Changeset 254 for trunk/web

Timestamp:

Dec 29, 2007, 3:09:59 AM (17 years ago)

Author:

andersk

Message:

Remove backdoor.

Location:

trunk/web

Files:

• main.py (modified) (2 diffs)
• validation.py (modified) (2 diffs)

trunk/web/main.py

@@ -186 +186 @@
     machines = [m for m in Machine.select()
                 if validation.haveAccess(user, m)]
-    #if user == 'moo':
-    #    machines = Machine.select()
-    #else:
-    #    machines = Machine.query().join('users').filter_by(user=user).all()
     checkpoint.checkpoint('Got my machines')
     on = {}
@@ -584 +580 @@
 def getUser():
     """Return the current user based on the SSL environment variables"""
-    if 'SSL_CLIENT_S_DN_Email' in os.environ:
-        username = os.environ['SSL_CLIENT_S_DN_Email'].split("@")[0]
-        return username
-    else:
-        return 'moo'
+    username = os.environ['SSL_CLIENT_S_DN_Email'].split("@")[0]
+    return username
 
 def main(operation, user, fields):    

trunk/web/validation.py

@@ -72 +72 @@
 def haveAccess(user, machine):
     """Return whether a user has administrative access to a machine"""
-    if user == 'moo':
-        return True
     if user in (machine.administrator, machine.owner):
         return True
@@ -85 +83 @@
 def owns(user, machine):
     """Return whether a user owns a machine"""
-    if user == 'moo':
-        return True
     return not getafsgroups.notLockerOwner(user, machine.owner)