Commit 2376fcd7 authored by Francesc Guasch's avatar Francesc Guasch
Browse files

feat(frontend): check permission on frontend

parent df38189a
......@@ -438,7 +438,7 @@ get '/machine/pause/(:id).(:type)' => sub {
get '/machine/hybernate/(:id).(:type)' => sub {
my $c = shift;
return access_denied($c) if !$USER ->can_hibernate_all();
return access_denied($c) if !$USER ->is_admin();
return hybernate_machine($c);
};
......
......@@ -245,7 +245,7 @@
<i class="fa fa-play"></i>
</a>
% }
% if ($_user-> can_hibernate_all){
% if ($_user->is_admin){
<a type="button" class="btn btn-warning btn-sm"
ng-click="action('machine','hybernate',machine.id)"
ng-disabled="!machine.is_active"
......
......@@ -97,7 +97,7 @@
% }
% if ( $machine->{id_clone}) {
% if ($user->can_change_settings){
% if ($user->can_change_settings || $user->can_change_settings_all){
<a align="right" href="/machine/settings/<%= $machine->{id_clone} %>.html"><i class="fa fa-fw fa-cog" title="<%=l 'Settings' %>"></a></i>
% }
<div ng-show="host_restore == <%= $machine->{id_clone} %>">
......
......@@ -17,7 +17,7 @@
% if ($domain->drivers && $USER->can_change_settings) {
<li class="nav"><a href="#graphics" data-toggle="tab"><%=l 'Graphics' %></a></li>
% }
% if ($USER->can_clone_all){
% if ($USER->is_admin){
<li class="nav"><a href="#copy" data-toggle="tab"><%=l 'Copy' %></a></li>
% }
% if ( $USER->can_remove || $USER->can_remove_clone_all ) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment