commit 8ab32aadf177f6450821f79a52e60a31c97314f7
Author: Jan Pokorny <jpokorny(a)redhat.com>
Date: Thu Oct 22 16:35:01 2009 +0200
Securing application prepared, although it have to be tweaked.
luci/controllers/cluster.py | 15 +++++++++++++++
luci/controllers/cluster_part/failover.py | 15 +++++++++++++++
luci/controllers/cluster_part/fence.py | 15 +++++++++++++++
luci/controllers/cluster_part/node.py | 15 +++++++++++++++
luci/controllers/cluster_part/service.py | 17 ++++++++++++++++-
luci/controllers/global_res.py | 14 ++++++++++++++
6 files changed, 90 insertions(+), 1 deletions(-)
---
diff --git a/luci/controllers/cluster.py b/luci/controllers/cluster.py
index 74e9491..bb6ed2f 100644
--- a/luci/controllers/cluster.py
+++ b/luci/controllers/cluster.py
@@ -41,6 +41,7 @@
from tg import flash, request, redirect, expose, tmpl_context, app_globals
from pylons.i18n import ugettext as _, lazy_ugettext as l_
+from repoze.what import predicates
from luci.lib.base import SubController, SubControllerApplyMixin, \
ApplyCommands, setApplyCommands
@@ -67,6 +68,13 @@ base2CmdCtrl = app_globals.scheme.base2CmdCtrl
class ClusterController(SubController):
"""Subcontroller handling basic requests related with `clusters'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forPageShowWithUrlCorrection('luci.templates.cluster')
def default(self):
"""Handle simple clusters listing.
@@ -180,6 +188,13 @@ class ClusterApplyCommands(ApplyCommands):
class ClusterCmdController(SubController, SubControllerApplyMixin):
"""Subcontroller handling commands related with `clusters'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forPageShowWithUrlCorrection('luci.templates.cluster_forms')
def create(self, name=''):
"""Display form for cluster creation."""
diff --git a/luci/controllers/cluster_part/failover.py
b/luci/controllers/cluster_part/failover.py
index 4ff7d80..6a8072f 100644
--- a/luci/controllers/cluster_part/failover.py
+++ b/luci/controllers/cluster_part/failover.py
@@ -49,6 +49,7 @@
"""
from tg import flash, redirect, expose, tmpl_context, app_globals
from pylons.i18n import ugettext as _, lazy_ugettext as l_
+from repoze.what import predicates
from luci.lib.base import SubController, SubControllerApplyMixin, \
ApplyCommands, setApplyCommands
@@ -72,6 +73,13 @@ base2CmdCtrl = app_globals.scheme.base2CmdCtrl
class FailoverController(SubController):
"""Subcontroller handling basic requests related with `failovers'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forPageShowWithUrlCorrection('luci.templates.cluster_part.failover')
def default(self):
"""Handle simple failovers listing.
@@ -202,6 +210,13 @@ class FailoverApplyCommands(ApplyCommands):
class FailoverCmdController(SubController, SubControllerApplyMixin):
"""Subcontroller handling commands related with `failovers'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forImmediateRedirect(allowed_methods = ('GET', 'POST'))
def default(self, *args, **kwargs):
"""Handle requests not connected with any of defined
method."""
diff --git a/luci/controllers/cluster_part/fence.py
b/luci/controllers/cluster_part/fence.py
index 2bbb841..35a0a4a 100644
--- a/luci/controllers/cluster_part/fence.py
+++ b/luci/controllers/cluster_part/fence.py
@@ -42,6 +42,7 @@
"""
from tg import flash, redirect, expose, tmpl_context, app_globals
from pylons.i18n import ugettext as _, lazy_ugettext as l_
+from repoze.what import predicates
from luci.lib.base import SubController, SubControllerApplyMixin, \
ApplyCommands, setApplyCommands
@@ -66,6 +67,13 @@ base2CmdCtrl = app_globals.scheme.base2CmdCtrl
class FenceController(SubController):
"""Subcontroller handling basic requests related with `fences'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forPageShowWithUrlCorrection('luci.templates.cluster_part.fence')
def default(self):
"""Handle simple fences listing.
@@ -192,6 +200,13 @@ class FenceApplyCommands(ApplyCommands):
class FenceCmdController(SubController, SubControllerApplyMixin):
"""Subcontroller handling commands related with `fences'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forImmediateRedirect(allowed_methods = ('GET', 'POST'))
def default(self, *args, **kwargs):
"""Handle requests not connected with any of defined
method."""
diff --git a/luci/controllers/cluster_part/node.py
b/luci/controllers/cluster_part/node.py
index d6062d9..556d2a2 100644
--- a/luci/controllers/cluster_part/node.py
+++ b/luci/controllers/cluster_part/node.py
@@ -42,6 +42,7 @@
"""
from tg import flash, redirect, expose, tmpl_context, app_globals
from pylons.i18n import ugettext as _, lazy_ugettext as l_
+from repoze.what import predicates
from luci.lib.base import SubController, SubControllerApplyMixin, \
ApplyCommands, setApplyCommands
@@ -65,6 +66,13 @@ base2CmdCtrl = app_globals.scheme.base2CmdCtrl
class NodeController(SubController):
"""Subcontroller handling basic requests related with `nodes'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forPageShowWithUrlCorrection('luci.templates.cluster_part.node')
def default(self):
"""Handle simple nodes listing.
@@ -214,6 +222,13 @@ class NodeApplyCommands(ApplyCommands):
class NodeCmdController(SubController, SubControllerApplyMixin):
"""Subcontroller handling commands related with `nodes'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forImmediateRedirect(allowed_methods = ('GET', 'POST'))
def default(self, *args, **kwargs):
"""Handle requests not connected with any of defined
method."""
diff --git a/luci/controllers/cluster_part/service.py
b/luci/controllers/cluster_part/service.py
index 3c68cba..2e22599 100644
--- a/luci/controllers/cluster_part/service.py
+++ b/luci/controllers/cluster_part/service.py
@@ -42,6 +42,7 @@
"""
from tg import flash, redirect, expose, tmpl_context, app_globals
from pylons.i18n import ugettext as _, lazy_ugettext as l_
+from repoze.what import predicates
from luci.lib.base import SubController, SubControllerApplyMixin, \
ApplyCommands, setApplyCommands
@@ -66,6 +67,13 @@ base2CmdCtrl = app_globals.scheme.base2CmdCtrl
class ServiceController(SubController):
"""Subcontroller handling basic requests related with `services'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forPageShowWithUrlCorrection('luci.templates.cluster_part.service')
def default(self):
"""Handle simple services listing.
@@ -131,7 +139,7 @@ class _CertainServiceController(SubController):
base_url=cluster_url + cluster_scheme.SERVICES,
cmd_url=cluster_url + base2CmdCtrl(cluster_scheme.SERVICES),
globalres_url=relativeUrlList2Str(scheme.APP_PREFIX,
- scheme.GLOBAL_RES),
+ scheme.GLOBAL_RES),
apply_cmds=ServiceApplyCommands)
@@ -194,6 +202,13 @@ class ServiceApplyCommands(ApplyCommands):
class ServiceCmdController(SubController, SubControllerApplyMixin):
"""Subcontroller handling commands related with `services'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forImmediateRedirect(allowed_methods = ('GET', 'POST'))
def default(self, *args, **kwargs):
"""Handle requests not connected with any of defined
method."""
diff --git a/luci/controllers/global_res.py b/luci/controllers/global_res.py
index dc4820e..a8f01e9 100644
--- a/luci/controllers/global_res.py
+++ b/luci/controllers/global_res.py
@@ -38,6 +38,7 @@
from tg import flash, request, redirect, expose, tmpl_context, app_globals
from pylons.i18n import ugettext as _, lazy_ugettext as l_
+from repoze.what import predicates
from luci.lib.base import SubController, SubControllerApplyMixin, \
ApplyCommands, setApplyCommands
@@ -62,6 +63,13 @@ base2CmdCtrl = app_globals.scheme.base2CmdCtrl
class GlobalResController(SubController):
"""Subcontroller handling basic requests related with `global
resources' part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
+
@forPageShowWithUrlCorrection('luci.templates.global_res')
def default(self):
"""Handle simple global resources listing.
@@ -180,6 +188,12 @@ class GlobalResApplyCommands(ApplyCommands):
class GlobalResCmdController(SubController, SubControllerApplyMixin):
"""Subcontroller handling commands related with `global resources'
part."""
+ # TODO: Uncomment this (or replace with more suitable predicate)
+ # to apply access control.
+ # For some reason this won't work for me, similar problem discussed at:
+ #
<
http://groups.google.com.ar/group/turbogears/browse_thread/thread/28a8b85...
+ # allow_only = predicates.not_anonymous()
+
@forImmediateRedirect(allowed_methods = ('GET', 'POST'))
def default(self, *args, **kwargs):
"""Handle requests not connected with any of defined
method."""