Added better ACL group support. More checks are now performed to ensure that users cannot create jobs against hosts that are not visible, and that users cannot abort other users' jobs. Note: If applying this patch, you must also apply the "move logged-in user tracking to separate thread_local module" patch. Risk: medium (disallowing actions may have unintended side effects) Visibility: medium (new errors will occur if disallowed actions are attempted) Signed-off-by: James Ren <jamesren@google.com> git-svn-id: http://test.kernel.org/svn/autotest/trunk@1797 592f7852-d20e-0410-864c-8624ca9c26a4

commit: 3dd47c247147ca6920b222d43a8eb6ee54209c8f [log] [tgz]
author: showard <showard@592f7852-d20e-0410-864c-8624ca9c26a4> Thu Jul 10 00:41:36 2008 +0000
committer: showard <showard@592f7852-d20e-0410-864c-8624ca9c26a4> Thu Jul 10 00:41:36 2008 +0000
tree: f1cdea31cb16156fc593099ff8124ee5ef9802b3
parent: affe09b5a82a1ec1a6c8f19571e07bb9f901abe0 [diff] [blame]
diff --git a/frontend/apache_auth.py b/frontend/apache_auth.py
index f8a887e..a74dda3 100644
--- a/frontend/apache_auth.py
+++ b/frontend/apache_auth.py

@@ -31,8 +31,9 @@
 
     @staticmethod
     def check_afe_user(username):
-        user, _ = models.User.objects.get_or_create(login=username)
-        user.save()
+        user, created = models.User.objects.get_or_create(login=username)
+        if created:
+            user.save()
 
     def get_user(self, user_id):
         try:
commit	3dd47c247147ca6920b222d43a8eb6ee54209c8f	[log] [tgz]
author	showard <showard@592f7852-d20e-0410-864c-8624ca9c26a4>	Thu Jul 10 00:41:36 2008 +0000
committer	showard <showard@592f7852-d20e-0410-864c-8624ca9c26a4>	Thu Jul 10 00:41:36 2008 +0000
tree	f1cdea31cb16156fc593099ff8124ee5ef9802b3
parent	affe09b5a82a1ec1a6c8f19571e07bb9f901abe0 [diff] [blame]