# HG changeset patch # User John W. Eaton # Date 1646146406 18000 # Node ID 614d569bb3f699260491a0b209a3ff5a7ca2507e # Parent 42f808f31738374f48381b8957732548836be255 another attempt to disable remote access diff -r 42f808f31738 -r 614d569bb3f6 master.cfg --- a/master.cfg Fri Aug 27 22:17:30 2021 -0400 +++ b/master.cfg Tue Mar 01 09:53:26 2022 -0500 @@ -939,30 +939,12 @@ "Waterfall.show_old_builders": True } -### HOW TF is this supposed to work to limit access to things like forcing or -### stopping builds through the web interface. Nothing seems to limit the -### force actions to users who are logged in. WTF!?! -## authz = util.Authz ( -## stringsMatcher = util.fnmatchStrMatcher, -## allowRules = [ -## util.AnyEndpointMatcher (role = "admins", defaultDeny = False), -## # admins can do anything, -## # defaultDeny = False: if user does not have the admin role, we continue parsing rules -## util.StopBuildEndpointMatcher (role = "admins"), -## util.ForceBuildEndpointMatcher (role = "admins"), -## # if future Buildbot implement new control, we are safe with this last rule -## util.AnyControlEndpointMatcher (role = "admins") -## ], -## roleMatchers = [ -## # role owner is granted when property owner matches the email of the user -## util.RolesFromOwner (role = "owner") -## ] -## ) +authz = util.Authz (allowRules = [util.AnyControlEndpointMatcher (role = "admins")], + roleMatchers = []) +c['www']['authz'] = authz -auth = util.UserPasswordAuth (octave_buildbot_config.master_id_and_pass) - -c['www']['auth'] = auth -## c['www']['authz'] = authz +##auth = util.UserPasswordAuth (octave_buildbot_config.master_id_and_pass) +##c['www']['auth'] = auth ## DB URL