From c0b55e09a0ed7aceaf8451466103c9448d401818 Mon Sep 17 00:00:00 2001 From: Holger Frey Date: Thu, 8 Jan 2015 17:04:35 +0100 Subject: [PATCH] changes reflecting new elab structure --- README | 36 ++- authz | 791 +++++++++++++++++++++++++++++++++++++------------ authz.original | 463 +++++++++++++++++++++++++++++ manage.py | 289 ++++++++++-------- 4 files changed, 1252 insertions(+), 327 deletions(-) create mode 100644 authz.original diff --git a/README b/README index b0fa479..53504bf 100644 --- a/README +++ b/README @@ -4,17 +4,15 @@ SVN USER MANAGEMENT README First of all, we talk about the following files and folders: .htpasswd - .svn-dir-creator README authz cpi elab-users.py old-scripts-backup -** WARNING: ** -In this list, there are two hidden files: `.htpasswd` and -`.svn-dir-creator`. This two are hidden on purpose, so -** don't mess with these files **. +** WARNING: ** +In this list, there is one hidden files: `.htpasswd`. This file is hidden on +purpose, so ** don't mess with it **. quick file overview @@ -22,8 +20,6 @@ quick file overview `.htpasswd`: stores the passwords for the users (classical apache htpaswd-file) -`.svn-dir-creator`: creates empty svn directories for new users - `README`: this file `authz`: defines the access controll list, so who has access to what @@ -38,14 +34,16 @@ quick file overview Usermanagement with `elab-users.py` ----------------------------------- -** HINT: ** To run this scipt first change to the directory with `cd /var/www/svn` and prepend every command with `./` (e.g. `./elab-users.py --help`). +** HINT: ** To run this scipt first change to the directory with +`cd /var/www/svn` and prepend every command with `./` +(e.g. `./elab-users.py --help`). -The script `elab-users.py` provides some options to add and delete users, -show access information from users and their elab journals. If the scprit +The script `elab-users.py` provides some options to add and delete users, +show access information from users and their elab journals. If the scprit is called with the `--help` option, the folowing help message is displayed: Usage: elab-users.py [option] name - + shows and manipulates svn access rights Options: @@ -73,21 +71,21 @@ the following combinations are possible: Grant read writes to restricted users ------------------------------------- -As noted in the help message of `elab-users.py`, if a restriced user should have -read access to another labjournal, the `authz` file has to be edited manually. -Here are two examples that grant the user 'UrmilShah' read access to +As noted in the help message of `elab-users.py`, if a restriced user should have +read access to another labjournal, the `authz` file has to be edited manually. +Here are two examples that grant the user 'UrmilShah' read access to two different lab journals: ... snip ... [cpi:/AndreasEvers] - @restricted = + @restricted = UrmilShah = r - + ... snip ... [cpi:/HolgerFrey] - @restricted = + @restricted = UrmilShah = r HolgerFrey = rw @@ -99,6 +97,6 @@ This does not apply to regular users, since these have read access to all folder Hint ---- -This readme is written in Markdown. -So if you want a nice printout, use a markdown converter first. +This readme is written in Markdown. +So if you want a nice printout, use a markdown converter first. Something like diff --git a/authz b/authz index 5b0414b..616cdb7 100644 --- a/authz +++ b/authz @@ -1,429 +1,848 @@ [groups] -administrators = OswaldPrucker -restricted = AndreasEver, ArthurMartens, BeniPrasser, JuliaSaar, SimonZunker, SirasaYodmongkol, UrmilShah, YongZhou -alumni = AlexeyKopyshev, AndreasBoenisch, AnkeWoerz, AnneLoesche, ArulGeetha, ChristianSchuh, ChristineBunte, CkPandiyarajan, FanWu, GinoRodriguez, GuillermoBenites, HeikeHaller, IrenaEipert, JacobBelardi, JenniferPfau, JoachimLauterwasser, JohannesBaader, KatrinMoosmann, KerstinSchuh, KimberlySimancas, MarcelHoffmann, MarcoArmbruster, MariaVoehringer, MariaVohringer, MartinaAuerswald, MartinVellinger, MatthiasLischka, MessRechner, MichaelaFrase, MiriamScheckenbach, MonicaPerez, MonikaKurowska, NinoLomadze, Nongluck, OliverDornfeld, PeterZahn, PhilippDiefenthaler, PhilippWollermann, RodrigoNavarro, SaraFuchs, SebastianBoehmer, SebastianSebald, SimonBodendorfer, SimonSchuster, ThidaratWangkam, TobiasKoenig, TristanBourrel, UlrikeRiehle, ViVek, WolfgangEhm, YnSekhar, ZouStaarter -users = AlexanderDietz, AliciaMalekLuz, AndreasMader, AnnaSchuler, AnneBuderer, CanerKaganaslan, ChristophScheibelein, DanielaMoessner, DavidBoschert, DavidSchwaerzle, FrankScherag, FranziskaDorner, GerhardBaaken, GregorOsterwinter, HolgerFrey, JanNiklasSchoenberg, JonGreen, KarenLienkamp, KeLi, MalwinaPajestka, MaraFlorea, MarcelRothfelder, MarcZinggeler, MartinKoerner, MartinRendl, MartinSchoenstein, MatthiasMenzel, MelanieEichhorn, MichaelHenze, MostafaMahmoud, NataliaSchatz, NicoleBirsner, NilsKorf, PetraHettich, PhilipKotrade, RaduCristianMutihac, RebeccaBlell, RomanErath, SamarKazan, SaschaEngel, ShararehSahneh, SureshReddyBanda, ThomasBrandstetter, TianyangZheng, TobiasHeitzler, VinicioCarias, VitaliyKondrashov, WibkeHartleb, XiaoqiangHou +administrators = JuergenRuehe, OswaldPrucker +alumni = AlexeyKopyshev, AndreasBoenisch, AndreasEver, AnkeWoerz, AnneLoesche, ArthurMartens, ArulGeetha, CamillaOestevold, CanerKaganaslan, ChristianSchuh, ChristineBunte, CkPandiyarajan, CleoStannard, FanWu, GerhardBaaken, GinoRodriguez, GuillermoBenites, HeikeHaller, IrenaEipert, JacobBelardi, JenniferPfau, JoachimLauterwasser, JohannesBaader, KatrinMoosmann, KeLi, KerstinSchuh, KimberlySimancas, MarcoArmbruster, MariaVoehringer, MariaVohringer, MartinRendl, MartinVellinger, MartinaAuerswald, MatthiasLischka, MessRechner, MichaelaFrase, MiriamScheckenbach, MonicaPerez, NinoLomadze, Nongluck, OliverDornfeld, PeterZahn, PhilippDiefenthaler, PhilippWollermann, RebeccaBlell, RodrigoNavarro, SaraFuchs, SebastianBoehmer, SebastianSebald, SimonBodendorfer, SimonSchuster, SirasaYodmongkol, ThidaratWangkam, TobiasHeitzler, TobiasKoenig, TristanBourrel, UlrikeRiehle, ViVek, VinicioCarias, WolfgangEhm, YnSekhar, ZouStaarter +users = AlexanderDietz, AliciaMalekLuz, AndreasMader, AnnaSchuler, AnneBuderer, ChristophScheibelein, CrispinAmiriNaini, DanielaMoessner, DavidBoschert, DavidSchwaerzle, EstherRiga, FrankScherag, FranziskaDorner, GregorOsterwinter, HeidiPerez, HolgerFrey, JanNiklasSchoenberg, JonGreen, KarenLienkamp, KatyaSergeeva, LauraHerrera, MalwinaPajestka, MaraFlorea, MarcZinggeler, MarcelHoffmann, MarcelRothfelder, MartinKoerner, MartinSchoenstein, MatthiasMenzel, MelanieEichhorn, MichaelHenze, MonikaKurowska, MostafaMahmoud, NataliaSchatz, NicoleBirsner, NilsKorf, PengZou, PetraHettich, PhilipKotrade, RaduCristianMutihac, RomanErath, SamarKazan, SaschaEngel, SebastianBonaus, ShararehSahneh, SureshReddyBanda, ThananthornKanokwijitsilp, ThomasBrandstetter, TianyangZheng, VanessaWeiss, VitaliyKondrashov, WibkeHartleb, XiaoqiangHou, ZhuolingDeng +restricted = BeniPrasser, JuliaSaar, SimonZunker, UrmilShah, YongZhou [cpi:/] -@administrators = rw +@administrators= r @users = r -@restricted = r +@restricted = @alumni = -[cpi:/AlexanderDietz] +[AlexanderDietz:/] +@administrators= rw +@users = r @restricted = -AlexanderDietz = rw +@alumni = +AlexanderDietz= r -[cpi:/AlexeyKopyshev] +[AlexeyKopyshev:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/AliciaMalekLuz] +[AliciaMalekLuz:/] +@administrators= rw +@users = r @restricted = -AliciaMalekLuz = rw +@alumni = +AliciaMalekLuz= r -[cpi:/AndreasBoenisch] +[AndreasBoenisch:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/AndreasEver] +[AndreasEver:/] +@administrators= rw +@users = r @restricted = -AndreasEver = rw +@alumni = -[cpi:/AndreasEvers] +[AndreasEvers:/] +@administrators= rw +@users = r @restricted = +@alumni = UrmilShah = r -[cpi:/AndreasMader] +[AndreasMader:/] +@administrators= rw +@users = r @restricted = -AndreasMader = rw -SirasaYodmongkol = r +@alumni = +AndreasMader= r -[cpi:/AnkeWoerz] +[AnkeWoerz:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/AnnaSchuler] +[AnnaSchuler:/] +@administrators= rw +@users = r @restricted = -AnnaSchuler = rw +@alumni = +AnnaSchuler= r -[cpi:/AnneBuderer] +[AnneBuderer:/] +@administrators= rw +@users = r @restricted = -AnneBuderer = rw +@alumni = +AnneBuderer= r -[cpi:/AnneLoesche] +[AnneLoesche:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/AnselmHoppmann] +[AnselmHoppmann:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/ArthurMartens] +[ArthurMartens:/] +@administrators= rw +@users = r @restricted = -ArthurMartens = rw +@alumni = -[cpi:/ArulGeetha] +[ArulGeetha:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/BeniPrasser] +[BeniPrasser:/] +@administrators= rw +@users = r @restricted = -BeniPrasser = rw +@alumni = +BeniPrasser= r -[cpi:/CanerKaganaslan] +[CamillaOestevold:/] +@administrators= rw +@users = r @restricted = -CanerKaganaslan = rw +@alumni = -[cpi:/ChristianSchuh] +[CanerKaganaslan:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/ChristineBunte] +[ChristianSchuh:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/ChristophScheibelein] +[ChristineBunte:/] +@administrators= rw +@users = r @restricted = -ChristophScheibelein = rw +@alumni = -[cpi:/CkPandiyarajan] +[ChristophScheibelein:/] +@administrators= rw +@users = r @restricted = +@alumni = +ChristophScheibelein= r -[cpi:/DanielaMoessner] +[CkPandiyarajan:/] +@administrators= rw +@users = r @restricted = -DanielaMoessner = rw +@alumni = -[cpi:/DavidBoschert] +[CleoStannard:/] +@administrators= rw +@users = r @restricted = -DavidBoschert = rw +@alumni = -[cpi:/DavidSchwaerzle] +[CrispinAmiriNaini:/] +@administrators= rw +@users = @restricted = -DavidSchwaerzle = rw +@alumni = +CrispinAmiriNaini= r -[cpi:/DennisTrenkle] +[DanielaMoessner:/] +@administrators= rw +@users = r @restricted = +@alumni = +DanielaMoessner= r -[cpi:/DingdingHe] +[DavidBoschert:/] +@administrators= rw +@users = r @restricted = +@alumni = +DavidBoschert= r -[cpi:/FanWu] +[DavidSchwaerzle:/] +@administrators= rw +@users = r @restricted = +@alumni = +DavidSchwaerzle= r -[cpi:/FrankScherag] +[DennisTrenkle:/] +@administrators= rw +@users = r @restricted = -FrankScherag = rw +@alumni = -[cpi:/FranziskaDorner] +[DingdingHe:/] +@administrators= rw +@users = r @restricted = -FranziskaDorner = rw +@alumni = -[cpi:/GerhardBaaken] +[EstherRiga:/] +@administrators= rw +@users = r @restricted = -GerhardBaaken = rw +@alumni = +EstherRiga= r -[cpi:/GinoRodriguez] +[FanWu:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/GregorOsterwinter] +[FrankScherag:/] +@administrators= rw +@users = r @restricted = -GregorOsterwinter = rw +@alumni = +FrankScherag= r -[cpi:/GuillermoBenites] +[FranziskaDorner:/] +@administrators= rw +@users = r @restricted = +@alumni = +FranziskaDorner= r + +[GerhardBaaken:/] +@administrators= rw +@users = r +@restricted = +@alumni = -[cpi:/HeikeHaller] +[GinoRodriguez:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/HolgerFrey] +[GregorOsterwinter:/] +@administrators= rw +@users = r @restricted = -HolgerFrey = rw +@alumni = +GregorOsterwinter= r + +[GuillermoBenites:/] +@administrators= rw +@users = r +@restricted = +@alumni = + +[HeidiPerez:/] +@administrators= rw +@users = r +@restricted = +@alumni = +HeidiPerez= r + +[HeikeHaller:/] +@administrators= rw +@users = r +@restricted = +@alumni = + +[HolgerFrey:/] +@administrators= rw +@users = r +@restricted = +@alumni = UrmilShah = r +HolgerFrey= rw -[cpi:/IrenaEipert] +[IrenaEipert:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/JacobBelardi] +[JacobBelardi:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/JanNiklasSchoenberg] +[JanNiklasSchoenberg:/] +@administrators= rw +@users = r @restricted = -JanNiklasSchoenberg = rw +@alumni = +JanNiklasSchoenberg= r -[cpi:/JenniferPfau] +[JenniferPfau:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/JoachimLauterwasser] +[JoachimLauterwasser:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/JohannesBaader] +[JohannesBaader:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/JonGreen] +[JonGreen:/] +@administrators= rw +@users = r @restricted = -JonGreen = rw +@alumni = +JonGreen= r -[cpi:/JonasGroten] +[JonasGroten:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/JuliaSaar] +[JuergenRuehe:/] +@administrators= rw +@users = @restricted = -JuliaSaar = rw +@alumni = +JuergenRuehe= r -[cpi:/KarenLienkamp] +[JuliaSaar:/] +@administrators= rw +@users = r @restricted = -KarenLienkamp = rw +@alumni = +JuliaSaar= r -[cpi:/KatrinMoosmann] +[KarenLienkamp:/] +@administrators= rw +@users = r @restricted = +@alumni = +KarenLienkamp= r -[cpi:/KeLi] +[KatrinMoosmann:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/KerstinSchuh] -@restricted = +[KatyaSergeeva:/] +@administrators= rw +@users = r +@restricted = +@alumni = +KatyaSergeeva= r -[cpi:/KimberlySimancas] +[KeLi:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/MalwinaPajestka] +[KerstinSchuh:/] +@administrators= rw +@users = r @restricted = -MalwinaPajestka = rw +@alumni = -[cpi:/MaraFlorea] +[KimberlySimancas:/] +@administrators= rw +@users = r @restricted = -MaraFlorea = rw +@alumni = -[cpi:/MarcelRothfelder] +[LauraHerrera:/] +@administrators= rw +@users = r @restricted = -MarcelRothfelder = rw +@alumni = +LauraHerrera= r -[cpi:/MarcZinggeler] +[MalwinaPajestka:/] +@administrators= rw +@users = r @restricted = -MarcZinggeler = rw +@alumni = +MalwinaPajestka= r -[cpi:/MarcelHoffmann] +[MaraFlorea:/] +@administrators= rw +@users = r @restricted = -MarcelHoffmann = rw +@alumni = +MaraFlorea= r -[cpi:/MarcoArmbruster] +[MarcZinggeler:/] +@administrators= rw +@users = r @restricted = +@alumni = +MarcZinggeler= r -[cpi:/MariaVoehringer] +[MarcelHoffmann:/] +@administrators= rw +@users = r @restricted = +@alumni = +MarcelHoffmann= r -[cpi:/MartinaAuerswald] +[MarcelRothfelder:/] +@administrators= rw +@users = r @restricted = +@alumni = +MarcelRothfelder= r -[cpi:/MartinKoerner] +[MarcoArmbruster:/] +@administrators= rw +@users = r @restricted = -MartinKoerner = rw +@alumni = -[cpi:/MartinMarazita] +[MariaVoehringer:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/MartinRendl] +[MartinKoerner:/] +@administrators= rw +@users = r @restricted = -MartinRendl = rw -ArthurMartens = r +@alumni = +MartinKoerner= r -[cpi:/MartinSchoenstein] +[MartinMarazita:/] +@administrators= rw +@users = r @restricted = -MartinSchoenstein = rw +@alumni = -[cpi:/MartinVellinger] +[MartinRendl:/] +@administrators= rw +@users = r @restricted = +@alumni = + +[MartinSchoenstein:/] +@administrators= rw +@users = r +@restricted = +@alumni = +MartinSchoenstein= r + +[MartinVellinger:/] +@administrators= rw +@users = r +@restricted = +@alumni = -[cpi:/MatthiasLischka] +[MartinaAuerswald:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/MatthiasMenzel] +[MatthiasLischka:/] +@administrators= rw +@users = r @restricted = -MatthiasMenzel = rw +@alumni = -[cpi:/MaxMustermann] +[MatthiasMenzel:/] +@administrators= rw +@users = r @restricted = +@alumni = +MatthiasMenzel= r -[cpi:/MelanieEichhorn] +[MaxMustermann:/] +@administrators= rw +@users = r @restricted = -MelanieEichhorn = rw +@alumni = -[cpi:/MessRechner] +[MelanieEichhorn:/] +@administrators= rw +@users = r @restricted = +@alumni = +MelanieEichhorn= r + +[MessRechner:/] +@administrators= rw +@users = r +@restricted = +@alumni = + +[MichaelHenze:/] +@administrators= rw +@users = r +@restricted = +@alumni = +MichaelHenze= r + +[MichaelaFrase:/] +@administrators= rw +@users = r +@restricted = +@alumni = + +[MiriamScheckenbach:/] +@administrators= rw +@users = r +@restricted = +@alumni = -[cpi:/MichaelHenze] +[MonicaPerez:/] +@administrators= rw +@users = r @restricted = -MichaelHenze = rw +@alumni = -[cpi:/MichaelaFrase] +[MonikaKurowska:/] +@administrators= rw +@users = r @restricted = +@alumni = +MonikaKurowska= r -[cpi:/MiriamScheckenbach] +[MostafaMahmoud:/] +@administrators= rw +@users = r @restricted = +@alumni = +MostafaMahmoud= r -[cpi:/MonicaPerez] +[NataliaSchatz:/] +@administrators= rw +@users = r @restricted = +@alumni = +NataliaSchatz= r -[cpi:/MonikaKurowska] +[NicolasSchorr:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/MostafaMahmoud] +[NicoleBirsner:/] +@administrators= rw +@users = r @restricted = -MostafaMahmoud = rw +@alumni = +NicoleBirsner= r -[cpi:/NataliaSchatz] +[NilsKorf:/] +@administrators= rw +@users = r @restricted = -NataliaSchatz = rw +@alumni = +NilsKorf= r -[cpi:/NicolasSchorr] +[NinoLomadze:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/NicoleBirsner] +[Nongluck:/] +@administrators= rw +@users = r @restricted = -NicoleBirsner = rw +@alumni = -[cpi:/NilsKorf] +[OliverDornfeld:/] +@administrators= rw +@users = r @restricted = -NilsKorf = rw +@alumni = -[cpi:/NinoLomadze] +[OswaldPrucker:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/Nongluck] +[PengZou:/] +@administrators= rw +@users = r @restricted = +@alumni = +PengZou= r -[cpi:/OliverDornfeld] +[PeterZahn:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/OswaldPrucker] +[PetraHettich:/] +@administrators= rw +@users = r @restricted = -@users = +@alumni = +PetraHettich= r -[cpi:/PengZou] +[PhilipKotrade:/] +@administrators= rw +@users = r @restricted = +@alumni = +PhilipKotrade= r -[cpi:/PeterZahn] +[PhilippDiefenthaler:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/PetraHettich] +[RaduCristianMutihac:/] +@administrators= rw +@users = r @restricted = -PetraHettich = rw +@alumni = +RaduCristianMutihac= r -[cpi:/PhilippDiefenthaler] +[RebeccaBlell:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/PhilipKotrade] +[RodrigoNavarro:/] +@administrators= rw +@users = r @restricted = -PhilipKotrade = rw +@alumni = -[cpi:/RaduCristianMutihac] +[RomanErath:/] +@administrators= rw +@users = r @restricted = -RaduCristianMutihac = rw +@alumni = +RomanErath= r -[cpi:/RebeccaBlell] +[SamarKazan:/] +@administrators= rw +@users = r @restricted = -RebeccaBlell = rw +@alumni = +SamarKazan= r -[cpi:/RodrigoNavarro] +[SaraFuchs:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/RomanErath] +[SaschaEngel:/] +@administrators= rw +@users = r @restricted = -RomanErath = rw +@alumni = +SaschaEngel= r -[cpi:/SamarKazan] +[SebastianBoehmer:/] +@administrators= rw +@users = r @restricted = -SamarKazan = rw +@alumni = -[cpi:/SaraFuchs] +[SebastianBonaus:/] +@administrators= rw +@users = r @restricted = +@alumni = +SebastianBonaus= r -[cpi:/SaschaEngel] +[ShararehSahneh:/] +@administrators= rw +@users = r @restricted = -SaschaEngel = rw +@alumni = +ShararehSahneh= r -[cpi:/SebastianBoehmer] +[SimonBodendorfer:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/ShararehSahneh] +[SimonEbner:/] +@administrators= rw +@users = r @restricted = -ShararehSahneh = rw +@alumni = -[cpi:/SimonBodendorfer] +[SimonSchuster:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/SimonEbner] +[SimonZunker:/] +@administrators= rw +@users = r @restricted = +@alumni = +SimonZunker= r -[cpi:/SimonSchuster] +[SirasaYodmongkol:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/SimonZunker] +[SureshReddyBanda:/] +@administrators= rw +@users = r @restricted = -SimonZunker = rw +@alumni = +SureshReddyBanda= r -[cpi:/SirasaYodmongkol] +[ThananthornKanokwijitsilp:/] +@administrators= rw +@users = r @restricted = -SirasaYodmongkol = rw +@alumni = +ThananthornKanokwijitsilp= r -[cpi:/SureshReddyBanda] +[ThidaratWangkam:/] +@administrators= rw +@users = r @restricted = -SureshReddyBanda = rw +@alumni = -[cpi:/ThidaratWangkam] +[ThomasBrandstetter:/] +@administrators= rw +@users = r @restricted = +@alumni = +ThomasBrandstetter= r -[cpi:/ThomasBrandstetter] +[TianyangZheng:/] +@administrators= rw +@users = r @restricted = -ThomasBrandstetter = rw +@alumni = +TianyangZheng= r -[cpi:/TianyangZheng] +[TobiasHeitzler:/] +@administrators= rw +@users = r @restricted = -TianyangZheng = rw +@alumni = -[cpi:/TobiasHeitzler] +[TobiasKoenig:/] +@administrators= rw +@users = r @restricted = -TobiasHeitzler = rw +@alumni = -[cpi:/TobiasKoenig] +[TristanBourrel:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/TristanBourrel] +[UlrikeRiehle:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/UlrikeRiehle] +[UrmilShah:/] +@administrators= rw +@users = r @restricted = +@alumni = +UrmilShah= r -[cpi:/UrmilShah] +[VanessaWeiss:/] +@administrators= rw +@users = r @restricted = -UrmilShah = rw +@alumni = +VanessaWeiss= r -[cpi:/ViVek] +[ViVek:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/VinicioCarias] +[VinicioCarias:/] +@administrators= rw +@users = r @restricted = -VinicioCarias = rw +@alumni = -[cpi:/VitaliyKondrashov] +[VitaliyKondrashov:/] +@administrators= rw +@users = r @restricted = -VitaliyKondrashov = rw +@alumni = +VitaliyKondrashov= r SimonZunker = r -[cpi:/WibkeHartleb] +[WibkeHartleb:/] +@administrators= rw +@users = r @restricted = -WibkeHartleb = rw +@alumni = +WibkeHartleb= r -[cpi:/WolfgangEhm] +[WolfgangEhm:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/XiaoqiangHou] +[XiaoqiangHou:/] +@administrators= rw +@users = r @restricted = -XiaoqiangHou = rw +@alumni = +XiaoqiangHou= r -[cpi:/YnSekhar] +[YnSekhar:/] +@administrators= rw +@users = r @restricted = +@alumni = -[cpi:/YongZhou] +[YongZhou:/] +@administrators= rw +@users = r @restricted = -YongZhou = rw +@alumni = +YongZhou= r -[cpi:/ZhuolingDeng] +[ZhuolingDeng:/] +@administrators= rw +@users = r @restricted = +@alumni = +ZhuolingDeng= r -[cpi:/ZouStaarter] +[ZouStaarter:/] +@administrators= rw +@users = r @restricted = - +@alumni = diff --git a/authz.original b/authz.original new file mode 100644 index 0000000..68e75fc --- /dev/null +++ b/authz.original @@ -0,0 +1,463 @@ +[groups] +administrators = JuergenRuehe, OswaldPrucker +alumni = AlexeyKopyshev, AndreasBoenisch, AndreasEver, AnkeWoerz, AnneLoesche, ArthurMartens, ArulGeetha, CamillaOestevold, CanerKaganaslan, ChristianSchuh, ChristineBunte, CkPandiyarajan, CleoStannard, FanWu, GerhardBaaken, GinoRodriguez, GuillermoBenites, HeikeHaller, IrenaEipert, JacobBelardi, JenniferPfau, JoachimLauterwasser, JohannesBaader, KatrinMoosmann, KeLi, KerstinSchuh, KimberlySimancas, MarcoArmbruster, MariaVoehringer, MariaVohringer, MartinRendl, MartinVellinger, MartinaAuerswald, MatthiasLischka, MessRechner, MichaelaFrase, MiriamScheckenbach, MonicaPerez, NinoLomadze, Nongluck, OliverDornfeld, PeterZahn, PhilippDiefenthaler, PhilippWollermann, RebeccaBlell, RodrigoNavarro, SaraFuchs, SebastianBoehmer, SebastianSebald, SimonBodendorfer, SimonSchuster, SirasaYodmongkol, ThidaratWangkam, TobiasHeitzler, TobiasKoenig, TristanBourrel, UlrikeRiehle, ViVek, VinicioCarias, WolfgangEhm, YnSekhar, ZouStaarter +users = AlexanderDietz, AliciaMalekLuz, AndreasMader, AnnaSchuler, AnneBuderer, ChristophScheibelein, CrispinAmiriNaini, DanielaMoessner, DavidBoschert, DavidSchwaerzle, EstherRiga, FrankScherag, FranziskaDorner, GregorOsterwinter, HeidiPerez, HolgerFrey, JanNiklasSchoenberg, JonGreen, KarenLienkamp, KatyaSergeeva, LauraHerrera, MalwinaPajestka, MaraFlorea, MarcZinggeler, MarcelHoffmann, MarcelRothfelder, MartinKoerner, MartinSchoenstein, MatthiasMenzel, MelanieEichhorn, MichaelHenze, MonikaKurowska, MostafaMahmoud, NataliaSchatz, NicoleBirsner, NilsKorf, PengZou, PetraHettich, PhilipKotrade, RaduCristianMutihac, RomanErath, SamarKazan, SaschaEngel, SebastianBonaus, ShararehSahneh, SureshReddyBanda, ThananthornKanokwijitsilp, ThomasBrandstetter, TianyangZheng, VanessaWeiss, VitaliyKondrashov, WibkeHartleb, XiaoqiangHou, ZhuolingDeng +restricted = BeniPrasser, JuliaSaar, SimonZunker, UrmilShah, YongZhou + +[cpi:/] +@restricted = r +@alumni = +@users = r +@administrators= r + +[cpi:/AlexanderDietz] +@restricted = +AlexanderDietz= r + +[cpi:/AlexeyKopyshev] +@restricted = + +[cpi:/AliciaMalekLuz] +@restricted = +AliciaMalekLuz= r + +[cpi:/AndreasBoenisch] +@restricted = + +[cpi:/AndreasEver] +@restricted = + +[cpi:/AndreasEvers] +@restricted = +UrmilShah = r + +[cpi:/AndreasMader] +@restricted = +AndreasMader= r + +[cpi:/AnkeWoerz] +@restricted = + +[cpi:/AnnaSchuler] +@restricted = +AnnaSchuler= r + +[cpi:/AnneBuderer] +@restricted = +AnneBuderer= r + +[cpi:/AnneLoesche] +@restricted = + +[cpi:/AnselmHoppmann] +@restricted = + +[cpi:/ArthurMartens] +@restricted = + +[cpi:/ArulGeetha] +@restricted = + +[cpi:/BeniPrasser] +@restricted = +BeniPrasser= r + +[cpi:/CamillaOestevold] +@restricted = + +[cpi:/CanerKaganaslan] +@restricted = + +[cpi:/ChristianSchuh] +@restricted = + +[cpi:/ChristineBunte] +@restricted = + +[cpi:/ChristophScheibelein] +@restricted = +ChristophScheibelein= r + +[cpi:/CkPandiyarajan] +@restricted = + +[cpi:/CleoStannard] +@restricted = + +[cpi:/CrispinAmiriNaini] +@restricted = +@users = +CrispinAmiriNaini= r + +[cpi:/DanielaMoessner] +@restricted = +DanielaMoessner= r + +[cpi:/DavidBoschert] +@restricted = +DavidBoschert= r + +[cpi:/DavidSchwaerzle] +@restricted = +DavidSchwaerzle= r + +[cpi:/DennisTrenkle] +@restricted = + +[cpi:/DingdingHe] +@restricted = + +[cpi:/EstherRiga] +@restricted = +EstherRiga= r + +[cpi:/FanWu] +@restricted = + +[cpi:/FrankScherag] +@restricted = +FrankScherag= r + +[cpi:/FranziskaDorner] +@restricted = +FranziskaDorner= r + +[cpi:/GerhardBaaken] +@restricted = + +[cpi:/GinoRodriguez] +@restricted = + +[cpi:/GregorOsterwinter] +@restricted = +GregorOsterwinter= r + +[cpi:/GuillermoBenites] +@restricted = + +[cpi:/HeidiPerez] +@restricted = +HeidiPerez= r + +[cpi:/HeikeHaller] +@restricted = + +[cpi:/HolgerFrey] +@restricted = +UrmilShah = r +HolgerFrey= r + +[cpi:/IrenaEipert] +@restricted = + +[cpi:/JacobBelardi] +@restricted = + +[cpi:/JanNiklasSchoenberg] +@restricted = +JanNiklasSchoenberg= r + +[cpi:/JenniferPfau] +@restricted = + +[cpi:/JoachimLauterwasser] +@restricted = + +[cpi:/JohannesBaader] +@restricted = + +[cpi:/JonGreen] +@restricted = +JonGreen= r + +[cpi:/JonasGroten] +@restricted = + +[cpi:/JuergenRuehe] +@restricted = +@users = +JuergenRuehe= r + +[cpi:/JuliaSaar] +@restricted = +JuliaSaar= r + +[cpi:/KarenLienkamp] +@restricted = +KarenLienkamp= r + +[cpi:/KatrinMoosmann] +@restricted = + +[cpi:/KatyaSergeeva] +@restricted = +KatyaSergeeva= r + +[cpi:/KeLi] +@restricted = + +[cpi:/KerstinSchuh] +@restricted = + +[cpi:/KimberlySimancas] +@restricted = + +[cpi:/LauraHerrera] +@restricted = +LauraHerrera= r + +[cpi:/MalwinaPajestka] +@restricted = +MalwinaPajestka= r + +[cpi:/MaraFlorea] +@restricted = +MaraFlorea= r + +[cpi:/MarcZinggeler] +@restricted = +MarcZinggeler= r + +[cpi:/MarcelHoffmann] +@restricted = +MarcelHoffmann= r + +[cpi:/MarcelRothfelder] +@restricted = +MarcelRothfelder= r + +[cpi:/MarcoArmbruster] +@restricted = + +[cpi:/MariaVoehringer] +@restricted = + +[cpi:/MartinKoerner] +@restricted = +MartinKoerner= r + +[cpi:/MartinMarazita] +@restricted = + +[cpi:/MartinRendl] +@restricted = + +[cpi:/MartinSchoenstein] +@restricted = +MartinSchoenstein= r + +[cpi:/MartinVellinger] +@restricted = + +[cpi:/MartinaAuerswald] +@restricted = + +[cpi:/MatthiasLischka] +@restricted = + +[cpi:/MatthiasMenzel] +@restricted = +MatthiasMenzel= r + +[cpi:/MaxMustermann] +@restricted = + +[cpi:/MelanieEichhorn] +@restricted = +MelanieEichhorn= r + +[cpi:/MessRechner] +@restricted = + +[cpi:/MichaelHenze] +@restricted = +MichaelHenze= r + +[cpi:/MichaelaFrase] +@restricted = + +[cpi:/MiriamScheckenbach] +@restricted = + +[cpi:/MonicaPerez] +@restricted = + +[cpi:/MonikaKurowska] +@restricted = +MonikaKurowska= r + +[cpi:/MostafaMahmoud] +@restricted = +MostafaMahmoud= r + +[cpi:/NataliaSchatz] +@restricted = +NataliaSchatz= r + +[cpi:/NicolasSchorr] +@restricted = + +[cpi:/NicoleBirsner] +@restricted = +NicoleBirsner= r + +[cpi:/NilsKorf] +@restricted = +NilsKorf= r + +[cpi:/NinoLomadze] +@restricted = + +[cpi:/Nongluck] +@restricted = + +[cpi:/OliverDornfeld] +@restricted = + +[cpi:/OswaldPrucker] +@restricted = + +[cpi:/PengZou] +@restricted = +PengZou= r + +[cpi:/PeterZahn] +@restricted = + +[cpi:/PetraHettich] +@restricted = +PetraHettich= r + +[cpi:/PhilipKotrade] +@restricted = +PhilipKotrade= r + +[cpi:/PhilippDiefenthaler] +@restricted = + +[cpi:/RaduCristianMutihac] +@restricted = +RaduCristianMutihac= r + +[cpi:/RebeccaBlell] +@restricted = + +[cpi:/RodrigoNavarro] +@restricted = + +[cpi:/RomanErath] +@restricted = +RomanErath= r + +[cpi:/SamarKazan] +@restricted = +SamarKazan= r + +[cpi:/SaraFuchs] +@restricted = + +[cpi:/SaschaEngel] +@restricted = +SaschaEngel= r + +[cpi:/SebastianBoehmer] +@restricted = + +[cpi:/SebastianBonaus] +@restricted = +SebastianBonaus= r + +[cpi:/ShararehSahneh] +@restricted = +ShararehSahneh= r + +[cpi:/SimonBodendorfer] +@restricted = + +[cpi:/SimonEbner] +@restricted = + +[cpi:/SimonSchuster] +@restricted = + +[cpi:/SimonZunker] +@restricted = +SimonZunker= r + +[cpi:/SirasaYodmongkol] +@restricted = + +[cpi:/SureshReddyBanda] +@restricted = +SureshReddyBanda= r + +[cpi:/ThananthornKanokwijitsilp] +@restricted = +ThananthornKanokwijitsilp= r + +[cpi:/ThidaratWangkam] +@restricted = + +[cpi:/ThomasBrandstetter] +@restricted = +ThomasBrandstetter= r + +[cpi:/TianyangZheng] +@restricted = +TianyangZheng= r + +[cpi:/TobiasHeitzler] +@restricted = + +[cpi:/TobiasKoenig] +@restricted = + +[cpi:/TristanBourrel] +@restricted = + +[cpi:/UlrikeRiehle] +@restricted = + +[cpi:/UrmilShah] +@restricted = +UrmilShah= r + +[cpi:/VanessaWeiss] +@restricted = +VanessaWeiss= r + +[cpi:/ViVek] +@restricted = + +[cpi:/VinicioCarias] +@restricted = + +[cpi:/VitaliyKondrashov] +@restricted = +VitaliyKondrashov= r +SimonZunker = r + +[cpi:/WibkeHartleb] +@restricted = +WibkeHartleb= r + +[cpi:/WolfgangEhm] +@restricted = + +[cpi:/XiaoqiangHou] +@restricted = +XiaoqiangHou= r + +[cpi:/YnSekhar] +@restricted = + +[cpi:/YongZhou] +@restricted = +YongZhou= r + +[cpi:/ZhuolingDeng] +@restricted = +ZhuolingDeng= r + +[cpi:/ZouStaarter] +@restricted = diff --git a/manage.py b/manage.py index a4d590f..58fbcaf 100644 --- a/manage.py +++ b/manage.py @@ -9,32 +9,33 @@ import random import string import subprocess import sys +from datetime import datetime # defining some constants -AUTHZ_PATH = "authz" -HTPWD_PATH = "htpasswd" -SVN_DIR_CREATOR = "svn-dir-creator" -SVN_BASE = "cpi:/" +MOUNT_PATH = os.path.join("/mnt", "sshfs-for-svn") +REPO_PATH = os.path.join(MOUNT_PATH, "svn-repository") +AUTHZ_PATH = os.path.join(REPO_PATH, "authz") +HTPWD_PATH = os.path.join(REPO_PATH, ".htpasswd") ADMINS = "administrators" -REGULAR = "users" +USERS = "users" RESTRICTED = "restricted" ALUMNI = "alumni" +NO_ACL = "" READ_ACL = "r" -WRITE_ACL = "rw" +WRITE_ACL = "rw" + +GROUP_DEFAULTS = { + ADMINS: WRITE_ACL, + USERS: READ_ACL, + RESTRICTED: NO_ACL, + ALUMNI: NO_ACL } + +SVN_SUFFIX = ":/" re_separators = re.compile("[\t ,;]+") -# helper functions -def group_users(users): - """ uses the list of users to group them by their group name """ - groups = dict() - for user in users.values(): - if user.group not in groups: - groups[user.group] = [] - groups[user.group].append(user.name) - return groups def set_new_password(name, length=10): """ sets a new password for a username """ @@ -43,7 +44,7 @@ def set_new_password(name, length=10): subprocess.check_call(["htpasswd", "-b", HTPWD_PATH, name, password]) return password -def delete_password(name, length=10): +def delete_password(name): """ deletes a password for a username """ # if the user was not added to the password db, the removal will show # an error message that is confusing to the user - at least it confused me @@ -52,10 +53,39 @@ def delete_password(name, length=10): subprocess.check_call(["htpasswd", "-D", HTPWD_PATH, name], stderr=devnull) +def create_new_repository(name): + """ creates a repository for a user and checks in some stuff to get started """ + # change the working directory to the sshfs mount point + os.chdir(MOUNT_PATH) + # create the new repository + new_repo = os.path.join(REPO_PATH, name) + subprocess.check_call(["svnadmin", "create", new_repo], stderr=subprocess.STDOUT) + # check out a temporary working copy + subprocess.check_call(["svn", "checkout", "file://" + new_repo, name]) + # create subfolders + today = datetime.now() + year = "%04d" % today.year + os.mkdir(os.path.join(name, year)) + for month in range(today.month, 13): + month_path = os.path.join(name, year, "%02d" % month) + os.mkdir(month_path) + subprocess.check_call(["touch", os.path.join(month_path, ".empty")]) + # copy some examples + for temp in ("experiment", "synthesis", "toc"): + filename = "template-%s.doc" % temp + in_file = os.path.join(REPO_PATH, filename) + out_file = os.path.join(name, filename) + subprocess.check_call(["cp", in_file, out_file]) + # add and commit the changes + subprocess.check_call("svn add %s/*" % name, shell=True) + subprocess.check_call(["svn", "commit", "-m", "New User: " + name, name]) + # remove the temporary working copy + subprocess.check_call(["rm", "-rf", name]) + # class definitions -class User(object): - """ Collect the username, group and access control lists """ +class ElabUser(object): + """ Collect the username, group and access control lists for a eLab user """ def __init__(self, name, group): """ initialization of the class """ @@ -74,83 +104,25 @@ class User(object): class AuthzConfigParser(ConfigParser.ConfigParser, object): - """ custom functions for parsing the "authz" file as used at cpi """ + """ custom functions for parsing the "authz" file as used at cpi + + there is a dict of users defined, the journals themselves can be accessed + via the sections functionality of the ConfigParser base class + """ def __init__(self): """ initialization of the class """ - self.users = None - self._acl_defaults = { WRITE_ACL: [], READ_ACL: [] } + self.elab_users = {} super(AuthzConfigParser, self).