[Kimchi-devel] [PATCH v2 4/4] Limit user access to REST API /host.

Leonardo Garcia lagarcia at linux.vnet.ibm.com
Thu Feb 13 02:28:19 UTC 2014


From: Leonardo Garcia <lagarcia at br.ibm.com>

There is a need to restrict access to the REST API /host on POST, PUT,
and DELETE HTTP methods to user with admin rights. In the context of the
authorization feature developed, that means the user needs to have sudo
rights to run any commands on the system in order to be able to access
the /host REST API using POST, PUT, and DELETE HTTP methods.

Signed-off-by: Leonardo Garcia <lagarcia at br.ibm.com>
---
 src/kimchi/control/host.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/kimchi/control/host.py b/src/kimchi/control/host.py
index 053c822..624e0d2 100644
--- a/src/kimchi/control/host.py
+++ b/src/kimchi/control/host.py
@@ -27,7 +27,7 @@ from kimchi.control.base import Collection, Resource
 from kimchi.control.utils import UrlSubNode
 
 
- at UrlSubNode("host", True)
+ at UrlSubNode("host", True, ['POST', 'PUT', 'DELETE'])
 class Host(Resource):
     def __init__(self, model, id=None):
         super(Host, self).__init__(model, id)
-- 
1.8.5.3




More information about the Kimchi-devel mailing list