X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/289f1313e45320efc6775caefa0cea71caacb10c..230d47ec0096ba45aeb3a690fa2c4551f4fcbb16:/code/validation.py

diff --git a/code/validation.py b/code/validation.py
index 9189764..a2e19fe 100644
--- a/code/validation.py
+++ b/code/validation.py
@@ -4,7 +4,7 @@ import cache_acls
 import getafsgroups
 import re
 import string
-from sipb_xen_database import Machine, NIC
+from sipb_xen_database import Machine, NIC, Type
 from webcommon import InvalidInput, g
 
 MAX_MEMORY_TOTAL = 512
@@ -123,7 +123,15 @@ def validDisk(user, disk, machine=None):
         raise InvalidInput('disk', disk,
                            "Minimum %s GiB" % MIN_DISK_SINGLE)
     return disk
-            
+
+def validVmType(vm_type):
+    if vm_type == 'hvm':
+        return Type.get('linux-hvm')
+    elif vm_type == 'paravm':
+        return Type.get('linux')
+    else:
+        raise CodeError("Invalid vm type '%s'"  % vm_type)
+
 def testMachineId(user, machine_id, exists=True):
     """Parse, validate and check authorization for a given user and machine.
 
@@ -158,9 +166,15 @@ def testAdmin(user, admin, machine):
         if cache_acls.isUser(admin):
             return admin
         admin = 'system:' + admin
-    if getafsgroups.checkAfsGroup(user, admin, 'athena.mit.edu'):
-        return admin
-    #XXX Should we require that user is in cache_acls.expandName(admin)?
+    try:
+        if user in getafsgroups.getAfsGroupMembers(admin, 'athena.mit.edu'):
+            return admin
+    except getafsgroups.AfsProcessError, e:
+        errmsg = str(e)
+        if errmsg.startswith("pts: User or group doesn't exist"):
+            errmsg = 'The group "%s" does not exist.' % admin
+        raise InvalidInput('administrator', admin, errmsg)
+    #XXX Should we require that user is in the admin group?
     return admin
     
 def testOwner(user, owner, machine=None):