__init__() def optionxform(self, value): - """ reset the method to use cases ensitive names """ + """ reset the method to use cases sensitive names """ return str(value) def read(self, path): """ set up the acl defaults after reading the file """ super(AuthzConfigParser, self).read(path) - self._acl_defaults = self.get_folder_info("") - - def extract_users(self): - """ extract user information from config """ - users = dict() - # first we go through the groups, as found in the groups section of the - # authz file - for group, userlist in self.items("groups"): - for username in re_separators.split(userlist): - if username in users: - raise Exception("Found duplicate entry for user " + username) - user = User(username, group) - users[username] = user - # second we scan each section that is related to an svn folder (it - # starts with the svn base) for read and write access user entries - for section in self.sections(): - if section.startswith(SVN_BASE): - belongs_to = section.lstrip(SVN_BASE) - for (option, value) in self.items(section): - if option in users: - if value.lower() == WRITE_ACL: - users[option].write_acl.append(belongs_to) - elif value.lower() == READ_ACL: - users[option].read_acl.append(belongs_to) - # return the userlist - return users - - def get_folder_info(self, name): - """ returns read and write access info of an svn folder """ - if not name.startswith(SVN_BASE): - name = SVN_BASE + name - if not self.has_section(name): - return None - info = self._acl_defaults.copy() - for (option, value) in self.items(name): - if value in (WRITE_ACL, READ_ACL): - info[value].append(option) - # remove explicit dismissed acls - if not value: - for acltype in (WRITE_ACL, READ_ACL): - if option in info[acltype]: - info[acltype].remove(option) - return info - - def move_user_to_alumni(self, user): - """ moves a user to the alumni group and removes every access rights """ - for access_to in user.write_acl: - folder = SVN_BASE + access_to - self.remove_option(folder, user.name) - for access_to in user.read_acl: - folder = SVN_BASE + access_to - self.remove_option(folder, user.name) - user.write_acl = [] - user.read_acl = [] - user.group = ALUMNI - delete_password(user.name) - - def update_user_groups(self, users): - """ updates the config settings of the groups section """ - groups = group_users(users) - for group, userlist in groups.items(): - self.set("groups", group, ", ".join(sorted(userlist))) + self.extract_user_info_from_config() def write_to_file(self): with open(AUTHZ_PATH, "w") as filehandle: @@ -169,23 +141,100 @@ class AuthzConfigParser(ConfigParser.ConfigParser, object): sorting.extend([k for k in sorted_keys if k <> "groups"]) for section in sorting: fp.write("[%s]\n" % section) - for (key, value) in self._sections[section].items(): - if key == "__name__": - continue + acls = dict( (k, v) for k, v in self._sections[section].items() if k != "__name__") + if section != "groups": + for group in (ADMINS, USERS, RESTRICTED, ALUMNI): + group_id = "@" + group + acl_value = acls.pop(group_id, GROUP_DEFAULTS[group]) + key = " = ".join((group_id, str(acl_value).replace('\n', '\n\t'))) + fp.write("%s\n" % (key)) + for (key, value) in acls.items(): if (value is not None) or (self._optcre == self.OPTCRE): key = " = ".join((key, str(value).replace('\n', '\n\t'))) fp.write("%s\n" % (key)) fp.write("\n") + def extract_user_info_from_config(self): + """ extracts the user information from the config file + + the information of the journals can be accessed via get_journal_info + """ + # first parse the group definitions + for group, userlist in self.items("groups"): + if group not in GROUP_DEFAULTS: + raise Exception("Undefined group " + group) + for username in re_separators.split(userlist): + if username in self.elab_users: + raise Exception("Found duplicate entry for user " + username) + self.elab_users[username] = ElabUser(username, group) + # walk through the sections to get individual acl information + for section in self.sections(): + if not section.endswith(SVN_SUFFIX): + # skip all entries in the config, that are not lab journals + continue + for (option, value) in self.items(section): + if option in self.elab_users: + # a nicer name for the lab journal + belongs_to = section[:-2] + # a acl entry for a user + if value.lower() == WRITE_ACL: + self.elab_users[option].write_acl.append(belongs_to) + elif value.lower() == READ_ACL: + self.elab_users[option].read_acl.append(belongs_to) + + def group_users(self): + """ uses the list of users to group them by their group name """ + groups = dict() + for user in self.elab_users.values(): + if user.group not in groups: + groups[user.group] = [] + groups[user.group].append(user.name) + return groups + + def add_journal_acl_for(self, username, group): + """ sets the acls for a new user an the corresponding journal """ + self.elab_users[username] = ElabUser(username, group) + journal_path = username + SVN_SUFFIX + self.add_section(journal_path) + self.set(journal_path, username, WRITE_ACL) + for group, acl in GROUP_DEFAULTS.items(): + self.set(journal_path, "@"+group, acl) + self._update_user_group_config() + + def move_user_to_alumni(self, name): + """ moves a user to the alumni group and removes the acl privileges """ + user = self.elab_users[name] + user.group = ALUMNI + for access_to in user.write_acl: + self.remove_option(access_to + SVN_SUFFIX, user.name) + for access_to in user.read_acl: + self.remove_option(access_to + SVN_SUFFIX, user.name) + self._update_user_group_config() + + def _update_user_group_config(self): + """ updates the config settings of the groups section """ + groups = self.group_users() + for group, userlist in groups.items(): + self.set("groups", group, ", ".join(sorted(userlist))) + + def get_journal_info(self, name): + """ returns read and write access info of an lab journal """ + if not name.endswith(SVN_SUFFIX): + name = name + SVN_SUFFIX + if not self.has_section(name): + return None + info = { WRITE_ACL: [], READ_ACL: [] } + for (option, value) in self.items(name): + if value in (WRITE_ACL, READ_ACL): + info[value].append(option) + return info + if __name__ == "__main__": # create configparser instance config = AuthzConfigParser() - # change option name transformation to case sensitive - config.optionxform = str # read config file config.read(AUTHZ_PATH) - users = config.extract_users() # command line interface: # no option: display info @@ -212,7 +261,7 @@ if __name__ == "__main__": if len(args)==0: # no arguments? then display all the users! - groups = group_users(users) + groups = config.group_users() for name, usernames in groups.items(): print "Users in group '%s':" % name for name in sorted(usernames): @@ -226,7 +275,7 @@ if __name__ == "__main__": if options.what == "g": # show group information - groups = group_users(users) + groups = config.group_users() if name not in groups: sys.exit("Group not found") print "Users in group '%s':" % name @@ -236,36 +285,32 @@ if __name__ == "__main__": if options.what in ("a", "r"): # add a user, restricted or regular - if name in users: - sys.exit("Username '%s' already in use" % name) - group = RESTRICTED if options.what == "r" else REGULAR - users[name] = User(name, group) - config.update_user_groups(users) - folder = SVN_BASE + name - config.add_section(folder) - config.set(folder, "@"+RESTRICTED, "") - config.set(folder, name, WRITE_ACL) + if name in config.elab_users: + sys.exit("Username '%s' already in use" % username) + group = RESTRICTED if options.what == "r" else USERS + config.add_journal_acl_for(name, group) + create_new_repository(name) #subprocess.check_call(SVN_DIR_CREATOR + " " + name, shell=True) password = set_new_password(name) print "New password for user '%s': '%s'" % (name, password) + print "http://svn.cpi.imtek.uni-freiburg.de/" + name config.write_to_file() sys.exit() # from here downwards we need already existent usernames - if name not in users: + if name not in config.elab_users: sys.exit("User '%s' not found, use this without a name to get a list of users." % name) - user = users[name] if options.what == "m": # move user to alumni - groups = group_users(users) + user = config.elab_users[name] if user.group == ALUMNI: sys.exit("User '%s' is already in group '%s'" % (name, ALUMNI)) if user.group == ADMINS: sys.exit("User '%s' is in group '%s', will not moved to '%s'" % (name, ADMINS, ALUMNI)) - config.move_user_to_alumni(user) - config.update_user_groups(users) + config.move_user_to_alumni(name) config.write_to_file() + delete_password(name) sys.exit() if options.what == "p": @@ -275,30 +320,32 @@ if __name__ == "__main__": sys.exit() # no option, just a name: - # print the write acls for a user + user = config.elab_users[name] print "User %s is in group '%s':" % (name, user.group) + # print the write acls for a user if user.group == ADMINS: - print " Write access is granted to all folders." + print " Write access is granted to all journals." elif user.write_acl: - write_acl = [ SVN_BASE + username for username in user.write_acl ] - print " Write access is granted to folders '%s'. " % "', '".join(write_acl) + write_acl = [ username + SVN_SUFFIX for username in user.write_acl ] + print " Write access is granted to '%s'. " % "', '".join(write_acl) else: - print " Write access is NOT granted to any folder" + print " Write access is NOT granted to any journals" # print the read acls for a user if user.group == ADMINS: - print " Read access is granted to all folders." - elif user.group == REGULAR: - print " Read access is granted to (nearly) all folders." + print " Read access is granted to all journals." + elif user.group == USERS: + print " Read access is granted to (nearly) all journals." elif user.read_acl: - read_acl = [ SVN_BASE + username for username in user.read_acl ] - print " Read access is granted to folders '%s'. " % "', '".join(read_acl) + read_acl = [ username + SVN_SUFFIX for username in user.read_acl ] + print " Read access is granted to '%s'. " % "', '".join(read_acl) else: - print " Read access is NOT granted to any folder" + print " Read access is NOT granted to any journals" + + info = config.get_journal_info(name) # print the write acls for a journal - info = config.get_folder_info(name) - print "Labjornal %s%s:" % (SVN_BASE, name) + print "Labjournal %s%s" % (name, SVN_SUFFIX) if info[WRITE_ACL]: - print " Write and read access granted to: " + ", ".join(info[WRITE_ACL]) + print " Write access granted to: " + ", ".join(info[WRITE_ACL]) else: print " No write access granted to anybody" # print the read acls for a journal @@ -306,5 +353,3 @@ if __name__ == "__main__": print " Read access granted to: " + ", ".join(info[READ_ACL]) else: print " No read access granted to anybody" - -