Holger Frey
3930b43755
|
3 years ago | |
---|---|---|
elab_users | 3 years ago | |
test-data | 3 years ago | |
tests | 3 years ago | |
.flake8 | 3 years ago | |
.gitignore | 3 years ago | |
.pre-commit-config.yaml | 3 years ago | |
CHANGES.md | 3 years ago | |
CONTRIBUTING.md | 3 years ago | |
LICENSE | 3 years ago | |
Makefile | 3 years ago | |
README.md | 3 years ago | |
manage.py | 3 years ago | |
pyproject.toml | 3 years ago | |
run.py | 3 years ago | |
svn-dir-creator | 11 years ago | |
tox.ini | 3 years ago |
README.md
SVN USER MANAGEMENT README
Command line script to manage the cpi lab journal users.
quick file overview
First of all, we talk about the following files and folders:
.htpasswd
README
authz
JaneDoe
** WARNING: **
In this list, there is one hidden files: .htpasswd
. This file is hidden on
purpose, so ** don't mess with it **.
.htpasswd
: stores the passwords for the users (classical apache htpaswd-file)
README
: this file
authz
: defines the access controll list, so who has access to what
JaneDoe
: folder that holds one svn repository for a user
Usermanagement with elab-users
** HINT: ** To run this scipt if the service was deployed to dokku, use this
command structure dokku run svn elab-users [command] [name]
The script elab-users
provides some options to add and delete users,
show access information from users and their elab journals. If the scprit
is called with the --help
option, the folowing help message is displayed:
usage: elab-users [-h] [command] [name]
positional arguments:
command one of the commands: [user, group, add, restricted, retire, password]
name user or group to perform the command on
optional arguments:
-h, --help show this help message and exit
To grant a restricted user access to another folder, you have to carefully edit the authz file
The following combinations are possible:
elab-users
: will show a list of all groups and their userselab-users UserName
: shows the access rights of the user and their lab journalelab-users group GroupName
: shows a list of all group memberselab-users add UserName
: adds a regular user, creates svn folders and sets a random passwordelab-users restricted UserName
: adds a restricted user, creates svn folders and sets a random passwordelab-users retire UserName
: moves an existing user to the alumni group, removes his passwordelab-users password UserName
: resets the password for an existing user to a new random one
Grant read writes to restricted users
As noted before, if a restriced user should have read access to another
lab journal, the authz
file has to be edited manually. Here are two examples
that grant the user 'JaneDoe' read access to two different lab journals:
... snip ...
[JohnSmith:/]
@restricted =
JaneDoe = r
... snip ...
[MaxMustermann:/]
@restricted =
JaneDoe = r
MaxMustermann = rw
... snip ...
This does not apply to regular users, since these have read access to all folders.
Hint
This readme is written in Markdown. So if you want a nice printout, use a markdown converter first. Something like http://www.markdownviewer.com