- added: check if caller is admin

author Tony Mack <tmack@cs.princeton.edu>

Fri, 15 Sep 2006 20:27:39 +0000 (20:27 +0000)

committer Tony Mack <tmack@cs.princeton.edu>

Fri, 15 Sep 2006 20:27:39 +0000 (20:27 +0000)
author Tony Mack <tmack@cs.princeton.edu>
Fri, 15 Sep 2006 20:27:39 +0000 (20:27 +0000)
committer Tony Mack <tmack@cs.princeton.edu>
Fri, 15 Sep 2006 20:27:39 +0000 (20:27 +0000)
diff --git a/PLC/Methods/AdmRemoveNodeFromNodeGroup.py b/PLC/Methods/AdmRemoveNodeFromNodeGroup.py

index 03e54a9..d081365 100644 (file)
--- a/PLC/Methods/AdmRemoveNodeFromNodeGroup.py
+++ b/PLC/Methods/AdmRemoveNodeFromNodeGroup.py
@@ -38,6 +38,13 @@ class AdmRemoveNodeFromNodeGroup(Method):
  
          nodegroup = nodegroups.values()[0]
  
+       # Authenticated function
+        assert self.caller is not None
+
+        # make sure we are 'admin'
+        if 'admin' not in self.caller['roles']:
+                raise PLCPermissionDenied, "Not allowed to remove node from nodegroup"
+
         # add node to nodegroup
          if node['node_id'] in nodegroup['node_ids']:
              nodegroup.remove_node(node)
author	Tony Mack <tmack@cs.princeton.edu>
	Fri, 15 Sep 2006 20:27:39 +0000 (20:27 +0000)
committer	Tony Mack <tmack@cs.princeton.edu>
	Fri, 15 Sep 2006 20:27:39 +0000 (20:27 +0000)