diff --git a/warden_server/warden_server.py b/warden_server/warden_server.py index ffe7ce3661240e507df4c5104180eecb75f789da..c68e7a1b0354d3e6eb4fea84ca4aa48dac860b63 100755 --- a/warden_server/warden_server.py +++ b/warden_server/warden_server.py @@ -305,6 +305,12 @@ class PlainAuthenticator(ObjectBase): return None return client + if method.manage: + if not client.manage: + self.log.info("authorize: failed, client does not have manage enabled") + return None + return client + if method.read: if not client.read: self.log.info("authorize: failed, client does not have read enabled") @@ -1431,13 +1437,14 @@ class PostgreSQL(DataBase): return ["DELETE FROM events WHERE id <= %s"], [(id_,)], 0 -def expose(read=True, write=False, debug=False): +def expose(read=True, write=False, debug=False, manage=False): def expose_deco(meth): meth.exposed = True meth.read = read meth.write = write meth.debug = debug + meth.manage = manage if not hasattr(meth, "arguments"): meth.arguments = get_method_params(meth) return meth @@ -1630,7 +1637,7 @@ class WardenHandler(ObjectBase): info["description"] = self.description return info - @expose(read=True) + @expose(manage=True) @json_wrapper def getClients(self): clients = self.db.get_clients()