Uhh, use SSL...

[invirt/packages/invirt-web.git] / templates / getafsgroups.py
diff --git a/templates/getafsgroups.py b/templates/getafsgroups.py

index 0567efe..2086ccb 100644 (file)
--- a/templates/getafsgroups.py
+++ b/templates/getafsgroups.py
@@ -28,35 +28,47 @@ def checkAfsGroup(user, group, cell):
      """
      checkAfsGroup(user, group) returns True if and only if user is in AFS group group in cell cell
      """
      """
      checkAfsGroup(user, group) returns True if and only if user is in AFS group group in cell cell
      """
-    print user, group
-    p = subprocess.Popen(["pts", "membership", group, '-c', cell], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    p2 = subprocess.Popen(["grep", "-v", "^Members"], stdin=p.stdout, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    if p2.wait():
+    p = subprocess.Popen(["pts", "membership", group, '-c', cell], 
+                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if p.wait():
          return False
          return False
-    for member in p2.stdout.read().split():
-        if member == user:
+    for line in p.stdout.readlines()[1:]:
+        if line.strip() == user:
              return True
      return False
  
              return True
      return False
  
-def checkLockerOwner(user, locker):
+def checkLockerOwner(user, locker, verbose=False):
      """
      """
-    checkLockerOwner(user, locker) returns True if and only if user administers locker
+    checkLockerOwner(user, locker) returns True if and only if user administers locker.
+
+    If verbose is true, instead return the reason for failure, or None
+    if there is no failure.
      """
      """
-    p = subprocess.Popen(["fs", "whichcell", "/mit/" + locker], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    if (p.wait()):
+    p = subprocess.Popen(["fs", "whichcell", "/mit/" + locker], 
+                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if p.wait():
+        if verbose:
+            return p.stderr.read()
          return False
      cell = p.stdout.read().split()[-1][1:-1]
          return False
      cell = p.stdout.read().split()[-1][1:-1]
-    p = subprocess.Popen(["fs", "listacl", "/mit/" + locker], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    p2 = subprocess.Popen(["grep", "^  .* rlidwka$"], stdin=p.stdout, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    if (p2.wait()):
+    p = subprocess.Popen(["fs", "listacl", "/mit/" + locker], 
+                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    if p.wait():
+        if verbose:
+            return p.stderr.read()
          return False
          return False
-    for line in p2.stdout.read().split('\n'):
+    for line in p.stdout.readlines()[1:]:
          entry = line.split()
          entry = line.split()
-        if entry == [] or entry[0] == "Negative":
+        if not entry or entry[0] == "Negative":
              break
          if entry[1] == "rlidwka":
              break
          if entry[1] == "rlidwka":
-            if entry[0] == user or (entry[0][0:6] == "system" and checkAfsGroup(user, entry[0], cell)):
+            if entry[0] == user or (entry[0][0:6] == "system" and 
+                                    checkAfsGroup(user, entry[0], cell)):
+                if verbose:
+                    return None
                  return True
                  return True
+    if verbose:
+        return "You don't have admin bits on /mit/" + locker
      return False
  
  
      return False