-# $Id$
#
# Thierry Parmentelat - INRIA
#
-# $Revision: 9423 $
-#
from PLC.Faults import *
from PLC.Method import Method
from PLC.Parameter import Parameter, Mixed
from PLC.Auth import Auth
-from PLC.NodeTags import NodeTag, NodeTags
-from PLC.Nodes import Node, Nodes
-
-from PLC.Nodes import Node, Nodes
from PLC.Sites import Site, Sites
+from PLC.Nodes import Node, Nodes
+from PLC.TagTypes import TagType, TagTypes
+from PLC.NodeTags import NodeTag, NodeTags
class DeleteNodeTag(Method):
"""
Deletes the specified node tag
- Attributes may require the caller to have a particular role in order
- to be deleted, depending on the related node tag type.
- Admins may delete attributes of any slice or sliver.
+ Admins have full access. Non-admins need to
+ (1) have at least one of the roles attached to the tagtype,
+ and (2) belong in the same site as the tagged subject.
Returns 1 if successful, faults otherwise.
"""
- roles = ['admin', 'pi', 'user']
+ roles = ['admin', 'pi', 'user', 'tech']
accepts = [
Auth(),
returns = Parameter(int, '1 if successful')
- object_type = 'Node'
-
-
def call(self, auth, node_tag_id):
node_tags = NodeTags(self.api, [node_tag_id])
if not node_tags:
raise PLCInvalidArgument, "No such node tag %r"%node_tag_id
node_tag = node_tags[0]
- ### reproducing a check from UpdateSliceTag, looks dumb though
- nodes = Nodes(self.api, [node_tag['node_id']])
- if not nodes:
- raise PLCInvalidArgument, "No such node %r"%node_tag['node_id']
- node = nodes[0]
+ tag_type_id = node_tag['tag_type_id']
+ tag_type = TagTypes (self.api,[tag_type_id])[0]
- assert node_tag['node_tag_id'] in node['tag_ids']
+ nodes = Nodes (self.api, node_tag['node_id'])
+ if not nodes:
+ raise PLCInvalidArgument, "No such node %d"%node_tag['node_id']
+ node=nodes[0]
- # check permission : it not admin, is the user affiliated with the right site
- if 'admin' not in self.caller['roles']:
- # locate node
- node = Nodes (self.api,[node['node_id']])[0]
- # locate site
- site = Sites (self.api, [node['site_id']])[0]
- # check caller is affiliated with this site
- if self.caller['person_id'] not in site['person_ids']:
- raise PLCPermissionDenied, "Not a member of the hosting site %s"%site['abbreviated_site']
-
- required_min_role = tag_type ['min_role_id']
- if required_min_role is not None and \
- min(self.caller['role_ids']) > required_min_role:
- raise PLCPermissionDenied, "Not allowed to modify the specified node tag, requires role %d",required_min_role
+ # check authorizations
+ node.caller_may_write_tag(self.api,self.caller,tag_type)
node_tag.delete()
- self.object_ids = [node_tag['node_tag_id']]
+ self.object_ids = [node_tag['node_tag_id']]
return 1