From: Evan Broder <broder@mit.edu>
Date: Mon, 23 Nov 2009 02:02:31 +0000 (-0500)
Subject: "Cherry-pick" r2557 (Re-arrange the authz configuration.) to the
X-Git-Tag: 0.1.0^2~19
X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/commitdiff_plain/52d630b4ed2f7bbdd61b3eada7a2c38d64c077cb

"Cherry-pick" r2557 (Re-arrange the authz configuration.) to the
cherrypy branch.

(It's somewhat tenuous to claim this is a cherry-pick, given that all
of the changes would have conflicted had I actually tried to
cherry-pick the change. Oh well)

svn path=/package_branches/invirt-web/cherrypy-rebased/; revision=2716
---

diff --git a/code/cache_acls.py b/code/cache_acls.py
index 7ae4ac8..75f4720 100755
--- a/code/cache_acls.py
+++ b/code/cache_acls.py
@@ -39,7 +39,7 @@ def expandName(name):
             return [name]
         return []
     try:
-        return getafsgroups.getAfsGroupMembers(name, config.authz.afs.cells[0].cell)
+        return getafsgroups.getAfsGroupMembers(name, config.authz.cells[0].cell)
     except getafsgroups.AfsProcessError:
         return []
 
diff --git a/code/getafsgroups.py b/code/getafsgroups.py
index 1c6b82e..dcb8ee6 100755
--- a/code/getafsgroups.py
+++ b/code/getafsgroups.py
@@ -30,7 +30,7 @@ class AfsProcessError(Exception):
 
 def getAfsGroupMembers(group, cell):
     encrypt = True
-    for c in config.authz.afs.cells:
+    for c in config.authz.cells:
         if c.cell == cell and hasattr(c, 'auth'):
             encrypt = c.auth
     if encrypt:
diff --git a/code/main.py b/code/main.py
index 872b17e..f235c53 100755
--- a/code/main.py
+++ b/code/main.py
@@ -86,7 +86,7 @@ class InvirtWeb(View):
 
     def __getattr__(self, name):
         if name in ("admin", "overlord"):
-            if not cherrypy.request.login in getAfsGroupMembers(config.adminacl, config.authz[0].cell):
+            if not cherrypy.request.login in getAfsGroupMembers(config.adminacl, config.authz.cells[0].cell):
                 raise InvalidInput('username', cherrypy.request.login,
                                    'Not in admin group %s.' % config.adminacl)
             cherrypy.request.state = State(cherrypy.request.login, isadmin=True)
diff --git a/code/validation.py b/code/validation.py
old mode 100644
new mode 100755
index 9b7a0b0..fc9b969
--- a/code/validation.py
+++ b/code/validation.py
@@ -222,7 +222,7 @@ def testAdmin(user, admin, machine):
             return admin
         admin = 'system:' + admin
     try:
-        if user in getafsgroups.getAfsGroupMembers(admin, config.authz.afs.cells[0].cell):
+        if user in getafsgroups.getAfsGroupMembers(admin, config.authz.cells[0].cell):
             return admin
     except getafsgroups.AfsProcessError, e:
         errmsg = str(e)
diff --git a/invirt-cache-acls b/invirt-cache-acls
index 79a7650..922d9ba 100755
--- a/invirt-cache-acls
+++ b/invirt-cache-acls
@@ -1,7 +1,7 @@
 #!/bin/sh
 cells () {
-  for i in $(invirt-getconf -l authz.afs.cells); do
-    invirt-getconf authz.afs.cells.$i.cell
+  for i in $(invirt-getconf -l authz.cells); do
+    invirt-getconf authz.cells.$i.cell
   done
 }
 kinit -k -t /etc/invirt/keytab daemon/$(hostname -f)