Use expandOwner/expandAdmin rather than removed expandLocker

diff --git a/code/validation.py b/code/validation.py
index 9b7a0b0..29cb310 100755 (executable)
--- a/code/validation.py
+++ b/code/validation.py
@@ -5,6 +5,7 @@ import getafsgroups
 import re
 import string
 import dns.resolver
 import re
 import string
 import dns.resolver

+from invirt import authz

 from invirt.database import Machine, NIC, Type, Disk, CDROM, Autoinstall, Owner
 from invirt.config import structs as config
 from invirt.common import InvalidInput, CodeError
 from invirt.database import Machine, NIC, Type, Disk, CDROM, Autoinstall, Owner
 from invirt.config import structs as config
 from invirt.common import InvalidInput, CodeError

@@ -129,7 +130,7 @@ def haveAccess(user, state, machine):
 
 def owns(user, machine):
     """Return whether a user owns a machine"""
 
 def owns(user, machine):
     """Return whether a user owns a machine"""

-    return user in expandLocker(machine.owner)
+    return user in authz.expandOwner(machine.owner)

 
 def validMachineName(name):
     """Check that name is valid for a machine name"""
 
 def validMachineName(name):
     """Check that name is valid for a machine name"""

@@ -244,7 +245,7 @@ def testOwner(user, owner, machine=None):
     if '@' in owner:
         raise InvalidInput('owner', owner, "No cross-realm Hesiod lockers allowed")
     try:
     if '@' in owner:
         raise InvalidInput('owner', owner, "No cross-realm Hesiod lockers allowed")
     try:

-        if user not in cache_acls.expandLocker(owner):
+        if user not in authz.expandOwner(owner):

             raise InvalidInput('owner', owner, 'You do not have access to the '
                                + owner + ' locker')
     except getafsgroups.AfsProcessError, e:
             raise InvalidInput('owner', owner, 'You do not have access to the '
                                + owner + ' locker')
     except getafsgroups.AfsProcessError, e:

diff --git a/debian/changelog b/debian/changelog
index c8efb75..e416f92 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,12 @@
 invirt-web (0.1.8) lucid; urgency=low
 
 invirt-web (0.1.8) lucid; urgency=low
 

+  [ Andrew M. Farrell ]

   * Rename code/ to /var/www/invirt-web/ in binary-fixup
 
   * Rename code/ to /var/www/invirt-web/ in binary-fixup
 

- -- Andrew M. Farrell <afarrell@mit.edu>  Thu, 26 Aug 2010 01:48:04 -0400
+  [ Greg Brockman ]
+  * Use expandOwner/expandAdmin rather than removed expandLocker
+
+ -- Greg Brockman <gdb@mit.edu>  Thu, 26 Aug 2010 02:24:57 -0400

 
 invirt-web (0.1.7) unstable; urgency=low
 
 
 invirt-web (0.1.7) unstable; urgency=low