Changeset 2032 for pykota/trunk/cgi-bin
- Timestamp:
- 01/19/05 09:49:41 (20 years ago)
- Location:
- pykota/trunk/cgi-bin
- Files:
-
- 3 modified
-
dumpykota.cgi (modified) (3 diffs)
-
printquota.cgi (modified) (4 diffs)
-
README (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
pykota/trunk/cgi-bin/dumpykota.cgi
r2028 r2032 24 24 # 25 25 # $Log$ 26 # Revision 1.5 2005/01/19 08:49:41 jalet 27 # Now dumpykota.cgi behaves like printquota.cgi wrt the REMOTE_USER environment 28 # variables if the script is username+password protected. 29 # Small fix in printquota.cgi wrt ldap auth with Apache : the workaround was 30 # not used everywhere. 31 # 26 32 # Revision 1.4 2005/01/17 08:44:24 jalet 27 33 # Modified copyright years … … 149 155 self.arguments = self.form["filter"].value.split() 150 156 157 # when no authentication is done, or when the remote username 158 # is 'root' (even if not run as root of course), then unrestricted 159 # dump is allowed. 160 remuser = os.environ.get("REMOTE_USER", "root") 161 # special hack to accomodate mod_auth_ldap Apache module 162 try : 163 remuser = remuser.split("=")[1].split(",")[0] 164 except IndexError : 165 pass 166 if remuser != "root" : 167 # non-'root' users when the script is password protected 168 # can not dump any data as they like, we restrict them 169 # to their own datas. 170 if self.options["data"] not in ["printers", "pmembers", "groups", "gpquotas"] : 171 self.arguments.append("username=%s" % remuser) 172 151 173 if self.options["format"] in ("csv", "ssv") : 152 #ctype = "application/vnd.sun.xml.calc" 174 #ctype = "application/vnd.sun.xml.calc" # OpenOffice.org 153 175 ctype = "text/comma-separated-values" 154 176 fname = "dump.csv" 155 177 elif self.options["format"] == "tsv" : 156 #ctype = "application/vnd.sun.xml.calc" 178 #ctype = "application/vnd.sun.xml.calc" # OpenOffice.org 157 179 ctype = "text/tab-separated-values" 158 180 fname = "dump.tsv" … … 167 189 print 168 190 try : 169 self.main(self.arguments, self.options )191 self.main(self.arguments, self.options, restricted=0) 170 192 except PyKotaToolError, msg : 171 193 print msg -
pykota/trunk/cgi-bin/printquota.cgi
r2028 r2032 24 24 # 25 25 # $Log$ 26 # Revision 1.44 2005/01/19 08:49:41 jalet 27 # Now dumpykota.cgi behaves like printquota.cgi wrt the REMOTE_USER environment 28 # variables if the script is username+password protected. 29 # Small fix in printquota.cgi wrt ldap auth with Apache : the workaround was 30 # not used everywhere. 31 # 26 32 # Revision 1.43 2005/01/17 08:44:24 jalet 27 33 # Modified copyright years … … 255 261 """Main function""" 256 262 printers = ugmask = isgroup = None 263 remuser = os.environ.get("REMOTE_USER", "root") 264 # special hack to accomodate mod_auth_ldap Apache module 265 try : 266 remuser = remuser.split("=")[1].split(",")[0] 267 except IndexError : 268 pass 257 269 self.body = "<p>%s</p>\n" % _("Please click on the above button") 258 270 if self.form.has_key("report") : … … 264 276 else : 265 277 printers = self.storage.getMatchingPrinters("*") 266 remuser = os.environ.get("REMOTE_USER", "root")267 268 # special hack to accomodate mod_auth_ldap Apache module269 try :270 remuser = remuser.split("=")[1].split(",")[0]271 except IndexError :272 pass273 274 278 if remuser == "root" : 275 279 if self.form.has_key("ugmask") : … … 300 304 self.body += "%s" % self.reportingtool.generateReport() 301 305 else : 302 remuser = os.environ.get("REMOTE_USER", "root")303 306 if remuser != "root" : 304 307 username = remuser -
pykota/trunk/cgi-bin/README
r2028 r2032 25 25 Be sure to restrict access to these CGI scripts as necessary. 26 26 27 If you protect access to printquota.cgi with user+password 28 authentication, the REMOTE_USER CGI environment variable 29 is honored, so an user can only see his own quota report, but 30 not other users' quota. 27 If you protect access to printquota.cgi or dumpykota.cgi with 28 username+password authentication, the REMOTE_USER CGI environment variable 29 is honored, so an user can only see his own datas, but not 30 other users' datas. However, the special REMOTE_USER value 'root' 31 is allowed an unrestricted access. 31 32 32 To make dumpykota.cgi work, you have to ensure that your web server 33 runs it as a PyKota administrator. This means that dumpykota.cgi 34 when run must be able to read the pykotadmin.conf file. There are 35 several ways to do so, one of them is to put the user your web 36 server normally runs as into the pykota group (which must be allowed 37 to read pykotadmin.conf), then restart your web server : 38 39 $ adduser www-data pykota 40 $ /etc/init.d/apache restart 41 42 This is probably not the safest way though, so you may want to 43 restrict access further with an username and password, or use 44 Apache's suExec mechanism to directly run this particular 45 script as the pykota system user. Please refer to your web 46 server's documentation for details. 47 33 If no username+password authentication takes place, then access 34 is completely unrestricted. 35 36 You must ensure that the user your web server runs as can read 37 PyKota's pykota.conf configuration file. No read access to 38 PyKota's pykotadmin.conf configuration file is necessary though. 39 48 40 The web server doesn't need to be a print server nor a PyKota 49 41 Storage Backend server, but it must contain a correctly configured
