Mercurial > octave-buildbot
changeset 47:614d569bb3f6
another attempt to disable remote access
| author | John W. Eaton <jwe@octave.org> |
|---|---|
| date | Tue, 01 Mar 2022 09:53:26 -0500 |
| parents | 42f808f31738 |
| children | 4a2d6716bf98 |
| files | master.cfg |
| diffstat | 1 files changed, 5 insertions(+), 23 deletions(-) [+] |
line wrap: on
line diff
--- a/master.cfg Fri Aug 27 22:17:30 2021 -0400 +++ b/master.cfg Tue Mar 01 09:53:26 2022 -0500 @@ -939,30 +939,12 @@ "Waterfall.show_old_builders": True } -### HOW TF is this supposed to work to limit access to things like forcing or -### stopping builds through the web interface. Nothing seems to limit the -### force actions to users who are logged in. WTF!?! -## authz = util.Authz ( -## stringsMatcher = util.fnmatchStrMatcher, -## allowRules = [ -## util.AnyEndpointMatcher (role = "admins", defaultDeny = False), -## # admins can do anything, -## # defaultDeny = False: if user does not have the admin role, we continue parsing rules -## util.StopBuildEndpointMatcher (role = "admins"), -## util.ForceBuildEndpointMatcher (role = "admins"), -## # if future Buildbot implement new control, we are safe with this last rule -## util.AnyControlEndpointMatcher (role = "admins") -## ], -## roleMatchers = [ -## # role owner is granted when property owner matches the email of the user -## util.RolesFromOwner (role = "owner") -## ] -## ) +authz = util.Authz (allowRules = [util.AnyControlEndpointMatcher (role = "admins")], + roleMatchers = []) +c['www']['authz'] = authz -auth = util.UserPasswordAuth (octave_buildbot_config.master_id_and_pass) - -c['www']['auth'] = auth -## c['www']['authz'] = authz +##auth = util.UserPasswordAuth (octave_buildbot_config.master_id_and_pass) +##c['www']['auth'] = auth ## DB URL