Allowed users can now see last connections and passwords.

LibrIT · Mar 11, 2022 · 03bb72b · 03bb72b
1 parent 48f58ca
commit 03bb72b
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 16 deletions.
diff --git a/passhweb/app/templates/html_elements/macros/links.html b/passhweb/app/templates/html_elements/macros/links.html
@@ -22,11 +22,13 @@
             <i class="fa fa-users"></i> <p>Usergroups</p>
         </a>
     </li>
+    {% endif %}
     <li{% if link == '/list/target' %} class="nav-item active"{% endif %}>
         <a class="nav-link" href="/list/target">
             <i class="fa fa-desktop"></i> <p>Targets</p>
         </a>
     </li>
+    {% if manager or superadmin %}
     <li{% if link == '/list/targetgroup' %} class="nav-item active"{% endif %}>
         <a class="nav-link" href="/list/targetgroup">
             <i class="fa fa-server"></i> <p>Targetgroups</p>

diff --git a/passhweb/app/templates/pages/target.html b/passhweb/app/templates/pages/target.html
@@ -30,11 +30,9 @@
                         {% include "boxes/delete.html" %}
                     {% endif %}
                     {% include "boxes/target_infos.html" %}
-                    {% if superadmin %}
-                        {% include "boxes/target_lastconnections.html" %}
-                        {% if  elt[0]["Target type"] == "ssh" %}
-                            {% include "boxes/target_password_list.html" %}
-                        {% endif %}
+                    {% include "boxes/target_lastconnections.html" %}
+                    {% if  elt[0]["Target type"] == "ssh" %}
+                        {% include "boxes/target_password_list.html" %}
                     {% endif %}
                 {% endif %}
             </div>
@@ -67,9 +65,9 @@
     {% include "scripts/target_form.html" %}
     {% if superadmin and elt %}
         {% include "scripts/element_delete.html" %}
+    {% endif %}
         {% include "scripts/target_lastconnections.html" %}
         {% include "scripts/target_password_list.html" %}
-    {% endif %}
     {% if elt %}
         {% include "scripts/target_infos.html" %}
         {% if superadmin %}

diff --git a/passhweb/app/views.py b/passhweb/app/views.py
@@ -243,9 +243,6 @@ def genconfig():
 @login_required
 def listelement(element):
     """Return a listing page for the element type entered (target, user...)"""
-    if not is_superadmin() and not is_manager() and element != "player":
-        return redirect('/')
-
     return render_template('pages/listelement.html', 
                            pagename = element + " list",
                            superadmin = is_superadmin(),
@@ -485,11 +482,11 @@ def amemberof(element, obj, name):
 @login_required
 def atargetlastconnections(name):
     """Return a datatable list of las logs dates and users for this target"""
-    if not is_superadmin():
-        return "Not allowed", 403, \
+    if is_superadmin() or  is_allowed(name):
+        lastconnections = rf.get_target_lastconnections_datatable(name)
+        return str(lastconnections)
+    return "Not allowed", 403, \
                {"content-type": "text/plain; charset=utf-8"}
-    lastconnections = rf.get_target_lastconnections_datatable(name)
-    return str(lastconnections)
 
 
 @app.route('/ajax/connection/ssh/current')
@@ -561,10 +558,10 @@ def acloseaccess(targetname, username = None):
 @login_required
 def agetpassword(targetname):
     """List the last known root passwords of a target"""
-    if not is_superadmin():
-        return "Not allowed", 403, \
+    if is_superadmin() or is_allowed(targetname):
+        return rf.get_password_datatable(targetname)
+    return "Not allowed", 403, \
                {"content-type": "text/plain; charset=utf-8"}
-    return rf.get_password_datatable(targetname)
 
 
 @app.route('/ajax/namelist/<element>')