def snapshot_create(): # Get systems depending on permissions. if does_user_have_workflow_permission('systems.all.snapshot'): # User can snapshot all systems. systems = get_systems(order='id', order_asc=False, virtual_only=True) elif does_user_have_any_system_permission('snapshot'): # Select all VMs where the user has permission to snapshot query_where = ( """WHERE (`cmdb_id` IS NOT NULL AND `cmdb_operational_status` = "In Service") AND `vmware_uuid` IS NOT NULL AND (`id` IN (SELECT `system_id` FROM `p_system_perms_view` WHERE (`type` = '0' AND `perm` = 'snapshot' AND `who` = %s) OR (`type` = '1' AND `perm` = 'snapshot' AND `who` IN (SELECT `group` FROM `ldap_group_cache` WHERE `username` = %s)))) ORDER BY `id` DESC""", (session["username"], session["username"]), ) systems = get_systems(where_clause=query_where) else: abort(403) # Create the values dict. values = {} if request.method == 'POST': values['snapshot_name'] = request.form.get( 'snapshot_name', 'Snapshot - {}'.format(session['username']))[:80] values['snapshot_task'] = request.form.get('snapshot_task', '') values['snapshot_expiry'] = request.form.get('snapshot_expiry', None) values['snapshot_comments'] = request.form.get('snapshot_comments', '') values['snapshot_username'] = session['username'] values['snapshot_memory'] = 'snapshot_memory' in request.form values['snapshot_cold'] = 'snapshot_cold' in request.form values['systems'] = list(set(request.form.getlist('systems[]'))) values['snapshot_systems'] = [] # Before starting the task check the permissions. error = False if not does_user_have_workflow_permission('systems.all.snapshot'): for system in values['systems']: try: vm = next(i for i in systems if i['name'] == system) except StopIteration: flash( 'You do not have permission to snapshot one or more select VMs. Please try again.', 'alert-danger') error = True else: values['snapshot_systems'].append(vm) if not does_user_have_system_permission( vm['id'], 'snapshot'): flash( 'You do not have permission to snapshot {}, please remove this from the list of systems and try again.' .format(vm['name']), 'alert-danger') error = True if error: return workflow.render_template('create.html', title='Create VMware Snapshot', systems=systems, values=values) # Task Options options = {} options['wfconfig'] = workflow.config options['values'] = values # Everything should be good - start a task. neocortex = cortex.lib.core.neocortex_connect() task_id = neocortex.create_task(__name__, session['username'], options, description='Create a VMware Snapshot') # Redirect to the status page for the task return redirect(url_for('task_status', task_id=task_id)) if 'systems' in request.args: values['snapshot_systems'] = [] for system in request.args['systems'].strip(',').split(','): try: vm = next(i for i in systems if i['id'] == int(system)) except StopIteration: pass # System not in Systems List (Likely not a VM then). except ValueError: pass # System was not an int. else: values['snapshot_systems'].append(vm) return workflow.render_template('create.html', title='Create VMware Snapshot', systems=systems, values=values)
def decorated_function(*args, **kwargs): if not does_user_have_workflow_permission(permission): abort(403) return fn(*args, **kwargs)
def snapshot_create_permission_callback(): return does_user_have_workflow_permission( 'systems.all.snapshot') or does_user_have_any_system_permission( 'snapshot')
def decorated_function(*args, **kwargs): if not does_user_have_workflow_permission(permission): abort(403) return func(*args, **kwargs)
def context_processor(): """This function is called on every page load. It injects a 'workflows' variable in to every render_template call, which is used to populate the Workflows menu on the page. It also injects the list of menu items and the items in the menus.""" # We return a dictionary with each key being a variable to set # within the template. injectdata = dict() # Inject the workflows variable which is a list of loaded workflows. We # filter this to just the ones the user is allowed to use. injectdata['workflows'] = [] for fn in app.wf_functions: if fn['menu']: if does_user_have_workflow_permission(fn['permission']): injectdata['workflows'].append(fn) # Inject the menu items # Favourites menu favourites = [] if does_user_have_permission("systems.own.view") or does_user_have_permission("systems.all.view"): favourites = [{'link': url_for('favourites'), 'title': 'All Favourites', 'icon': 'fa-star'}] for fav_class in app.config['FAVOURITE_CLASSES']: favourites.append({'link': url_for('favourites_by_type', system_type=fav_class), 'title': 'Favourited ' + fav_class + ' systems', 'icon': 'fa-star'}) # Set up the Systems menu, based on a single permission systems = [] if does_user_have_permission("systems.own.view") or does_user_have_permission("systems.all.view"): systems.append({'link': url_for('systems'), 'title': 'All systems', 'icon': 'fa-list'}) if does_user_have_permission("systems.all.view"): systems.append({'link': url_for('systems_nocmdb'), 'title': 'Systems without a CMBD record', 'icon': 'fa-list'}) systems.append({'link': url_for('systems_expired'), 'title': 'Expired systems', 'icon': 'fa-list'}) if does_user_have_permission("sysrequests.own.view") or does_user_have_permission("sysrequests.all.view"): systems.append({'link': url_for('sysrequests'), 'title': 'System requests', 'icon': 'fa-list'}) # Set up the VMware menu, based on a single permission vmware = [] if does_user_have_permission("vmware.view"): vmware = [ {'link': url_for('vmware_os'), 'title': 'Operating systems', 'icon': 'fa-pie-chart'}, {'link': url_for('vmware_hwtools'), 'title': 'Hardware & tools', 'icon': 'fa-pie-chart'}, {'link': url_for('vmware_specs'), 'title': 'RAM & CPU', 'icon': 'fa-pie-chart'}, {'link': url_for('vmware_clusters'), 'title': 'Clusters', 'icon': 'fa-cubes'}, {'link': url_for('vmware_data'), 'title': 'VM data', 'icon': 'fa-th'}, {'link': url_for('vmware_data_unlinked'), 'title': 'Unlinked VMs', 'icon': 'fa-frown-o'}, {'link': url_for('vmware_history'), 'title': 'History', 'icon': 'fa-line-chart'} ] # Set up the Puppet menu, based on permissions puppet = [] if does_user_have_permission("puppet.dashboard.view"): puppet.append({'link': url_for('puppet_dashboard'), 'title': 'Dashboard', 'icon': 'fa-dashboard'}) if does_user_have_permission("puppet.nodes.view"): puppet.append({'link': url_for('puppet_nodes'), 'title': 'Nodes', 'icon': 'fa-server'}) if does_user_have_permission("puppet.default_classes.view"): puppet.append({'link': url_for('puppet_enc_default'), 'title': 'Default classes', 'icon': 'fa-globe'}) if does_user_have_permission("puppet.dashboard.view"): puppet.append({'link': url_for('puppet_radiator'), 'title': 'Radiator view', 'icon': 'fa-desktop'}) if does_user_have_permission("puppet.nodes.view"): puppet.append({'link': '*puppet_search', 'title': 'Configuration search', 'icon': 'fa-search'}) # Set up the certificates menu, based on permissions certificates = [] if does_user_have_permission("certificates.view"): certificates.append({'link': url_for('certificates'), 'title': 'Certificates', 'icon': 'fa-certificate'}) if does_user_have_permission("certificates.stats"): certificates.append({'link': url_for('certificate_statistics'), 'title': 'Statistics', 'icon': 'fa-pie-chart'}) # Set up the Admin menu, based on permissions admin = [] if does_user_have_permission("classes.view"): admin.append({'link': url_for('admin_classes'), 'title': 'Classes', 'icon': 'fa-table'}) if does_user_have_permission("tasks.view"): admin.append({'link': url_for('admin_tasks'), 'title': 'Tasks', 'icon': 'fa-tasks'}) if does_user_have_permission("events.view"): admin.append({'link': url_for('admin_events'), 'title': 'Events', 'icon': 'fa-list-alt'}) if does_user_have_permission("specs.view"): admin.append({'link': url_for('admin_specs'), 'title': 'VM Specs', 'icon': 'fa-sliders'}) if does_user_have_permission(["maintenance.vmware", "maintenance.cmdb", "maintenance.expire_vm", "maintenance.sync_puppet_servicenow", "maintenance.cert_scan", "maintenance.lock_workflows", "maintenance.rubrik_policy_check", "maintenance.student_vm"]): admin.append({'link': url_for('admin_maint'), 'title': 'Maintenance', 'icon': 'fa-gears'}) if does_user_have_permission("systems.allocate_name"): admin.append({'link': url_for('systems_new'), 'title': 'Allocate system name', 'icon': 'fa-plus'}) if does_user_have_permission("systems.add_existing"): admin.append({'link': url_for('systems_add_existing'), 'title': 'Add existing system', 'icon': 'fa-plus'}) # Sets up the permissions menu perms = [] if