X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/2125e869604558b82c61dfc788400a9a29fcc791..daa95318e6cee597593b33f77a99cd224c8be893:/code/validation.py diff --git a/code/validation.py b/code/validation.py index 8f81625..d291d61 100644 --- a/code/validation.py +++ b/code/validation.py @@ -36,7 +36,7 @@ class Validate: raise InvalidInput('disk', disksize, "You must provide a disk size.") if machine_id is not None: - self.machine = testMachineId(username, machine_id) + self.machine = testMachineId(username, state, machine_id) machine = getattr(self, 'machine', None) owner = testOwner(username, owner, machine) @@ -58,7 +58,7 @@ class Validate: self.memory = validMemory(self.owner, state, memory, machine, on=not created_new) if disksize is not None: - self.disksize = validDisk(self.owner, disksize, machine) + self.disksize = validDisk(self.owner, state, disksize, machine) if vmtype is not None: self.vmtype = validVmType(vmtype) if cdrom is not None: @@ -123,9 +123,9 @@ def cantAddVm(owner, g): 'To create more, turn one off.') return False -def haveAccess(user, machine): +def haveAccess(user, state, machine): """Return whether a user has administrative access to a machine""" - return user in cache_acls.accessList(machine) + return state.overlord or user in cache_acls.accessList(machine) def owns(user, machine): """Return whether a user owns a machine""" @@ -157,16 +157,16 @@ def validMemory(owner, g, memory, machine=None, on=True): raise InvalidInput('memory', memory, "Minimum %s MiB" % MIN_MEMORY_SINGLE) max_val = maxMemory(owner, g, machine, on) - if memory > max_val: + if not g.overlord and memory > max_val: raise InvalidInput('memory', memory, 'Maximum %s MiB for %s' % (max_val, owner)) return memory -def validDisk(owner, disk, machine=None): +def validDisk(owner, g, disk, machine=None): """Parse and validate limits for disk for a given owner and machine.""" try: disk = float(disk) - if disk > maxDisk(owner, machine): + if not g.overlord and disk > maxDisk(owner, machine): raise InvalidInput('disk', disk, "Maximum %s G" % maxDisk(owner, machine)) disk = int(disk * 1024) @@ -185,7 +185,7 @@ def validVmType(vm_type): raise CodeError("Invalid vm type '%s'" % vm_type) return t -def testMachineId(user, machine_id, exists=True): +def testMachineId(user, state, machine_id, exists=True): """Parse, validate and check authorization for a given user and machine. If exists is False, don't check that it exists. @@ -200,7 +200,7 @@ def testMachineId(user, machine_id, exists=True): machine = Machine.get(machine_id) if exists and machine is None: raise InvalidInput('machine_id', machine_id, "Does not exist.") - if machine is not None and not haveAccess(user, machine): + if machine is not None and not haveAccess(user, state, machine): raise InvalidInput('machine_id', machine_id, "You do not have access to this machine.") return machine