toggle.php 6.7 KB
Newer Older
1 2 3
<?php
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2010 University of Utah and the Flux Group.
5 6 7 8 9 10 11 12 13 14 15
# All rights reserved.
#
include("defs.php3");

#
# This page is a generic toggle page, like adminmode.php3, but more
# generalized. There are a set of things you can toggle, and each of
# those items has a permission check and a set (pair) of valid values.
#
# Usage: toggle.php?type=swappable&value=1&pid=foo&eid=bar
# (type & value are required, others are optional and vary by type)
16 17 18 19 20
#
# No PAGEHEADER since we spit out a Location header later. See below.
#
# Only known and logged in users can do this.
#
21 22 23
$this_user = CheckLoginOrDie(CHECKLOGIN_USERSTATUS|CHECKLOGIN_WEBONLY);
$uid       = $this_user->uid();
$isadmin   = ISADMIN();
24 25

# List of valid toggles
26
$toggles = array("adminon", "webfreeze", "cvsweb", "lockdown", "stud",
27 28
		 "cvsrepo_public", "workbench", "hiderun", "widearearoot",
		 "skipvlans");
29 30

# list of valid values for each toggle
31
$values  = array("adminon"        => array(0,1),
32 33
		 "webfreeze"      => array(0,1),
		 "cvsweb"         => array(0,1),
34
		 "stud"           => array(0,1),
35
		 "lockdown"       => array(0,1),
36
		 "skipvlans"      => array(0,1),
37
		 "cvsrepo_public" => array(0,1),
38
		 "workbench"      => array(0,1),
39
		 "widearearoot"   => array(0,1),
40
		 "hiderun"        => array(0,1));
41 42

# list of valid extra variables for the each toggle, and mandatory flag.
43
$optargs = array("adminon"        => array(),
44 45
		 "webfreeze"      => array("user" => 1),
		 "cvsweb"         => array("user" => 1),
46
		 "stud"           => array("user" => 1),
47
		 "lockdown"       => array("pid" => 1, "eid" => 1),
48
		 "skipvlans"      => array("pid" => 1, "eid" => 1),
49
		 "cvsrepo_public" => array("pid" => 1),
50
		 "workbench"      => array("pid" => 1),
51
		 "widearearoot"   => array("user" => 1),
52
		 "hiderun"        => array("instance" => 1, "runidx" => 1));
53 54

# Mandatory page arguments.
55 56
$reqargs = RequiredPageArguments("type",  PAGEARG_STRING,
				 "value", PAGEARG_STRING);
57

58 59
# Where we zap to.
$zapurl = null;
60 61

if (! in_array($type, $toggles)) {
62
    PAGEARGERROR("There is no toggle for $type!");
63 64
}
if (! in_array($value, $values[$type])) {
65 66 67 68 69 70 71 72 73 74 75 76 77 78
    PAGEARGERROR("The value '$value' is illegal for the $type toggle!");
}

# Check optional args and bind locally.
while (list ($arg, $required) = each ($optargs[$type])) {
    if (!isset($_GET[$arg])) {
	if ($required)
	    PAGEARGERROR("Toggle '$type' requires argument '$arg'");
	else
	    unset($$arg);
    }
    else {
	$$arg = addslashes($_GET[$arg]);
    }
79 80 81 82 83
}

#
# Permissions checks, and do the toggle...
#
84
if ($type == "adminon") {
85
    # must be admin
86
    # Do not check if they are admin mode (ISADMIN), check if they
87 88
    # have the power to change to admin mode!
    if (! ($CHECKLOGIN_STATUS & CHECKLOGIN_ISADMIN) ) {
89 90
	USERERROR("You do not have permission to toggle $type!", 1);
    }
91
    SETADMINMODE($value);
92
}
93 94
elseif ($type == "webfreeze") {
    # must be admin
95
    if (! $isadmin) {
96 97
	USERERROR("You do not have permission to toggle $type!", 1);
    }
98 99
    if (! ($target_user = User::Lookup($user))) {
	PAGEARGERROR("Target user '$user' is not a valid user!");
100
    }
101
    $zapurl = CreateURL("showuser", $target_user);
102
    $target_user->SetWebFreeze($value);
103
}
104 105 106 107 108
elseif ($type == "cvsweb") {
    # must be admin
    if (! $isadmin) {
	USERERROR("You do not have permission to toggle $type!", 1);
    }
109 110
    if (! ($target_user = User::Lookup($user))) {
	PAGEARGERROR("Target user '$user' is not a valid user!");
111
    }
112
    $zapurl = CreateURL("showuser", $target_user);
113
    $target_user->SetCVSWeb($value);
114
}
115 116 117 118 119 120 121 122 123 124 125
elseif ($type == "stud") {
    # must be admin
    if (! $isadmin) {
	USERERROR("You do not have permission to toggle $type!", 1);
    }
    if (! ($target_user = User::Lookup($user))) {
	PAGEARGERROR("Target user '$user' is not a valid user!");
    }
    $zapurl = CreateURL("showuser", $target_user);
    $target_user->SetStudly($value);
}
126 127 128 129 130 131 132 133 134 135 136
elseif ($type == "widearearoot") {
    # must be admin
    if (! $isadmin) {
	USERERROR("You do not have permission to toggle $type!", 1);
    }
    if (! ($target_user = User::Lookup($user))) {
	PAGEARGERROR("Target user '$user' is not a valid user!");
    }
    $zapurl = CreateURL("showuser", $target_user);
    $target_user->SetWideAreaRoot($value);
}
137 138 139 140 141
elseif ($type == "lockdown") {
    # must be admin
    if (! $isadmin) {
	USERERROR("You do not have permission to toggle $type!", 1);
    }
142
    if (! ($experiment = Experiment::LookupByPidEid($pid, $eid))) {
143 144
	PAGEARGERROR("Experiment $pid/$eid is not a valid experiment!");
    }
145 146
    $zapurl = CreateURL("showexp", $experiment);
    $experiment->SetLockDown($value);
147
}
148 149 150 151 152 153 154 155 156 157 158
elseif ($type == "skipvlans") {
    # must be admin
    if (! $isadmin) {
	USERERROR("You do not have permission to toggle $type!", 1);
    }
    if (! ($experiment = Experiment::LookupByPidEid($pid, $eid))) {
	PAGEARGERROR("Experiment $pid/$eid is not a valid experiment!");
    }
    $zapurl = CreateURL("showexp", $experiment);
    $experiment->SetSkipVlans($value);
}
159 160 161 162 163
elseif ($type == "cvsrepo_public") {
    # Must validate the pid since we allow non-admins to do this.
    if (! TBvalid_pid($pid)) {
	PAGEARGERROR("Invalid characters in $pid");
    }
164
    if (! ($project = Project::Lookup($pid))) {
165 166 167 168 169 170 171
	PAGEARGERROR("Project $pid is not a valid project!");
    }
    # Must be admin or project/group root.
    if (!$isadmin &&
	! TBMinTrust(TBGrpTrust($uid, $pid, $pid), $TBDB_TRUST_GROUPROOT)) {
	USERERROR("You do not have permission to toggle $type!", 1);
    }
172 173
    $zapurl = CreateURL("showproject", $project);
    $project->SetCVSRepoPublic($value);
174 175
    SUEXEC($uid, $pid, "webcvsrepo_ctrl $pid", SUEXEC_ACTION_DIE);
}
176 177 178 179 180 181 182 183 184 185 186 187 188 189 190
elseif ($type == "workbench") {
    # Must validate the pid since we allow non-admins to do this.
    if (! TBvalid_pid($pid)) {
	PAGEARGERROR("Invalid characters in $pid");
    }
    if (! ($project = Project::Lookup($pid))) {
	PAGEARGERROR("Project $pid is not a valid project!");
    }
    # Must be admin
    if (!$isadmin) {
	USERERROR("You do not have permission to toggle $type!", 1);
    }
    $zapurl = CreateURL("showproject", $project);
    $project->SetAllowWorkbench($value);
}
191 192 193 194 195 196 197 198 199
elseif ($type == "hiderun") {
    RequiredPageArguments("instance",  PAGEARG_INSTANCE,
			  "runidx",    PAGEARG_INTEGER);

    if (! $instance->AccessCheck($this_user, $TB_EXPT_MODIFY)) {
	USERERROR("You do not have permission to modify this instance", 1);
    }
    $instance->SetRunHidden($runidx, $value);
}
200
else {
201 202 203 204 205 206
    USERERROR("Nobody has permission to toggle $type!", 1);
}
    
#
# Spit out a redirect 
#
207
if (isset($HTTP_REFERER) && $HTTP_REFERER != "" &&
208
    strpos($HTTP_REFERER,$_SERVER["SCRIPT_NAME"])===false) {
209
    # Make sure the referer is not me!
210 211
    header("Location: $HTTP_REFERER");
}
212 213 214
elseif ($zapurl) {
    header("Location: $zapurl");
}
215
else {
216
    header("Location: $TBBASE/showuser.php3");
217 218 219
}

?>