def allowed(self, request, datum): try: limits = api.nova.tenant_absolute_limits(request, reserved=True) instances_available = limits['maxTotalInstances'] \ - limits['totalInstancesUsed'] cores_available = limits['maxTotalCores'] \ - limits['totalCoresUsed'] ram_available = limits['maxTotalRAMSize'] - limits['totalRAMUsed'] if instances_available <= 0 or cores_available <= 0 \ or ram_available <= 0: if "disabled" not in self.classes: self.classes = [c for c in self.classes] + ['disabled'] self.verbose_name = string_concat(self.verbose_name, ' ', _("(Quota exceeded)")) else: self.verbose_name = _("Launch Instance") classes = [c for c in self.classes if c != "disabled"] self.classes = classes except Exception: LOG.exception("Failed to retrieve quota information") # If we can't get the quota information, leave it to the # API to check when launching return policy_is(request.user.username, 'admin')
def allowed(self, request, instance=None): """Allow terminate action if instance not currently being deleted.""" if request.user.username in ['auditadmin','appradmin']: return False roles = request.user.roles if len(roles)>=2: role = roles[1]['name'] if roles[0]['name']=='_member_' else roles[0]['name'] else: role = '_member_' return policy_is(request.user.username, 'admin', 'sysadmin') or role!='admin'
def allowed(self, request): # The ConsoleTab is available if settings.CONSOLE_TYPE is not set at # all, or if it's set to any value other than None or False. #return bool(getattr(settings, 'CONSOLE_TYPE', True)) roles = self.request.user.roles if len(roles) >= 2: role = roles[1]['name'] if roles[0][ 'name'] == '_member_' else roles[0]['name'] else: role = '_member_' return policy_is(self.request.user.username, 'admin', 'sysadmin') or role != 'admin'
def get_rows(self): """Return the row data for this table broken out by columns.""" rows = [] policy = policy_is(self.request.user.username, 'sysadmin', 'admin') for datum in self.filtered_data: row = self._meta.row_class(self, datum) if self.get_object_id(datum) == self.current_item_id: self.selected = True row.classes.append('current_selected') if not policy: del row.cells['actions'] rows.append(row) return rows
def get_context_data(self, **kwargs): context = super(DetailView, self).get_context_data(**kwargs) instance = self.get_data() context["instance"] = instance table = project_tables.InstancesTable(self.request) context["url"] = reverse(self.redirect_url) roles = self.request.user.roles if len(roles) >= 2: role = roles[1]['name'] if roles[0][ 'name'] == '_member_' else roles[0]['name'] else: role = '_member_' if policy_is(self.request.user.username, 'admin', 'sysadmin') or role != 'admin': context["actions"] = table.render_row_actions(instance) return context
def get_context_data(self, **kwargs): context = super(DetailView, self).get_context_data(**kwargs) network = self._get_data() # Needs to exclude agents table if dhcp-agent-scheduler extension # is not supported. try: dhcp_agent_support = api.neutron.is_extension_supported( self.request, 'dhcp_agent_scheduler') context['dhcp_agent_support'] = dhcp_agent_support except Exception: context['dhcp_agent_support'] = False table = networks_tables.NetworksTable(self.request) context["network"] = network context["url"] = self.get_redirect_url() if policy_is(self.request.user.username, 'user', 'sysadmin'): context["actions"] = table.render_row_actions(network) return context
def nav(self, context): username = context['request'].user.username return not (policy_is(username, 'sysadmin', 'appradmin', 'auditadmin', 'admin'))
def get_columns(self): self.columns['multi_select'].attrs = {'class': 'hide'} if not (policy_is(self.request.user.username, 'sysadmin', 'admin', 'syncadmin')): self.columns['actions'].attrs = {'class': 'hide'} return self.columns.values()
def nav(self, context): username = context['request'].user.username return policy_is(username, 'sysadmin', 'admin')
def allowed(self, request, volume=None): if volume: return volume.status in DELETABLE_STATES return policy_is(request.user.username, 'admin', 'sysamdin')
def allowed(self, request, image=None): if image and image.protected: return False if image: return image.owner == request.user.tenant_id and policy_is( request.user.username, 'admin', 'sysadmin')
def allowed(self, request, image=None): if image and image.container_format not in NOT_LAUNCHABLE_FORMATS: return image.status in ("active", ) and policy_is( request.user.username, 'admin', 'sysadmin')
def allowed(self, request, image=None): if (image and image.container_format not in NOT_LAUNCHABLE_FORMATS and base.is_service_enabled(request, 'volume')): return image.status == "active" and policy_is( request.user.username, 'admin', 'sysadmin') return False
def allowed(self, request, image=None): if image: return image.status in ("active",) and \ image.owner == request.user.tenant_id and policy_is(request.user.username, 'admin', 'sysadmin')
def allowed(self, request, snapshot=None): return (snapshot.status == "available") and policy_is(request.user.username, 'admin', 'sysadmin')
def allowed(self, request, datum=None): return policy_is(request.user.username, 'admin', 'sysadmin')
def allowed(self, request, image=None): if image and image.protected: return False else: return policy_is(request.user.username, 'admin', 'sysadmin')