Merge branch 'issue92' into development

rundeck · Nov 24, 2010 · ac94cd4 · ac94cd4
2 parents 60c307c + b653773
commit ac94cd4
Show file tree

Hide file tree

Showing 6 changed files with 6 additions and 41 deletions.
diff --git a/rundeckapp/grails-app/controllers/ExecutionController.groovy b/rundeckapp/grails-app/controllers/ExecutionController.groovy
@@ -39,12 +39,8 @@ class ExecutionController {
         Framework framework = frameworkService.getFrameworkFromUserSession(session,request)
         if(e.scheduledExecution){
             def ScheduledExecution scheduledExecution = e.scheduledExecution //ScheduledExecution.get(e.scheduledExecutionId)
-            def User user = User.findByLogin(session.user)
-            def boolean objexists = false
-            def boolean auth = false
-            auth=user && user.authorization.workflow_run
 
-            return [scheduledExecution: scheduledExecution, execution:e, filesize:filesize,jobauthorized:auth,objexists:objexists]
+            return [scheduledExecution: scheduledExecution, execution:e, filesize:filesize]
         }else{
             return [execution:e, filesize:filesize]
         }

diff --git a/rundeckapp/grails-app/controllers/ScheduledExecutionController.groovy b/rundeckapp/grails-app/controllers/ScheduledExecutionController.groovy
@@ -132,21 +132,13 @@ class ScheduledExecutionController  {
 
         def total = Execution.countByScheduledExecution(scheduledExecution)
 
-        def boolean objexists = false
-        def boolean auth = false
-        if(scheduledExecution.workflow){
-            auth=user && user.authorization.workflow_run
-        }else if (scheduledExecution.adhocExecution){
-            auth = frameworkService.userAuthorizedForScript(session.user,scheduledExecution.project,scheduledExecution.adhocRemoteString?scheduledExecution.adhocRemoteString:scheduledExecution.adhocLocalString,framework)
-        }
+        //todo: authorize job for workflow_read
 
 
         withFormat{
             html{
                 [scheduledExecution:scheduledExecution, crontab:crontab, params:params,
             executions:executions,
-            objexists:objexists,
-            authorized:auth,
             total:total,
             nextExecution:scheduledExecutionService.nextExecutionTime(scheduledExecution),
             max: params.max?params.max:10,
@@ -1900,23 +1892,12 @@ class ScheduledExecutionController  {
     }
     def executeScheduledExecution = {ScheduledExecution scheduledExecution, Framework framework, List rolelist,params->
         def User user = User.findByLogin(params.user)
-        if(!user || !user.authorization.workflow_run){
+        if(!user){
             def msg = g.message(code:'unauthorized.job.run.user',args:[params.user])
             log.error(msg)
             flash.error=msg
             return [error:'unauthorized',message:msg]
         }
-        if(scheduledExecution.adhocExecution){
-            if(! frameworkService.userAuthorizedForScript(params.user,
-                scheduledExecution.project,
-                scheduledExecution.adhocRemoteString?scheduledExecution.adhocRemoteString:scheduledExecution.adhocLocalString,
-                framework)){
-                def msg = g.message(code:'unauthorized.job.run.script',args:[params.user,scheduledExecution.project])
-                log.error(msg)
-                flash.error=msg
-                return [error:'unauthorized',message:msg]
-            }
-        }
 
         def extra = [:]
 

diff --git a/rundeckapp/grails-app/domain/User.groovy b/rundeckapp/grails-app/domain/User.groovy
@@ -4,15 +4,13 @@ class User {
     String firstName
     String lastName
     String email
-    UserAuth authorization
     Date dateCreated
     Date lastUpdated
 
     String dashboardPref
     String filterPref
     static hasMany = [reportfilters:ReportFilter,jobfilters:ScheduledExecutionFilter,nodefilters:NodeFilter]
     static constraints={
-		authorization(unique:true)
         firstName(nullable:true)
         lastName(nullable:true)
         email(nullable:true)

diff --git a/rundeckapp/grails-app/services/ExecutionService.groovy b/rundeckapp/grails-app/services/ExecutionService.groovy
@@ -555,7 +555,7 @@ class ExecutionService implements ApplicationContextAware, Executor{
             throw new Exception("Workflow is empty")
         }
         def User user = User.findByLogin(userName?userName:execMap.user)
-        if (!user || !user.authorization.workflow_run) {
+        if (!user) {
             throw new Exception(g.message(code:'unauthorized.job.run.user',args:[userName?userName:execMap.user]))
         }
         //convert argString into Map<String,String>

diff --git a/rundeckapp/grails-app/services/ReportService.groovy b/rundeckapp/grails-app/services/ReportService.groovy
@@ -59,17 +59,7 @@ class ReportService implements ReportAcceptor {
         }
         rep.properties = fields
 
-        //check authorization if "author" matches a User entry
-        def User u = User.findByLogin(rep.author)
-        if(u){
-            if(!u.authorization.events_create){
-                //disallowed, delete report
-                def auth=rep.author
-                System.err.println("User ${auth} FAILED access to reportService/makeReport: no authorization for: events_create");
-                rep.discard()
-                return
-            }
-        }
+        //TODO: authorize event creation?
 
         if (rep && !rep.save(flush: true)) {
             System.err.println("error saving report: ${fields}")

diff --git a/rundeckapp/grails-app/services/UserService.groovy b/rundeckapp/grails-app/services/UserService.groovy
@@ -7,7 +7,7 @@ class UserService {
     def findOrCreateUser(String login) {
         def User user = User.findByLogin(login)
         if(!user){
-            def User u = new User(login:login,authorization:UserAuth.createDefault())
+            def User u = new User(login:login)
             if(!u.save(flush:true)){
                 System.err.println("unable to save user: ${u}, ${u.errors.each{g.message(error:it)}}");
             }