Gossamer Forum
(Advanced Search)
for
Home : Products : Others : Fileman :

Non admin users on Raq

Jan 24, 2002, 3:16 PM
MagiCat
New User (4 posts)
Jan 24, 2002, 3:16 PM
Post #1 of 6
Views: 4507
Shortcut
Quote Reply
Non admin users on Raq
I notice that the program is set up to not allow non-admin users access to their websites. Just a thought, is it possible to make it so that these users can have access to their directories and below? Basically, I give my friends access to webspace but I don't want them having access to my entire site so I don't make them admins but I wanted them to be able to upload their graphics.
Jan 24, 2002, 5:25 PM
Alex
Administrator (9387 posts)
Jan 24, 2002, 5:25 PM
Post #2 of 6
Views: 4390
Shortcut
Quote Reply
Re: [MagiCat] Non admin users on Raq In reply to
Hi,

What directory do you limit them access to? Is it the same for all users? If you can give me some examples, I can see what we can do.

Cheers,

Alex
--
Gossamer Threads Inc.
Jan 24, 2002, 5:47 PM
MagiCat
New User (4 posts)
Jan 24, 2002, 5:47 PM
Post #3 of 6
Views: 4399
Shortcut
Quote Reply
Re: [Alex] Non admin users on Raq In reply to
In Reply To:

What directory do you limit them access to? Is it the same for all users? If you can give me some examples, I can see what we can do.


I've given accounts on http://www.webstylists.com/ to several friends of the type to where someone with a username of "testuser" would have a root domain name of http://www.webstylists.com/~testuser/

Through FTP the user "testuser" has the directory of /home/sites/site4/users/testuser/ while their web directory is /home/sites/site4/users/testuser/web/ (basically the same way a site administrator is but only having access underneath their account.)

I had found out how you left notes about commenting out a few lines to let non-admins use the program which is great and I notice it's good about not letting non-admins upload or get files from places they shouldn't but it's kindof confusing because they have to traverse the directory structure to find their home directory. If it made /home/sites/site4/users/testuser/ the root directory automatically then it would do exactly what I was looking for it to do.

I guess the way to do the check would be: If the user is the administrator, account root the default root and don't let the user go any higher (eg /home/sites/site4/). If the user is not an administrator then go to that users default directory and don't let them go any higher (eg /home/sites/site4/users/testuser/).
Jan 24, 2002, 5:56 PM
Alex
Administrator (9387 posts)
Jan 24, 2002, 5:56 PM
Post #4 of 6
Views: 4381
Shortcut
Quote Reply
Re: [MagiCat] Non admin users on Raq In reply to
Thanks, we'll see what we can do. Should be pretty easy, just a matter of changing $root_dir to the users web directory instead of the site admins directory.

Cheers,

Alex
--
Gossamer Threads Inc.
Jan 24, 2002, 6:10 PM
MagiCat
New User (4 posts)
Jan 24, 2002, 6:10 PM
Post #5 of 6
Views: 4384
Shortcut
Quote Reply
Re: [Alex] Non admin users on Raq In reply to
In Reply To:
Thanks, we'll see what we can do. Should be pretty easy, just a matter of changing $root_dir to the users web directory instead of the site admins directory.

Cheers,

Alex


Exactly, though I wouldn't complain if you passed it to the actual user directory (/users/testuser/) rather than the user's web directory (/users/testuser/web/) and either way it's important that the user be able to manipulate files in /users/testuser/ because if they have scripts they would logically write datafiles to /users/testuser/ and directories underneath that.

Thanks for such an awesome program!
Jan 29, 2002, 2:54 PM
MagiCat
New User (4 posts)
Jan 29, 2002, 2:54 PM
Post #6 of 6
Views: 4381
Shortcut
Quote Reply
Re: [Alex] Non admin users on Raq In reply to
In Reply To:
Thanks, we'll see what we can do. Should be pretty easy, just a matter of changing $root_dir to the users web directory instead of the site admins directory.

Cheers,

Alex


I got it to work by changing the section:

Code:
# This checks to see if the logged in user is in the group that owns the home directory (typically
# sitenn). If you want to allow non site admins to use this tool, you can either add them individually
# to the group, or comment out the following lines.
my $dir_gid = (stat($root_dir))[5];
my ($gr_name, $gr_passwd, $gr_gid, $members) = getgrgid($dir_gid);
unless ($members =~ /$ENV{REMOTE_USER}/) {
die sprintf ($GT::FileMan::Commands::LANGUAGE{COBALT_BADGROUP}, $root_dir, $ENV{REMOTE_USER}) . "\n";
}


to:

Code:
# This checks to see if the logged in user is in the group that owns the home directory (typically
# sitenn). If you want to allow non site admins to use this tool, you can either add them individually
# to the group, or comment out the following lines.
my $dir_gid = (stat($root_dir))[5];
my ($gr_name, $gr_passwd, $gr_gid, $members) = getgrgid($dir_gid);
unless ($members =~ /$ENV{REMOTE_USER}/) {
$root_dir = $root_dir . "/users/" . $user;
}


This is on a Raq 4i, don't know how it would work on other systems, this is mostly to give an idea of one way it could be done (I've tested it a bit, don't know how secure it is, hopefully I don't find out.