X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/c3226455f0fd065757b681e2be52e8d8c2362ff8..ed3be7ee0d8af0cb884233327a3062c2be614d15:/templates/validation.py

diff --git a/templates/validation.py b/templates/validation.py
index 005925c..0ee8d75 100644
--- a/templates/validation.py
+++ b/templates/validation.py
@@ -24,7 +24,7 @@ def getMachinesByOwner(user, machine=None):
     if machine:
         owner = machine.owner
     else:
-        owner = user.username
+        owner = user
     return Machine.select_by(owner=owner)
 
 def maxMemory(user, machine=None, on=True):
@@ -68,22 +68,22 @@ def validAddVm(user):
 
 def haveAccess(user, machine):
     """Return whether a user has adminstrative access to a machine"""
-    if user.username == 'moo':
+    if user == 'moo':
         return True
-    if user.username in (machine.administrator, machine.owner):
+    if user in (machine.administrator, machine.owner):
         return True
-    if getafsgroups.checkAfsGroup(user.username, machine.administrator, 
+    if getafsgroups.checkAfsGroup(user, machine.administrator, 
                                   'athena.mit.edu'): #XXX Cell?
         return True
-    if getafsgroups.checkLockerOwner(user.username, machine.owner):
+    if getafsgroups.checkLockerOwner(user, machine.owner):
         return True
     return owns(user, machine)
 
 def owns(user, machine):
     """Return whether a user owns a machine"""
-    if user.username == 'moo':
+    if user == 'moo':
         return True
-    return getafsgroups.checkLockerOwner(user.username, machine.owner)
+    return getafsgroups.checkLockerOwner(user, machine.owner)
 
 def validMachineName(name):
     """Check that name is valid for a machine name"""
@@ -153,19 +153,21 @@ def testMachineId(user, machine_id, exists=True):
 def testAdmin(user, admin, machine):
     if admin in (None, machine.administrator):
         return None
-    if admin == user.username:
+    if admin == user:
         return admin
-    if getafsgroups.checkAfsGroup(user.username, admin, 'athena.mit.edu'):
+    if getafsgroups.checkAfsGroup(user, admin, 'athena.mit.edu'):
         return admin
-    if getafsgroups.checkAfsGroup(user.username, 'system:'+admin,
+    if getafsgroups.checkAfsGroup(user, 'system:'+admin,
                                   'athena.mit.edu'):
         return 'system:'+admin
     return admin
     
-def testOwner(user, owner, machine):
-    if owner in (None, machine.owner):
-        return None
-    value = getafsgroups.checkLockerOwner(user.username, owner, verbose=True)
+def testOwner(user, owner, machine=None):
+    if owner == user or machine is not None and owner == machine.owner:
+        return owner
+    if owner is None:
+        raise InvalidInput('owner', owner, "Owner must be specified")
+    value = getafsgroups.checkLockerOwner(user, owner, verbose=True)
     if not value:
         return owner
     raise InvalidInput('owner', owner, value)