merge changes from head

[plcapi.git] / PLC / Auth.py

diff --git a/PLC/Auth.py b/PLC/Auth.py
index f71b634..a062b3a 100644 (file)
--- a/PLC/Auth.py
+++ b/PLC/Auth.py
@@ -4,7 +4,7 @@
 # Mark Huang <mlhuang@cs.princeton.edu>
 # Copyright (C) 2006 The Trustees of Princeton University
 #
-# $Id: Auth.py,v 1.13 2007/01/30 23:09:55 mlhuang Exp $
+# $Id: Auth.py,v 1.15 2007/02/01 22:28:48 mlhuang Exp $
 #
 
 import crypt
@@ -92,7 +92,7 @@ class GPGAuth(Auth):
             for key in keys:
                 try:
                     from PLC.GPG import gpg_verify
-                    gpg_verify(method.name, args, auth['signature'], key)
+                    gpg_verify(args, key, auth['signature'], method.name)
                     return
                 except PLCAuthenticationFailure, fault:
                     pass
@@ -295,7 +295,7 @@ class PasswordAuth(Auth):
         assert auth.has_key('Username')
 
         # Get record (must be enabled)
-        persons = Persons(method.api, {'email': auth['Username'], 'enabled': True, 'peer_id': None})
+        persons = Persons(method.api, {'email': auth['Username'].lower(), 'enabled': True, 'peer_id': None})
         if len(persons) != 1:
             raise PLCAuthenticationFailure, "No such account"
 
@@ -326,6 +326,6 @@ class PasswordAuth(Auth):
                 raise PLCAuthenticationFailure, "Password verification failed"
 
         if not set(person['roles']).intersection(method.roles):
-            raise PLCAuthenticationFailure, "Not allowed to call method"
+           raise PLCAuthenticationFailure, "Not allowed to call method"
 
         method.caller = person