Commit 3779f54c authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Add check for admin user in console routine, and always return tipacl

info to admin users.
parent 8e436d91
...@@ -227,6 +227,20 @@ def CheckNodePermission(uid, node): ...@@ -227,6 +227,20 @@ def CheckNodePermission(uid, node):
return CheckExptPermission(uid, res[0][0], res[0][1]) return CheckExptPermission(uid, res[0][0], res[0][1])
#
# Check if user is an admin person
#
def CheckIsAdmin(uid):
res = DBQueryFatal("SELECT admin FROM users "
"WHERE uid=%s",
(uid,))
if len(res) == 0:
return EmulabResponse(RESPONSE_ERROR,
output="No such user: " + uid)
return res[0][0];
# #
# This is a wrapper class so that you can invoke methods in dotted form. # This is a wrapper class so that you can invoke methods in dotted form.
# For example experiment.swapexp(...). # For example experiment.swapexp(...).
...@@ -2948,27 +2962,30 @@ class node: ...@@ -2948,27 +2962,30 @@ class node:
if not re.match("^[-\w]*$", str(argdict["node"])): if not re.match("^[-\w]*$", str(argdict["node"])):
return EmulabResponse(RESPONSE_BADARGS, return EmulabResponse(RESPONSE_BADARGS,
output="Improperly formed node value!") output="Improperly formed node value!")
# XXX Refactor the trust stuff
res = DBQueryFatal("SELECT e.pid,e.gid FROM reserved AS r "
"left join experiments as e on "
" e.pid=r.pid and e.eid=r.eid "
"WHERE r.node_id=%s",
(argdict["node"],))
if len(res) == 0: if not CheckIsAdmin(self.uid):
return EmulabResponse(RESPONSE_ERROR, # XXX Refactor the trust stuff
output="No such node: " + argdict["node"]) res = DBQueryFatal("SELECT e.pid,e.gid FROM reserved AS r "
"left join experiments as e on "
" e.pid=r.pid and e.eid=r.eid "
"WHERE r.node_id=%s",
(argdict["node"],))
trust = DBQueryFatal("SELECT trust FROM group_membership " if len(res) == 0:
"WHERE uid=%s and pid=%s and gid=%s", return EmulabResponse(RESPONSE_ERROR,
(self.uid, res[0][0], res[0][1])) output="No permission to access node: " +
argdict["node"])
if len(trust) == 0: trust = DBQueryFatal("SELECT trust FROM group_membership "
return EmulabResponse( "WHERE uid=%s and pid=%s and gid=%s",
RESPONSE_FORBIDDEN, (self.uid, res[0][0], res[0][1]))
output=("You do not have permission to access: "
+ argdict["node"])) if len(trust) == 0:
return EmulabResponse(
RESPONSE_FORBIDDEN,
output=("You do not have permission to access: "
+ argdict["node"]))
pass
res = DBQueryFatal("SELECT server,portnum,keylen,keydata " res = DBQueryFatal("SELECT server,portnum,keylen,keydata "
"FROM tiplines WHERE node_id=%s", "FROM tiplines WHERE node_id=%s",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment