Revision acfbc458
Added by Marek Hulán about 10 years ago
app/models/lookup_value.rb | ||
---|---|---|
class LookupValue < ActiveRecord::Base
|
||
include Authorization
|
||
include Authorizable
|
||
belongs_to :lookup_key, :counter_cache => true
|
||
validates :match, :presence => true, :uniqueness => {:scope => :lookup_key_id}
|
||
delegate :key, :to => :lookup_key
|
||
... | ... | |
errors.add(:match, _("%{match} does not match an existing host group") % { :match => match }) and return false
|
||
end
|
||
|
||
private
|
||
|
||
def enforce_permissions operation
|
||
# We get called again with the operation being set to create
|
||
return true if operation == "edit" and new_record?
|
||
allowed = case match
|
||
when /^fqdn=(.*)/
|
||
# check if current fqdn is in our allowed list
|
||
Host.my_hosts.where(:name => $1).exists? || self.host_or_hostgroup.try(:new_record?)
|
||
when /^hostgroup=(.*)/
|
||
# check if current hostgroup is in our allowed list
|
||
Hostgroup.my_groups.where(:title => $1).exists? || self.host_or_hostgroup.try(:new_record?)
|
||
else
|
||
false
|
||
end
|
||
return true if allowed
|
||
errors.add :base, _("You do not have permission to %s this Smart Variable") % operation
|
||
return false
|
||
end
|
||
|
||
end
|
Also available in: Unified diff
fixes #812 - new permissions model, user group role and nest support, role filters for better granularity
Contributions from: