only root and deployment admins can see controllers
diff --git a/planetstack/core/admin.py b/planetstack/core/admin.py
index 734d284..00e7395 100644
--- a/planetstack/core/admin.py
+++ b/planetstack/core/admin.py
@@ -660,6 +660,9 @@
def delete_model(self, request, obj):
obj.delete_by_user(request.user)
+ def queryset(self, request):
+ return Controller.select_by_user(request.user)
+
@property
def suit_form_tabs(self):
tabs = [('general', 'Controller Details'),
diff --git a/planetstack/core/models/site.py b/planetstack/core/models/site.py
index 449a72b..eb182c8 100644
--- a/planetstack/core/models/site.py
+++ b/planetstack/core/models/site.py
@@ -253,10 +253,20 @@
admin_tenant = models.CharField(max_length=200, null=True, blank=True, help_text="Name of the tenant the admin user belongs to")
domain = models.CharField(max_length=200, null=True, blank=True, help_text="Name of the domain this controller belongs to")
deployment = models.ForeignKey(Deployment,related_name='controllerdeployments')
-
+
def __unicode__(self): return u'%s %s %s' % (self.name, self.backend_type, self.version)
+ @staticmethod
+ def select_by_user(user):
+
+ if user.is_admin:
+ qs = Controller.objects.all()
+ else:
+ deployments = [dp.deployment for dp in DeploymentPrivilege.objects.filter(user=user, role__role__in=['Admin', 'admin'])]
+ qs = Controller.objects.filter(deployment__in=deployments)
+ return qs
+
class SiteDeployment(PlCoreBase):
objects = ControllerLinkManager()
deleted_objects = ControllerLinkDeletionManager()