does_user_have_permission("admin.permissions"): perms.append({'link': url_for('perms_roles'), 'title': 'Permission Roles', 'icon': 'fa-user-secret'}) perms.append({'link': url_for('system_perms_roles'), 'title': 'System Permission Roles', 'icon': 'fa-user-secret'}) perms.append({'link': url_for('systems_withperms'), 'title': 'Systems with permissions', 'icon': 'fa-list'}) # Set injectdata default options. injectdata['menu'] = { 'systems': systems, 'favourites': favourites, 'vmware': vmware, 'puppet': puppet, 'certificates': certificates, 'admin': admin, 'perms': perms } injectdata['classic_layout'] = False injectdata['sidebar_expand'] = False if 'username' in session: # Determine the layout mode for the user try: if str(g.redis.get('user:'******'username'] + ":preferences:interface:layout"), 'utf-8') == "classic": injectdata['classic_layout'] = True except Exception as ex: pass # Determine theme for the user try: if str(g.redis.get('user:'******'username'] + ":preferences:interface:theme"), 'utf-8') == "dark": injectdata['theme'] = "dark" except Exception as ex: pass # Determine whether to expand sidebar. try: if str(g.redis.get('user:'******'username'] + ':preferences:interface:sidebar'), 'utf-8') == 'expand': injectdata['sidebar_expand'] = True except Exception as ex: pass # Add the banner message. try: injectdata['banner_message'] = app.config['BANNER_MESSAGE'] except KeyError: pass return injectdata
def adddisk_add(): selected_system = None systems = None if request.method == "GET" and "system" in request.args and request.args["system"].strip(): try: selected_system = get_system_by_id(int(request.args["system"].strip())) except ValueError: pass # System was not an int. else: # Ensure the system is actually a VM selected_system = selected_system if selected_system["vmware_uuid"] else None # Check permissions on this system if not does_user_have_system_permission(selected_system["id"], "adddisk") and not does_user_have_workflow_permission("systems.all.adddisk"): abort(403) # If a system was not selected, get all systems if not selected_system: # Get systems depending on permissions. if does_user_have_workflow_permission("systems.all.adddisk"): # User can add disks to all systems. systems = get_systems(order='id', order_asc=False, virtual_only=True) elif does_user_have_any_system_permission("adddisk"): # Select all VMs where the user has permission to add disks query_where = ( """WHERE (`cmdb_id` IS NOT NULL AND `cmdb_operational_status` = "In Service") AND `vmware_uuid` IS NOT NULL AND (`id` IN (SELECT `system_id` FROM `system_perms_view` WHERE (`type` = '0' AND `perm` = 'adddisk' AND `who` = %s) OR (`type` = '1' AND `perm` = 'adddisk' AND `who` IN (SELECT `group` FROM `ldap_group_cache` WHERE `username` = %s)))) ORDER BY `id` DESC""", (session["username"], session["username"]), ) systems = get_systems(where_clause=query_where) else: abort(403) if request.method == "POST": # Get the values values = {k: request.form.get(k) if k in request.form else abort(400) for k in ["adddisk_task", "adddisk_size", "adddisk_system_id"]} values["adddisk_task"] = values["adddisk_task"] if values["adddisk_task"] else "unknown" try: values["adddisk_size"] = int(values["adddisk_size"]) except ValueError: abort(400) if not MIN_DISK_SIZE <= values["adddisk_size"] <= MAX_DISK_SIZE: flash("Invalid disk size! Please choose a size between {} and {} GiB".format(MIN_DISK_SIZE, MAX_DISK_SIZE)) else: # Check permissions before starting task if not does_user_have_system_permission(values["adddisk_system_id"], "adddisk") and not does_user_have_workflow_permission("systems.all.adddisk"): abort(403) # Task Options options = {} options["wfconfig"] = workflow.config options["values"] = values # Everything should be good - start a task. neocortex = cortex.lib.core.neocortex_connect() task_id = neocortex.create_task(__name__, session["username"], options, description="Add VMware disk") # Log the Task ID cortex.lib.core.log(__name__, "workflow.adddisk.add", "Add disk task {} started by {} with ServiceNow task {}".format(task_id, session["username"], values["adddisk_task"])) # Redirect to the status page for the task return redirect(url_for("task_status", task_id=task_id)) return workflow.render_template("add.html", title="Add VMware Disk", selected_system=selected_system, systems=systems)
