@ -11,9 +11,7 @@ First of all, we talk about the following files and folders:
@@ -11,9 +11,7 @@ First of all, we talk about the following files and folders:
.htpasswd
README
authz
cpi
elab-users.py
old-scripts-backup
JaneDoe
** WARNING: **
In this list, there is one hidden files: `.htpasswd`. This file is hidden on
@ -25,70 +23,62 @@ purpose, so ** don't mess with it **.
@@ -25,70 +23,62 @@ purpose, so ** don't mess with it **.
`authz`: defines the access controll list, so who has access to what
`cpi`: folder that holds the svn repository itself
`JaneDoe`: folder that holds one svn repository for a user
`elab-users.py`: usermanagement script
`old-scripts-backup`: contains the old scripts to add a user for backup reasons
Usermanagement with `elab-users.py`
Usermanagement with `elab-users`
-----------------------------------
** HINT: ** To run this scipt first change to the directory with
`cd /var/www/svn` and prepend every command with `./`
(e.g. `./elab-users.py --help`).
** HINT: ** To run this scipt if the service was deployed to dokku, use this
command structure `dokku run svn elab-users [command] [name]`
The script `elab-users.py` provides some options to add and delete users,
The script `elab-users` provides some options to add and delete users,
show access information from users and their elab journals. If the scprit
is called with the `--help` option, the folowing help message is displayed:
Usage: elab-users.py [option] name
usage: elab-users [-h] [command] [name]
shows and manipulates svn access rights
positional arguments:
command one of the commands: [user, group, add, restricted, retire, password]
name user or group to perform the command on
Options:
-h, --help show this help message and exit
-g, --groupinfo display users in a group
-a, --add add a regular user
-r, --restricted add a restricted user
-m, --move move a user to alumni
-p, --password reset a user password
optional arguments:
-h, --help show this help message and exit
to grant a restricted user access to another folder, you have to carefully
edit the authz file
To grant a restricted user access to another folder, you have to carefully
edit the authz file
the following combinations are possible:
The following combinations are possible:
* `elab-users.py`: will show a list of all groups and their users
* `elab-users.py UserName`: shows the access rights of the user and their labjournal
* `elab-users.py-g GroupName`: shows a list of all group members
* `elab-users.py-a UserName`: adds a regular user, creates svn folders and sets a random password
* `elab-users.py -a UserName`: adds a restricted user, creates svn folders and sets a random password
* `elab-users.py -m UserName`: moves an existing user to the alumni group, removes his password
* `elab-users.py-p UserName`: resets the password for an existing user to a new random one
* `elab-users`: will show a list of all groups and their users
* `elab-users UserName`: shows the access rights of the user and their labjournal
* `elab-users group GroupName`: shows a list of all group members
* `elab-users add UserName`: adds a regular user, creates svn folders and sets a random password
* `elab-users restricted UserName`: adds a restricted user, creates svn folders and sets a random password
* `elab-users retire UserName`: moves an existing user to the alumni group, removes his password
* `elab-users password UserName`: resets the password for an existing user to a new random one
Grant read writes to restricted users
-------------------------------------
As noted in the help message of `elab-users.py`, if a restriced user should have
read access to another labjournal, the `authz` file has to be edited manually.
Here are two examples that grant the user 'UrmilShah' read access to
two different lab journals:
As noted before, if a restriced user should have read access to another
lab journal, the `authz` file has to be edited manually. Here are two examples
that grant the user 'JaneDoe' read access to two different lab journals:
