hello everyone,
I’m trying my hand at serious applescript for the first time. I’ve managed to use Applescript Studio to create an interface and pass information to my script and it works really well.
The point of the project is that we have students (I work in a k-12) that need to log in locally to a laptop, but then have access to their documents stored on a mac server. Once they log in, they will run my application, which asks for student ID, password and what grade their in. Currently, our setup has our Freshmen and Senior folders on one server (docs1) and Sophomores and Juniors on another (docs2). My current scripts follows:
-- Student Volume Mounter
-- Version 1.0
-- Created by John Deery on 12/21/07.
-- Copyright 2007 __South Brunswick School District__. All rights reserved.
on clicked theObject
if title of theObject = "Cancel" then
quit
else if title of theObject = "Log On" then
set theWindow to window of theObject
tell theWindow
set passwd to contents of text field "passwd"
set student_id to contents of text field "student_id"
set server1 to "10.10.0.231"
set server2 to "10.10.0.232"
if student_id is "" then
display alert "You must supply a Student ID" attached to theWindow as critical
else if passwd is "" then
display alert "You must supply a password" attached to theWindow as critical
else
tell matrix 1 of theWindow
set temp_var to (name of current cell) as string
if temp_var is "senior" then
set student_year to "2008"
set student_server to server2
else if temp_var is "junior" then
set student_year to "2009"
set student_server to server1
else if temp_var is "sophomore" then
set student_year to "2010"
set student_server to server1
else if temp_var is "freshman" then
set student_year to "2011"
set student_server to server2
end if
end tell
try
tell application "Finder"
open location "afp://" & student_id & ":" & passwd & "@" & student_server & "/HomeDirs/" & student_year & "/" & student_id & "/Documents/"
end tell
end try
quit
end if
end tell
end if
end clicked
So this works, but the problem is that students’ logins are managed on a central server (teacher login) and once authenticated, tossed to the server they belong to. If I use my script to log on to the Senior server with a Junior account, it authenticates, but then drops me in the “HomeDirs” folder. I’d like to avoid this by running some type of a find command to see if their folder exists before finishing the mount.
I had thought to use mdfind, but nothing that I did worked, and I’m a little warry of trying to mount the network drive as root (or admin), do a find, then reject the mount if not found or remount if it is found, just in case the students find a way to cancel the operation and have the server mounted as root (or admin).
So I guess, basically, I’m looking for some guidance as to how to go about making this foolproof so I know that our students won’t get into places they’re not supposed to. Yes, we have our security set up so that they wouldn’t be able to get into another other student’s folder, but I want to make sure they can’t even get that far.
Thanks for any help/ideas!
JD
Hi,
I always mount my afp server with the do shell script command.
With this you can be as precise as you want to be with afp mounts. Like what volume, volumename, etc
If you want to now more about mounting afp server with the do shell script command than open Terminal and type: man mount_afp
It works like this: (please note the comments)
on mountServer(USERNAME, PASSWORD)
-- First a check to see if we allready are mounted.
-- If so then unmount and mount with our new data.
try
do shell script "test -w /Volumes/" & USERNAME
set MOUNTEXISTS to "true"
on error
set MOUNTEXISTS to "false"
end try
if MOUNTEXISTS is "true" then
try
do shell script "umount -f /Volumes/" & USERNAME
on error
try
do shell script "rm -rf /Volumes/" & USERNAME
end try
end try
end if
-- MOUNTING THE SERVER
-- the -o nobrowse option means that this mount will not be visible in the Finder.
-- delete this and it will be visible in the finder.
try
do shell script "mkdir -p /Volumes/" & USERNAME & " > /dev/null 2>&1 &"
do shell script "mount_afp -o nobrowse afp://" & USERNAME & ":" & PASSWORD & "@server.foo.com/" & USERNAME & "/ " & "/Volumes/" & USERNAME & ""
on error
display dialog "ERROR"
end try
end mountServer
Wow, thanks for the help, it’s gotten me 99% of the way ![:smiley: :smiley:](/images/emoji/apple/smiley.png?v=12)
Here’s what I have now:
on clicked theObject
if title of theObject = "Cancel" then
quit
else if title of theObject = "Log On" then
set theWindow to window of theObject
tell theWindow
set passwd to contents of text field "passwd"
set student_id to contents of text field "student_id"
set server1 to "10.10.0.231"
set server2 to "10.10.0.232"
if student_id is "" then
display alert "You must supply a Student ID" attached to theWindow as critical
else if passwd is "" then
display alert "You must supply a password" attached to theWindow as critical
else
tell matrix 1 of theWindow
set temp_var to (name of current cell) as string
if temp_var is "Senior/Freshman" then
set student_server to server2
else if temp_var is "Junior/Sophomore" then
set student_server to server1
end if
end tell
end if
-- First a check to see if we already are mounted.
-- If so then unmount and mount with our new data.
try
do shell script "test -w /Volumes/" & student_id
set MOUNTEXISTS to "true"
on error
set MOUNTEXISTS to "false"
end try
if MOUNTEXISTS is "true" then
try
do shell script "umount -f /Volumes/" & student_id
on error
try
do shell script "rm -rf /Volumes/" & student_id
end try
end try
end if
-- MOUNTING THE SERVER
-- the -o nobrowse option means that this mount will not be visible in the Finder.
-- delete this and it will be visible in the finder.
try
do shell script "mkdir -p /Volumes/" & student_id & " > /dev/null 2>&1 &"
do shell script "mount_afp afp://" & student_id & ":" & passwd & "@" & student_server & "/" & student_id & "/Documents /Volumes/" & student_id
on error
display alert "There was a problem authenticating. Please make sure you have the correct username, password and class selected.
If the problem persists, please contact your school's technical support" attached to theWindow as critical
end try
quit
end tell
end if
end clicked
The last piece I need is to figure out how to make the mount go to their Documents folder…right now, it will mount them to their main user directory. I tried to hard code in the path, but that didn’t work, but I can do the full path from a “Connect to Server” command.
After some research I see that it may not be easy to do, so I’ll keep looking and testing, but if anyone knows how to get around this part, that’d be great…the whole thing is that we don’t want some of our…smarter…students to try to mess with their Library files, so we want to restrict their access to only their Document folder.
Thanks!