def adddisk_create_permission_callback(): return does_user_have_workflow_permission("systems.all.adddisk") or does_user_have_any_system_permission("adddisk")
def context_processor(): """This function is called on every page load. It injects a 'workflows' variable in to every render_template call, which is used to populate the Workflows menu on the page. It also injects the list of menu items and the items in the menus.""" # We return a dictionary with each key being a variable to set # within the template. injectdata = dict() # Inject the workflows variable which is a list of loaded workflows. We # filter this to just the ones the user is allowed to use. injectdata['workflows'] = [] for fn in app.wf_functions: if fn['menu']: if does_user_have_workflow_permission(fn['permission']): injectdata['workflows'].append(fn) # Inject the menu items # Set up the Systems menu, based on a single permission systems = [] if does_user_have_permission("systems.all.view"): systems = [ {'link': url_for('systems'), 'title': 'All systems', 'icon': 'fa-list'}, {'link': url_for('systems_nocmdb'), 'title': 'Systems without a CMBD record', 'icon': 'fa-list'}, {'link': url_for('systems_expired'), 'title': 'Expired systems', 'icon': 'fa-list'} ] # Set up the VMware menu, based on a single permission vmware = [] if does_user_have_permission("vmware.view"): vmware = [ {'link': url_for('vmware_os'), 'title': 'Operating systems', 'icon': 'fa-pie-chart'}, {'link': url_for('vmware_hwtools'), 'title': 'Hardware & tools', 'icon': 'fa-pie-chart'}, {'link': url_for('vmware_specs'), 'title': 'RAM & CPU', 'icon': 'fa-pie-chart'}, {'link': url_for('vmware_clusters'), 'title': 'Clusters', 'icon': 'fa-cubes'}, {'link': url_for('vmware_data'), 'title': 'VM data', 'icon': 'fa-th'}, {'link': url_for('vmware_data_unlinked'), 'title': 'Unlinked VMs', 'icon': 'fa-frown-o'}, {'link': url_for('vmware_history'), 'title': 'History', 'icon': 'fa-line-chart'} ] # Set up the Puppet menu, based on permissions puppet = [] if does_user_have_permission("puppet.dashboard.view"): puppet.append({'link': url_for('puppet_dashboard'), 'title': 'Dashboard', 'icon': 'fa-dashboard'}) if does_user_have_permission("puppet.nodes.view"): puppet.append({'link': url_for('puppet_nodes'), 'title': 'Nodes', 'icon': 'fa-server'}) if does_user_have_permission("puppet.groups.view"): puppet.append({'link': url_for('puppet_groups'), 'title': 'Groups', 'icon': 'fa-object-group'}) if does_user_have_permission("puppet.default_classes.view"): puppet.append({'link': url_for('puppet_enc_default'), 'title': 'Default classes', 'icon': 'fa-globe'}) if does_user_have_permission("puppet.dashboard.view"): puppet.append({'link': url_for('puppet_radiator'), 'title': 'Radiator view', 'icon': 'fa-desktop'}) if does_user_have_permission("puppet.nodes.view"): puppet.append({'link': '*puppet_search', 'title': 'Configuration search', 'icon': 'fa-search'}) # Set up the Admin menu, based on permissions admin = [] if does_user_have_permission("classes.view"): admin.append({'link': url_for('admin_classes'), 'title': 'Classes', 'icon': 'fa-table'}) if does_user_have_permission("tasks.view"): admin.append({'link': url_for('admin_tasks'), 'title': 'Tasks', 'icon': 'fa-tasks'}) if does_user_have_permission(["maintenance.vmware", "maintenance.cmdb", "maintenance.expire_vm"]): admin.append({'link': url_for('admin_maint'), 'title': 'Maintenance', 'icon': 'fa-gears'}) if does_user_have_permission("systems.allocate_name"): admin.append({'link': url_for('systems_new'), 'title': 'Allocate system name', 'icon': 'fa-plus'}) if does_user_have_permission("systems.add_existing"): admin.append({'link': url_for('systems_add_existing'), 'title': 'Add existing system', 'icon': 'fa-plus'}) # Sets up the permissions menu perms = [] if does_user_have_permission("admin.permissions"): perms.append({'link': url_for('perms_roles'), 'title': 'Permission Roles', 'icon': 'fa-user-secret'}) perms.append({'link': url_for('systems_withperms'), 'title': 'Systems with permissions', 'icon': 'fa-list'}) #perms.append({'link': url_for('perms_roles'), 'title': 'User lookup', 'icon': 'fa-users'}) injectdata['menu'] = { 'systems': systems, 'vmware': vmware, 'puppet': puppet, 'admin': admin, 'perms': perms } # Determine the layout mode for the user injectdata['classic_layout'] = False if 'username' in session: try: if g.redis.get('user:'******'username'] + ":preferences:interface:layout") == "classic": injectdata['classic_layout'] = True except Exception as ex: pass return injectdata
