libdb.pm.in 26.3 KB
Newer Older
1
2
#!/usr/bin/perl -w

3
#
4
5
# A library of useful DB stuff. Mostly things that get done a lot.
# Saves typing.
6
7
8
9
10
#
# XXX: The notion of "uid" is a tad confused. A unix uid is a number,
#      while in the DB a user uid is a string (equiv to unix login).
#      Needs to be cleaned up.
#
11

12
13
14
15
package libdb;
use Exporter;
@ISA = "Exporter";
@EXPORT =
16
17
18
    qw ( NODERELOADING_PID NODERELOADING_EID NODEDEAD_PID NODEDEAD_EID
	 NODEBOOTSTATUS_OKAY NODEBOOTSTATUS_FAILED NODEBOOTSTATUS_UNKNOWN
	 NODESTARTSTATUS_NOSTATUS PROJMEMBERTRUST_NONE PROJMEMBERTRUST_USER
Leigh B. Stoller's avatar
Leigh B. Stoller committed
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
	 PROJMEMBERTRUST_ROOT PROJMEMBERTRUST_GROUPROOT
	 PROJMEMBERTRUST_PROJROOT

	 TBTrustConvert TBMinTrust TBGrpTrust TBProjTrust

	 TB_NODEACCESS_READINFO TB_NODEACCESS_MODIFYINFO
	 TB_NODEACCESS_LOADIMAGE TB_NODEACCESS_REBOOT
	 TB_NODEACCESS_POWERCYCLE TB_NODEACCESS_MIN TB_NODEACCESS_MAX

	 TB_USERINFO_READINFO TB_USERINFO_MODIFYINFO
	 TB_USERINFO_MIN TB_USERINFO_MAX

	 TB_EXPT_READINFO TB_EXPT_MODIFY TB_EXPT_DESTROY
	 TB_EXPT_MIN TB_EXPT_MAX

	 TB_PROJECT_READINFO TB_PROJECT_MAKEGROUP
	 TB_PROJECT_EDITGROUP TB_PROJECT_DELGROUP
	 TB_PROJECT_LEADGROUP TB_PROJECT_ADDUSER
	 TB_PROJECT_DELUSER TB_PROJECT_MAKEOSID
	 TB_PROJECT_DELOSID TB_PROJECT_MAKEIMAGEID TB_PROJECT_DELIMAGEID
	 TB_PROJECT_CREATEEXPT TB_PROJECT_MIN TB_PROJECT_MAX

	 TB_OSID_READINFO TB_OSID_CREATE
	 TB_OSID_DESTROY TB_OSID_MIN TB_OSID_MAX

	 TB_IMAGEID_READINFO TB_IMAGEID_MODIFYINFO
	 TB_IMAGEID_CREATE TB_IMAGEID_DESTROY
	 TB_IMAGEID_ACCESS TB_IMAGEID_MIN TB_IMAGEID_MAX
	 
	 DBLIMIT_NSFILESIZE NODERELOADPENDING_EID
49

50
51
52
53
	 EXPTSTATE_NEW EXPTSTATE_PRERUN EXPTSTATE_SWAPPED EXPTSTATE_SWAPPING
	 EXPTSTATE_ACTIVATING EXPTSTATE_ACTIVE EXPTSTATE_TESTING
	 EXPTSTATE_TERMINATING EXPTSTATE_TERMINATED

Leigh B. Stoller's avatar
Leigh B. Stoller committed
54
55
56
57
58
	 BATCHSTATE_POSTED BATCHSTATE_RUNNING BATCHSTATE_TERMINATED
	 TBBatchState TBSetBatchState

	 TBAdmin TBProjAccessCheck TBNodeAccessCheck TBOSIDAccessCheck
	 TBImageIDAccessCheck TBExptAccessCheck ExpLeader MarkNodeDown
59
	 SetNodeBootStatus OSFeatureSupported IsShelved NodeidToExp
60
	 UserDBInfo DBQuery DBQueryFatal DBQueryWarn DBWarn DBFatal
61
	 DBQuoteSpecial UNIX2DBUID ExpState SetExpState ProjLeader
Leigh B. Stoller's avatar
Leigh B. Stoller committed
62
	 ExpNodes DBDateTime DefaultImageID GroupLeader TBGroupUnixInfo
63
	 );
64

65
66
# Must come after package declaration!
use English;
67
use POSIX qw(strftime);
68
69
require Mysql;

70
71
72
# Configure variables
my $TB		= "@prefix@";
my $DBNAME	= "@TBDBNAME@";
73
my $TBOPS       = "@TBOPSEMAIL@";
74
75

#
76
77
# Set up for querying the database. Note that fork causes a reconnect
# to the DB in the child. 
78
79
80
# 
my $DB = Mysql->connect("localhost", $DBNAME, "script", "none");

81
82
83
84
85
#
# Record last DB error string.
#
my $DBErrorString = "";

86
87
88
89
90
#
# Define exported "constants". Basically, these are just perl subroutines
# that look like constants cause you do not need to call a perl subroutine
# with parens. That is, FOO and FOO() are the same thing.
#
91
sub NODERELOADING_PID()		{ "emulab-ops"; }
92
sub NODERELOADING_EID()		{ "reloading"; }
93
sub NODERELOADPENDING_EID()	{ "reloadpending"; }
94
95
96
97
98
99
100
101
sub NODEDEAD_PID()		{ "emulab-ops"; }
sub NODEDEAD_EID()		{ "hwdown"; }

sub NODEBOOTSTATUS_OKAY()	{ "okay" ; }
sub NODEBOOTSTATUS_FAILED()	{ "failed"; }
sub NODEBOOTSTATUS_UNKNOWN()	{ "unknown"; }
sub NODESTARTSTATUS_NOSTATUS()	{ "none"; }

102
103
104
105
106
107
108
109
110
111
sub EXPTSTATE_NEW()		{ "new"; }
sub EXPTSTATE_PRERUN()		{ "prerunning"; }
sub EXPTSTATE_SWAPPED()		{ "swapped"; }
sub EXPTSTATE_SWAPPING()	{ "swapping"; }
sub EXPTSTATE_ACTIVATING()	{ "activating"; }
sub EXPTSTATE_ACTIVE()		{ "active"; }
sub EXPTSTATE_TESTING()		{ "testing"; }
sub EXPTSTATE_TERMINATING()	{ "terminating"; }
sub EXPTSTATE_TERMINATED()	{ "ended"; }

Leigh B. Stoller's avatar
Leigh B. Stoller committed
112
113
114
115
116
sub BATCHSTATE_POSTED()		{ "posted"; }
sub BATCHSTATE_ACTIVATING()	{ "activating"; }
sub BATCHSTATE_RUNNING()	{ "active"; }
sub BATCHSTATE_TERMINATING()	{ "terminating"; }

117
118
119
120
121
122
#
# We want valid project membership to be non-zero for easy membership
# testing. Specific trust levels are encoded thusly.
# 
sub PROJMEMBERTRUST_NONE()	{ 0; }
sub PROJMEMBERTRUST_USER()	{ 1; }
123
sub PROJMEMBERTRUST_ROOT()	{ 2; }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
sub PROJMEMBERTRUST_LOCALROOT()	{ 2; }
sub PROJMEMBERTRUST_GROUPROOT()	{ 3; }
sub PROJMEMBERTRUST_PROJROOT()	{ 4; }
sub PROJMEMBERTRUST_ADMIN()	{ 5; }

#
# Access types. Duplicated in the web interface. Make changes there too!
# 
# Things you can do to a node.
sub TB_NODEACCESS_READINFO()	{ 1; }
sub TB_NODEACCESS_MODIFYINFO()	{ 2; }
sub TB_NODEACCESS_LOADIMAGE()	{ 3; }
sub TB_NODEACCESS_REBOOT()	{ 4; }
sub TB_NODEACCESS_POWERCYCLE()	{ 5; }
sub TB_NODEACCESS_MIN()		{ TB_NODEACCESS_READINFO; }
sub TB_NODEACCESS_MAX()		{ TB_NODEACCESS_POWERCYCLE; }

# User Info (modinfo web page, etc).
sub TB_USERINFO_READINFO()	{ 1; }
sub TB_USERINFO_MODIFYINFO()	{ 2; }
sub TB_USERINFO_MIN()		{ TB_USERINFO_READINFO; }
sub TB_USERINFO_MAX()		{ TB_USERINFO_MODIFYINFO; }

# Experiments (also batch experiments).
sub TB_EXPT_READINFO()		{ 1; }
sub TB_EXPT_MODIFY()		{ 2; }
sub TB_EXPT_DESTROY()		{ 3; }
sub TB_EXPT_MIN()		{ TB_EXPT_READINFO; }
sub TB_EXPT_MAX()		{ TB_EXPT_DESTROY; }

# Projects.
sub TB_PROJECT_READINFO()	{ 1; }
sub TB_PROJECT_MAKEGROUP()	{ 2; }
sub TB_PROJECT_EDITGROUP()	{ 3; }
sub TB_PROJECT_DELGROUP()	{ 4; }
sub TB_PROJECT_LEADGROUP()	{ 5; }
sub TB_PROJECT_ADDUSER()	{ 6; }
sub TB_PROJECT_DELUSER()	{ 7; }
sub TB_PROJECT_MAKEOSID		{ 8; }
sub TB_PROJECT_DELOSID		{ 9; }
sub TB_PROJECT_MAKEIMAGEID	{ 10; }
sub TB_PROJECT_DELIMAGEID	{ 11; }
sub TB_PROJECT_CREATEEXPT	{ 12; }
sub TB_PROJECT_MIN()		{ TB_PROJECT_READINFO; }
sub TB_PROJECT_MAX()		{ TB_PROJECT_CREATEEXPT; }

# OSIDs 
sub TB_OSID_READINFO()		{ 1; }
sub TB_OSID_CREATE()		{ 2; }
sub TB_OSID_DESTROY()		{ 3; }
sub TB_OSID_MIN()		{ TB_OSID_READINFO; }
sub TB_OSID_MAX()		{ TB_OSID_DESTROY; }

# ImageIDs
sub TB_IMAGEID_READINFO()	{ 1; }
sub TB_IMAGEID_MODIFYINFO()	{ 2; }
sub TB_IMAGEID_CREATE()		{ 3; }
sub TB_IMAGEID_DESTROY()	{ 4; }
sub TB_IMAGEID_ACCESS()		{ 5; }
sub TB_IMAGEID_MIN()		{ TB_IMAGEID_READINFO; }
sub TB_IMAGEID_MAX()		{ TB_IMAGEID_ACCESS; }
185

186
187
188
189
190
#
# We should list all of the DB limits.
#
sub DBLIMIT_NSFILESIZE()	{ (1024 * 16); }

Leigh B. Stoller's avatar
Leigh B. Stoller committed
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
#
# Auth stuff.
#

#
# Convert a trust string to the above numeric values.
#
sub TBTrustConvert($)
{
    my($trust_string) = @_;
    my $trust_value = 0;

    #
    # Convert string to value. Perhaps the DB should have done it this way?
    # 
    if ($trust_string eq "none") {
	$trust_value = PROJMEMBERTRUST_NONE;
    }
    elsif ($trust_string eq "user") {
	$trust_value = PROJMEMBERTRUST_USER;
    }
    elsif ($trust_string eq "local_root") {
	$trust_value = PROJMEMBERTRUST_LOCALROOT;
    }
    elsif ($trust_string eq "group_root") {
	$trust_value = PROJMEMBERTRUST_GROUPROOT;
    }
    elsif ($trust_string eq "project_root") {
	$trust_value = PROJMEMBERTRUST_PROJROOT;
    }
    elsif ($trust_string eq "admin") {
	$trust_value = PROJMEMBERTRUST_ADMIN;
    }
    else {
	    die("*** Invalid trust value $trust_string!");
    }

    return $trust_value;
}

#
# Return true if the given trust string is >= to the minimum required.
# The trust value can be either numeric or a string; if a string its
# first converted to the numeric equiv.
#
sub TBMinTrust($$)
{
    my ($trust_value, $minimum) = @_;

    if ($minimum < PROJMEMBERTRUST_NONE ||
	$minimum > PROJMEMBERTRUST_ADMIN) {
	    die("*** Invalid minimum trust $minimum!");
    }

    #
    # Sleazy? How do you do a typeof in perl?
    #
    if (length($trust_value) != 1) {
	$trust_value = TBTrustConvert($trust_value);
    }
    
    return $trust_value >= $minimum;
}

#
# Determine the trust level for a uid/pid/gid. That is, each uid will have
# a different trust level depending on the project/group in question.
# Return that trust level as one of the numeric values above. 
# 
# usage: TBGrpTrust($dbuid, $pid, $gid)
#        returns numeric trust value if a group member.
#        returns PROJMEMBERTRUST_NONE if not a group member.
# 
sub TBGrpTrust($$$)
{
    my ($uid, $pid, $gid) = @_;

    #
    # No group, then use the default group.
    #
    if (! $gid) {
	$gid = $pid;
    }

    my $query_result =
	DBQueryFatal("select trust from group_membership ".
		     "where uid='$uid' and pid='$pid' and gid='$gid'");

    #
    # No membership is the same as no trust. True? Maybe an error instead?
    #
    if ($query_result->numrows == 0) {
	return PROJMEMBERTRUST_NONE;
    }

    my @row = $query_result->fetchrow_array();
    $trust_string = $row[0];

    return TBTrustConvert($trust_string);
}

#
# Determine the project trust level for a uid/pid. This is the trust level
# for the default group in the project.
#
# usage: TBProjTrust($dbuid, $pid)
#        returns numeric trust value if a project member.
#        returns PROJMEMBERTRUST_NONE if not a project member.
# 
sub TBProjTrust($$)
{
    my ($uid, $pid) = @_;
    
    return TBGrpTrust($uid, $pid, $pid);
}

307
#
308
309
# Test admin status. Optional argument is the UID or Name to test. If not
# provided, then test the current UID.
310
#
311
312
313
# XXX Argument is *either* a numeric UID, or a string name.
#
# usage: TBAdmin([int or char* uid]);
314
315
316
317
318
319
#        returns 1 if an admin type.
#        returns 0 if a mere user.
# 
sub TBAdmin(;$)
{
    my($uid) = @_;
320
    my($name);
321
322
323
324
325

    if (!defined($uid)) {
	$uid = $UID;
    }

326
327
328
329
330
331
332
333
334
335
    #
    # Test if numeric. Map to name if it is.
    # 
    if ($uid =~ /^[0-9]+$/) {
	($name) = getpwuid($uid)
	    or die "$uid not in passwd file\n";
    }
    else {
	$name = $uid;
    }
336
337

    my $query_result =
338
	DBQueryFatal("select admin from users where uid='$name'");
339
340
341
342
343
344
345
346
347

    my @row = $query_result->fetchrow_array();
    if ($row[0] == 1) {
	return 1;
    }
    return 0;
}

#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
348
349
# Project permission checks. The group id (gid) can be undef, in which case
# the pid is used (ie: a default group check is made).
350
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
351
352
353
354
355
# Usage: TBProjAccessCheck($uid, $pid, $gid, $access_type)
#	 returns 0 if not allowed.
#        returns 1 if allowed.
# 
sub TBProjAccessCheck($$$$)
356
{
Leigh B. Stoller's avatar
Leigh B. Stoller committed
357
358
    my ($uid, $pid, $gid, $access_type) = @_;
    my $mintrust;
359

Leigh B. Stoller's avatar
Leigh B. Stoller committed
360
361
362
    if ($access_type < TB_PROJECT_MIN ||
	$access_type > TB_PROJECT_MAX) {
	die("*** Invalid access type: $access_type!");
363
364
    }

Leigh B. Stoller's avatar
Leigh B. Stoller committed
365
366
367
368
369
    #
    # Admins do whatever they want!
    # 
    if (TBAdmin($uid)) {
	return 1;
370
    }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
371
372
373
374
375
376
377
    $uid = MapNumericUID($uid);

    #
    # No group, then use the default group.
    #
    if (! defined($gid)) {
	$gid = $pid;
378
379
    }

Leigh B. Stoller's avatar
Leigh B. Stoller committed
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
    if ($access_type == TB_PROJECT_READINFO) {
	$mintrust = PROJMEMBERTRUST_USER;
    }
    elsif ($access_type == TB_PROJECT_CREATEEXPT) {
	$mintrust = PROJMEMBERTRUST_LOCALROOT;
    }
    else {
	die("*** Unexpected access type: $access_type!");
    }

    return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust);
}

#
# Experiment permission checks.
#
# Usage: TBExptAccessCheck($uid, $pid, $eid, $access_type)
#	 returns 0 if not allowed.
#        returns 1 if allowed.
# 
sub TBExptAccessCheck($$$$)
{
    my ($uid, $pid, $eid, $access_type) = @_;
    my $mintrust;

    if ($access_type < TB_EXPT_MIN ||
	$access_type > TB_EXPT_MAX) {
	die("*** Invalid access type: $access_type!");
408
409
410
    }

    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
411
412
413
    # Admins do whatever they want!
    # 
    if (TBAdmin($uid)) {
414
415
	return 1;
    }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
416
    $uid = MapNumericUID($uid);
417

Leigh B. Stoller's avatar
Leigh B. Stoller committed
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
    my $query_result =
	DBQueryFatal("SELECT gid FROM experiments WHERE ".
		     "eid='$eid' and pid='$pid'");
    
    if ($query_result->numrows == 0) {
	return 0;
    }
    my @row = $query_result->fetchrow_array();
    my $gid = $row[0];

    if ($access_type == TB_EXPT_READINFO) {
	$mintrust = PROJMEMBERTRUST_USER;
    }
    else {
	$mintrust = PROJMEMBERTRUST_LOCALROOT;
    }

    return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust);
}

#
# Determine if uid can access a node or list of nodes.
#
# Usage: TBNodeAccessCheck($uid, $access_type, $node_id, ...)
#	 returns 0 if not allowed.
#        returns 1 if allowed.
# 
sub TBNodeAccessCheck($$@)
{
    my ($uid, $access_type) = (shift, shift);
    my @nodelist = @_;
    my $mintrust;

    if ($access_type < TB_NODEACCESS_MIN ||
	$access_type > TB_NODEACCESS_MAX) {
	die("*** Invalid access type: $access_type!");
    }
455
456

    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
    # Admins do whatever they want!
    # 
    if (TBAdmin($uid)) {
	return 1;
    }
    $uid = MapNumericUID($uid);
 
    if ($access_type == TB_NODEACCESS_READINFO) {
	$mintrust = PROJMEMBERTRUST_USER;
    }
    else {
	$mintrust = PROJMEMBERTRUST_LOCALROOT;
    }

    foreach my $node (@nodelist) {
472
	my $query_result =
Leigh B. Stoller's avatar
Leigh B. Stoller committed
473
474
475
476
477
478
	    DBQueryFatal("select trust from reserved as n ".
			 "left join experiments as e on ".
			 "     e.pid=n.pid and e.eid=n.eid ".
			 "left join group_membership as g on ".
			 "     g.pid=e.pid and g.gid=e.gid ".
			 "where g.uid='$uid' and n.node_id='$node'");
479

480
	if ($query_result->numrows == 0) {
481
482
	    return 0;
	}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
483
484
485
486
487
	my @row = $query_result->fetchrow_array();

	if (! TBMinTrust($row[0], $mintrust)) {
	    return 0;
	}
488
489
490
491
492
    }
    return 1;
}

#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
493
# Access checks for an OSID. Tests for tbadmin.
494
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
495
496
497
# Usage: TBOSIDAccessCheck($uid, $osid, $access_type)
#	 returns 0 if not allowed.
#        returns 1 if allowed.
498
# 
Leigh B. Stoller's avatar
Leigh B. Stoller committed
499
sub TBOSIDAccessCheck($$$)
500
{
Leigh B. Stoller's avatar
Leigh B. Stoller committed
501
502
    my ($uid, $osid, $access_type) = @_;
    my $mintrust;
503

Leigh B. Stoller's avatar
Leigh B. Stoller committed
504
505
    if ($access_type < TB_OSID_MIN || $access_type > TB_OSID_MAX) {
	die("*** Invalid access type $access_type!");
506
507
    }

Leigh B. Stoller's avatar
Leigh B. Stoller committed
508
509
510
511
512
513
514
    #
    # Admins do whatever they want!
    # 
    if (TBAdmin($uid)) {
	return 1;
    }
    $uid = MapNumericUID($uid);
515

Leigh B. Stoller's avatar
Leigh B. Stoller committed
516
517
518
519
520
521
    #
    # No GIDs yet.
    #
    my $query_result =
	DBQueryFatal("SELECT pid FROM os_info WHERE osid='$osid'");
    
522
    if ($query_result->numrows == 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
523
	return 0;
524
    }
525
    my @row = $query_result->fetchrow_array();
Leigh B. Stoller's avatar
Leigh B. Stoller committed
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
    my $pid = $row[0];

    #
    # Global OSIDs can be read by anyone.
    # 
    if (!$pid) {
	if ($access_type == TB_OSID_READINFO) {
	    return 1;
	}
	return 0;
    }
    
    #
    # Otherwise must have proper trust in the project.
    # 
    if ($access_type == TB_OSID_READINFO) {
	$mintrust = PROJMEMBERTRUST_USER;
    }
    else {
	$mintrust = PROJMEMBERTRUST_LOCALROOT;
    }

    return TBMinTrust(TBProjTrust($uid, $pid), $mintrust);
}

#
# Access checks for an ImageID
#
# Usage: TBImageIDAccessCheck($uid, $imageid, $access_type)
#	 returns 0 if not allowed.
#        returns 1 if allowed.
# 
sub TBImageIDAccessCheck($$$)
{
    my ($uid, $imageid, $access_type) = @_;
    my $mintrust;

    if ($access_type < TB_IMAGEID_MIN || $access_type > TB_IMAGEID_MAX) {
	die("*** Invalid access type $access_type!");
565
    }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
566
567
568
569
570
571

    #
    # Admins do whatever they want!
    # 
    if (TBAdmin($uid)) {
	return 1;
572
    }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
573
574
575
576
577
578
579
580
581
582
    $uid = MapNumericUID($uid);

    #
    # No GIDs yet.
    #
    my $query_result =
	DBQueryFatal("SELECT pid FROM images WHERE imageid='$imageid'");
    
    if ($query_result->numrows == 0) {
	return 0;
583
    }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
584
585
586
    my @row = $query_result->fetchrow_array();
    my $pid = $row[0];

587
    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
588
589
590
591
592
593
594
595
596
    # Global ImageIDs can be read by anyone.
    # 
    if (!$pid) {
	if ($access_type == TB_IMAGEID_READINFO) {
	    return 1;
	}
	return 0;
    }

597
    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
598
599
600
601
602
603
604
605
606
607
    # Otherwise must have proper trust in the project.
    # 
    if ($access_type == TB_IMAGEID_READINFO) {
	$mintrust = PROJMEMBERTRUST_USER;
    }
    else {
	$mintrust = PROJMEMBERTRUST_LOCALROOT;
    }

    return TBMinTrust(TBProjTrust($uid, $pid), $mintrust);
608
609
}

610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
#
# Return Project leader. First argument pid.
#
# usage: ProjLeader(char *pid)
#        returns char *leader if a valid pid.
#        returns 0 if an invalid pid.
# 
sub ProjLeader($)
{
    my($pid) = @_;

    my $query_result =
	DBQueryFatal("select head_uid from projects where pid='$pid'");

    if ($query_result->numrows == 0) {
	return 0;
    }

    my @row = $query_result->fetchrow_array();
    return $row[0];
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
#
# Return Group leader. 
#
# usage: GroupLeader(char *pid, char *gid)
#        returns char *leader if a valid pid.
#        returns 0 if an invalid pid.
# 
sub GroupLeader($$)
{
    my($pid, $gid) = @_;

    my $query_result =
	DBQueryFatal("select leader from groups where ".
		     "pid='$pid' and gid='$gid'");

    if ($query_result->numrows == 0) {
	return 0;
    }

    my @row = $query_result->fetchrow_array();
    return $row[0];
}

655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
#
# Return Experiment leader. First argument pid. Second argument is eid.
#
# usage: ExpLeader(char *pid, char *eid)
#        returns char *leader if a valid pid/eid.
#        returns 0 if an invalid pid/eid.
# 
sub ExpLeader($$)
{
    my($pid, $eid) = @_;

    my $query_result =
	DBQueryFatal("select expt_head_uid from experiments ".
		     "where eid='$eid' and pid='$pid'");

    if ($query_result->numrows == 0) {
	return 0;
    }

    my @row = $query_result->fetchrow_array();
    return $row[0];
}

678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
#
# Return Experiment state.
#
# usage: ExpState(char *pid, char *eid)
#        returns state if a valid pid/eid.
#        returns 0 if an invalid pid/eid or if an error.
# 
sub ExpState($$)
{
    my($pid, $eid) = @_;

    my $query_result =
	DBQueryWarn("select state from experiments ".
		    "where eid='$eid' and pid='$pid'");

    if (! $query_result ||
	$query_result->numrows == 0) {
	return 0;
    }

    my @row = $query_result->fetchrow_array();
    return $row[0];
}

#
# Set Experiment state.
#
# usage: SetExpState(char *pid, char *eid, char *state)
#        returns 1 if okay.
#        returns 0 if an invalid pid/eid or if an error.
# 
sub SetExpState($$$)
{
    my($pid, $eid, $state) = @_;

    my $query_result =
	DBQueryWarn("update experiments set state='$state' ".
		    "where eid='$eid' and pid='$pid'");

    if (! $query_result ||
	$query_result->numrows == 0) {
	return 0;
    }
    return 1;
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
#
# Return BatchMode state.
#
# usage: TBBatchState(char *pid, char *eid)
#        returns state if a valid pid/eid.
#        returns 0 if an invalid pid/eid or if an error.
# 
sub TBBatchState($$)
{
    my($pid, $eid) = @_;

    my $query_result =
	DBQueryWarn("select batchstate from experiments ".
		    "where eid='$eid' and pid='$pid' and batchmode=1");

    if (! $query_result ||
	$query_result->numrows == 0) {
	return 0;
    }

    my @row = $query_result->fetchrow_array();
    return $row[0];
}

#
# Set BatctMode state.
#
# usage: SetBatchState(char *pid, char *eid, char *state)
#        returns 1 if okay.
#        returns 0 if an invalid pid/eid or if an error.
# 
sub TBSetBatchState($$$)
{
    my($pid, $eid, $state) = @_;

    my $query_result =
	DBQueryWarn("update experiments set batchstate='$state',batchmode=1 ".
		    "where eid='$eid' and pid='$pid'");

    if (! $query_result ||
	$query_result->numrows == 0) {
	return 0;
    }
    return 1;
}

770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
#
# Return a list of all the nodes in an experiment.
#
# usage: ExpNodes(char *pid, char *eid)
#        returns the list if a valid pid/eid.
#        returns 0 if an invalid pid/eid or if an error.
# 
sub ExpNodes($$)
{
    my($pid, $eid) = @_;
    my(@row);
    my(@nodes);

    my $query_result =
	DBQueryWarn("select node_id from reserved where ".
		    "pid='$pid' and eid='$eid'");

    if (! $query_result or
	$query_result->numrows == 0) {
	return ();
    }
    while (@row = $query_result->fetchrow_array()) {
	push(@nodes, $row[0]);
    }
    return @nodes;
}

797
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
798
799
800
# Mark a node as down. We schedule a next reservation for it so that it
# remains in the users experiment through the termination so that there
# are no permission errors (say, from snmpit).
801
802
803
804
805
806
#
# usage: MarkNodeDown(char *nodeid)
#
sub MarkNodeDown($)
{
    my($node) = $_[0];
807
808
    my($pid, $eid);

809
810
    $pid = NODEDEAD_PID;
    $eid = NODEDEAD_EID;
811
812

    my $query_result =
813
814
	DBQueryFatal("replace into next_reserve (node_id, pid, eid) ".
		     "values ('$node', '$pid', '$eid')");    
815
816
817
818
819
820

    if ($query_result->num_rows < 1) {
	DBWarn("WARNING: Could not mark $node down");
    }
}

821
822
823
824
825
826
827
828
829
830
831
832
833
#
# Set the boot status for a node.
#
# usage: SetNodeBootStatus(char *status)
#
sub SetNodeBootStatus($$)
{
    my($node, $bstat) = @_;

    DBQueryFatal("update nodes set bootstatus='$bstat' ".
		 "where node_id='$node'");
}

834
835
836
837
838
839
#
# Check if a particular feature is supported by an OSID. 
#
# usage: OSFeatureSupported(char *osid, char *feature)
#        returns 1 if supported, 0 if not.
#
840
sub OSFeatureSupported($$) {
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
    my($osid, $feature) = @_;

    my $query_result =
	DBQueryFatal("select osfeatures from os_info where osid='$osid'");

    # Invalid OSID?
    if ($query_result->numrows < 1) {
	return 0;
    }
    
    foreach my $osfeature (split(',', $query_result->fetchrow_array())) {
	if ($feature eq $osfeature) {
	    return 1;
	}
    }
    return 0;
}

859
860
861
862
863
864
#
# Ah, what a hack! I'm tired of seeing regexs for sharks scattered around
# the code. Anyway, this checks to see if a node is a shelf, and fills
# in the shelf/node, return 1 if it is. The shelf/node arguments are
# optional, if all you want to do is see if its a shelf type thing.
#
865
# usage: IsShelved(char *nodeid, [\$shelf], [\$node])
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
#        returns 1 if the node is a shelf type thing. Optionally fills in info.
#        returns 0 if the node is just a normal kind of node.
#
sub IsShelved ($;$$) {
    my($nodeid, $shelf, $node) = @_;

    if ($nodeid =~ /sh(\d+)-(\d+)/) {
	if (defined($shelf)) {
	    $$shelf = $1;
	}
	if (defined($node)) {
	    $$node = $2;
	}
	return 1;
    }
    return 0;
}

