Changeset 632
- Timestamp:
- Jun 21, 2008, 10:39:27 PM (16 years ago)
- Location:
- trunk/packages/sipb-xen-www/code
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/packages/sipb-xen-www/code/main.py
r629 r632 40 40 from webcommon import InvalidInput, CodeError, State 41 41 import controls 42 from getafsgroups import getAfsGroupMembers 43 44 def pathSplit(path): 45 if path.startswith('/'): 46 path = path[1:] 47 i = path.find('/') 48 if i == -1: 49 i = len(path) 50 return path[:i], path[i:] 42 51 43 52 class Checkpoint: … … 142 151 autoinstall=getattr(validate, 'autoinstall', None)) 143 152 144 def create(username, state, fields):153 def create(username, state, path, fields): 145 154 """Handler for create requests.""" 146 155 try: … … 205 214 return d 206 215 207 def listVms(username, state, fields):216 def listVms(username, state, path, fields): 208 217 """Handler for list requests.""" 209 218 checkpoint.checkpoint('Getting list dict') … … 212 221 return templates.list(searchList=[d]) 213 222 214 def vnc(username, state, fields):223 def vnc(username, state, path, fields): 215 224 """VNC applet page. 216 225 … … 309 318 return disk_fields 310 319 311 def command(username, state, fields):320 def command(username, state, path, fields): 312 321 """Handler for running commands like boot and delete on a VM.""" 313 322 back = fields.getfirst('back') … … 395 404 machine=machine) 396 405 397 def modify(username, state, fields):406 def modify(username, state, path, fields): 398 407 """Handler for modifying attributes of a machine.""" 399 408 try: … … 415 424 416 425 417 def helpHandler(username, state, fields):426 def helpHandler(username, state, path, fields): 418 427 """Handler for help messages.""" 419 428 simple = fields.getfirst('simple') … … 466 475 467 476 468 def badOperation(u, s, e):477 def badOperation(u, s, p, e): 469 478 """Function called when accessing an unknown URI.""" 470 479 return ({'Status': '404 Not Found'}, 'Invalid operation.') … … 565 574 return d 566 575 567 def info(username, state, fields):576 def info(username, state, path, fields): 568 577 """Handler for info on a single VM.""" 569 578 machine = validation.Validate(username, state, machine_id=fields.getfirst('machine_id')).machine … … 572 581 return templates.info(searchList=[d]) 573 582 574 def unauthFront(_, _2, fields):583 def unauthFront(_, _2, _3, fields): 575 584 """Information for unauth'd users.""" 576 585 return templates.unauth(searchList=[{'simple' : True}]) 577 586 578 def throwError(_, __, ___): 587 def overlord(username, state, path, fields): 588 if not username in getAfsGroupMembers('system:xvm', 'athena.mit.edu'): 589 raise InvalidInput('username', username, 'Not an overlord.') 590 newstate = State(username, overlord=True) 591 newstate.environ = state.environ 592 return handler(username, newstate, path, fields) 593 594 def throwError(_, __, ___, ____): 579 595 """Throw an error, to test the error-tracing mechanisms.""" 580 596 raise RuntimeError("test of the emergency broadcast system") … … 588 604 help=helpHandler, 589 605 unauth=unauthFront, 606 overlord=overlord, 590 607 errortest=throwError) 591 608 … … 626 643 return environ.get('REMOTE_USER', None) 627 644 645 def handler(username, state, path, fields): 646 operation, path = pathSplit(path) 647 if not operation: 648 operation = 'list' 649 print 'Starting', operation 650 fun = mapping.get(operation, badOperation) 651 return fun(username, state, path, fields) 652 628 653 class App: 629 654 def __init__(self, environ, start_response): … … 636 661 637 662 def __iter__(self): 663 start_time = time.time() 638 664 sipb_xen_database.clear_cache() 639 665 sys.stderr = StringIO() … … 646 672 if self.username is None: 647 673 operation = 'unauth' 648 if operation.startswith('/'): 649 operation = operation[1:] 650 if not operation: 651 operation = 'list' 652 print 'Starting', operation 653 654 start_time = time.time() 655 fun = mapping.get(operation, badOperation) 674 656 675 try: 657 676 checkpoint.checkpoint('Before') 658 output = fun(self.username, self.state, fields)677 output = handler(self.username, self.state, operation, fields) 659 678 checkpoint.checkpoint('After') 660 679 -
trunk/packages/sipb-xen-www/code/validation.py
r629 r632 37 37 38 38 if machine_id is not None: 39 self.machine = testMachineId(username, machine_id)39 self.machine = testMachineId(username, state, machine_id) 40 40 machine = getattr(self, 'machine', None) 41 41 … … 59 59 on=not created_new) 60 60 if disksize is not None: 61 self.disksize = validDisk(self.owner, disksize, machine)61 self.disksize = validDisk(self.owner, state, disksize, machine) 62 62 if vmtype is not None: 63 63 self.vmtype = validVmType(vmtype) … … 124 124 return False 125 125 126 def haveAccess(user, machine):126 def haveAccess(user, state, machine): 127 127 """Return whether a user has administrative access to a machine""" 128 return user in cache_acls.accessList(machine)128 return state.overlord or user in cache_acls.accessList(machine) 129 129 130 130 def owns(user, machine): … … 158 158 "Minimum %s MiB" % MIN_MEMORY_SINGLE) 159 159 max_val = maxMemory(owner, g, machine, on) 160 if memory > max_val:160 if not g.overlord and memory > max_val: 161 161 raise InvalidInput('memory', memory, 162 162 'Maximum %s MiB for %s' % (max_val, owner)) 163 163 return memory 164 164 165 def validDisk(owner, disk, machine=None):165 def validDisk(owner, g, disk, machine=None): 166 166 """Parse and validate limits for disk for a given owner and machine.""" 167 167 try: 168 168 disk = float(disk) 169 if disk > maxDisk(owner, machine):169 if not g.overlord and disk > maxDisk(owner, machine): 170 170 raise InvalidInput('disk', disk, 171 171 "Maximum %s G" % maxDisk(owner, machine)) … … 186 186 return t 187 187 188 def testMachineId(user, machine_id, exists=True):188 def testMachineId(user, state, machine_id, exists=True): 189 189 """Parse, validate and check authorization for a given user and machine. 190 190 … … 201 201 if exists and machine is None: 202 202 raise InvalidInput('machine_id', machine_id, "Does not exist.") 203 if machine is not None and not haveAccess(user, machine):203 if machine is not None and not haveAccess(user, state, machine): 204 204 raise InvalidInput('machine_id', machine_id, 205 205 "You do not have access to this machine.") -
trunk/packages/sipb-xen-www/code/webcommon.py
r578 r632 39 39 class State(object): 40 40 """State for a request""" 41 def __init__(self, user ):41 def __init__(self, user, overlord=False): 42 42 self.username = user 43 self.overlord = overlord 43 44 44 machines = cachedproperty(lambda self: 45 Machine.query().join('acl').select_by(user=self.username)) 45 def getMachines(self): 46 if self.overlord: 47 return Machine.select() 48 else: 49 return Machine.query().join('acl').select_by(user=self.username) 50 51 machines = cachedproperty(getMachines) 46 52 xmlist_raw = cachedproperty(lambda self: controls.getList()) 47 53 xmlist = cachedproperty(lambda self:
Note: See TracChangeset
for help on using the changeset viewer.