def context_processor(): """This function is called on every page load. It injects a 'workflows' variable in to every render_template call, which is used to populate the Workflows menu on the page. It also injects the list of menu items and the items in the menus.""" # We return a dictionary with each key being a variable to set # within the template. injectdata = dict() # Inject the workflows variable which is a list of loaded workflows. We # filter this to just the ones the user is allowed to use. injectdata['workflows'] = [] for fn in app.wf_functions: if fn['menu']: if does_user_have_workflow_permission(fn['permission']): injectdata['workflows'].append(fn) # Inject the menu items # Favourites menu favourites = [] if does_user_have_permission( "systems.own.view") or does_user_have_permission( "systems.all.view"): favourites = [ { 'link': url_for('favourites'), 'title': 'All Favourites', 'icon': 'fa-star' }, { 'link': url_for('favourites_by_type', system_type='srv'), 'title': 'Favourited srv systems', 'icon': 'fa-star' }, { 'link': url_for('favourites_by_type', system_type='play'), 'title': 'Favourited play systems', 'icon': 'fa-star' }, ] # Set up the Systems menu, based on a single permission systems = [] if does_user_have_permission( "systems.own.view") or does_user_have_permission( "systems.all.view"): systems.append({ 'link': url_for('systems'), 'title': 'All systems', 'icon': 'fa-list' }) if does_user_have_permission("systems.all.view"): systems.append({ 'link': url_for('systems_nocmdb'), 'title': 'Systems without a CMBD record', 'icon': 'fa-list' }) systems.append({ 'link': url_for('systems_expired'), 'title': 'Expired systems', 'icon': 'fa-list' }) if does_user_have_permission( "sysrequests.own.view") or does_user_have_permission( "sysrequests.all.view"): systems.append({ 'link': url_for('sysrequests'), 'title': 'System requests', 'icon': 'fa-list' }) # Set up the VMware menu, based on a single permission vmware = [] if does_user_have_permission("vmware.view"): vmware = [{ 'link': url_for('vmware_os'), 'title': 'Operating systems', 'icon': 'fa-pie-chart' }, { 'link': url_for('vmware_hwtools'), 'title': 'Hardware & tools', 'icon': 'fa-pie-chart' }, { 'link': url_for('vmware_specs'), 'title': 'RAM & CPU', 'icon': 'fa-pie-chart' }, { 'link': url_for('vmware_clusters'), 'title': 'Clusters', 'icon': 'fa-cubes' }, { 'link': url_for('vmware_data'), 'title': 'VM data', 'icon': 'fa-th' }, { 'link': url_for('vmware_data_unlinked'), 'title': 'Unlinked VMs', 'icon': 'fa-frown-o' }, { 'link': url_for('vmware_history'), 'title': 'History', 'icon': 'fa-line-chart' }] # Set up the Puppet menu, based on permissions puppet = [] if does_user_have_permission("puppet.dashboard.view"): puppet.append({ 'link': url_for('puppet_dashboard'), 'title': 'Dashboard', 'icon': 'fa-dashboard' }) if does_user_have_permission("puppet.nodes.view"): puppet.append({ 'link': url_for('puppet_nodes'), 'title': 'Nodes', 'icon': 'fa-server' }) if does_user_have_permission("puppet.groups.view"): puppet.append({ 'link': url_for('puppet_groups'), 'title': 'Groups', 'icon': 'fa-object-group' }) if does_user_have_permission("puppet.default_classes.view"): puppet.append({ 'link': url_for('puppet_enc_default'), 'title': 'Default classes', 'icon': 'fa-globe' }) if does_user_have_permission("puppet.dashboard.view"): puppet.append({ 'link': url_for('puppet_radiator'), 'title': 'Radiator view', 'icon': 'fa-desktop' }) if does_user_have_permission("puppet.nodes.view"): puppet.append({ 'link': '*puppet_search', 'title': 'Configuration search', 'icon': 'fa-search' }) # Set up the Admin menu, based on permissions admin = [] if does_user_have_permission("classes.view"): admin.append({ 'link': url_for('admin_classes'), 'title': 'Classes', 'icon': 'fa-table' }) if does_user_have_permission("tasks.view"): admin.append({ 'link': url_for('admin_tasks'), 'title': 'Tasks', 'icon': 'fa-tasks' }) if does_user_have_permission("events.view"): admin.append({ 'link': url_for('admin_events'), 'title': 'Events', 'icon': 