Index: trunk/packages/sipb-xen-www/code/getafsgroups.py =================================================================== --- trunk/packages/sipb-xen-www/code/getafsgroups.py (revision 407) +++ trunk/packages/sipb-xen-www/code/getafsgroups.py (revision 408) @@ -2,4 +2,5 @@ import pprint import subprocess +from webcommon import InvalidInput # import ldap @@ -35,4 +36,9 @@ return [line.strip() for line in p.stdout.readlines()[1:]] +def getLockerPath(locker): + if '/' in locker or locker in ['.', '..']: + raise InvalidInput('owner', locker, 'Locker name is invalid.') + return '/mit/' + locker + def checkAfsGroup(user, group, cell): """ @@ -42,5 +48,5 @@ def getCell(locker): - p = subprocess.Popen(["fs", "whichcell", "/mit/" + locker], + p = subprocess.Popen(["fs", "whichcell", getLockerPath(locker)], stdout=subprocess.PIPE, stderr=subprocess.PIPE) if p.wait(): @@ -49,5 +55,5 @@ def getLockerAcl(locker): - p = subprocess.Popen(["fs", "listacl", "/mit/" + locker], + p = subprocess.Popen(["fs", "listacl", getLockerPath(locker)], stdout=subprocess.PIPE, stderr=subprocess.PIPE) if p.wait(): @@ -59,5 +65,5 @@ if fields[0] == 'Negative': break - if 'rlidwka' in fields[1]: + if 'a' in fields[1]: values.append(fields[0]) return values @@ -80,5 +86,5 @@ checkAfsGroup(user, entry, cell)): return False - return "You don't have admin bits on /mit/" + locker + return "You don't have admin bits on " + getLockerPath(locker) Index: trunk/packages/sipb-xen-www/code/main.py =================================================================== --- trunk/packages/sipb-xen-www/code/main.py (revision 407) +++ trunk/packages/sipb-xen-www/code/main.py (revision 408) @@ -449,5 +449,5 @@ group.""", quotas=""" -Quotas are determined on a per-locker basis. Each quota may have a +Quotas are determined on a per-locker basis. Each locker may have a maximum of 512 megabytes of active ram, 50 gigabytes of disk, and 4 active machines.""",