return admin
admin = 'system:' + admin
try:
- if user in getafsgroups.getAfsGroupMembers(admin, config.authz[0].cell):
+ if user in getafsgroups.getAfsGroupMembers(admin, config.authz.afs.cells[0].cell):
return admin
except getafsgroups.AfsProcessError, e:
errmsg = str(e)
return machine.owner
if owner is None:
raise InvalidInput('owner', owner, "Owner must be specified")
+ if '@' in owner:
+ raise InvalidInput('owner', owner, "No cross-realm Hesiod lockers allowed")
try:
if user not in cache_acls.expandLocker(owner):
raise InvalidInput('owner', owner, 'You do not have access to the '