Use daemon/sipb-xen.mit.edu and don't give user fake auth token in an HTML comment.
[invirt/packages/invirt-web.git] / templates / getafsgroups.py
index 0567efe..2086ccb 100644 (file)
@@ -28,35 +28,47 @@ def checkAfsGroup(user, group, cell):
     """
     checkAfsGroup(user, group) returns True if and only if user is in AFS group group in cell cell
     """
     """
     checkAfsGroup(user, group) returns True if and only if user is in AFS group group in cell cell
     """
-    print user, group
-    p = subprocess.Popen(["pts", "membership", group, '-c', cell], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    p2 = subprocess.Popen(["grep", "-v", "^Members"], stdin=p.stdout, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    if p2.wait():
+    p = subprocess.Popen(["pts", "membership", group, '-c', cell], 
+                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if p.wait():
         return False
         return False
-    for member in p2.stdout.read().split():
-        if member == user:
+    for line in p.stdout.readlines()[1:]:
+        if line.strip() == user:
             return True
     return False
 
             return True
     return False
 
-def checkLockerOwner(user, locker):
+def checkLockerOwner(user, locker, verbose=False):
     """
     """
-    checkLockerOwner(user, locker) returns True if and only if user administers locker
+    checkLockerOwner(user, locker) returns True if and only if user administers locker.
+
+    If verbose is true, instead return the reason for failure, or None
+    if there is no failure.
     """
     """
-    p = subprocess.Popen(["fs", "whichcell", "/mit/" + locker], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    if (p.wait()):
+    p = subprocess.Popen(["fs", "whichcell", "/mit/" + locker], 
+                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if p.wait():
+        if verbose:
+            return p.stderr.read()
         return False
     cell = p.stdout.read().split()[-1][1:-1]
         return False
     cell = p.stdout.read().split()[-1][1:-1]
-    p = subprocess.Popen(["fs", "listacl", "/mit/" + locker], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    p2 = subprocess.Popen(["grep", "^  .* rlidwka$"], stdin=p.stdout, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    if (p2.wait()):
+    p = subprocess.Popen(["fs", "listacl", "/mit/" + locker], 
+                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if p.wait():
+        if verbose:
+            return p.stderr.read()
         return False
         return False
-    for line in p2.stdout.read().split('\n'):
+    for line in p.stdout.readlines()[1:]:
         entry = line.split()
         entry = line.split()
-        if entry == [] or entry[0] == "Negative":
+        if not entry or entry[0] == "Negative":
             break
         if entry[1] == "rlidwka":
             break
         if entry[1] == "rlidwka":
-            if entry[0] == user or (entry[0][0:6] == "system" and checkAfsGroup(user, entry[0], cell)):
+            if entry[0] == user or (entry[0][0:6] == "system" and 
+                                    checkAfsGroup(user, entry[0], cell)):
+                if verbose:
+                    return None
                 return True
                 return True
+    if verbose:
+        return "You don't have admin bits on /mit/" + locker
     return False
 
 
     return False