From 380e8283a0a677751342e6c7780afa19ea2c114b Mon Sep 17 00:00:00 2001 From: David Bartley Date: Wed, 28 Nov 2007 03:06:21 -0500 Subject: [PATCH] Restrict non-club modifications to syscom --- bin/ceo | 2 +- pylib/csc/apps/urwid/groups.py | 21 +++++++++++++---- pylib/csc/apps/urwid/main.py | 41 +++++++-------------------------- pylib/csc/apps/urwid/widgets.py | 13 ++++++++++- 4 files changed, 38 insertions(+), 39 deletions(-) diff --git a/bin/ceo b/bin/ceo index 1034117..6cd3d16 100755 --- a/bin/ceo +++ b/bin/ceo @@ -28,4 +28,4 @@ except OSError, e: sys.exit(1) import csc.apps.urwid.main -csc.apps.urwid.main.start() +csc.apps.urwid.main.start(euid, egid) diff --git a/pylib/csc/apps/urwid/groups.py b/pylib/csc/apps/urwid/groups.py index cc682ff..0dd31a7 100644 --- a/pylib/csc/apps/urwid/groups.py +++ b/pylib/csc/apps/urwid/groups.py @@ -1,4 +1,4 @@ -import urwid +import urwid, pwd, grp from csc.apps.urwid.widgets import * from csc.apps.urwid.window import * import csc.apps.urwid.search as search @@ -11,8 +11,8 @@ def menu_items(items): def change_group_member(data): push_wizard("%s %s Member" % (data["type"], data["name"]), [ - (groups.ChangeMember, data), - groups.EndPage, + (ChangeMember, data), + EndPage, ]) def list_group_members(data): @@ -20,6 +20,16 @@ def list_group_members(data): search.member_list( mlist ) def group_members(data): + data, euid = data + + # only syscom may modify non-club groups + user = pwd.getpwuid(euid).pw_name + users = grp.getgrnam('syscom').gr_mem + if user not in users: + member = members.get(data['group']) + if member is None or 'objectClass' not in member or 'club' not in member['objectClass']: + return + add_data = data.copy() add_data['type'] = 'Add' remove_data = data.copy() @@ -54,6 +64,9 @@ class IntroPage(WizardPanel): return False class InfoPage(WizardPanel): + def __init__(self, state, euid): + state['euid'] = euid + WizardPanel.__init__(self, state) def init_widgets(self): self.group = WordEdit("Club or Group: ") self.widgets = [ @@ -70,7 +83,7 @@ class InfoPage(WizardPanel): "group" : group_name, "groups" : [group], } - group_members(data) + group_members((data, self.state['euid'])) class ChangeMember(WizardPanel): def __init__(self, state, data): diff --git a/pylib/csc/apps/urwid/main.py b/pylib/csc/apps/urwid/main.py index dd58865..bb6a2bc 100644 --- a/pylib/csc/apps/urwid/main.py +++ b/pylib/csc/apps/urwid/main.py @@ -74,25 +74,16 @@ def main_menu(): ("Search", search_members, None), ("Manage Club or Group Members", manage_group, None), ("Manage Positions", manage_positions, None), - ("Manage Office Staff", group_members, office_data), - ("Manage Systems Committee", group_members, syscom_data), + ("Manage Office Staff", groups.group_members, + (office_data, ui.euid)), + ("Manage Systems Committee", groups.group_members, + (syscom_data, ui.euid)), ("Exit", raise_abort, None), ] listbox = urwid.ListBox( menu_items( menu ) ) return listbox -def push_wizard(name, pages, dimensions=(50, 10)): - state = {} - wiz = Wizard() - for page in pages: - if type(page) != tuple: - page = (page, ) - wiz.add_panel( page[0](state, *page[1:]) ) - push_window( urwid.Filler( urwid.Padding( - urwid.LineBox(wiz), 'center', dimensions[0]), - 'middle', dimensions[1] ), name ) - def new_member(*args, **kwargs): push_wizard("New Member", [ newmember.IntroPage, @@ -112,7 +103,7 @@ def new_club(*args, **kwargs): def manage_group(*args, **kwargs): push_wizard("Manage Club or Group Members", [ groups.IntroPage, - groups.InfoPage, + (groups.InfoPage, ui.euid), ], (60, 15)) def renew_member(*args, **kwargs): @@ -157,24 +148,6 @@ def manage_positions(data): positions.EndPage, ], (50, 15)) -def group_members(data): - add_data = data.copy() - add_data['type'] = 'Add' - remove_data = data.copy() - remove_data['type'] = 'Remove' - menu = [ - ("Add %s member" % data["name"].lower(), - groups.change_group_member, add_data), - ("Remove %s member" % data["name"].lower(), - groups.change_group_member, remove_data), - ("List %s members" % data["name"].lower(), - groups.list_group_members, data), - ("Back", raise_back, None), - ] - - listbox = urwid.ListBox( menu_items( menu ) ) - push_window(listbox, "Manage %s" % data["name"]) - def run(): members.connect() accounts.connect() @@ -182,7 +155,9 @@ def run(): push_window( main_menu(), program_name() ) event_loop( ui ) -def start(): +def start(euid, egid): + ui.euid = euid + ui.egid = egid ui.run_wrapper( run ) if __name__ == '__main__': diff --git a/pylib/csc/apps/urwid/widgets.py b/pylib/csc/apps/urwid/widgets.py index 1294035..8912726 100644 --- a/pylib/csc/apps/urwid/widgets.py +++ b/pylib/csc/apps/urwid/widgets.py @@ -1,6 +1,17 @@ import urwid from csc.apps.urwid.ldapfilter import * -from csc.apps.urwid.window import raise_back +from csc.apps.urwid.window import raise_back, push_window + +def push_wizard(name, pages, dimensions=(50, 10)): + state = {} + wiz = Wizard() + for page in pages: + if type(page) != tuple: + page = (page, ) + wiz.add_panel( page[0](state, *page[1:]) ) + push_window( urwid.Filler( urwid.Padding( + urwid.LineBox(wiz), 'center', dimensions[0]), + 'middle', dimensions[1] ), name ) class ButtonText(urwid.Text): def __init__(self, callback, data, *args, **kwargs):