X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/76795a17c522fbaeeba395c9898ab1399e315a7d..f434ce1c604006bca6094e894311055581524b0a:/code/validation.py diff --git a/code/validation.py b/code/validation.py index 480d007..875115c 100644 --- a/code/validation.py +++ b/code/validation.py @@ -222,7 +222,7 @@ def testAdmin(user, admin, machine): return admin admin = 'system:' + admin try: - if user in getafsgroups.getAfsGroupMembers(admin, config.authz[0].cell): + if user in getafsgroups.getAfsGroupMembers(admin, config.authz.afs.cells[0].cell): return admin except getafsgroups.AfsProcessError, e: errmsg = str(e) @@ -241,6 +241,8 @@ def testOwner(user, owner, machine=None): return machine.owner if owner is None: raise InvalidInput('owner', owner, "Owner must be specified") + if '@' in owner: + raise InvalidInput('owner', owner, "No cross-realm Hesiod lockers allowed") try: if user not in cache_acls.expandLocker(owner): raise InvalidInput('owner', owner, 'You do not have access to the '