chpwd, operation.py: Allow administrative override of policy.

diff --git a/chpwd b/chpwd
index 0e0de39..2d6c75c 100755 (executable)
--- a/chpwd
+++ b/chpwd
@@ -76,6 +76,9 @@ for short, long, props in [
     'default': ENV.get('CHPWD_CONFIG',
                        OS.path.join(HOME, 'chpwd.conf')),
     'help': 'read configuration from FILE.' }),
+  ('-i', '--ignore-policy', {
+    'dest': 'ignpol', 'default': False, 'action': 'store_true',
+    'help': 'ignore the operation policy (for administrators)' }),
   ('-s', '--ssl', {
     'dest': 'sslp', 'action': 'store_true',
     'help': 'pretend CGI connection is carried over SSL/TLS' }),

diff --git a/operation.py b/operation.py
index bf17b05..fccd172 100644 (file)
--- a/operation.py
+++ b/operation.py
@@ -343,14 +343,15 @@ def operate(op, accts, *args, **kw):
   """
   rq = getattr(CFG.RQCLASS, op)(accts, *args, **kw)
   desc = rq.describe()
-  try:
-    rq.check()
-  except U.ExpectedError, e:
-    L.syslog('REFUSE %s %s: %s' %
-             (desc,
-              ', '.join(['%s@%s' % (o.user, o.svc.name) for o in rq.ops]),
-              e))
-    raise
+  if not CFG.OPTS.ignpol:
+    try:
+      rq.check()
+    except U.ExpectedError, e:
+      L.syslog('REFUSE %s %s: %s' %
+               (desc,
+                ', '.join(['%s@%s' % (o.user, o.svc.name) for o in rq.ops]),
+                e))
+      raise
   ops = rq.perform()
   nwin = nlose = 0
   for o in ops: