Revision acfbc458
Added by Marek Hulán about 10 years ago
| app/models/lookup_value.rb | ||
|---|---|---|
|
class LookupValue < ActiveRecord::Base
|
||
|
include Authorization
|
||
|
include Authorizable
|
||
|
belongs_to :lookup_key, :counter_cache => true
|
||
|
validates :match, :presence => true, :uniqueness => {:scope => :lookup_key_id}
|
||
|
delegate :key, :to => :lookup_key
|
||
| ... | ... | |
|
errors.add(:match, _("%{match} does not match an existing host group") % { :match => match }) and return false
|
||
|
end
|
||
|
|
||
|
private
|
||
|
|
||
|
def enforce_permissions operation
|
||
|
# We get called again with the operation being set to create
|
||
|
return true if operation == "edit" and new_record?
|
||
|
allowed = case match
|
||
|
when /^fqdn=(.*)/
|
||
|
# check if current fqdn is in our allowed list
|
||
|
Host.my_hosts.where(:name => $1).exists? || self.host_or_hostgroup.try(:new_record?)
|
||
|
when /^hostgroup=(.*)/
|
||
|
# check if current hostgroup is in our allowed list
|
||
|
Hostgroup.my_groups.where(:title => $1).exists? || self.host_or_hostgroup.try(:new_record?)
|
||
|
else
|
||
|
false
|
||
|
end
|
||
|
return true if allowed
|
||
|
errors.add :base, _("You do not have permission to %s this Smart Variable") % operation
|
||
|
return false
|
||
|
end
|
||
|
|
||
|
end
|
||
Also available in: Unified diff
fixes #812 - new permissions model, user group role and nest support, role filters for better granularity
Contributions from: