\n"; if(in_array("serverProfileAdmin", $user["privileges"])) { print "

\n"; } print "

\n"; $data = deployHTML(); print $data['html']; print "

\n"; # deploy tab if(in_array("serverProfileAdmin", $user["privileges"])) { print "

\n"; $data = manageProfilesHTML(); print $data['html']; print "

\n"; # manageprofiles tab print "

\n"; $data = manageGroupingHTML(); print $data['html']; print "

\n"; # grouping tab } print "

\n"; # tab container } //////////////////////////////////////////////////////////////////////////////// /// /// \fn deployHTML() /// /// \return an array with one element with a key of 'html' whose value is the /// html content for the deploy tab /// /// \brief builds the html for the deploy tab /// //////////////////////////////////////////////////////////////////////////////// function deployHTML() { global $user, $skin; $profiles = getUserResources(array("serverCheckOut"), array("available")); $h = ''; $h .= "

Deploy Server

\n"; $h .= "
\n"; $h .= "

\n"; $h .= "Description:\n"; $h .= "

\n"; $h .= "

\n"; $cont = addContinuationsEntry('AJserverProfileData', array('mode' => 'checkout')); $h .= ""; $h .= "

\n"; $h .= "\n"; $h .= "\n"; # deployprofileslist $h .= "

\n"; $h .= "\n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; /*$h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n";*/ /*$h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n";*/ $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= "

Name:
Environment:	\n"; $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $images = removeNoCheckout($resources["image"]); $extraimages = getServerProfileImages($user['id']); foreach($extraimages as $id => $image) $images[$id] = $image; uasort($images, 'sortKeepIndex'); if(USEFILTERINGSELECT && count($images) < FILTERINGSELECTTHRESHOLD) { $h .= " \n"; foreach($images as $id => $image) { $image = preg_replace('/&/', '&', $image); $h .= " \n"; } $h .= " \n"; $h .= "
Fixed IP Address:	(optional)
Fixed MAC Address:	(optional)
Admin User Group:	\n"; $admingroups = getUserGroups(); $logingroups = $admingroups; /$admingroups = getUserEditGroups($user['id']); $logingroups = $admingroups; $extraadmingroups = getServerProfileGroups($user['id'], 'admin'); foreach($extraadmingroups as $id => $group) $admingroups[$id] = $group; uasort($admingroups, 'sortKeepIndex');/ if(USEFILTERINGSELECT && count($admingroups) < FILTERINGSELECTTHRESHOLD) { $h .= " \n"; $h .= " \n"; foreach($admingroups as $id => $group) { if($group['name'] == 'None' \|\| preg_match('/^None@.*$/', $group['name'])) continue; $h .= " \n"; } #foreach($admingroups as $id => $group) # $h .= " \n"; $h .= " \n"; $h .= "
Access User Group:	\n"; /$extralogingroups = getServerProfileGroups($user['id'], 'login'); foreach($extralogingroups as $id => $group) $logingroups[$id] = $group; uasort($logingroups, 'sortKeepIndex');/ if(USEFILTERINGSELECT && count($logingroups) < FILTERINGSELECTTHRESHOLD) { $h .= " \n"; $h .= " \n"; foreach($logingroups as $id => $group) { if($group['name'] == 'None' \|\| preg_match('/^None@.*$/', $group['name'])) continue; $h .= " \n"; } #foreach($logingroups as $id => $group) # $h .= " \n"; $h .= " \n"; $h .= "
Monitored:

\n"; $h .= "When would you like to deploy the server?
\n"; $h .= " "; $h .= "\n"; $h .= "Now
\n"; $h .= " "; $h .= "\n"; $h .= "Later:\n"; $h .= "

\n"; $h .= "

\n"; $h .= "(" . date('T') . ")

\n"; $h .= "Ending for server:
\n"; $h .= " "; $h .= "\n"; # TODO should this 'checked' be hard coded? $h .= "Indefinite
\n"; $h .= " "; $h .= "\n"; $h .= "At this time:\n"; $h .= "

\n"; $h .= "

\n"; $h .= "(" . date('T') . ")

\n"; $h .= "

\n"; $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $h .= "

\n"; $h .= "\n"; $h .= "

\n"; # deployprofilediv $h .= "

"; $h .= "

\n"; $h .= "

\n"; $h .= " \n"; $h .= " \n"; $h .= "

\n"; $h .= "\n"; return array('html' => $h); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn manageProfilesHTML() /// /// \return an array with one element with a key of 'html' whose value is the /// html content for the manage tab /// /// \brief builds the html for the manage tab /// //////////////////////////////////////////////////////////////////////////////// function manageProfilesHTML() { global $user; $profiles = getUserResources(array("serverProfileAdmin"), array("administer")); $h = ''; $h .= "

Manage Server Profiles

\n"; $h .= "\n"; $cont = addContinuationsEntry('AJserverProfileData', array('mode' => 'admin')); $h .= ""; $h .= "\n"; # profileslist $h .= ""; $h .= "

\n"; $h .= "Profile successfully updated\n"; $h .= "

\n"; $cont = addContinuationsEntry('AJdelServerProfile'); $h .= "

\n"; $h .= "\n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; /*$h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n";*/ /*$h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n";*/ $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= " \n"; $h .= "

Name:
Description:
Environment:	\n"; $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $images = removeNoCheckout($resources["image"]); if(USEFILTERINGSELECT && count($images) < FILTERINGSELECTTHRESHOLD) { $h .= " \n"; foreach($images as $id => $image) $h .= " \n"; $h .= " \n"; $h .= "
Fixed IP Address:	(optional)
Fixed MAC Address:	(optional)
Admin User Group:	\n"; $admingroups = getUserGroups(); $logingroups = $admingroups; /$admingroups = getUserEditGroups($user['id']); $logingroups = $admingroups; $extraadmingroups = getServerProfileGroups($user['id'], 'admin'); foreach($extraadmingroups as $id => $group) $admingroups[$id] = $group; uasort($admingroups, 'sortKeepIndex');/ if(USEFILTERINGSELECT && count($admingroups) < FILTERINGSELECTTHRESHOLD) { $h .= " \n"; $h .= " \n"; foreach($admingroups as $id => $group) { if($group['name'] == 'None' \|\| preg_match('/^None@.*$/', $group['name'])) continue; $h .= " \n"; } #foreach($admingroups as $id => $group) { # $h .= " \n"; $h .= " \n"; $h .= "
Access User Group:	\n"; /$extralogingroups = getServerProfileGroups($user['id'], 'login'); foreach($extralogingroups as $id => $group) $logingroups[$id] = $group; uasort($logingroups, 'sortKeepIndex');/ if(USEFILTERINGSELECT && count($logingroups) < FILTERINGSELECTTHRESHOLD) { $h .= " \n"; $h .= " \n"; foreach($logingroups as $id => $group) { if($group['name'] == 'None' \|\| preg_match('/^None@.*$/', $group['name'])) continue; $h .= " \n"; } #foreach($logingroups as $id => $group) # $h .= " \n"; $h .= " \n"; $h .= "
Monitored:

\n"; $cont = addContinuationsEntry('AJsaveServerProfile'); $h .= "

\n"; $h .= "

\n"; $h .= "

\n"; # serverprofiledata $h .= "

\n"; $h .= "Are you sure you want to delete this Server Profile?

\n"; $h .= "

\n"; $h .= "\n"; $h .= "\n"; $h .= "

\n"; # center aligned div $h .= "\n"; $h .= "

\n"; # confirmDeleteProfile return array('html' => $h); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn manageGroupingHTML() /// /// \return an array with one element with a key of 'html' whose value is the /// html content for the grouping tab /// /// \brief builds the html for the grouping tab /// //////////////////////////////////////////////////////////////////////////////// function manageGroupingHTML() { global $mode; $resources = getUserResources(array("serverProfileAdmin"), array("manageGroup")); $resourcegroups = getUserResources(array("serverProfileAdmin"), array("manageGroup"), 1); $h = ''; if($mode == 'submitServerProfileGroups') $gridSelected = "selected=\"true\""; else $gridSelected = ""; $h .= "

Server Profile Grouping

\n"; $h .= "\n"; # by profile tab $h .= "

\n"; $h .= "Select a server profile and click \"Get Groups\" to see all of the groups "; $h .= "it is in. Then,
select a group it is in and click the Remove "; $h .= "button to remove it from that group,
or select a group it is not "; $h .= "in and click the Add button to add it to that group.

\n"; $h .= "Server Profile:\n"; # build list of profiles /*$profiles = $resources['serverprofile']; uasort($profiles, 'sortKeepIndex'); foreach($profiles as $id => $profile) { $h .= "\n"; } $h .= "\n";*/ $h .= "\n"; $h .= "

\n"; $h .= "\n"; # select for groups profile is in $h .= "\n"; # transfer buttons $h .= "\n"; # select for groups profile is not in $h .= "\n"; $h .= "

\n"; $h .= "Groups is in:
\n"; $h .= "\n"; $h .= "

\n"; $h .= "\n"; $h .= "
\n"; $h .= "
\n"; $h .= "
\n"; $h .= "\n"; $h .= "

\n"; $h .= "Groups is not in:
\n"; $h .= "\n"; $h .= "

\n"; $h .= "

\n"; # groupsdiv $h .= "

\n"; # resource # by group tab $h .= "

\n"; $h .= "Select a group and click \"Get Server Profiles\" to see all of the server profiles "; $h .= "in it. Then,
select a server profile in it and click the Remove "; $h .= "button to remove it from the group,
or select a server profile that is not "; $h .= "in it and click the Add button to add it to the group.

\n"; $h .= "Group:\n"; $h .= "\n"; $h .= "

\n"; $h .= "\n"; # select for profiles in group $h .= "\n"; # transfer buttons $h .= "\n"; # profiles not in group select $h .= "\n"; $h .= "

\n"; $h .= "Server Profiles in :
\n"; $h .= "\n"; $h .= "

\n"; $h .= "\n"; $h .= "
\n"; $h .= "
\n"; $h .= "
\n"; $h .= "\n"; $h .= "

\n"; $h .= "Server Profiles not in :
\n"; $h .= "\n"; $h .= "

\n"; $h .= "

\n"; # profilesdiv $h .= "

\n"; # group $h .= "\n"; # end of main tab container $h .= "\n"; $cont = addContinuationsEntry('jsonProfileGroupingProfiles'); $h .= "\n"; $cont = addContinuationsEntry('jsonProfileGroupingGroups'); $h .= "\n"; return array('html' => $h); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn AJserverProfileData() /// /// \brief sends information about a specified server profile in json format /// //////////////////////////////////////////////////////////////////////////////// function AJserverProfileData() { $profileid = processInputVar('id', ARG_NUMERIC); $mode = getContinuationVar('mode'); if($mode == 'admin') $resources = getUserResources(array("serverProfileAdmin"), array("administer")); else $resources = getUserResources(array("serverCheckOut", "serverProfileAdmin"), array("available","administer")); if(! array_key_exists($profileid, $resources['serverprofile'])) { sendJSON(array('error' => 1, 'msg' => 'noaccess')); return; } $data = getServerProfiles($profileid); $data = $data[$profileid]; unset($data['image']); unset($data['ownerid']); unset($data['owner']); unset($data['admingroup']); unset($data['logingroup']); if($data['fixedIP'] == 'NULL') $data['fixedIP'] = ''; if($data['fixedMAC'] == 'NULL') $data['fixedMAC'] = ''; if(is_null($data['admingroupid'])) $data['admingroupid'] = 0; if(is_null($data['logingroupid'])) $data['logingroupid'] = 0; sendJSON($data); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn AJserverProfileStoreData() /// /// \brief sends information about server profiles in json format /// //////////////////////////////////////////////////////////////////////////////// function AJserverProfileStoreData() { $profiles = getServerProfiles(); $data = array(); $resources = getUserResources(array("serverCheckOut"), array("available")); foreach($resources['serverprofile'] as $id => $name) $data[$id] = array('id' => $id, 'name' => $name, 'access' => 'checkout', 'desc' => preg_replace("/\n/", "
", $profiles[$id]['description'])); $resources = getUserResources(array("serverProfileAdmin"), array("administer")); foreach($resources['serverprofile'] as $id => $name) $data[$id] = array('id' => $id, 'name' => $name, 'access' => 'admin', 'desc' => preg_replace("/\n/", "
", $profiles[$id]['description'])); $data = array_values($data); $data[] = array('id' => 70000, 'name' => '(New Profile)', 'access' => 'admin', 'desc' => ''); sendJSON($data); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn AJdeployServer() /// /// \brief processes request information and creates reservation if everything /// ok /// //////////////////////////////////////////////////////////////////////////////// function AJdeployServer() { global $user, $remoteIP; $profilename = processInputVar('name', ARG_STRING); $profileid = processInputVar('profileid', ARG_NUMERIC); $imageid = processInputVar('imageid', ARG_NUMERIC); $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $images = removeNoCheckout($resources["image"]); $extraimages = getServerProfileImages($user['id']); if(! array_key_exists($imageid, $images) && ! array_key_exists($imageid, $extraimages)) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $data = array('error' => 1, 'cont' => $cont, 'msg' => 'You do not have access to use this environment.'); sendJSON($data); return; } if(! preg_match('/^([-a-zA-Z0-9_\. ]){0,255}$/', $profilename)) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $data = array('error' => 1, 'cont' => $cont, 'msg' => "The name can only contain letters, numbers, spaces, dashes(-), " . "underscores(_), and periods(.) and can be up to 255 characters long"); sendJSON($data); return; } $ipaddr = processInputVar('ipaddr', ARG_STRING); $ipaddrArr = explode('.', $ipaddr); if($ipaddr != '' && (! preg_match('/^(([0-9]){1,3}\.){3}([0-9]){1,3}$/', $ipaddr) || $ipaddrArr[0] < 1 || $ipaddrArr[0] > 255 || $ipaddrArr[1] < 0 || $ipaddrArr[1] > 255 || $ipaddrArr[2] < 0 || $ipaddrArr[2] > 255 || $ipaddrArr[3] < 0 || $ipaddrArr[3] > 255)) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $data = array('error' => 1, 'cont' => $cont, 'msg' => "Invalid IP address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"); sendJSON($data); return; } $macaddr = processInputVar('macaddr', ARG_STRING); if($macaddr != '' && ! preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $macaddr)) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $data = array('error' => 1, 'cont' => $cont, 'msg' => "Invalid MAC address. Must be XX:XX:XX:XX:XX:XX " . "with each pair of XX being from 00 to FF (inclusive)"); sendJSON($data); return; } $admingroupid = processInputVar('admingroupid', ARG_NUMERIC); $usergroups = getUserGroups(); /*$usergroups = getUserEditGroups($user['id']); $extraadmingroups = getServerProfileGroups($user['id'], 'admin');*/ if($admingroupid != 0 && ! array_key_exists($admingroupid, $usergroups) /*&& ! array_key_exists($admingroupid, $extraadmingroups)*/) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $data = array('error' => 1, 'cont' => $cont, 'msg' => "You do not have access to use the specified admin user group."); sendJSON($data); return; } $logingroupid = processInputVar('logingroupid', ARG_NUMERIC); #$extralogingroups = getServerProfileGroups($user['id'], 'login'); if($logingroupid != 0 && ! array_key_exists($logingroupid, $usergroups) /*&& ! array_key_exists($logingroupid, $extralogingroups)*/) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $data = array('error' => 1, 'cont' => $cont, 'msg' => "You do not have access to use the specified access user group."); sendJSON($data); return; } $monitored = processInputVar('monitored', ARG_NUMERIC); if($monitored != 0 && $monitored != 1) $monitored = 0; $startmode = processInputVar('startmode', ARG_NUMERIC); if($startmode != 0 && $startmode != 1) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $data = array('error' => 1, 'cont' => $cont, 'msg' => "Invalid start information submitted"); sendJSON($data); return; } $endmode = processInputVar('endmode', ARG_NUMERIC); if($endmode != 0 && $endmode != 1) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $data = array('error' => 1, 'cont' => $cont, 'msg' => "Invalid end information submitted"); sendJSON($data); return; } if($startmode == 1) { $tmp = processInputVar('start', ARG_NUMERIC); if(! preg_match('/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})$/', $tmp, $matches)) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $data = array('error' => 1, 'cont' => $cont, 'msg' => "Invalid start date/time submitted"); sendJSON($data); return; } $startts = datetimeToUnix("{$matches[1]}-{$matches[2]}-{$matches[3]} {$matches[4]}:{$matches[5]}:00"); } else { $tmp = time(); $startts = unixFloor15(); } if($endmode == 1) { $tmp = processInputVar('end', ARG_NUMERIC); if(! preg_match('/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})$/', $tmp, $matches)) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $data = array('error' => 1, 'cont' => $cont, 'msg' => "Invalid end date/time submitted"); sendJSON($data); return; } $endts = datetimeToUnix("{$matches[1]}-{$matches[2]}-{$matches[3]} {$matches[4]}:{$matches[5]}:00"); } else { $tmp = time(); $endts = datetimeToUnix("2038-01-01 00:00:00"); } $resources = getUserResources(array("serverCheckOut", "serverProfileAdmin"), array("available","administer")); if(! array_key_exists($profileid, $resources['serverprofile'])) $profileid = 0; elseif($profileid != 0) { $tmp = getServerProfiles($profileid); $tmp = $tmp[$profileid]; if($tmp['imageid'] != $imageid && (($tmp['fixedIP'] != $ipaddr && $tmp['fixedMAC'] != $macaddr) || ($tmp['fixedIP'] == $ipaddr && $ipaddr == '' && $tmp['fixedMAC'] == $macaddr && $macaddr == ''))) $profileid = 0; } // TODO handle selection of multiple revisions // get semaphore lock if(! semLock()) abort(3); $revisionid = getProductionRevisionid($imageid); $images = getImages(0, $imageid); $availablerc = isAvailable($images, $imageid, $revisionid, $startts, $endts, 0, 0, 0, 0, $ipaddr, $macaddr); if($availablerc < 1) { $cdata = array('start' => $startts, 'end' => $endts, 'imageid' => $imageid, 'server' => 1, 'ip' => $ipaddr, 'mac' => $macaddr); if($startmode == 0) $cdata['now'] = 1; else $cdata['now'] = 0; $sugcont = addContinuationsEntry('AJshowRequestSuggestedTimes', $cdata); } if($availablerc == -3) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $msg = "The IP or MAC address you specified overlaps with another " . "reservation using the same IP or MAC address you specified. " . "Please use a different IP or MAC or select a different time " . "to deploy the server."; $data = array('error' => 2, 'cont' => $cont, 'sugcont' => $sugcont, 'msg' => $msg); sendJSON($data); return; } $max = getMaxOverlap($user['id']); if($availablerc > 0 && checkOverlap($startts, $endts, $max)) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); if($max == 0) $msg = "The time you specified overlaps with another reservation you " . "currently have. You are only allowed to have a single " . "reservation at a time. You either need to end your existing " . "reservation or specify a time for this one that does not " . "overlap with your other reservation."; else $msg = "The time you specified overlaps with other reservations you " . "currently have. You are allowed to have $max overlapping " . "reservations at a time. You either need to end an existing " . "reservation or specify a time for this one that does not " . "overlap with your other reservations."; $data = array('error' => 1, 'cont' => $cont, 'msg' => $msg); sendJSON($data); return; } if($availablerc == -1) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $msg = "You have requested an environment that is limited in the number " . "of concurrent reservations that can be made. No further " . "reservations for the environment can be made for the time you " . "have selected. Please select another time to use the " . "environment."; $data = array('error' => 2, 'cont' => $cont, 'sugcont' => $sugcont, 'msg' => $msg); sendJSON($data); return; } if($availablerc == -2) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $msg = "The time period you selected is not available due to scheduled " . "system downtime for maintenance. Please select another time to use " . "the environment."; $data = array('error' => 2, 'cont' => $cont, 'sugcont' => $sugcont, 'msg' => $msg); sendJSON($data); return; } if($availablerc == 0) { $cont = addContinuationsEntry('AJdeployServer', array(), SECINDAY, 1, 0); $msg = "The requested time period is not available. Please select a " . "different time."; $data = array('error' => 2, 'cont' => $cont, 'sugcont' => $sugcont, 'msg' => $msg); sendJSON($data); return; } $requestid = addRequest(); $query = "UPDATE reservation " . "SET remoteIP = '$remoteIP' " . "WHERE requestid = $requestid"; doQuery($query); $fields = array('requestid', 'serverprofileid'); $values = array($requestid, $profileid); if($profilename == '') { $fields[] = 'name'; $profilename = $images[$imageid]['prettyname']; $values[] = "'$profilename'"; } else { $fields[] = 'name'; $profilename = mysql_real_escape_string($profilename); $values[] = "'$profilename'"; } if($ipaddr != '') { $fields[] = 'fixedIP'; $values[] = "'$ipaddr'"; } if($macaddr != '') { $fields[] = 'fixedMAC'; $values[] = "'$macaddr'"; } if($admingroupid != 0) { $fields[] = 'admingroupid'; $values[] = $admingroupid; } if($logingroupid != 0) { $fields[] = 'logingroupid'; $values[] = $logingroupid; } if($monitored != 0) { $fields[] = 'monitored'; $values[] = 1; } $allfields = implode(',', $fields); $allvalues = implode(',', $values); $query = "INSERT INTO serverrequest ($allfields) VALUES ($allvalues)"; doQuery($query, 101); $ret['success'] = 1; $ret['redirecturl'] = BASEURL . SCRIPT . "?mode=viewRequests"; sendJSON($ret); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn AJsaveServerProfile /// /// \brief updates server profile information /// //////////////////////////////////////////////////////////////////////////////// function AJsaveServerProfile() { global $user; $data = processProfileInput(); if(array_key_exists('error', $data)) { sendJSON($data); return; } $name = mysql_real_escape_string($data['name']); $desc = mysql_real_escape_string($data['desc']); $fixedIP = mysql_real_escape_string($data['fixedIP']); $fixedMAC = mysql_real_escape_string($data['fixedMAC']); $ret = array(); if($data['profileid'] == 70000) { $query = "INSERT INTO serverprofile " . "(name, " . "description, " . "imageid, " . "ownerid, " . "fixedIP, " . "fixedMAC, " . "admingroupid, " . "logingroupid, " . "monitored) " . "VALUES " . "('$name', " . "'$desc', " . "{$data['imageid']}, " . "{$user['id']}, " . "'$fixedIP', " . "'$fixedMAC', " . "{$data['admingroupid']}, " . "{$data['logingroupid']}, " . "{$data['monitored']})"; doQuery($query, 101); $id = dbLastInsertID(); $query = "INSERT INTO resource " . "(resourcetypeid, " . "subid) " . "VALUES " . "(17, " . "$id)"; doQuery($query, 101); $ret['success'] = 1; $ret['name'] = $data['name']; $ret['id'] = $id; $ret['newprofile'] = 1; } else { $query = "UPDATE serverprofile SET " . "name = '$name', " . "description = '$desc', " . "imageid = {$data['imageid']}, " . "fixedIP = '{$data['fixedIP']}', " . "fixedMAC = '{$data['fixedMAC']}', " . "admingroupid = {$data['admingroupid']}, " . "logingroupid = {$data['logingroupid']}, " . "monitored = {$data['monitored']} " . "WHERE id = {$data['profileid']}"; doQuery($query, 101); $ret['success'] = 1; $ret['name'] = $data['name']; $ret['id'] = $data['profileid']; $ret['newprofile'] = 0; } $ret['access'] = 'admin'; $ret['desc'] = preg_replace("/\n/", "
", $data['desc']); $_SESSION['usersessiondata'] = array(); $_SESSION['userresources'] = array(); sendJSON($ret); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn AJdelServerProfile() /// /// \brief deletes a server profile /// //////////////////////////////////////////////////////////////////////////////// function AJdelServerProfile() { $profileid = processInputVar('id', ARG_NUMERIC); $resources = getUserResources(array("serverProfileAdmin"), array("administer")); if(! array_key_exists($profileid, $resources['serverprofile'])) { $data = array('error' => 1, 'msg' => 'You do not have access to delete this profile.'); sendJSON($data); return; } $query = "DELETE FROM serverprofile WHERE id = $profileid"; doQuery($query, 101); $rows = mysql_affected_rows(); if($rows == 0) { $data = array('error' => 1, 'msg' => 'Failed to delete selected server profile'); sendJSON($data); return; } $query = "DELETE FROM resource WHERE subid = $profileid AND resourcetypeid = 17"; doQuery($query, 101); $_SESSION['usersessiondata'] = array(); $_SESSION['userresources'] = array(); sendJSON(array('success' => 1, 'id' => $profileid)); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn processProfileInput() /// /// \return array with these values:\n /// \b profileid - id of profile\n /// \b name - name of profile\n /// \b desc - description of profile\n /// \b imageid - id associated with profile\n /// \b fixedIP - IP address to be assigned to profile\n /// \b fixedMAC - MAC address to be assigned to profile\n /// \b admingroupid - admin user group associated with profile\n /// \b logingroupid - login user group associated with profile\n /// \b monitored - whether or not the profile should be monitored /// /// \brief process submitted profile information /// //////////////////////////////////////////////////////////////////////////////// function processProfileInput() { global $user; $ret = array(); $ret['profileid'] = processInputVar('id', ARG_NUMERIC); $ret['name'] = processInputVar('name', ARG_STRING); $ret['desc'] = processInputVar('desc', ARG_STRING); $ret['imageid'] = processInputVar('imageid', ARG_NUMERIC); $ret['fixedIP'] = processInputVar('fixedIP', ARG_STRING); $ret['fixedMAC'] = processInputVar('fixedMAC', ARG_STRING); $ret['admingroupid'] = processInputVar('admingroupid', ARG_NUMERIC); $ret['logingroupid'] = processInputVar('logingroupid', ARG_NUMERIC); $monitored = processInputVar('monitored', ARG_STRING); $err = array(); # validate access to this profile $resources = getUserResources(array("serverProfileAdmin"), array("administer")); if($ret['profileid'] != 70000 && ! array_key_exists($ret['profileid'], $resources['serverprofile'])) { $err['msg'] = "You do not have access to administer this server profile."; $err['field'] = 'profileid'; $err['error'] = 1; return $err; } if(! preg_match('/^([-a-zA-Z0-9_\. ]){3,255}$/', $ret['name'])) { $err['msg'] = "The name can only contain letters, numbers, spaces, dashes(-), " . "underscores(_), and periods(.) and can be from 3 to 255 characters long"; $err['field'] = 'name'; $err['error'] = 1; return $err; } if(! preg_match("/^([-a-zA-Z0-9\. ,;:@#&_+\/?\n]){0,1000}$/", $ret['desc'])) { $err['msg'] = "The description can only contain letters, numbers, spaces, and " . "these characters: - , ; . : @ # & ( ) _ + / ? and can be from " . "3 to 1000 characters long"; $err['field'] = 'desc'; $err['error'] = 1; return $err; } $resources = getUserResources(array("imageAdmin", "imageCheckOut")); $images = removeNoCheckout($resources['image']); if(! array_key_exists($ret['imageid'], $images)) { $err['msg'] = "Invalid image selected"; $err['field'] = 'imageid'; $err['error'] = 1; return $err; } $addrArr = explode('.', $ret['fixedIP']); if($ret['fixedIP'] == '') $ret['fixedIP'] = 'NULL'; elseif(! preg_match('/^(([0-9]){1,3}\.){3}([0-9]){1,3}$/', $ret['fixedIP']) || $addrArr[0] < 1 || $addrArr[0] > 255 || $addrArr[1] < 0 || $addrArr[1] > 255 || $addrArr[2] < 0 || $addrArr[2] > 255 || $addrArr[3] < 1 || $addrArr[3] > 255) { $err['msg'] = "Invalid value for Fixed IP Address. Must be w.x.y.z with each of " . "w, x, y, and z being between 1 and 255 (inclusive)"; $err['field'] = 'fixedIP'; $err['error'] = 1; return $err; } if($ret['fixedMAC'] == '') $ret['fixedMAC'] = 'NULL'; elseif(! preg_match('/^(([A-Fa-f0-9]){2}:){5}([A-Fa-f0-9]){2}$/', $ret['fixedMAC'])) { $err['msg'] = "Invalid MAC address. Must be XX:XX:XX:XX:XX:XX with each pair of " . "XX being from 00 to FF (inclusive)"; $err['field'] = 'fixedMAC'; $err['error'] = 1; return $err; } $usergroups = getUserGroups(); /*$usergroups = getUserEditGroups($user['id']); $extraadmingroups = getServerProfileGroups($user['id'], 'admin');*/ if($ret['admingroupid'] == 0) $ret['admingroupid'] = 'NULL'; elseif(! array_key_exists($ret['admingroupid'], $usergroups) /*&& ! array_key_exists($ret['admingroupid'], $extraadmingroups)*/) { $err['msg'] = "Invalid Admin User Group selected"; $err['field'] = 'admingroupid'; $err['error'] = 1; return $err; } #$extralogingroups = getServerProfileGroups($user['id'], 'login'); if($ret['logingroupid'] == 0) $ret['logingroupid'] = 'NULL'; elseif(! array_key_exists($ret['logingroupid'], $usergroups) /*&& ! array_key_exists($ret['logingroupid'], $extralogingroups)*/) { $err['msg'] = "Invalid Access User Group selected"; $err['field'] = 'logingroupid'; $err['error'] = 1; return $err; } if(! preg_match('/^(false|on)$/', $monitored)) { $err['msg'] = "Invalid value submitted for Monitored"; $err['field'] = 'monitored'; $err['error'] = 1; return $err; } if($monitored == 'on') $ret['monitored'] = 1; else $ret['monitored'] = 0; return $ret; } //////////////////////////////////////////////////////////////////////////////// /// /// \fn getServerProfiles($id) /// /// \param $id - (optional) if specified, only return data for specified profile /// /// \return an array where each key is a profile id whose value is an array with /// these values:\n /// \b name - profile name\n /// \b description - profile description\n /// \b imageid - id of image associated with profile\n /// \b image - pretty name of image associated with profile\n /// \b ownerid - user id of owner of profile\n /// \b owner - unityid of owner of profile\n /// \b fixedIP - IP address to be used with deployed profile\n /// \b fixedMAC - MAC address to be used with deployed profile\n /// \b admingroupid - id of admin user group associated with profile\n /// \b admingroup - name of admin user group associated with profile\n /// \b logingroupid - id of login user group associated with profile\n /// \b logingroup - name of login user group associated with profile\n /// \b monitored - whether or not deployed profile should be monitored\n /// \b resourceid - resource id of profile /// /// \brief gets information about server profiles /// //////////////////////////////////////////////////////////////////////////////// function getServerProfiles($id=0) { $key = getKey(array('getServerProfiles', $id)); if(array_key_exists($key, $_SESSION['usersessiondata'])) return $_SESSION['usersessiondata'][$key]; $query = "SELECT s.id, " . "s.name, " . "s.description, " . "s.imageid, " . "i.prettyname AS image, " . "s.ownerid, " . "CONCAT(u.unityid, '@', a.name) AS owner, " . "s.fixedIP, " . "s.fixedMAC, " . "s.admingroupid, " . "CONCAT(ga.name, '@', aa.name) AS admingroup, " . "s.logingroupid, " . "CONCAT(gl.name, '@', al.name) AS logingroup, " . "s.monitored, " . "r.id AS resourceid " . "FROM serverprofile s " . "LEFT JOIN image i ON (i.id = s.imageid) " . "LEFT JOIN user u ON (u.id = s.ownerid) " . "LEFT JOIN affiliation a ON (a.id = u.affiliationid) " . "LEFT JOIN usergroup ga ON (ga.id = s.admingroupid) " . "LEFT JOIN affiliation aa ON (aa.id = ga.affiliationid) " . "LEFT JOIN usergroup gl ON (gl.id = s.logingroupid) " . "LEFT JOIN affiliation al ON (al.id = gl.affiliationid) " . "LEFT JOIN resource r ON (r.subid = s.id) " . "WHERE r.resourcetypeid = 17 "; if($id != 0) $query .= "AND s.id = $id"; else $query .= "ORDER BY name"; $qh = doQuery($query, 101); $profiles = array(); while($row = mysql_fetch_assoc($qh)) $profiles[$row['id']] = $row; $_SESSION['usersessiondata'][$key] = $profiles; return $profiles; } //////////////////////////////////////////////////////////////////////////////// /// /// \fn getServerProfileImages($userid) /// /// \param $userid - id from user table /// /// \return array where the key is the id of the image and the value is the /// prettyname of the image /// /// \brief builds an array of images that user has access to via server profiles /// //////////////////////////////////////////////////////////////////////////////// function getServerProfileImages($userid) { $key = getKey(array('getServerProfileImages', $userid)); if(array_key_exists($key, $_SESSION['usersessiondata'])) return $_SESSION['usersessiondata'][$key]; $resources = getUserResources(array('serverCheckOut', 'serverProfileAdmin'), array('available', 'administer')); $ids = array_keys($resources['serverprofile']); $inids = implode(',', $ids); if(empty($inids)) { $_SESSION['usersessiondata'][$key] = array(); return array(); } $query = "SELECT i.id, " . "i.prettyname AS image " . "FROM serverprofile s, " . "image i " . "WHERE s.imageid = i.id AND " . "s.id IN ($inids)"; $qh = doQuery($query, 101); $profiles = array(); while($row = mysql_fetch_assoc($qh)) $profiles[$row['id']] = $row['image']; $_SESSION['usersessiondata'][$key] = $profiles; return $profiles; } //////////////////////////////////////////////////////////////////////////////// /// /// \fn getServerProfileGroups($userid, $type) /// /// \param $userid - id from user table /// \param $type - 'admin' or 'user' /// /// \return array where the key is the id of the user group and the value is the /// name of the user group /// /// \brief builds an array of user group that user has access to via server /// profiles /// //////////////////////////////////////////////////////////////////////////////// function getServerProfileGroups($userid, $type) { global $user; $key = getKey(array('getServerProfileAdminGroups', $userid, $type)); if(array_key_exists($key, $_SESSION['usersessiondata'])) return $_SESSION['usersessiondata'][$key]; $resources = getUserResources(array('serverCheckOut', 'serverProfileAdmin'), array('available', 'administer')); $ids = array_keys($resources['serverprofile']); $inids = implode(',', $ids); if(empty($inids)) { $_SESSION['usersessiondata'][$key] = array(); return array(); } if($type == 'admin') $field = 'admingroupid'; else $field = 'logingroupid'; if($user['showallgroups']) { $query = "SELECT DISTINCT(u.id), " . "CONCAT(u.name, '@', a.name) AS name " . "FROM serverprofile s, " . "usergroup u, " . "affiliation a " . "WHERE s.$field = u.id AND " . "u.affiliationid = a.id AND " . "s.id IN ($inids) " . "ORDER BY name"; } else { $query = "SELECT DISTINCT(u.id), " . "u.name " . "FROM serverprofile s, " . "usergroup u " . "WHERE s.$field = u.id AND " . "s.id IN ($inids) " . "ORDER BY name"; } $qh = doQuery($query, 101); $groups = array(); while($row = mysql_fetch_assoc($qh)) $groups[$row['id']] = $row['name']; $_SESSION['usersessiondata'][$key] = $groups; return $groups; } //////////////////////////////////////////////////////////////////////////////// /// /// \fn jsonProfileGroupingGroups() /// /// \brief sends data about which profile groups are assigned to a profile /// //////////////////////////////////////////////////////////////////////////////// function jsonProfileGroupingGroups() { $profileid = processInputVar('profileid', ARG_NUMERIC); $resources = getUserResources(array("serverProfileAdmin"), array("manageGroup")); if(! array_key_exists($profileid, $resources['serverprofile'])) { $arr = array('ingroups' => array(), 'outgroups' => array(), 'all' => array()); sendJSON($arr); return; } $groups = getUserResources(array('serverProfileAdmin'), array('manageGroup'), 1); $memberships = getResourceGroupMemberships('serverprofile'); $in = array(); $out = array(); $all = array(); foreach($groups['serverprofile'] as $id => $group) { if(array_key_exists($profileid, $memberships['serverprofile']) && in_array($id, $memberships['serverprofile'][$profileid])) { $all[] = array('inout' => 1, 'id' => $id, 'name' => $group); $in[] = array('name' => $group, 'id' => $id); } else { $all[] = array('inout' => 0, 'id' => $id, 'name' => $group); $out[] = array('name' => $group, 'id' => $id); } } $arr = array('ingroups' => $in, 'outgroups' => $out, 'all' => $all); sendJSON($arr); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn jsonProfileGroupingProfiles() /// /// \brief sends data about which profiles are assigned to a profile group /// //////////////////////////////////////////////////////////////////////////////// function jsonProfileGroupingProfiles() { $groupid = processInputVar('groupid', ARG_NUMERIC); $groups = getUserResources(array("serverProfileAdmin"), array("manageGroup"), 1); $emptyinout = 0; if(! array_key_exists($groupid, $groups['serverprofile'])) $emptyinout = 1; $resources = getUserResources(array('serverProfileAdmin'), array('manageGroup')); uasort($resources['serverprofile'], 'sortKeepIndex'); $memberships = getResourceGroupMemberships('serverprofile'); $all = array(); $in = array(); $out = array(); foreach($resources['serverprofile'] as $id => $profile) { if($emptyinout) $all[] = array('inout' => 0, 'id' => $id, 'name' => $profile); elseif(array_key_exists($id, $memberships['serverprofile']) && in_array($groupid, $memberships['serverprofile'][$id])) { $all[] = array('inout' => 1, 'id' => $id, 'name' => $profile); $in[] = array('name' => $profile, 'id' => $id); } else { $all[] = array('inout' => 0, 'id' => $id, 'name' => $profile); $out[] = array('name' => $profile, 'id' => $id); } } $arr = array('inprofiles' => $in, 'outprofiles' => $out, 'all' => $all); sendJSON($arr); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn AJaddGroupToProfile() /// /// \brief adds a profile group to a profile /// //////////////////////////////////////////////////////////////////////////////// function AJaddGroupToProfile() { $profileid = processInputVar('id', ARG_NUMERIC); $resources = getUserResources(array("serverProfileAdmin"), array("manageGroup")); // check access to profile if(! array_key_exists($profileid, $resources['serverprofile'])) { $arr = array('groups' => array(), 'addrem' => 1); sendJSON($arr); return; } // check access to groups $groups = getUserResources(array("serverProfileAdmin"), array("manageGroup"), 1); $tmp = processInputVar('listids', ARG_STRING); $tmp = explode(',', $tmp); $groupids = array(); foreach($tmp as $id) { if(! is_numeric($id)) continue; if(! array_key_exists($id, $groups['serverprofile'])) { $arr = array('groups' => array(), 'addrem' => 1); sendJSON($arr); return; } $groupids[] = $id; } $profile = getServerProfiles($profileid); $adds = array(); foreach($groupids as $id) { $adds[] = "({$profile[$profileid]['resourceid']}, $id)"; } $query = "INSERT IGNORE INTO resourcegroupmembers " . "(resourceid, resourcegroupid) VALUES "; $query .= implode(',', $adds); doQuery($query, 101); $_SESSION['userresources'] = array(); $_SESSION['usersessiondata'] = array(); $arr = array('groups' => $groupids, 'addrem' => 1); sendJSON($arr); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn AJremGroupFromProfile() /// /// \brief removes a profile group from a profile /// //////////////////////////////////////////////////////////////////////////////// function AJremGroupFromProfile() { $profileid = processInputVar('id', ARG_NUMERIC); $resources = getUserResources(array("serverProfileAdmin"), array("manageGroup")); if(! array_key_exists($profileid, $resources['serverprofile'])) { $arr = array('groups' => array(), 'addrem' => 0); sendJSON($arr); return; } $groups = getUserResources(array("serverProfileAdmin"), array("manageGroup"), 1); $tmp = processInputVar('listids', ARG_STRING); $tmp = explode(',', $tmp); $groupids = array(); foreach($tmp as $id) { if(! is_numeric($id)) continue; if(! array_key_exists($id, $groups['serverprofile'])) { $arr = array('groups' => array(), 'addrem' => 0); sendJSON($arr); return; } $groupids[] = $id; } $profile = getServerProfiles($profileid); foreach($groupids as $id) { $query = "DELETE FROM resourcegroupmembers " . "WHERE resourceid = {$profile[$profileid]['resourceid']} AND " . "resourcegroupid = $id"; doQuery($query, 288); } $arr = array('groups' => $groupids, 'addrem' => 0, 'removedaccess' => 0); $_SESSION['userresources'] = array(); $_SESSION['usersessiondata'] = array(); $resources = getUserResources(array("serverProfileAdmin"), array("manageGroup")); if(! array_key_exists($profileid, $resources['serverprofile'])) { $arr['removedaccess'] = 1; $arr['profileid'] = $profileid; } sendJSON($arr); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn AJaddProfileToGroup() /// /// \brief adds a profile to a profile group /// //////////////////////////////////////////////////////////////////////////////// function AJaddProfileToGroup() { $groupid = processInputVar('id', ARG_NUMERIC); $groups = getUserResources(array("serverProfileAdmin"), array("manageGroup"), 1); if(! array_key_exists($groupid, $groups['serverprofile'])) { $arr = array('profiles' => array(), 'addrem' => 1); sendJSON($arr); return; } $resources = getUserResources(array("serverProfileAdmin"), array("manageGroup")); $tmp = processInputVar('listids', ARG_STRING); $tmp = explode(',', $tmp); $profileids = array(); foreach($tmp as $id) { if(! is_numeric($id)) continue; if(! array_key_exists($id, $resources['serverprofile'])) { $arr = array('profiles' => array(), 'addrem' => 1); sendJSON($arr); return; } $profileids[] = $id; } $allprofiles = getServerProfiles(); $adds = array(); foreach($profileids as $id) { $adds[] = "({$allprofiles[$id]['resourceid']}, $groupid)"; } $query = "INSERT IGNORE INTO resourcegroupmembers " . "(resourceid, resourcegroupid) VALUES "; $query .= implode(',', $adds); doQuery($query, 287); $_SESSION['userresources'] = array(); $_SESSION['usersessiondata'] = array(); $arr = array('profiles' => $profileids, 'addrem' => 1); sendJSON($arr); } //////////////////////////////////////////////////////////////////////////////// /// /// \fn AJremProfileFromGroup() /// /// \brief removes a profile from a profile group /// //////////////////////////////////////////////////////////////////////////////// function AJremProfileFromGroup() { $groupid = processInputVar('id', ARG_NUMERIC); $groups = getUserResources(array("serverProfileAdmin"), array("manageGroup"), 1); if(! array_key_exists($groupid, $groups['serverprofile'])) { $arr = array('profiles' => array(), 'addrem' => 0); sendJSON($arr); return; } $resources = getUserResources(array("serverProfileAdmin"), array("manageGroup")); $tmp = processInputVar('listids', ARG_STRING); $tmp = explode(',', $tmp); $profileids = array(); foreach($tmp as $id) { if(! is_numeric($id)) continue; if(! array_key_exists($id, $resources['serverprofile'])) { $arr = array('profiles' => array(), 'addrem' => 0, 'id' => $id, 'extra' => $resources['serverprofile']); sendJSON($arr); return; } $profileids[] = $id; } $allprofiles = getServerProfiles(); foreach($profileids as $id) { $query = "DELETE FROM resourcegroupmembers " . "WHERE resourceid = {$allprofiles[$id]['resourceid']} AND " . "resourcegroupid = $groupid"; doQuery($query, 288); } $arr = array('profiles' => $profileids, 'addrem' => 0, 'removedaccess' => 0); $_SESSION['userresources'] = array(); $_SESSION['usersessiondata'] = array(); $resources = getUserResources(array("serverProfileAdmin"), array("manageGroup")); foreach($profileids as $id) { if(! array_key_exists($id, $resources['serverprofile'])) { $arr['removedaccess'] = 1; $arr['remprofileids'][] = $id; } } sendJSON($arr); } ?>