X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/dbd56d540e7ec9cbb22025f37c0a69278674d3bb..aa6a36046dc763bffcc092fefe296edc3f4011d7:/code/validation.py

diff --git a/code/validation.py b/code/validation.py
index 79fa10c..f6e4a59 100644
--- a/code/validation.py
+++ b/code/validation.py
@@ -5,6 +5,7 @@ import getafsgroups
 import re
 import string
 from invirt.database import Machine, NIC, Type, Disk, CDROM, Autoinstall
+from invirt.config import structs as config
 from webcommon import InvalidInput
 
 MAX_MEMORY_TOTAL = 512
@@ -125,7 +126,8 @@ def cantAddVm(owner, g):
 
 def haveAccess(user, state, machine):
     """Return whether a user has administrative access to a machine"""
-    return state.isadmin or user in cache_acls.accessList(machine)
+    return (user in cache_acls.accessList(machine)
+            or (machine.adminable and state.isadmin))
 
 def owns(user, machine):
     """Return whether a user owns a machine"""
@@ -222,7 +224,7 @@ def testAdmin(user, admin, machine):
             return admin
         admin = 'system:' + admin
     try:
-        if user in getafsgroups.getAfsGroupMembers(admin, 'athena.mit.edu'):
+        if user in getafsgroups.getAfsGroupMembers(admin, config.authz[0].cell):
             return admin
     except getafsgroups.AfsProcessError, e:
         errmsg = str(e)