X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/2125e869604558b82c61dfc788400a9a29fcc791..daa95318e6cee597593b33f77a99cd224c8be893:/code/validation.py

diff --git a/code/validation.py b/code/validation.py
index 8f81625..d291d61 100644
--- a/code/validation.py
+++ b/code/validation.py
@@ -36,7 +36,7 @@ class Validate:
                 raise InvalidInput('disk', disksize, "You must provide a disk size.")
 
         if machine_id is not None:
-            self.machine = testMachineId(username, machine_id)
+            self.machine = testMachineId(username, state, machine_id)
         machine = getattr(self, 'machine', None)
 
         owner = testOwner(username, owner, machine)
@@ -58,7 +58,7 @@ class Validate:
             self.memory = validMemory(self.owner, state, memory, machine,
                                       on=not created_new)
         if disksize is not None:
-            self.disksize = validDisk(self.owner, disksize, machine)
+            self.disksize = validDisk(self.owner, state, disksize, machine)
         if vmtype is not None:
             self.vmtype = validVmType(vmtype)
         if cdrom is not None:
@@ -123,9 +123,9 @@ def cantAddVm(owner, g):
                 'To create more, turn one off.')
     return False
 
-def haveAccess(user, machine):
+def haveAccess(user, state, machine):
     """Return whether a user has administrative access to a machine"""
-    return user in cache_acls.accessList(machine)
+    return state.overlord or user in cache_acls.accessList(machine)
 
 def owns(user, machine):
     """Return whether a user owns a machine"""
@@ -157,16 +157,16 @@ def validMemory(owner, g, memory, machine=None, on=True):
         raise InvalidInput('memory', memory,
                            "Minimum %s MiB" % MIN_MEMORY_SINGLE)
     max_val = maxMemory(owner, g, machine, on)
-    if memory > max_val:
+    if not g.overlord and memory > max_val:
         raise InvalidInput('memory', memory,
                            'Maximum %s MiB for %s' % (max_val, owner))
     return memory
 
-def validDisk(owner, disk, machine=None):
+def validDisk(owner, g, disk, machine=None):
     """Parse and validate limits for disk for a given owner and machine."""
     try:
         disk = float(disk)
-        if disk > maxDisk(owner, machine):
+        if not g.overlord and disk > maxDisk(owner, machine):
             raise InvalidInput('disk', disk,
                                "Maximum %s G" % maxDisk(owner, machine))
         disk = int(disk * 1024)
@@ -185,7 +185,7 @@ def validVmType(vm_type):
         raise CodeError("Invalid vm type '%s'"  % vm_type)
     return t
 
-def testMachineId(user, machine_id, exists=True):
+def testMachineId(user, state, machine_id, exists=True):
     """Parse, validate and check authorization for a given user and machine.
 
     If exists is False, don't check that it exists.
@@ -200,7 +200,7 @@ def testMachineId(user, machine_id, exists=True):
     machine = Machine.get(machine_id)
     if exists and machine is None:
         raise InvalidInput('machine_id', machine_id, "Does not exist.")
-    if machine is not None and not haveAccess(user, machine):
+    if machine is not None and not haveAccess(user, state, machine):
         raise InvalidInput('machine_id', machine_id,
                            "You do not have access to this machine.")
     return machine