From 02fbeb3d8ae6da8ed1ce4c83ec64fa174906c5f7 Mon Sep 17 00:00:00 2001 From: Thierry Parmentelat Date: Fri, 19 Nov 2010 14:25:53 +0100 Subject: [PATCH] show tagname when permission is denied --- PLC/Methods/AddIlink.py | 4 ++-- PLC/Methods/AddInterfaceTag.py | 4 ++-- PLC/Methods/AddNodeTag.py | 4 ++-- PLC/Methods/AddSiteTag.py | 4 ++-- PLC/Methods/DeleteIlink.py | 4 ++-- PLC/Methods/DeleteInterfaceTag.py | 4 ++-- PLC/Methods/DeleteNodeTag.py | 4 ++-- PLC/Methods/DeleteSiteTag.py | 4 ++-- PLC/Methods/UpdateIlink.py | 4 ++-- PLC/Methods/UpdateInterfaceTag.py | 4 ++-- PLC/Methods/UpdateNodeTag.py | 4 ++-- PLC/Methods/UpdateSiteTag.py | 4 ++-- 12 files changed, 24 insertions(+), 24 deletions(-) diff --git a/PLC/Methods/AddIlink.py b/PLC/Methods/AddIlink.py index c9d18b1..0a7066a 100644 --- a/PLC/Methods/AddIlink.py +++ b/PLC/Methods/AddIlink.py @@ -65,8 +65,8 @@ class AddIlink(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.interface_belongs_to_person (self.api, src_if, self.caller): pass elif src_if_id != dst_if_id and AuthorizeHelpers.interface_belongs_to_person (self.api, dst_if, self.caller): diff --git a/PLC/Methods/AddInterfaceTag.py b/PLC/Methods/AddInterfaceTag.py index 912e147..8d09fd0 100644 --- a/PLC/Methods/AddInterfaceTag.py +++ b/PLC/Methods/AddInterfaceTag.py @@ -61,8 +61,8 @@ class AddInterfaceTag(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.interface_belongs_to_person (self.api, interface, self.caller): pass else: diff --git a/PLC/Methods/AddNodeTag.py b/PLC/Methods/AddNodeTag.py index 43e075f..fc64d1e 100644 --- a/PLC/Methods/AddNodeTag.py +++ b/PLC/Methods/AddNodeTag.py @@ -64,8 +64,8 @@ class AddNodeTag(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.node_belongs_to_person (self.api, node, self.caller): pass else: diff --git a/PLC/Methods/AddSiteTag.py b/PLC/Methods/AddSiteTag.py index cde238f..3c59f0b 100644 --- a/PLC/Methods/AddSiteTag.py +++ b/PLC/Methods/AddSiteTag.py @@ -62,8 +62,8 @@ class AddSiteTag(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.person_belongs_to_site (self.api, self.caller, site): pass else: diff --git a/PLC/Methods/DeleteIlink.py b/PLC/Methods/DeleteIlink.py index 6452b0d..0d07dfe 100644 --- a/PLC/Methods/DeleteIlink.py +++ b/PLC/Methods/DeleteIlink.py @@ -53,8 +53,8 @@ class DeleteIlink(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.interface_belongs_to_person (self.api, src_if, self.caller): pass elif src_if_id != dst_if_id and AuthorizeHelpers.interface_belongs_to_person (self.api, dst_if, self.caller): diff --git a/PLC/Methods/DeleteInterfaceTag.py b/PLC/Methods/DeleteInterfaceTag.py index 187d25e..1bb4aad 100644 --- a/PLC/Methods/DeleteInterfaceTag.py +++ b/PLC/Methods/DeleteInterfaceTag.py @@ -45,8 +45,8 @@ class DeleteInterfaceTag(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.interface_belongs_to_person (self.api, interface, self.caller): pass else: diff --git a/PLC/Methods/DeleteNodeTag.py b/PLC/Methods/DeleteNodeTag.py index bd99f0e..48b467f 100644 --- a/PLC/Methods/DeleteNodeTag.py +++ b/PLC/Methods/DeleteNodeTag.py @@ -47,8 +47,8 @@ class DeleteNodeTag(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.node_belongs_to_person (self.api, node, self.caller): pass else: diff --git a/PLC/Methods/DeleteSiteTag.py b/PLC/Methods/DeleteSiteTag.py index f0e87c3..3aa8d83 100644 --- a/PLC/Methods/DeleteSiteTag.py +++ b/PLC/Methods/DeleteSiteTag.py @@ -46,8 +46,8 @@ class DeleteSiteTag(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.person_belongs_to_site (self.api, self.caller, site): pass else: diff --git a/PLC/Methods/UpdateIlink.py b/PLC/Methods/UpdateIlink.py index 05daf17..97b14b6 100644 --- a/PLC/Methods/UpdateIlink.py +++ b/PLC/Methods/UpdateIlink.py @@ -49,8 +49,8 @@ class UpdateIlink(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.interface_belongs_to_person (self.api, src_if, self.caller): pass elif src_if_id != dst_if_id and AuthorizeHelpers.interface_belongs_to_person (self.api, dst_if, self.caller): diff --git a/PLC/Methods/UpdateInterfaceTag.py b/PLC/Methods/UpdateInterfaceTag.py index e29041f..1d52ea3 100644 --- a/PLC/Methods/UpdateInterfaceTag.py +++ b/PLC/Methods/UpdateInterfaceTag.py @@ -46,8 +46,8 @@ class UpdateInterfaceTag(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.interface_belongs_to_person (self.api, interface, self.caller): pass else: diff --git a/PLC/Methods/UpdateNodeTag.py b/PLC/Methods/UpdateNodeTag.py index 3cc7891..d8b8af7 100644 --- a/PLC/Methods/UpdateNodeTag.py +++ b/PLC/Methods/UpdateNodeTag.py @@ -48,8 +48,8 @@ class UpdateNodeTag(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.node_belongs_to_person (self.api, node, self.caller): pass else: diff --git a/PLC/Methods/UpdateSiteTag.py b/PLC/Methods/UpdateSiteTag.py index 901a875..fadd953 100644 --- a/PLC/Methods/UpdateSiteTag.py +++ b/PLC/Methods/UpdateSiteTag.py @@ -47,8 +47,8 @@ class UpdateSiteTag(Method): # check authorizations if 'admin' in self.caller['roles']: pass - elif not AuthorizeHelpers.person_access_tag_type (self.api, self.caller, tag_type): - raise PLCPermissionDenied, "%s, no permission to use this tag type"%self.name + elif not AuthorizeHelpers.caller_may_access_tag_type (self.api, self.caller, tag_type): + raise PLCPermissionDenied, "%s, forbidden tag %s"%(self.name,tag_type['tagname']) elif AuthorizeHelpers.person_belongs_to_site (self.api, self.caller, site): pass else: -- 2.43.0