'fa-list-alt' }) if does_user_have_permission( ["maintenance.vmware", "maintenance.cmdb", "maintenance.expire_vm"]): admin.append({ 'link': url_for('admin_maint'), 'title': 'Maintenance', 'icon': 'fa-gears' }) if does_user_have_permission("systems.allocate_name"): admin.append({ 'link': url_for('systems_new'), 'title': 'Allocate system name', 'icon': 'fa-plus' }) if does_user_have_permission("systems.add_existing"): admin.append({ 'link': url_for('systems_add_existing'), 'title': 'Add existing system', 'icon': 'fa-plus' }) # Sets up the permissions menu perms = [] if does_user_have_permission("admin.permissions"): perms.append({ 'link': url_for('perms_roles'), 'title': 'Permission Roles', 'icon': 'fa-user-secret' }) perms.append({ 'link': url_for('systems_withperms'), 'title': 'Systems with permissions', 'icon': 'fa-list' }) #perms.append({'link': url_for('perms_roles'), 'title': 'User lookup', 'icon': 'fa-users'}) injectdata['menu'] = { 'systems': systems, 'favourites': favourites, 'vmware': vmware, 'puppet': puppet, 'admin': admin, 'perms': perms } # Determine the layout mode for the user injectdata['classic_layout'] = False if 'username' in session: try: if g.redis.get('user:'******'username'] + ":preferences:interface:layout") == "classic": injectdata['classic_layout'] = True except Exception as ex: pass # Determine theme for the user if 'username' in session: try: if g.redis.get('user:'******'username'] + ":preferences:interface:theme") == "dark": injectdata['theme'] = "dark" except Exception as ex: pass return injectdata
def snapshot_create(): # Don't go any further if workflows are currently locked raise_if_workflows_locked() # Get systems depending on permissions. if does_user_have_workflow_permission('systems.all.snapshot'): # User can snapshot all systems. systems = get_systems(order='id', order_asc=False, virtual_only=True) elif does_user_have_any_system_permission('snapshot'): # User can only snapshot certain systems. systems = get_systems(order='id', order_asc=False, virtual_only=True, show_allocated_and_perms=True, only_allocated_by=session['username']) else: abort(403) # Create the values dict. values = {} if request.method == 'GET': if 'systems' in request.args: values['snapshot_systems'] = [] for system in request.args['systems'].strip(',').split(','): try: vm = next(i for i in systems if i['id'] == int(system)) except StopIteration: pass # System not in Systems List (Likely not a VM then). except ValueError: pass # System was not an int. else: values['snapshot_systems'].append(vm) return workflow.render_template('create.html', systems=systems, values=values) elif request.method == 'POST': values['snapshot_name'] = request.form.get('snapshot_name', '') values['snapshot_task'] = request.form.get('snapshot_task', '') values['snapshot_expiry'] = request.form.get('snapshot_expiry', None) values['snapshot_comments'] = request.form.get('snapshot_comments', '') values['snapshot_username'] = session['username'] values['snapshot_memory'] = 'snapshot_memory' in request.form values['snapshot_cold'] = 'snapshot_cold' in request.form values['systems'] = list(set(request.form.getlist('systems[]'))) values['snapshot_systems'] = [] # Before starting the task check the permissions. error = False if not does_user_have_workflow_permission('systems.all.snapshot'): for system in values['systems']: try: vm = next(i for i in systems if i['name'] == system) except StopIteration: flash( 'You do not have permission to snapshot one or more select VMs. Please try again.', 'alert-danger') error = True else: values['snapshot_systems'].append(vm) if not does_user_have_system_permission( vm['id'], 'snapshot'): flash( 'You do not have permission to snapshot {}, please remove this from the list of systems and try again.' .format(vm['name']), 'alert-danger') error = True if error: return workflow.render_template('create.html', systems=systems, values=values) # Task Options options = {} options['wfconfig'] = workflow.config options['values'] = values # Everything should be good - start a task. neocortex = cortex.lib.core.neocortex_connect() task_id = neocortex.create_task(__name__, session['username'], options, description='Create a VMware Snapshot') # Redirect to the status page for the task return redirect(url_for('task_status', id=task_id))