Revision fc84ef94 lib/utils/io.py
| b/lib/utils/io.py | ||
|---|---|---|
| 29 | 29 |
import errno |
| 30 | 30 |
import time |
| 31 | 31 |
import stat |
| 32 |
import grp |
|
| 33 |
import pwd |
|
| 32 | 34 |
|
| 33 | 35 |
from ganeti import errors |
| 34 | 36 |
from ganeti import constants |
| ... | ... | |
| 1063 | 1065 |
""" |
| 1064 | 1066 |
while self._files: |
| 1065 | 1067 |
RemoveFile(self._files.pop()) |
| 1068 |
|
|
| 1069 |
|
|
| 1070 |
def IsUserInGroup(uid, gid): |
|
| 1071 |
"""Returns True if the user belongs to the group. |
|
| 1072 |
|
|
| 1073 |
@type uid: int |
|
| 1074 |
@param uid: the user id |
|
| 1075 |
@type gid: int |
|
| 1076 |
@param gid: the group id |
|
| 1077 |
@rtype: bool |
|
| 1078 |
|
|
| 1079 |
""" |
|
| 1080 |
user = pwd.getpwuid(uid) |
|
| 1081 |
group = grp.getgrgid(gid) |
|
| 1082 |
return user.pw_gid == gid or user.pw_name in group.gr_mem |
|
| 1083 |
|
|
| 1084 |
|
|
| 1085 |
def CanRead(username, filename): |
|
| 1086 |
"""Returns True if the user can access (read) the file. |
|
| 1087 |
|
|
| 1088 |
@type username: string |
|
| 1089 |
@param username: the name of the user |
|
| 1090 |
@type filename: string |
|
| 1091 |
@param filename: the name of the file |
|
| 1092 |
@rtype: bool |
|
| 1093 |
|
|
| 1094 |
""" |
|
| 1095 |
filestats = os.stat(filename) |
|
| 1096 |
user = pwd.getpwnam(username) |
|
| 1097 |
uid = user.pw_uid |
|
| 1098 |
user_readable = filestats.st_mode & stat.S_IRUSR != 0 |
|
| 1099 |
group_readable = filestats.st_mode & stat.S_IRGRP != 0 |
|
| 1100 |
return ((filestats.st_uid == uid and user_readable) |
|
| 1101 |
or (filestats.st_uid != uid and |
|
| 1102 |
IsUserInGroup(uid, filestats.st_gid) and group_readable)) |
|
Also available in: Unified diff