Module: check_mk
Branch: master
Commit: 49c48b609aa0c21b1f9d486409ff0739a1c6f6e6
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=49c48b609aa0c2…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Mon Apr 16 10:34:47 2012 +0200
Preventing creation of users which are only found in htpasswd (-> hidden from WATO)
---
web/htdocs/wato.py | 57 +++++++++++++++++++++++++++++++--------------------
1 files changed, 35 insertions(+), 22 deletions(-)
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index 57fdd2b..f8f7ff3 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -6815,7 +6815,7 @@ def mode_edit_user(phase):
return "users"
id = html.var("userid").strip()
- if new and id in users:
+ if new and (id in users or in_htpasswd(id)):
raise MKUserError("userid", _("This username is already being
used by another user."))
if not re.match("^[-a-z0-9A-Z_\.]+$", id):
raise MKUserError("userid", _("The username must consist only
of letters, digit and the underscore."))
@@ -7139,6 +7139,27 @@ def mode_edit_user(phase):
html.hidden_fields()
html.end_form()
+def load_htpasswd():
+ users = {}
+ filename = defaults.htpasswd_file
+ if os.path.exists(filename):
+ for line in file(filename):
+ id, password = line.strip().split(":")[:2]
+ if password.startswith("!"):
+ locked = True
+ password = password[1:]
+ else:
+ locked = False
+
+ users[id] = {
+ 'password': password,
+ 'locked': locked,
+ }
+ return users
+
+def in_htpasswd(id):
+ return id in load_htpasswd()
+
def load_users():
# First load monitoring contacts from Check_MK's world
filename = root_dir + "contacts.mk"
@@ -7195,27 +7216,19 @@ def load_users():
# they are getting according to the multisite old-style
# configuration variables.
- filename = defaults.htpasswd_file
- if os.path.exists(filename):
- for line in file(filename):
- id, password = line.strip().split(":")[:2]
- if password.startswith("!"):
- locked = True
- password = password[1:]
- else:
- locked = False
- if id in result:
- result[id]["password"] = password
- result[id]["locked"] = locked
- elif wato_create_users_from_htpasswd:
- # Create entry if this is an admin user
- new_user = {
- "roles" : config.roles_of_user(id),
- "password" : password,
- "locked" : False
- }
- result[id] = new_user
- # Other unknown entries will silently be dropped. Sorry...
+ for id, user in load_htpasswd().items():
+ if id in result:
+ result[id]["password"] = user['password']
+ result[id]["locked"] = user['locked']
+ elif config.wato_create_users_from_htpasswd:
+ # Create entry if this is an admin user
+ new_user = {
+ "roles" : config.roles_of_user(id),
+ "password" : user['password'],
+ "locked" : False
+ }
+ result[id] = new_user
+ # Other unknown entries will silently be dropped. Sorry...
# Now read the automation secrets and add them to existing
# users or create new users automatically