Implement administrator mode

svn path=/package_branches/invirt-web/cherrypy-rebased/; revision=2690

diff --git a/code/main.py b/code/main.py
index 473647f..5de084e 100755 (executable)
--- a/code/main.py
+++ b/code/main.py
@@ -55,6 +55,15 @@ class InvirtWeb(View):
         self._cp_config['tools.mako.imports'] = ['from invirt.config import structs as config',
                                                  'from invirt import database']
 
         self._cp_config['tools.mako.imports'] = ['from invirt.config import structs as config',
                                                  'from invirt import database']
 

+    def __getattr__(self, name):
+        if name in ("admin", "overlord"):
+            if not cherrypy.request.login in getAfsGroupMembers(config.adminacl, config.authz[0].cell):
+                raise InvalidInput('username', cherrypy.request.login,
+                                   'Not in admin group %s.' % config.adminacl)
+            cherrypy.request.state = State(cherrypy.request.login, isadmin=True)
+            return self
+        else:
+            return super(InvirtWeb, self).__getattr__(name)

 
     @cherrypy.expose
     @cherrypy.tools.mako(filename="/list.mako")
 
     @cherrypy.expose
     @cherrypy.tools.mako(filename="/list.mako")

@@ -645,23 +654,9 @@ def unauthFront(_, _2, _3, fields):
     return templates.unauth(searchList=[{'simple' : True, 
             'hostname' : socket.getfqdn()}])
 
     return templates.unauth(searchList=[{'simple' : True, 
             'hostname' : socket.getfqdn()}])
 

-def admin(username, state, path, fields):
-    if path == '':
-        return ({'Status': '303 See Other',
-                 'Location': 'admin/'},
-                "You shouldn't see this message.")
-    if not username in getAfsGroupMembers(config.adminacl, 'athena.mit.edu'):
-        raise InvalidInput('username', username,
-                           'Not in admin group %s.' % config.adminacl)
-    newstate = State(username, isadmin=True)
-    newstate.environ = state.environ
-    return handler(username, newstate, path, fields)
-

 mapping = dict(
                modify=modify,
 mapping = dict(
                modify=modify,

-               unauth=unauthFront,
-               admin=admin,
-               overlord=admin)
+               unauth=unauthFront)

 
 def printHeaders(headers):
     """Print a dictionary as HTTP headers."""
 
 def printHeaders(headers):
     """Print a dictionary as HTTP headers."""

diff --git a/code/templates/skeleton.mako b/code/templates/skeleton.mako
index 9c60c56..a53d2bf 100644 (file)
--- a/code/templates/skeleton.mako
+++ b/code/templates/skeleton.mako
@@ -5,11 +5,11 @@ PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html>
 <head><title>${self.title()} &mdash; XVM</title>
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html>
 <head><title>${self.title()} &mdash; XVM</title>

-  <base href="${cherrypy.request.base}" />
-  <link href="static/favicon.ico" type="image/x-icon" rel="shortcut icon">
-  <link rel="stylesheet" href="static/style.css" type="text/css" />
-  <link rel="stylesheet" href="static/layout.css" type="text/css" media="screen" />
-  <script type="text/javascript" src="static/prototype.js"></script>
+  <base href="${cherrypy.request.base}${"/admin/" if cherrypy.request.state.isadmin else ""}" />
+  <link href="/static/favicon.ico" type="image/x-icon" rel="shortcut icon">
+  <link rel="stylesheet" href="/static/style.css" type="text/css" />
+  <link rel="stylesheet" href="/static/layout.css" type="text/css" media="screen" />
+  <script type="text/javascript" src="/static/prototype.js"></script>

   <script type="text/javascript">
 var helpWin = null;
 function closeWin(){
   <script type="text/javascript">
 var helpWin = null;
 function closeWin(){

@@ -48,7 +48,11 @@ function helppopup(name){
 
 % if not simple:
 % if cherrypy.request.login:
 
 % if not simple:
 % if cherrypy.request.login:

-<p class="loggedin">Welcome, <span class="name">${cherrypy.request.login}</span>.</p>
+<p class="loggedin">Welcome, <span class="name">${cherrypy.request.login}</span>.
+% if cherrypy.request.state.isadmin:
+You are currently authenticated as an administrator.
+% endif
+</p>

 % endif
 
 <ul class="navigation">
 % endif
 
 <ul class="navigation">

diff --git a/code/view.py b/code/view.py
index e1ba854..d15d53f 100644 (file)
--- a/code/view.py
+++ b/code/view.py
@@ -112,7 +112,8 @@ cherrypy.tools.remote_user_login = cherrypy.Tool('on_start_resource', remote_use
 
 def invirtwebstate_init():
     """Initialize the cherrypy.request.state object from Invirt"""
 
 def invirtwebstate_init():
     """Initialize the cherrypy.request.state object from Invirt"""

-    cherrypy.request.state = State(cherrypy.request.login)
+    if not hasattr(cherrypy.request, "state"):
+        cherrypy.request.state = State(cherrypy.request.login)

 
 cherrypy.tools.invirtwebstate = cherrypy.Tool('on_start_resource', invirtwebstate_init, priority=100)
 
 
 cherrypy.tools.invirtwebstate = cherrypy.Tool('on_start_resource', invirtwebstate_init, priority=100)