

@ -1,5 +1,6 @@
class Permissions(object): class Permissions(object):
VIEW_AUDIT_LOG = "view_audit_log" VIEW_AUDIT_LOG = "view_audit_log"
VIEW_WORKSPACE_AUDIT_LOG = "view_workspace_audit_log"
REQUEST_JEDI_WORKSPACE = "request_jedi_workspace" REQUEST_JEDI_WORKSPACE = "request_jedi_workspace"
VIEW_ORIGINAL_JEDI_REQEUST = "view_original_jedi_request" VIEW_ORIGINAL_JEDI_REQEUST = "view_original_jedi_request"
REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST = ( REVIEW_AND_APPROVE_JEDI_WORKSPACE_REQUEST = (

5
atst/routes/workspaces/index.py
View File

@ -88,7 +88,10 @@ def workspace_reports(workspace_id):
def workspace_activity(workspace_id): def workspace_activity(workspace_id):
workspace = Workspaces.get(g.current_user, workspace_id) workspace = Workspaces.get(g.current_user, workspace_id)
Authorization.check_workspace_permission( Authorization.check_workspace_permission(
g.current_user, workspace, Permissions.VIEW_AUDIT_LOG, "view workspace reports" g.current_user,
workspace,
Permissions.VIEW_WORKSPACE_AUDIT_LOG,
"view workspace reports",
) )
pagination_opts = Paginator.get_pagination_opts(http_request) pagination_opts = Paginator.get_pagination_opts(http_request)
audit_events = AuditLog.get_workspace_events( audit_events = AuditLog.get_workspace_events(

1
script/seed_roles.py Normal file → Executable file
View File

@ -1,3 +1,4 @@
#! .venv/bin/python
# Add root project dir to the python path # Add root project dir to the python path
import os import os
import sys import sys

2
templates/navigation/workspace_navigation.html
View File

@ -56,7 +56,7 @@
) }} ) }}
{% endif %} {% endif %}
{% if user_can(permissions.VIEW_AUDIT_LOG) %} {% if user_can(permissions.VIEW_WORKSPACE_AUDIT_LOG) %}
{{ SidenavItem( {{ SidenavItem(
("navigation.workspace_navigation.activity_log" | translate), ("navigation.workspace_navigation.activity_log" | translate),
href=url_for("workspaces.workspace_activity", workspace_id=workspace.id), href=url_for("workspaces.workspace_activity", workspace_id=workspace.id),