Hi,
I've tried to apply it but it doesn't apply cleanly, any chance you
can rebase and fix it?
on a very quick glance, can you also change all debug messages
(logger.info) to logger.debug?
thanks,
Ohad
···
On Thu, Nov 24, 2011 at 4:02 PM, Greg Sutcliffe wrote: > From: Greg Sutcliffe > > This could probably be extended further if necessary. > > Refs #1324 > > Signed-off-by: Greg Sutcliffe > --- > app/models/host_parameter.rb | 9 ++++++++- > app/views/common_parameters/_parameter.erb | 14 +++++++++++--- > app/views/common_parameters/_parameters.erb | 2 +- > app/views/puppetclasses/_class_selection.html.erb | 12 +++++++++--- > app/views/puppetclasses/_classes.html.erb | 8 ++++++-- > lib/access_permissions.rb | 7 +++++++ > test/unit/host_parameter_test.rb | 12 ++++++------ > 7 files changed, 48 insertions(+), 16 deletions(-) > > diff --git a/app/models/host_parameter.rb b/app/models/host_parameter.rb > index 6ec0b4c..328c342 100644 > --- a/app/models/host_parameter.rb > +++ b/app/models/host_parameter.rb > @@ -12,6 +12,13 @@ class HostParameter < Parameter > # We get called again with the operation being set to create > return true if operation == "edit" and new_record? > > - self.host.enforce_permissions operation > + logger.info User.current.allowed_to?("#{operation}_params".to_sym).inspect > + logger.info operation.inspect > + if User.current.allowed_to?("#{operation}_params".to_sym) > + return true > + end > + > + return false > + # self.host.enforce_permissions operation > end > end > diff --git a/app/views/common_parameters/_parameter.erb b/app/views/common_parameters/_parameter.erb > index 99b419d..52de5a3 100644 > --- a/app/views/common_parameters/_parameter.erb > +++ b/app/views/common_parameters/_parameter.erb > @@ -2,14 +2,22 @@ >
> <%= f.label :name %>
>
>
> - <%= f.text_field :name %>
> + <% if authorized_for(:host_editing, :edit_params) -%>
> + <%= f.text_field :name %>
> + <% else -%>
> + <%= f.text_field :name, :disabled => 'true' %>
> + <% end -%>
>
>
> <%= f.label :value %>
>
> <%= f.hidden_field :nested %>
> diff --git a/app/views/common_parameters/_parameters.erb b/app/views/common_parameters/_parameters.erb
> index 21fad5e..0436af9 100644
> --- a/app/views/common_parameters/_parameters.erb
> +++ b/app/views/common_parameters/_parameters.erb
> @@ -2,5 +2,5 @@
> <% f.fields_for type do |builder| -%>
> <%= render "common_parameters/parameter", :f => builder %>
> <% end -%>
> -
> - <%= f.text_field :value, :class => "span10" %>
> - <%= authorized_via_my_scope(params[:controller], params[:action]) ? link_to_remove_fields("remove", f) : "" %>
> + <% if authorized_for(:host_editing, :edit_params) -%>
> + <%= f.text_field :value, :class => "span10" %>
> + <% else -%>
> + <%= f.text_field :value, :class => "span10", :disabled => 'true' %>
> + <% end -%>
> + <%= authorized_for(:host_editing, :destroy_params) ? link_to_remove_fields("remove", f) : "" -%>
>
> <%= authorized_via_my_scope(params[:controller], params[:action]) ? link_to_add_fields("+", f, type, "common_parameters/parameter") : "Add a parameter" %>
> +<%= authorized_for(:host_editing, :create_params) ? link_to_add_fields("+", f, type, "common_parameters/parameter") : "" %>
> <% end -%> > diff --git a/app/views/puppetclasses/_class_selection.html.erb b/app/views/puppetclasses/_class_selection.html.erb > index 6937afb..e9e4a07 100644 > --- a/app/views/puppetclasses/_class_selection.html.erb > +++ b/app/views/puppetclasses/_class_selection.html.erb > @@ -4,9 +4,15 @@ > <%# hidden field to ensure that classes gets removed if none are defined -%> > <%= hidden_field_tag obj.class.to_s.downcase + "[puppetclass_ids][]" %> >-
> - <%= render :partial => "puppetclasses/selectedClasses",
> - :collection => obj.puppetclasses ,:as => :klass,
> - :locals => { :type => obj.class.to_s.downcase } %>
> + <% if authorized_for(:host_editing, :edit_classes) -%>
> + <%= render :partial => "puppetclasses/selectedClasses",
> + :collection => obj.puppetclasses ,:as => :klass,
> + :locals => { :type => obj.class.to_s.downcase } %>
> + <% else -%>
> + <% obj.puppetclasses.each do |klass| %>
> +
- <%= h klass.name %> > + <% end -%> > + <% end -%> >
-
> <% parent_classes(obj).each do |klass| %>
> diff --git a/app/views/puppetclasses/_classes.html.erb b/app/views/puppetclasses/_classes.html.erb
> index df5a77c..b5f0c27 100644
> --- a/app/views/puppetclasses/_classes.html.erb
> +++ b/app/views/puppetclasses/_classes.html.erb
> @@ -6,8 +6,12 @@
>
- <%= link_to_function image_tag("bullet_toggle_plus.png") + " " + list.first, "$('#pc_#{list.first}').fadeToggle('slow')" %>
>
-
> <% for klass in list.last.sort -%>
> - <% content_tag_for :li, klass, :title => "Click to add #{klass}", :class=> "#{cycle('even', 'odd')}" do %>
> - <%= klass.name + link_to_add_puppetclass(klass, type) %>
> + <% if not authorized_for(:host_editing, :edit_classes) -%>
> +
- <%= h klass.name %> > + <% else -%> > + <% content_tag_for :li, klass, :title => "Click to add #{klass}", :class=> "#{cycle('even', 'odd')}" do %> > + <%= klass.name + link_to_add_puppetclass(klass, type) %> > + <% end -%> > <% end -%> > <% end -%> >