diff --git a/src/python/dm/common/service/dmSessionController.py b/src/python/dm/common/service/dmSessionController.py
index 33af1a21b9596aa2c448f623e4ce895f2e1899ba..1216a50447533b95215edbe4e71c727b6205f93e 100755
--- a/src/python/dm/common/service/dmSessionController.py
+++ b/src/python/dm/common/service/dmSessionController.py
@@ -4,14 +4,11 @@
# Base DM session controller class.
#
-#######################################################################
-
import cherrypy
+from dm.common.constants import dmRole
from dm.common.service.dmController import DmController
from dm.common.service.loginController import LoginController
-#######################################################################
-
class DmSessionController(DmController):
""" Base session controller class. """
@@ -65,10 +62,17 @@ class DmSessionController(DmController):
@classmethod
def isLoggedIn(cls):
""" Returns True if session has been established. """
- def check():
+ def userIsLoggedIn():
role = cherrypy.session.get(LoginController.SESSION_ROLE_KEY, None)
if role is not None:
return True
return False
- return check
+ return userIsLoggedIn
+
+ @classmethod
+ def isAdministrator(cls):
+ def userIsAdministrator():
+ result = (cherrypy.session.get(LoginController.SESSION_ROLE_KEY, None) == dmRole.DM_ADMIN_ROLE)
+ return result
+ return userIsAdministrator
diff --git a/src/python/dm/common/service/loginController.py b/src/python/dm/common/service/loginController.py
index 9b2e6bb310b4554952054f3a649b6bd73bfd4d8f..62a4c2a86f3161bab4c14984d3fca8f27fa880a1 100755
--- a/src/python/dm/common/service/loginController.py
+++ b/src/python/dm/common/service/loginController.py
@@ -144,8 +144,8 @@ class LoginController(DmController):
for condition in conditions:
# A condition is just a callable that returns true or false
if not condition():
- logger.debug('Authorization check %s failed for username %s' % (condition.func_name, username))
- errorMsg = 'Authorization check %s failed for user %s.' % (condition.func_name, username)
+ logger.debug('Authorization check %s() failed for username %s' % (condition.func_name, username))
+ errorMsg = 'Authorization check %s() failed for user %s.' % (condition.func_name, username)
raise DmHttpError(dmHttpStatus.DM_HTTP_UNAUTHORIZED, 'User Not Authorized', AuthorizationError(errorMsg))
else:
logger.debug('Username is not supplied')
diff --git a/src/python/dm/daq_web_service/service/experimentSessionController.py b/src/python/dm/daq_web_service/service/experimentSessionController.py
index 532e663c559eeb5ad63efc6a51f55164f5588613..652da9c2bbd6fd1e9b675950ac949652e1226709 100755
--- a/src/python/dm/daq_web_service/service/experimentSessionController.py
+++ b/src/python/dm/daq_web_service/service/experimentSessionController.py
@@ -16,7 +16,7 @@ class ExperimentSessionController(DmSessionController):
self.experimentSessionControllerImpl = ExperimentSessionControllerImpl()
@cherrypy.expose
- @DmSessionController.require(DmSessionController.isLoggedIn())
+ @DmSessionController.require(DmSessionController.isAdministrator())
@DmSessionController.execute
def startDaq(self, **kwargs):
name = kwargs.get('name')
@@ -32,7 +32,7 @@ class ExperimentSessionController(DmSessionController):
return response
@cherrypy.expose
- @DmSessionController.require(DmSessionController.isLoggedIn())
+ @DmSessionController.require(DmSessionController.isAdministrator())
@DmSessionController.execute
def stopDaq(self, **kwargs):
name = kwargs.get('name')
@@ -44,7 +44,7 @@ class ExperimentSessionController(DmSessionController):
return response
@cherrypy.expose
- @DmSessionController.require(DmSessionController.isLoggedIn())
+ @DmSessionController.require(DmSessionController.isAdministrator())
@DmSessionController.execute
def startUpload(self, **kwargs):
name = kwargs.get('name')