"Cherry-pick" r2557 (Re-arrange the authz configuration.) to the
authorEvan Broder <broder@mit.edu>
Mon, 23 Nov 2009 02:02:31 +0000 (21:02 -0500)
committerEvan Broder <broder@mit.edu>
Mon, 23 Nov 2009 02:02:31 +0000 (21:02 -0500)
cherrypy branch.

(It's somewhat tenuous to claim this is a cherry-pick, given that all
of the changes would have conflicted had I actually tried to
cherry-pick the change. Oh well)

svn path=/package_branches/invirt-web/cherrypy-rebased/; revision=2716

code/cache_acls.py
code/getafsgroups.py
code/main.py
code/validation.py [changed mode: 0644->0755]
invirt-cache-acls

index 7ae4ac8..75f4720 100755 (executable)
@@ -39,7 +39,7 @@ def expandName(name):
             return [name]
         return []
     try:
-        return getafsgroups.getAfsGroupMembers(name, config.authz.afs.cells[0].cell)
+        return getafsgroups.getAfsGroupMembers(name, config.authz.cells[0].cell)
     except getafsgroups.AfsProcessError:
         return []
 
index 1c6b82e..dcb8ee6 100755 (executable)
@@ -30,7 +30,7 @@ class AfsProcessError(Exception):
 
 def getAfsGroupMembers(group, cell):
     encrypt = True
-    for c in config.authz.afs.cells:
+    for c in config.authz.cells:
         if c.cell == cell and hasattr(c, 'auth'):
             encrypt = c.auth
     if encrypt:
index 872b17e..f235c53 100755 (executable)
@@ -86,7 +86,7 @@ class InvirtWeb(View):
 
     def __getattr__(self, name):
         if name in ("admin", "overlord"):
-            if not cherrypy.request.login in getAfsGroupMembers(config.adminacl, config.authz[0].cell):
+            if not cherrypy.request.login in getAfsGroupMembers(config.adminacl, config.authz.cells[0].cell):
                 raise InvalidInput('username', cherrypy.request.login,
                                    'Not in admin group %s.' % config.adminacl)
             cherrypy.request.state = State(cherrypy.request.login, isadmin=True)
old mode 100644 (file)
new mode 100755 (executable)
index 9b7a0b0..fc9b969
@@ -222,7 +222,7 @@ def testAdmin(user, admin, machine):
             return admin
         admin = 'system:' + admin
     try:
-        if user in getafsgroups.getAfsGroupMembers(admin, config.authz.afs.cells[0].cell):
+        if user in getafsgroups.getAfsGroupMembers(admin, config.authz.cells[0].cell):
             return admin
     except getafsgroups.AfsProcessError, e:
         errmsg = str(e)
index 79a7650..922d9ba 100755 (executable)
@@ -1,7 +1,7 @@
 #!/bin/sh
 cells () {
-  for i in $(invirt-getconf -l authz.afs.cells); do
-    invirt-getconf authz.afs.cells.$i.cell
+  for i in $(invirt-getconf -l authz.cells); do
+    invirt-getconf authz.cells.$i.cell
   done
 }
 kinit -k -t /etc/invirt/keytab daemon/$(hostname -f)