From c61d425dccf7b80cdbc32cdb3d13c825d77802e6 Mon Sep 17 00:00:00 2001
From: Tony Mack <tmack@cs.princeton.edu>
Date: Fri, 15 Sep 2006 20:27:39 +0000
Subject: [PATCH] - added: check if caller is admin

---
 PLC/Methods/AdmRemoveNodeFromNodeGroup.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/PLC/Methods/AdmRemoveNodeFromNodeGroup.py b/PLC/Methods/AdmRemoveNodeFromNodeGroup.py
index 03e54a9c..d0813653 100644
--- a/PLC/Methods/AdmRemoveNodeFromNodeGroup.py
+++ b/PLC/Methods/AdmRemoveNodeFromNodeGroup.py
@@ -38,6 +38,13 @@ class AdmRemoveNodeFromNodeGroup(Method):
 
         nodegroup = nodegroups.values()[0]
 
+	# Authenticated function
+        assert self.caller is not None
+
+        # make sure we are 'admin'
+        if 'admin' not in self.caller['roles']:
+                raise PLCPermissionDenied, "Not allowed to remove node from nodegroup"
+
 	# add node to nodegroup
         if node['node_id'] in nodegroup['node_ids']:
             nodegroup.remove_node(node)
-- 
2.47.0