Changeset 2032
- Timestamp:
- 01/19/05 09:49:41 (19 years ago)
- Location:
- pykota/trunk
- Files:
-
- 6 modified
Legend:
- Unmodified
- Added
- Removed
-
pykota/trunk/cgi-bin/dumpykota.cgi
r2028 r2032 24 24 # 25 25 # $Log$ 26 # Revision 1.5 2005/01/19 08:49:41 jalet 27 # Now dumpykota.cgi behaves like printquota.cgi wrt the REMOTE_USER environment 28 # variables if the script is username+password protected. 29 # Small fix in printquota.cgi wrt ldap auth with Apache : the workaround was 30 # not used everywhere. 31 # 26 32 # Revision 1.4 2005/01/17 08:44:24 jalet 27 33 # Modified copyright years … … 149 155 self.arguments = self.form["filter"].value.split() 150 156 157 # when no authentication is done, or when the remote username 158 # is 'root' (even if not run as root of course), then unrestricted 159 # dump is allowed. 160 remuser = os.environ.get("REMOTE_USER", "root") 161 # special hack to accomodate mod_auth_ldap Apache module 162 try : 163 remuser = remuser.split("=")[1].split(",")[0] 164 except IndexError : 165 pass 166 if remuser != "root" : 167 # non-'root' users when the script is password protected 168 # can not dump any data as they like, we restrict them 169 # to their own datas. 170 if self.options["data"] not in ["printers", "pmembers", "groups", "gpquotas"] : 171 self.arguments.append("username=%s" % remuser) 172 151 173 if self.options["format"] in ("csv", "ssv") : 152 #ctype = "application/vnd.sun.xml.calc" 174 #ctype = "application/vnd.sun.xml.calc" # OpenOffice.org 153 175 ctype = "text/comma-separated-values" 154 176 fname = "dump.csv" 155 177 elif self.options["format"] == "tsv" : 156 #ctype = "application/vnd.sun.xml.calc" 178 #ctype = "application/vnd.sun.xml.calc" # OpenOffice.org 157 179 ctype = "text/tab-separated-values" 158 180 fname = "dump.tsv" … … 167 189 print 168 190 try : 169 self.main(self.arguments, self.options )191 self.main(self.arguments, self.options, restricted=0) 170 192 except PyKotaToolError, msg : 171 193 print msg -
pykota/trunk/cgi-bin/printquota.cgi
r2028 r2032 24 24 # 25 25 # $Log$ 26 # Revision 1.44 2005/01/19 08:49:41 jalet 27 # Now dumpykota.cgi behaves like printquota.cgi wrt the REMOTE_USER environment 28 # variables if the script is username+password protected. 29 # Small fix in printquota.cgi wrt ldap auth with Apache : the workaround was 30 # not used everywhere. 31 # 26 32 # Revision 1.43 2005/01/17 08:44:24 jalet 27 33 # Modified copyright years … … 255 261 """Main function""" 256 262 printers = ugmask = isgroup = None 263 remuser = os.environ.get("REMOTE_USER", "root") 264 # special hack to accomodate mod_auth_ldap Apache module 265 try : 266 remuser = remuser.split("=")[1].split(",")[0] 267 except IndexError : 268 pass 257 269 self.body = "<p>%s</p>\n" % _("Please click on the above button") 258 270 if self.form.has_key("report") : … … 264 276 else : 265 277 printers = self.storage.getMatchingPrinters("*") 266 remuser = os.environ.get("REMOTE_USER", "root")267 268 # special hack to accomodate mod_auth_ldap Apache module269 try :270 remuser = remuser.split("=")[1].split(",")[0]271 except IndexError :272 pass273 274 278 if remuser == "root" : 275 279 if self.form.has_key("ugmask") : … … 300 304 self.body += "%s" % self.reportingtool.generateReport() 301 305 else : 302 remuser = os.environ.get("REMOTE_USER", "root")303 306 if remuser != "root" : 304 307 username = remuser -
pykota/trunk/cgi-bin/README
