Changeset 413 for trunk/packages/sipb-xen-www/code/getafsgroups.py
- Timestamp:
- Apr 14, 2008, 12:44:00 AM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/packages/sipb-xen-www/code/getafsgroups.py
r412 r413 29 29 30 30 def getAfsGroupMembers(group, cell): 31 p = subprocess.Popen(["pts", "membership", group, '-c', cell],31 p = subprocess.Popen(["pts", "membership", "-noauth", group, '-c', cell], 32 32 stdout=subprocess.PIPE, stderr=subprocess.PIPE) 33 if p.wait(): 34 return [] 33 err = p.stderr.read() 34 if err: #Error code doesn't reveal missing groups, but stderr does 35 raise AfsProcessError(err) 35 36 return [line.strip() for line in p.stdout.readlines()[1:]] 36 37 … … 39 40 raise AfsProcessError("Locker '%s' is invalid." % locker) 40 41 return '/mit/' + locker 41 42 def checkAfsGroup(user, group, cell):43 """44 checkAfsGroup(user, group) returns True if and only if user is in AFS group group in cell cell45 """46 return user in getAfsGroupMembers(group, cell)47 42 48 43 def getCell(locker): … … 82 77 83 78 for entry in values: 84 if entry == user or (entry[0:6] == "system" and 85 checkAfsGroup(user,entry, cell)):79 if entry == user or (entry[0:6] == "system" and 80 user in getAfsGroupMembers(entry, cell)): 86 81 return False 87 82 return "You don't have admin bits on " + getLockerPath(locker) … … 90 85 if __name__ == "__main__": 91 86 # print list(getldapgroups("tabbott")) 92 print checkAfsGroup("tabbott","system:debathena", 'athena.mit.edu')93 print checkAfsGroup("tabbott","system:debathena", 'sipb.mit.edu')94 print checkAfsGroup("tabbott","system:debathena-root", 'athena.mit.edu')95 print checkAfsGroup("tabbott","system:hmmt-request", 'athena.mit.edu')87 print "tabbott" in getAfsGroupMembers("system:debathena", 'athena.mit.edu') 88 print "tabbott" in getAfsGroupMembers("system:debathena", 'sipb.mit.edu') 89 print "tabbott" in getAfsGroupMembers("system:debathena-root", 'athena.mit.edu') 90 print "tabbott" in getAfsGroupMembers("system:hmmt-request", 'athena.mit.edu') 96 91 print notLockerOwner("tabbott", "tabbott") 97 92 print notLockerOwner("tabbott", "debathena")
Note: See TracChangeset
for help on using the changeset viewer.