Allow creation under another owner.
svn path=/trunk/web/; revision=228
"""Unregister a machine to not be controlled by the web interface"""
remctl('web', 'unregister', machine.name)
-def createVm(user, name, memory, disk, is_hvm, cdrom):
+def createVm(owner, contact, name, memory, disk, is_hvm, cdrom):
"""Create a VM and put it in the database"""
# put stuff in the table
transaction = ctx.current.create_transaction()
try:
- validation.validMemory(user, memory)
- validation.validDisk(user, disk * 1. / 1024)
- validation.validAddVm(user)
+ validation.validMemory(owner, memory)
+ validation.validDisk(owner, disk * 1. / 1024)
+ validation.validAddVm(owner)
res = meta.engine.execute('select nextval('
'\'"machines_machine_id_seq"\')')
id = res.fetchone()[0]
machine.machine_id = id
machine.name = name
machine.memory = memory
- machine.owner = user.username
- machine.administrator = user.username
- machine.contact = user.email
+ machine.owner = owner
+ machine.administrator = owner
+ machine.contact = contact
machine.uuid = uuidToString(randomUUID())
machine.boot_off_cd = True
machine_type = Type.get_by(hvm=is_hvm)
<td>$cdromList($cdroms, $defaults.cdrom)</td>
</tr>
$errorRow('cdrom', $err)
+ <tr>
+ <td>Owner</td>
+ <td><input type="text" name="owner" value="$defaults.owner"/></td>
+ </tr>
+ $errorRow('owner', $err)
</table>
<input type="submit" class="button" value="Create it!"/>
</form>
<input type="hidden" name="machine_id"
value="$machine.machine_id"/>
<input type="submit" class="button" name="action" value="#slurp
-#if $machine.uptime then 'Shutdown' else 'Power on'
+#if $machine.uptime then 'Power off' else 'Power on'
"/>
</form>
</td>
<tr>
<td>Name</td>
<td>Memory</td>
- <td>owner</td>
+ <td>Owner</td>
<td>IP</td>
<td>Uptime</td>
<td>VNC</td>
'&simple=true" target="_blank" ' +
'onclick="return helppopup(\'' + subj + '\')">(?)</a></span>')
-class User:
- """User class (sort of useless, I admit)"""
- def __init__(self, username, email):
- self.username = username
- self.email = email
-
def makeErrorPre(old, addition):
if addition is None:
return
raise InvalidInput('name', name,
"Name already exists.")
+ owner = validation.testOwner(user, fields.getfirst('owner'))
+
memory = fields.getfirst('memory')
memory = validation.validMemory(user, memory, on=True)
cdrom = fields.getfirst('cdrom')
if cdrom is not None and not CDROM.get(cdrom):
raise CodeError("Invalid cdrom type '%s'" % cdrom)
- return dict(user=user, name=name, memory=memory, disk=disk,
- is_hvm=is_hvm, cdrom=cdrom)
+ return dict(contact=user, name=name, memory=memory, disk=disk,
+ owner=owner, is_hvm=is_hvm, cdrom=cdrom)
def create(user, fields):
"""Handler for create requests."""
max_disk = validation.maxDisk(user)
defaults = Defaults(max_memory=max_memory,
max_disk=max_disk,
+ owner=user,
cdrom='gutsy-i386')
d = dict(user=user,
cant_add_vm=validation.cantAddVm(user),
TOKEN_KEY = "0M6W0U1IXexThi5idy8mnkqPKEq1LtEnlK/pZSn0cDrN"
data = {}
- data["user"] = user.username
+ data["user"] = user
data["machine"] = machine.name
data["expires"] = time.time()+(5*60)
pickled_data = cPickle.dumps(data)
"""Return the current user based on the SSL environment variables"""
if 'SSL_CLIENT_S_DN_Email' in os.environ:
username = os.environ['SSL_CLIENT_S_DN_Email'].split("@")[0]
- return User(username, os.environ['SSL_CLIENT_S_DN_Email'])
+ return username
else:
- return User('moo', 'nobody')
+ return 'moo'
def main(operation, user, fields):
fun = mapping.get(operation, badOperation)
</div>
#if not $varExists('simple') or not $simple
-<p>[You are logged in as $user.username.]</p>
+<p>[You are logged in as $user.]</p>
<div class="navigation">
<p><a href="list">List</a>
if machine:
owner = machine.owner
else:
- owner = user.username
+ owner = user
return Machine.select_by(owner=owner)
def maxMemory(user, machine=None, on=True):
def haveAccess(user, machine):
"""Return whether a user has adminstrative access to a machine"""
- if user.username == 'moo':
+ if user == 'moo':
return True
- if user.username in (machine.administrator, machine.owner):
+ if user in (machine.administrator, machine.owner):
return True
- if getafsgroups.checkAfsGroup(user.username, machine.administrator,
+ if getafsgroups.checkAfsGroup(user, machine.administrator,
'athena.mit.edu'): #XXX Cell?
return True
- if getafsgroups.checkLockerOwner(user.username, machine.owner):
+ if getafsgroups.checkLockerOwner(user, machine.owner):
return True
return owns(user, machine)
def owns(user, machine):
"""Return whether a user owns a machine"""
- if user.username == 'moo':
+ if user == 'moo':
return True
- return getafsgroups.checkLockerOwner(user.username, machine.owner)
+ return getafsgroups.checkLockerOwner(user, machine.owner)
def validMachineName(name):
"""Check that name is valid for a machine name"""
def testAdmin(user, admin, machine):
if admin in (None, machine.administrator):
return None
- if admin == user.username:
+ if admin == user:
return admin
- if getafsgroups.checkAfsGroup(user.username, admin, 'athena.mit.edu'):
+ if getafsgroups.checkAfsGroup(user, admin, 'athena.mit.edu'):
return admin
- if getafsgroups.checkAfsGroup(user.username, 'system:'+admin,
+ if getafsgroups.checkAfsGroup(user, 'system:'+admin,
'athena.mit.edu'):
return 'system:'+admin
return admin
-def testOwner(user, owner, machine):
- if owner in (None, machine.owner):
- return None
- value = getafsgroups.checkLockerOwner(user.username, owner, verbose=True)
+def testOwner(user, owner, machine=None):
+ if owner == user or machine is not None and owner == machine.owner:
+ return owner
+ if owner is None:
+ raise InvalidInput('owner', owner, "Owner must be specified")
+ value = getafsgroups.checkLockerOwner(user, owner, verbose=True)
if not value:
return owner
raise InvalidInput('owner', owner, value)
projects / invirt/packages/invirt-web.git / commitdiff