r2028 r2032 25 25 Be sure to restrict access to these CGI scripts as necessary. 26 26 27 If you protect access to printquota.cgi with user+password 28 authentication, the REMOTE_USER CGI environment variable 29 is honored, so an user can only see his own quota report, but 30 not other users' quota. 27 If you protect access to printquota.cgi or dumpykota.cgi with 28 username+password authentication, the REMOTE_USER CGI environment variable 29 is honored, so an user can only see his own datas, but not 30 other users' datas. However, the special REMOTE_USER value 'root' 31 is allowed an unrestricted access. 31 32 32 To make dumpykota.cgi work, you have to ensure that your web server 33 runs it as a PyKota administrator. This means that dumpykota.cgi 34 when run must be able to read the pykotadmin.conf file. There are 35 several ways to do so, one of them is to put the user your web 36 server normally runs as into the pykota group (which must be allowed 37 to read pykotadmin.conf), then restart your web server : 38 39 $ adduser www-data pykota 40 $ /etc/init.d/apache restart 41 42 This is probably not the safest way though, so you may want to 43 restrict access further with an username and password, or use 44 Apache's suExec mechanism to directly run this particular 45 script as the pykota system user. Please refer to your web 46 server's documentation for details. 47 33 If no username+password authentication takes place, then access 34 is completely unrestricted. 35 36 You must ensure that the user your web server runs as can read 37 PyKota's pykota.conf configuration file. No read access to 38 PyKota's pykotadmin.conf configuration file is necessary though. 39 48 40 The web server doesn't need to be a print server nor a PyKota 49 41 Storage Backend server, but it must contain a correctly configured -
pykota/trunk/NEWS
r2030 r2032 22 22 PyKota NEWS : 23 23 24 - 1.21alpha21 : 25 26 - dumpykota.cgi can now be run as a normal user as opposed to 27 a PyKota administrator. No read access to pykotadmin.conf is 28 necessary anymore. This CGI scripts now honors the REMOTE_USER 29 environment variable just like printquota.cgi does, see 30 the file cgi-bin/README for details. 31 The command line tool dumpykota must still be run by a PyKota 32 administrator. 33 34 - Fix exception's name error due to a change in recent versions 35 of PygreSQL. 36 24 37 - 1.21alpha20 : 25 26 - Big bug fix wrt the datelimit field which was never 27 reset. 38 39 - Big bug fix wrt the datelimit field which was never reset. 28 40 29 41 - 1.21alpha19 : -
pykota/trunk/pykota/dumper.py
r2016 r2032 21 21 # 22 22 # $Log$ 23 # Revision 1.2 2005/01/19 08:49:41 jalet 24 # Now dumpykota.cgi behaves like printquota.cgi wrt the REMOTE_USER environment 25 # variables if the script is username+password protected. 26 # Small fix in printquota.cgi wrt ldap auth with Apache : the workaround was 27 # not used everywhere. 28 # 23 29 # Revision 1.1 2005/01/08 17:03:07 jalet 24 30 # "--format cups" output more resembling CUPS' page_log. … … 69 75 "pgroupname", 70 76 ] 71 def main(self, arguments, options ) :77 def main(self, arguments, options, restricted=1) : 72 78 """Print Quota Data Dumper.""" 73 if not self.config.isAdmin :79 if restricted and not self.config.isAdmin : 74 80 raise PyKotaToolError, "%s : %s" % (pwd.getpwuid(os.geteuid())[0], _("You're not allowed to use this command.")) 75 81 -
pykota/trunk/pykota/version.py
r2030 r2032 22 22 # 23 23 24 __version__ = "1.21alpha2 0_unofficial"24 __version__ = "1.21alpha21_unofficial" 25 25 26 26 __doc__ = """PyKota : a complete Printing Quota Solution for CUPS and LPRng."""