From: Anders Kaseorg <andersk@mit.edu>
Date: Sat, 29 Dec 2007 08:09:59 +0000 (-0500)
Subject: Remove backdoor.
X-Git-Tag: sipb-xen-www/1~24
X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/commitdiff_plain/66cccc3c93b4cd7d98c14564db63ee9831c4047e?ds=sidebyside

Remove backdoor.

svn path=/trunk/web/; revision=254
---

diff --git a/main.py b/main.py
index e182095..f567c71 100755
--- a/main.py
+++ b/main.py
@@ -185,10 +185,6 @@ def create(user, fields):
 def getListDict(user):
     machines = [m for m in Machine.select()
                 if validation.haveAccess(user, m)]
-    #if user == 'moo':
-    #    machines = Machine.select()
-    #else:
-    #    machines = Machine.query().join('users').filter_by(user=user).all()
     checkpoint.checkpoint('Got my machines')
     on = {}
     has_vnc = {}
@@ -583,11 +579,8 @@ def printHeaders(headers):
 
 def getUser():
     """Return the current user based on the SSL environment variables"""
-    if 'SSL_CLIENT_S_DN_Email' in os.environ:
-        username = os.environ['SSL_CLIENT_S_DN_Email'].split("@")[0]
-        return username
-    else:
-        return 'moo'
+    username = os.environ['SSL_CLIENT_S_DN_Email'].split("@")[0]
+    return username
 
 def main(operation, user, fields):    
     start_time = time.time()
diff --git a/validation.py b/validation.py
index 07b3f3d..3ed4938 100644
--- a/validation.py
+++ b/validation.py
@@ -71,8 +71,6 @@ def validAddVm(user):
 
 def haveAccess(user, machine):
     """Return whether a user has administrative access to a machine"""
-    if user == 'moo':
-        return True
     if user in (machine.administrator, machine.owner):
         return True
     if getafsgroups.checkAfsGroup(user, machine.administrator, 
@@ -84,8 +82,6 @@ def haveAccess(user, machine):
 
 def owns(user, machine):
     """Return whether a user owns a machine"""
-    if user == 'moo':
-        return True
     return not getafsgroups.notLockerOwner(user, machine.owner)
 
 def validMachineName(name):