diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2008-01-23 09:45:46 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2008-01-23 09:45:46 -0500 |
| commit | 3302dc74467a5b3e2fc6f4cf8bca759088c6725f (patch) | |
| tree | 3a8f9dbf24f3aa527f9b0ad12b7183857d89bff2 | |
| parent | 042fb11fa107718a831d468d16188e02f6ae3712 (diff) | |
| download | freeipa-3302dc74467a5b3e2fc6f4cf8bca759088c6725f.tar.gz freeipa-3302dc74467a5b3e2fc6f4cf8bca759088c6725f.tar.xz freeipa-3302dc74467a5b3e2fc6f4cf8bca759088c6725f.zip | |
Enable server-side sessions. It is currently using files for sessions.
| -rw-r--r-- | ipa-server/Makefile.am | 3 | ||||
| -rw-r--r-- | ipa-server/ipa-gui/dev.cfg | 6 | ||||
| -rw-r--r-- | ipa-server/ipa-gui/ipa_webgui | 2 | ||||
| -rw-r--r-- | ipa-server/ipa-gui/ipa_webgui.cfg | 6 | ||||
| -rw-r--r-- | ipa-server/ipa-gui/ipagui/subcontrollers/user.py | 12 | ||||
| -rwxr-xr-x | ipa-server/ipa-server.spec | 6 | ||||
| -rw-r--r-- | ipa-server/ipa-server.spec.in | 6 |
7 files changed, 38 insertions, 3 deletions
diff --git a/ipa-server/Makefile.am b/ipa-server/Makefile.am index b04a4cf98..6dc0b8077 100644 --- a/ipa-server/Makefile.am +++ b/ipa-server/Makefile.am @@ -15,9 +15,12 @@ SUBDIRS = \ install-exec-local: mkdir -p $(DESTDIR)$(localstatedir)/cache/ipa/sysrestore + mkdir -p $(DESTDIR)$(localstatedir)/cache/ipa/sessions + chmod 700 $(DESTDIR)$(localstatedir)/cache/ipa/sessions uninstall-local: -rmdir $(DESTDIR)$(localstatedir)/cache/ipa/sysrestore + -rmdir $(DESTDIR)$(localstatedir)/cache/ipa/sessions -rmdir $(DESTDIR)$(localstatedir)/cache/ipa EXTRA_DIST = \ diff --git a/ipa-server/ipa-gui/dev.cfg b/ipa-server/ipa-gui/dev.cfg index ef5e98a62..7faceb58a 100644 --- a/ipa-server/ipa-gui/dev.cfg +++ b/ipa-server/ipa-gui/dev.cfg @@ -36,6 +36,12 @@ visit.manager='proxyvisit' # for Windows users, sqlite URIs look like: # sqlobject.dburi="sqlite:///drive_letter:/path/to/file" +# TurboGears sessions. Storing in /tmp for a production system would be +# insane but should be fine for developers. +session_filter.on = True +session_filter.storage_type='File' +session_filter.storage_path='/tmp' + # SERVER # Some server parameters that you may want to tweak diff --git a/ipa-server/ipa-gui/ipa_webgui b/ipa-server/ipa-gui/ipa_webgui index c496d7cc9..dfba728fb 100644 --- a/ipa-server/ipa-gui/ipa_webgui +++ b/ipa-server/ipa-gui/ipa_webgui @@ -78,7 +78,7 @@ def main(): sys.stderr.write("error becoming daemon: " + str(e)) sys.exit(1) - sys.path.append("/usr/share/ipa/") + sys.path.append("/usr/share/ipa/sessions") # this must be after sys.path is changed to work correctly import pkg_resources diff --git a/ipa-server/ipa-gui/ipa_webgui.cfg b/ipa-server/ipa-gui/ipa_webgui.cfg index 838ac32d2..579e48bb1 100644 --- a/ipa-server/ipa-gui/ipa_webgui.cfg +++ b/ipa-server/ipa-gui/ipa_webgui.cfg @@ -48,6 +48,12 @@ server.thread_pool = 10 # unexpected parameter. False by default # tg.strict_parameters = False +# TurboGears sessions. +session_filter.on = True +session_filter.storage_type='File' +session_filter.storage_path='/var/cache/ipa/session' + + # LOGGING # Logging configuration generally follows the style of the standard # Python logging module configuration. Note that when specifying diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/user.py b/ipa-server/ipa-gui/ipagui/subcontrollers/user.py index 952278a08..cc2bba476 100644 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/user.py +++ b/ipa-server/ipa-gui/ipagui/subcontrollers/user.py @@ -362,6 +362,10 @@ class UserController(IPAController): ipaerror.exception_for(ipaerror.LDAP_DATABASE_ERROR)): pass + # Set the uid we're editing in the session. If it doesn't match + # later the update will not be processed + cherrypy.session['uid'] = user_dict.get('uid') + return dict(form=user_edit_form, user=user_dict, user_groups=user_groups_dicts) except ipaerror.IPAError, e: @@ -384,6 +388,14 @@ class UserController(IPAController): turbogears.flash("Edit user cancelled") raise turbogears.redirect('/user/show', uid=kw.get('uid')) + edituid = cherrypy.session.get('uid') + if not edituid or edituid != kw.get('uid'): + turbogears.flash("Something went wrong. You last viewed %s but are trying to update %s" % (kw.get('uid'), edituid)) + raise turbogears.redirect('/user/show', uid=kw.get('uid')) + + # We no longer need this + cherrypy.session['uid'] = None + # Fix incoming multi-valued fields we created for the form kw = ipahelper.fix_incoming_fields(kw, 'cn', 'cns') kw = ipahelper.fix_incoming_fields(kw, 'telephonenumber', 'telephonenumbers') diff --git a/ipa-server/ipa-server.spec b/ipa-server/ipa-server.spec index fc8c3fd27..2370881cd 100755 --- a/ipa-server/ipa-server.spec +++ b/ipa-server/ipa-server.spec @@ -1,6 +1,6 @@ Name: ipa-server Version: 0.6.0 -Release: 2%{?dist} +Release: 3%{?dist} Summary: IPA authentication server Group: System Environment/Base @@ -114,8 +114,12 @@ fi %dir %{_localstatedir}/cache/ipa %dir %{_localstatedir}/cache/ipa/sysrestore +%attr(700,apache,apache) %dir %{_localstatedir}/cache/ipa/sessions %changelog +* Tue Jan 22 2008 Rob Crittenden <rcritten@redhat.com> = 0.6.0-3 +- add session cache directory + * Thu Jan 17 2008 Rob Crittenden <rcritten@redhat.com> = 0.6.0-2 - Fixed License in specfile - Include files from /usr/lib/python*/site-packages/ipaserver diff --git a/ipa-server/ipa-server.spec.in b/ipa-server/ipa-server.spec.in index f379f629b..7d834a7bf 100644 --- a/ipa-server/ipa-server.spec.in +++ b/ipa-server/ipa-server.spec.in @@ -1,6 +1,6 @@ Name: ipa-server Version: VERSION -Release: 2%{?dist} +Release: 3%{?dist} Summary: IPA authentication server Group: System Environment/Base @@ -114,8 +114,12 @@ fi %dir %{_localstatedir}/cache/ipa %dir %{_localstatedir}/cache/ipa/sysrestore +%attr(700,apache,apache) %dir %{_localstatedir}/cache/ipa/sessions %changelog +* Tue Jan 22 2008 Rob Crittenden <rcritten@redhat.com> = 0.6.0-3 +- add session cache directory + * Thu Jan 17 2008 Rob Crittenden <rcritten@redhat.com> = 0.6.0-2 - Fixed License in specfile - Include files from /usr/lib/python*/site-packages/ipaserver |