Skip to content
Snippets Groups Projects
Commit b535df56 authored by Rajmund Hruška's avatar Rajmund Hruška
Browse files

Restrict getClients API to clients with 'manage' flag

parent 47d3e026
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
warden_server/warden_server.py
+ 9
2
View file @ b535df56
......@@ -305,6 +305,12 @@ class PlainAuthenticator(ObjectBase):
return None
return client
if method.manage:
if not client.manage:
self.log.info("authorize: failed, client does not have manage enabled")
return None
return client
if method.read:
if not client.read:
self.log.info("authorize: failed, client does not have read enabled")
......@@ -1431,13 +1437,14 @@ class PostgreSQL(DataBase):
return ["DELETE FROM events WHERE id <= %s"], [(id_,)], 0
def expose(read=True, write=False, debug=False):
def expose(read=True, write=False, debug=False, manage=False):
def expose_deco(meth):
meth.exposed = True
meth.read = read
meth.write = write
meth.debug = debug
meth.manage = manage
if not hasattr(meth, "arguments"):
meth.arguments = get_method_params(meth)
return meth
......@@ -1630,7 +1637,7 @@ class WardenHandler(ObjectBase):
info["description"] = self.description
return info
@expose(read=True)
@expose(manage=True)
@json_wrapper
def getClients(self):
clients = self.db.get_clients()
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment