« back to all changes in this revision
Viewing changes to supermirrorsftp/sftponly.py
- browse files at revision 0.1.21
- compare with another revision
- download diff
- download tarball
- view history from revision 0.1.21
- Committer: Andrew Bennetts
- Date: 2005-11-01 23:04:46 UTC
- mto: (2902.2.21 tomerge)
- mto: This revision was merged to the branch mainline in revision 3289.
- Revision ID: Arch-1:andrew.bennetts@canonical.com%supermirrorsftp--devel--0--patch-20
More changes towards SupermirrorFilesystemHierarchy.
- files modified:
- sftp.tac
added
removed
supermirrorsftp/sftponly.py
10
10
from twisted.cred.portal import IRealm
11
11
from twisted.python import components
12
12
from twisted.python.filepath import FilePath, InsecurePath
13
from twisted.vfs.pathutils import FileSystem
14
from supermirrorsftp.bazaarfs import SFTPServerRoot
13
15
14
16
from zope.interface import implements
15
17
import binascii
34
36
35
37
36
38
class SFTPOnlyAvatar(avatar.ConchUser):
37
def __init__(self, avatarId, homeDirsRoot, personMapFilename,
38
productMapFilename):
39
def __init__(self, avatarId, homeDirsRoot, productMapFilename, authserver):
39
40
# Double-check that we don't get unicode -- directory names on the file
40
41
# system are a sequence of bytes as far as we're concerned. We don't
41
42
# want any tricky login names turning into a security problem.
52
53
53
54
self.avatarId = avatarId
54
55
self.homeDirsRoot = homeDirsRoot
55
# XXX: need to get the list of teams this user is a member of from the
56
# authserver somehow.
57
# XXX: don't need person map -- the authserver gives us this info in the
58
# teams dict. (the person map is only needed for mod_rewrite).
59
#self.personMapFilename = personMapFilename
60
56
self.productMapFilename = productMapFilename
61
self.teams = XXX_authserver.getUser(XXX_person_id)['teams']
57
58
# Fetch user details from the authserver
59
userDict = authserver.getUser(self.avatarId)
60
self.lpid = userDict['id']
61
self.lpname = userDict['name']
62
self.teams = userDict['teams']
63
self.filesystem = FileSystem(SFTPServerRoot(self))
62
64
63
65
# Set the only channel as a session that only allows requests for
64
66
# subsystems...
197
199
return '.' + path.path[len(self.homedir.path):]
198
200
199
201
200
components.registerAdapter(SFTPServerForPushMirrorUser, SFTPOnlyAvatar,
201
filetransfer.ISFTPServer)
202
# XXX: shouldn't need this anymore with vfs...
203
#components.registerAdapter(SFTPServerForPushMirrorUser, SFTPOnlyAvatar,
204
# filetransfer.ISFTPServer)
202
205
203
206
204
207
class Realm:
205
208
implements(IRealm)
206
209
207
def __init__(self, homeDirsRoot, personMapFilename, productMapFilename):
210
def __init__(self, homeDirsRoot, productMapFilename, authserver):
208
211
self.homeDirsRoot = homeDirsRoot
209
self.personMapFilename = personMapFilename
210
212
self.productMapFilename = productMapFilename
213
self.authserver = authserver
211
214
212
215
def requestAvatar(self, avatarId, mind, *interfaces):
213
216
avatar = SFTPOnlyAvatar(avatarId, self.homeDirsRoot,
214
self.personMapFilename, self.productMapFilename)
217
self.productMapFilename, self.authserver)
215
218
return interfaces[0], avatar, lambda: None
216
219
217
220
242
245
"""
243
246
implements(ICredentialsChecker)
244
247
245
def __init__(self, authserverURL):
246
self.authserver = TwistedAuthServer(authserverURL)
248
def __init__(self, authserver):
249
self.authserver = authserver
247
250
248
251
def _unmungeUsername(username):
249
252
"""Unmunge usernames, because baz doesn't work with @ in usernames.
260
263
261
264
Anything without an underscore is also not munged, and so unaffected
262
265
(even though they aren't valid usernames).
266
XXX: Actually, they're valid for logging into the bzr part of the
267
supermirror...
263
268
264
269
>>> unmunge('foo-bar')
265
270
'foo-bar'
Loggerhead is a web-based interface for Breezy
Version: 2.0.1