[Kimchi-devel] [PATCH v2 4/4] Limit user access to REST API /host.
Aline Manera
alinefm at linux.vnet.ibm.com
Sun Feb 16 13:57:28 UTC 2014
I didn't apply this patch because the tests need to be updated to run
accordingly to this modification
I will update the tests in a new patch set and then apply it and all
changes to block Kimchi URIs to non-root users.
On 02/13/2014 12:28 AM, Leonardo Garcia wrote:
> From: Leonardo Garcia <lagarcia at br.ibm.com>
>
> There is a need to restrict access to the REST API /host on POST, PUT,
> and DELETE HTTP methods to user with admin rights. In the context of the
> authorization feature developed, that means the user needs to have sudo
> rights to run any commands on the system in order to be able to access
> the /host REST API using POST, PUT, and DELETE HTTP methods.
>
> Signed-off-by: Leonardo Garcia <lagarcia at br.ibm.com>
> ---
> src/kimchi/control/host.py | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/kimchi/control/host.py b/src/kimchi/control/host.py
> index 053c822..624e0d2 100644
> --- a/src/kimchi/control/host.py
> +++ b/src/kimchi/control/host.py
> @@ -27,7 +27,7 @@ from kimchi.control.base import Collection, Resource
> from kimchi.control.utils import UrlSubNode
>
>
> - at UrlSubNode("host", True)
> + at UrlSubNode("host", True, ['POST', 'PUT', 'DELETE'])
> class Host(Resource):
> def __init__(self, model, id=None):
> super(Host, self).__init__(model, id)
More information about the Kimchi-devel
mailing list