error message when user tries to create slice but doesn't have permission

diff --git a/planetstack/core/xoslib/methods/tenantview.py b/planetstack/core/xoslib/methods/tenantview.py
index b2e0e0e..3fa98f6 100644 (file)
--- a/planetstack/core/xoslib/methods/tenantview.py
+++ b/planetstack/core/xoslib/methods/tenantview.py
@@ -50,6 +50,10 @@ def getTenantViewDict(user):
     for auser in user.site.users.all():
         site_users.append(auser)
 
+    user_site_roles=[]
+    for priv in user.site.siteprivileges.filter(user=user):
+        user_site_roles.append(priv.role.role)
+
     blessed_service_classes = [ServiceClass.objects.get(name="Best Effort")]
 
     return {"id": 0,
@@ -68,6 +72,7 @@ def getTenantViewDict(user):
             "current_user_login_base": user.site.login_base,
             "current_user_site_users": [auser.id for auser in site_users],
             "current_user_site_user_names": [auser.email for auser in site_users],
+            "current_user_can_create_slice": user.is_admin or ("pi" in user_site_roles) or ("admin" in user_site_roles),
             }
 
 class TenantList(APIView):

diff --git a/planetstack/core/xoslib/static/js/xosTenant.js b/planetstack/core/xoslib/static/js/xosTenant.js
index 268b8ca..cb816a8 100644 (file)
--- a/planetstack/core/xoslib/static/js/xosTenant.js
+++ b/planetstack/core/xoslib/static/js/xosTenant.js
@@ -170,6 +170,12 @@ XOSTenantApp.adjustCollectionField = function(collectionName, id, fieldName, amo
 \r
 XOSTenantApp.addSlice = function() {\r
     var app=this;\r
+\r
+    if (!xos.tenant().current_user_can_create_slice) {\r
+        window.alert("You do not have sufficient rights to create a slice on your site");\r
+        return;\r
+    }\r
+\r
     model = new xos.slicesPlus.model({site: xos.tenant().current_user_site_id,\r
                                       name: xos.tenant().current_user_login_base + "_"});\r
     console.log(model);\r