Changeset 2988


Ignore:
Timestamp:
Feb 5, 2010, 11:20:53 AM (15 years ago)
Author:
broder
Message:

Drop the second "owner" argument from invirt.authz.expandAdmin.

If we find out later that some authz mechanism requires knowing the
owner to interpret the administrator, we can add it back. But so long
as all authz modules live in our tree, let's not add unnecessary API
complexity just because we can.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/packages/xvm-authz-locker/python/invirt/authz.py

    r2766 r2988  
    4949
    5050
    51 def expandAdmin(name, owner):
     51def expandAdmin(name):
    5252    """Expand an administrator to a list of authorized users.
    5353
    54     Because the interpretation of an administrator might depend on the
    55     owner, the owner is passed in as an argument.
    56 
    57     However, in the case of locker-based authentication, the
    58     administrator is always interpreted as an AFS entry (either a user
    59     or a group) in the home cell (athena.mit.edu for XVM).
     54    For locker-based authorization, the administrator is always
     55    interpreted as an AFS entry (either a user or a group) in the
     56    machine's home cell (athena.mit.edu for XVM).
    6057    """
    6158    cell = config.authz.afs.cells[0].cell
Note: See TracChangeset for help on using the changeset viewer.