warn if a user doesn't have privileges anywhere

(since the account system isn't super-inutitive and at least one dude figured that -a would default to giving admin rights)
2025-08-16 16:42:13 -06:00 · 2024-01-11 00:24:34 +00:00 · 2024-01-11 00:24:34 +00:00 · e01ba8552a
parent 024303592a
commit e01ba8552a
1 changed files with 13 additions and 0 deletions
--- a/copyparty/authsrv.py
+++ b/copyparty/authsrv.py
@ -1235,6 +1235,7 @@ class AuthSrv(object):

        all_users = {}
        missing_users = {}
+        associated_users = {}
        for axs in daxs.values():
            for d in [
                axs.uread,
@ -1251,6 +1252,8 @@ class AuthSrv(object):
                    all_users[usr] = 1
                    if usr != "*" and usr not in acct:
                        missing_users[usr] = 1
+                    if "*" not in d:
+                        associated_users[usr] = 1

        if missing_users:
            self.log(
@ -1271,6 +1274,16 @@ class AuthSrv(object):
                raise Exception(BAD_CFG)
            seenpwds[pwd] = usr

+        for usr in acct:
+            if usr not in associated_users:
+                if len(vfs.all_vols) > 1:
+                    # user probably familiar enough that the verbose message is not necessary
+                    t = "account [%s] is not mentioned in any volume definitions; see --help-accounts"
+                    self.log(t % (usr,), 1)
+                else:
+                    t = "WARNING: the account [%s] is not mentioned in any volume definitions and thus has the same access-level and privileges that guests have; please see --help-accounts for details.  For example, if you intended to give that user full access to the current directory, you could do this:  -v .::A,%s"
+                    self.log(t % (usr, usr), 1)
+
        promote = []
        demote = []
        for vol in vfs.all_vols.values():