Commit d5502935 authored by Leigh Stoller's avatar Leigh Stoller

Add a project argument to the trac xlogin stuff; I hacked up trac a bit

to support per-project authentication.
parent c5ae8acb
......@@ -18,7 +18,7 @@ sub usage()
print " tracproxy xlogin <uid> or\n";
exit(-1);
}
my $optlist = "d";
my $optlist = "dw:";
my $debug = 0;
#
......@@ -27,8 +27,9 @@ my $debug = 0;
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $OURDOMAIN = "@OURDOMAIN@";
my $TRACDIR = "/usr/local/www/data/trac/protogeni";
my $TRACPASSWD = "$TRACDIR/.htpasswd";
my $TRACTOPDIR = "/usr/local/www/data/trac";
my $TRACDIR;
my $TRACPASSWD;
my $TRACADMIN = "/usr/local/bin/trac-admin";
my $TRACUSER = "nobody";
my $TRACGROUP = "nobody";
......@@ -82,6 +83,15 @@ if (! getopts($optlist, \%options)) {
if (defined($options{"d"})) {
$debug = 1;
}
if (defined($options{"w"})) {
$TRACDIR = "$TRACTOPDIR/" . $options{"w"};
}
else {
$TRACDIR = "$TRACTOPDIR/emulab";
}
# This lives in the trac project dir.
$TRACPASSWD = "$TRACDIR/.htpasswd";
if (! @ARGV) {
usage();
}
......
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2007 University of Utah and the Flux Group.
# Copyright (c) 2007, 2008 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
......@@ -13,11 +13,12 @@ use Getopt::Std;
#
sub usage()
{
print STDOUT "Usage: tracxlogin <uid> <ipaddr>\n";
print STDOUT "Usage: tracxlogin [-w wiki] <uid> <ipaddr>\n";
exit(-1);
}
my $optlist = "d";
my $optlist = "dw:";
my $debug = 0;
my $wiki = "emulab";
#
# Configure variables
......@@ -88,7 +89,16 @@ if (! getopts($optlist, \%options)) {
if (defined($options{"d"})) {
$debug = 1;
}
if (defined($options{"w"})) {
$wiki = $options{"w"};
if ($wiki =~ /^([-\w]+)$/) {
$wiki = $1;
}
else {
die("Bad data in wiki: $wiki");
}
}
usage()
if (@ARGV != 2);
......@@ -122,8 +132,8 @@ if (! defined($target_user)) {
#
$UID = $EUID;
open(COOKIE, "$SSH -host $CONTROL $TRACPROXY xlogin $user $ipaddr |") or
fatal("$TRACPROXY failed on $CONTROL!");
open(COOKIE, "$SSH -host $CONTROL $TRACPROXY -w $wiki xlogin $user $ipaddr |")
or fatal("$TRACPROXY failed on $CONTROL!");
my $cookie = <COOKIE>;
close(COOKIE) or
fatal("$TRACPROXY failed on $CONTROL!");
......
......@@ -16,21 +16,33 @@ $this_user = CheckLoginOrDie(CHECKLOGIN_USERSTATUS|
CHECKLOGIN_WEBONLY|CHECKLOGIN_WIKIONLY);
$uid = $this_user->uid();
$geniproject = Project::Lookup("geni");
$approved = 0;
if (! ($geniproject &&
$geniproject->IsMember($this_user, $approved) && $approved)) {
USERERROR("You do not have permission to access the Trac wiki!", 1);
#
# Verify page arguments. project_title is the project to zap to.
#
$optargs = OptionalPageArguments("wiki", PAGEARG_STRING,
"force", PAGEARG_BOOLEAN);
if (!isset($wiki)) {
$wiki = "emulab";
}
$TRACURL = "https://${USERNODE}/trac/protogeni";
$TRACCOOKIENAME = "trac_auth";
elseif ($wiki == "geni") {
$geniproject = Project::Lookup("geni");
$approved = 0;
if (! ($geniproject &&
$geniproject->IsMember($this_user, $approved) && $approved)) {
USERERROR("You do not have permission to access the Trac wiki!", 1);
}
}
else {
USERERROR("Unknown Trac wiki $wiki!", 1);
}
$TRACURL = "https://${USERNODE}/trac/$wiki";
$TRACCOOKIENAME = "trac_auth_${wiki}";
#
# Look for our cookie. If the browser has it, then there is nothing
# more to do; just redirect the user over to the wiki.
#
if (isset($_COOKIE[$TRACCOOKIENAME])) {
if (!isset($force) && isset($_COOKIE[$TRACCOOKIENAME])) {
header("Location: ${TRACURL}");
return;
}
......@@ -38,8 +50,8 @@ if (isset($_COOKIE[$TRACCOOKIENAME])) {
#
# Do the xlogin, which gives us back a hash to stick in the cookie.
#
SUEXEC($uid, "nobody", "tracxlogin $uid " . $_SERVER['REMOTE_ADDR'],
SUEXEC_ACTION_DIE);
SUEXEC($uid, "nobody", "tracxlogin -w " . escapeshellarg($wiki) .
" $uid " . $_SERVER['REMOTE_ADDR'], SUEXEC_ACTION_DIE);
if (!preg_match("/^(\w*)$/", $suexec_output, $matches)) {
TBERROR($suexec_output, 1);
......
......@@ -689,7 +689,13 @@ function WRITESIDEBAR() {
if ($geniproject &&
$geniproject->IsMember($login_user, $approved) && $approved) {
NavMenuButton("ProtoGENI Trac Wiki",
"$TBBASE/" . CreateURL("gototrac", $login_user));
"$TBBASE/" . CreateURL("gototrac", $login_user,
"wiki", "geni"));
}
if (STUDLY()) {
NavMenuButton("Emulab Trac Wiki",
"$TBBASE/" . CreateURL("gototrac", $login_user,
"wiki", "emulab"));
}
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment