From: Anders Kaseorg Date: Sat, 29 Dec 2007 08:09:59 +0000 (-0500) Subject: Remove backdoor. X-Git-Tag: sipb-xen-www/1~24 X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/commitdiff_plain/66cccc3c93b4cd7d98c14564db63ee9831c4047e Remove backdoor. svn path=/trunk/web/; revision=254 --- diff --git a/main.py b/main.py index e182095..f567c71 100755 --- a/main.py +++ b/main.py @@ -185,10 +185,6 @@ def create(user, fields): def getListDict(user): machines = [m for m in Machine.select() if validation.haveAccess(user, m)] - #if user == 'moo': - # machines = Machine.select() - #else: - # machines = Machine.query().join('users').filter_by(user=user).all() checkpoint.checkpoint('Got my machines') on = {} has_vnc = {} @@ -583,11 +579,8 @@ def printHeaders(headers): def getUser(): """Return the current user based on the SSL environment variables""" - if 'SSL_CLIENT_S_DN_Email' in os.environ: - username = os.environ['SSL_CLIENT_S_DN_Email'].split("@")[0] - return username - else: - return 'moo' + username = os.environ['SSL_CLIENT_S_DN_Email'].split("@")[0] + return username def main(operation, user, fields): start_time = time.time() diff --git a/validation.py b/validation.py index 07b3f3d..3ed4938 100644 --- a/validation.py +++ b/validation.py @@ -71,8 +71,6 @@ def validAddVm(user): def haveAccess(user, machine): """Return whether a user has administrative access to a machine""" - if user == 'moo': - return True if user in (machine.administrator, machine.owner): return True if getafsgroups.checkAfsGroup(user, machine.administrator, @@ -84,8 +82,6 @@ def haveAccess(user, machine): def owns(user, machine): """Return whether a user owns a machine""" - if user == 'moo': - return True return not getafsgroups.notLockerOwner(user, machine.owner) def validMachineName(name):