From: Tony Mack <tmack@cs.princeton.edu>
Date: Fri, 15 Sep 2006 20:27:39 +0000 (+0000)
Subject: - added: check if caller is admin
X-Git-Tag: pycurl-7_13_1~751
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=c61d425dccf7b80cdbc32cdb3d13c825d77802e6;p=plcapi.git

- added: check if caller is admin
---

diff --git a/PLC/Methods/AdmRemoveNodeFromNodeGroup.py b/PLC/Methods/AdmRemoveNodeFromNodeGroup.py
index 03e54a9c..d0813653 100644
--- a/PLC/Methods/AdmRemoveNodeFromNodeGroup.py
+++ b/PLC/Methods/AdmRemoveNodeFromNodeGroup.py
@@ -38,6 +38,13 @@ class AdmRemoveNodeFromNodeGroup(Method):
 
         nodegroup = nodegroups.values()[0]
 
+	# Authenticated function
+        assert self.caller is not None
+
+        # make sure we are 'admin'
+        if 'admin' not in self.caller['roles']:
+                raise PLCPermissionDenied, "Not allowed to remove node from nodegroup"
+
 	# add node to nodegroup
         if node['node_id'] in nodegroup['node_ids']:
             nodegroup.remove_node(node)