|
|
|
|
SVN USER MANAGEMENT README
|
|
|
|
|
==========================
|
|
|
|
|
|
|
|
|
|
Command line script to manage the cpi lab journal users.
|
|
|
|
|
|
|
|
|
|
quick file overview
|
|
|
|
|
-------------------
|
|
|
|
|
|
|
|
|
|
First of all, we talk about the following files and folders:
|
|
|
|
|
|
|
|
|
|
.htpasswd
|
|
|
|
|
README
|
|
|
|
|
authz
|
|
|
|
|
cpi
|
|
|
|
|
elab-users.py
|
|
|
|
|
old-scripts-backup
|
|
|
|
|
|
|
|
|
|
** WARNING: **
|
|
|
|
|
In this list, there is one hidden files: `.htpasswd`. This file is hidden on
|
|
|
|
|
purpose, so ** don't mess with it **.
|
|
|
|
|
|
|
|
|
|
`.htpasswd`: stores the passwords for the users (classical apache htpaswd-file)
|
|
|
|
|
|
|
|
|
|
`README`: this file
|
|
|
|
|
|
|
|
|
|
`authz`: defines the access controll list, so who has access to what
|
|
|
|
|
|
|
|
|
|
`cpi`: folder that holds the svn repository itself
|
|
|
|
|
|
|
|
|
|
`elab-users.py`: usermanagement script
|
|
|
|
|
|
|
|
|
|
`old-scripts-backup`: contains the old scripts to add a user for backup reasons
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Usermanagement with `elab-users.py`
|
|
|
|
|
-----------------------------------
|
|
|
|
|
|
|
|
|
|
** HINT: ** To run this scipt first change to the directory with
|
|
|
|
|
`cd /var/www/svn` and prepend every command with `./`
|
|
|
|
|
(e.g. `./elab-users.py --help`).
|
|
|
|
|
|
|
|
|
|
The script `elab-users.py` provides some options to add and delete users,
|
|
|
|
|
show access information from users and their elab journals. If the scprit
|
|
|
|
|
is called with the `--help` option, the folowing help message is displayed:
|
|
|
|
|
|
|
|
|
|
Usage: elab-users.py [option] name
|
|
|
|
|
|
|
|
|
|
shows and manipulates svn access rights
|
|
|
|
|
|
|
|
|
|
Options:
|
|
|
|
|
-h, --help show this help message and exit
|
|
|
|
|
-g, --groupinfo display users in a group
|
|
|
|
|
-a, --add add a regular user
|
|
|
|
|
-r, --restricted add a restricted user
|
|
|
|
|
-m, --move move a user to alumni
|
|
|
|
|
-p, --password reset a user password
|
|
|
|
|
|
|
|
|
|
to grant a restricted user access to another folder, you have to carefully
|
|
|
|
|
edit the authz file
|
|
|
|
|
|
|
|
|
|
the following combinations are possible:
|
|
|
|
|
|
|
|
|
|
* `elab-users.py`: will show a list of all groups and their users
|
|
|
|
|
* `elab-users.py UserName`: shows the access rights of the user and their labjournal
|
|
|
|
|
* `elab-users.py -g GroupName`: shows a list of all group members
|
|
|
|
|
* `elab-users.py -a UserName`: adds a regular user, creates svn folders and sets a random password
|
|
|
|
|
* `elab-users.py -a UserName`: adds a restricted user, creates svn folders and sets a random password
|
|
|
|
|
* `elab-users.py -m UserName`: moves an existing user to the alumni group, removes his password
|
|
|
|
|
* `elab-users.py -p UserName`: resets the password for an existing user to a new random one
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Grant read writes to restricted users
|
|
|
|
|
-------------------------------------
|
|
|
|
|
|
|
|
|
|
As noted in the help message of `elab-users.py`, if a restriced user should have
|
|
|
|
|
read access to another labjournal, the `authz` file has to be edited manually.
|
|
|
|
|
Here are two examples that grant the user 'UrmilShah' read access to
|
|
|
|
|
two different lab journals:
|
|
|
|
|
|
|
|
|
|
... snip ...
|
|
|
|
|
|
|
|
|
|
[cpi:/AndreasEvers]
|
|
|
|
|
@restricted =
|
|
|
|
|
UrmilShah = r
|
|
|
|
|
|
|
|
|
|
... snip ...
|
|
|
|
|
|
|
|
|
|
[cpi:/HolgerFrey]
|
|
|
|
|
@restricted =
|
|
|
|
|
UrmilShah = r
|
|
|
|
|
HolgerFrey = rw
|
|
|
|
|
|
|
|
|
|
... snip ...
|
|
|
|
|
|
|
|
|
|
This does not apply to regular users, since these have read access to all folders.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Hint
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
This readme is written in Markdown. So if you want a nice printout, use a markdown converter first.
|
|
|
|
|
Something like <http://www.markdownviewer.com>
|
