Check user permissions when serving pages

Previously users could view pages with permissions even if they
could not see the monitoring tab

Change-Id: Id330685c4a644765088837288f924417a00b88f6

monitoring/alarmdefs/views.py

@@ -32,6 +32,8 @@ from monitoring.alarmdefs import tables as alarm_tables
 from monitoring.alarmdefs import workflows as alarm_workflows
 from monitoring import api
 
+from openstack_dashboard import policy
+
 LIMIT = 10
 PREV_PAGE_LIMIT = 100
 
@@ -57,6 +59,8 @@ class IndexView(tables.DataTableView):
         return results
 
     def get_context_data(self, **kwargs):
+        if not policy.check((('monitoring', 'monitoring:monitoring'), ), self.request):
+            raise exceptions.NotAuthorized()
         context = super(IndexView, self).get_context_data(**kwargs)
         num_results = 0
         contacts = []
@@ -171,6 +175,8 @@ class AlarmDetailView(TemplateView):
         return transform_alarm_data(self.alarm)
 
     def get_context_data(self, **kwargs):
+        if not policy.check((('monitoring', 'monitoring:monitoring'), ), self.request):
+            raise exceptions.NotAuthorized()
         context = super(AlarmDetailView, self).get_context_data(**kwargs)
         self.get_initial()
         context["alarm"] = self.alarm
@@ -237,6 +243,8 @@ class AlarmEditView(forms.ModalFormView):
         return transform_alarm_data(self.alarm)
 
     def get_context_data(self, **kwargs):
+        if not policy.check((('monitoring', 'monitoring:monitoring'), ), self.request):
+            raise exceptions.NotAuthorized()
         context = super(AlarmEditView, self).get_context_data(**kwargs)
         id = self.kwargs['id']
         context["cancel_url"] = self.get_success_url()

monitoring/alarms/views.py

@@ -27,6 +27,7 @@ from django.utils.translation import ugettext as _  # noqa
 from django.utils.translation import ugettext_lazy
 from django.views.generic import View  # noqa
 
+from horizon import exceptions
 from horizon import forms
 from horizon import tables
 
@@ -35,6 +36,8 @@ from monitoring.alarms import forms as alarm_forms
 from monitoring.alarms import tables as alarm_tables
 from monitoring import api
 
+from openstack_dashboard import policy
+
 LOG = logging.getLogger(__name__)
 SERVICES = getattr(settings, 'MONITORING_SERVICES', [])
 
@@ -167,6 +170,8 @@ class AlarmServiceView(tables.DataTableView):
                 return results
 
     def get_context_data(self, **kwargs):
+        if not policy.check((('monitoring', 'monitoring:monitoring'), ), self.request):
+            raise exceptions.NotAuthorized()
         context = super(AlarmServiceView, self).get_context_data(**kwargs)
         results = []
         num_results = 0  # make sure variable is set
@@ -312,6 +317,8 @@ class AlarmHistoryView(tables.DataTableView):
         return []
 
     def get_context_data(self, **kwargs):
+        if not policy.check((('monitoring', 'monitoring:monitoring'), ), self.request):
+            raise exceptions.NotAuthorized()
         context = super(AlarmHistoryView, self).get_context_data(**kwargs)
 
         object_id = kwargs['id']
@@ -381,6 +388,8 @@ class AlarmFilterView(forms.ModalFormView):
     form_class = alarm_forms.CreateAlarmForm
 
     def get_context_data(self, **kwargs):
+        if not policy.check((('monitoring', 'monitoring:monitoring'), ), self.request):
+            raise exceptions.NotAuthorized()
         context = super(AlarmFilterView, self).get_context_data(**kwargs)
         context["cancel_url"] = self.get_success_url()
         context["action_url"] = reverse(constants.URL_PREFIX + 'alarm_filter',

monitoring/notifications/views.py

@@ -30,6 +30,8 @@ from monitoring.notifications import forms as notification_forms
 from monitoring.notifications import tables as notification_tables
 from monitoring import api
 
+from openstack_dashboard import policy
+
 LOG = logging.getLogger(__name__)
 LIMIT = 10
 PREV_PAGE_LIMIT = 100
@@ -58,6 +60,8 @@ class IndexView(tables.DataTableView):
         return results
 
     def get_context_data(self, **kwargs):
+        if not policy.check((('monitoring', 'monitoring:monitoring'), ), self.request):
+            raise exceptions.NotAuthorized()
         context = super(IndexView, self).get_context_data(**kwargs)
         contacts = []
         results = []
@@ -113,6 +117,8 @@ class NotificationCreateView(forms.ModalFormView):
     success_url = reverse_lazy(constants.URL_PREFIX + 'index')
 
     def get_context_data(self, **kwargs):
+        if not policy.check((('monitoring', 'monitoring:monitoring'), ), self.request):
+            raise exceptions.NotAuthorized()
         context = super(NotificationCreateView, self). \
             get_context_data(**kwargs)
         context["cancel_url"] = self.get_success_url()
@@ -148,6 +154,8 @@ class NotificationEditView(forms.ModalFormView):
         return self.notification
 
     def get_context_data(self, **kwargs):
+        if not policy.check((('monitoring', 'monitoring:monitoring'), ), self.request):
+            raise exceptions.NotAuthorized()
         context = super(NotificationEditView, self).get_context_data(**kwargs)
         id = self.kwargs['id']
         context["cancel_url"] = self.get_success_url()

monitoring/overview/views.py

@@ -31,6 +31,8 @@ from django.views.generic import TemplateView  # noqa
 from openstack_auth import utils as auth_utils
 from openstack_dashboard import policy
 
+from horizon import exceptions
+
 from monitoring import api
 from monitoring.alarms import tables as alarm_tables
 from monitoring.config import local_settings as settings
@@ -224,6 +226,8 @@ class IndexView(TemplateView):
     template_name = constants.TEMPLATE_PREFIX + 'index.html'
 
     def get_context_data(self, **kwargs):
+        if not policy.check((('monitoring', 'monitoring:monitoring'), ), self.request):
+            raise exceptions.NotAuthorized()
         context = super(IndexView, self).get_context_data(**kwargs)
         try:
             region = self.request.user.services_region