884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
#
# Map nodeid to its pid/eid.
#
# usage: NodeToExp(char *nodeid, \$pid, \$eid)
#        returns 1 if the node is reserved.
#        returns 0 if the node is not reserved.
#
sub NodeidToExp ($$$) {
    my($nodeid, $pid, $eid) = @_;

    my $query_result =
	DBQueryFatal("select pid,eid from reserved where node_id='$nodeid'");

    if ($query_result->num_rows < 1) {
	return 0;
    }
    
    my @row = $query_result->fetchrow_array();
    $$pid = $row[0];
    $$eid = $row[1];
    return 1;
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
#
# Get the default ImageID for a particular node, from the node_types table.
#
# usage: DefaultImageID(char *nodeid)
#        returns imageid if the node is valid and has a default imageid.
#        returns 0 if there are problems.
#
sub DefaultImageID ($) {
    my($nodeid) = @_;

    my $query_result =
	DBQueryFatal("select imageid from node_types as t ".
		     "left join nodes as n on t.type=n.type ".
		     "where n.node_id='$nodeid'");

    if (! $query_result->num_rows) {
	return 0;
    }
    
    my @row = $query_result->fetchrow_array();
    return $row[0];
}

930
#
931
# Map login (db uid) to a user_name and user_email.
932
#
933
# usage: UserDBInfo(char *dbuid, \$name, \$email)
934
935
936
#        returns 1 if the UID is okay.
#        returns 0 if the UID is bogus.
#
937
938
sub UserDBInfo ($$$) {
    my($dbuid, $username, $useremail) = @_;
939

940
941
942
943
944
945
946
947
948
949
950
951
952
953
    my $query_result =
	DBQueryFatal("select usr_name,usr_email from users ".
		     "where uid='$dbuid'");

    if ($query_result->num_rows < 1) {
	return 0;
    }

    my @row = $query_result->fetchrow_array();
    $$username  = $row[0];
    $$useremail = $row[1];
    return 1;
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
#
# Map pid,gid to its unix_gid and unix_name.
#
# usage: TBGroupUnixInfo(char $pid, char *gid, \$unix_gid, \$unix_name)
#        returns 1 if okay.
#        returns 0 if bogus.
#
sub TBGroupUnixInfo ($$$$) {
    my($pid, $gid, $unix_gid, $unix_name) = @_;

    my $query_result =
	DBQueryFatal("select unix_gid,unix_name from groups ".
		     "where pid='$pid' and gid='$gid'");

    if ($query_result->num_rows < 1) {
	return 0;
    }

    my @row = $query_result->fetchrow_array();
    $$unix_gid  = $row[0];
    $$unix_name = $row[1];
    return 1;
}

978
979
980
981
982
983
984
985
986
987
988
989
#
# Map UID to DB UID (login). Does a DB check to make sure user is known to
# the DB (user obviously has a regular account), and that account will
# always match what the DB says. Redundant, I know. But consider it a
# sanity (or consistency) check. 
#
# usage: UNIX2DBUID(int uid, \$login)
#        returns 1 if the UID is okay.
#        returns 0 if the UID is bogus.
#
sub UNIX2DBUID ($$) {
    my($unix_uid, $userlogin) = @_;
990
991

    my $query_result =
992
	DBQueryFatal("select uid from users where unix_uid='$unix_uid'");
993
994
995
996
997

    if ($query_result->num_rows < 1) {
	return 0;
    }
    my @row = $query_result->fetchrow_array();
Leigh B. Stoller's avatar
Leigh B. Stoller committed
998
999
1000
1001
1002
1003
1004
1005
1006

    my ($pwname) = getpwuid($unix_uid) or
	die("*** $unix_uid is not in the password file!");

    if ($row[0] ne $pwname) {
	warn("*** WARNING: $pwname does not match $row[0]\n");
	return 0;
    }

1007
1008
1009
1010
    $$userlogin = $row[0];
    return 1;
}

1011
1012
1013
#
# Issue a DB query. Argument is a string. Returns the actual query object, so
# it is up to the caller to test it. I would not for one moment view this
1014
1015
# as encapsulation of the DB interface. I'm just tired of typing the same
# silly stuff over and over. 
1016
1017
1018
1019
# 
# usage: DBQuery(char *str)
#        returns the query object result.
#
1020
1021
1022
1023
# Sets $DBErrorString is case of error; saving the original query string and
# the error string from the DB module. Use DBFatal (below) to print/email
# that string, and then exit.
#
1024
1025
1026
1027
1028
1029
1030
1031
sub DBQuery($)
{
    my($query) = $_[0];
    my($result);

    $result = $DB->query($query);

    if (! $result) {
1032
1033
	$DBErrorString =
	    "  Query: $query\n".
1034
	    "  Error: " . $DB->errstr;
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
    }
    return $result;
}

#
# Same as above, but die on error. 
# 
sub DBQueryFatal($)
{
    my($query) = $_[0];
    my($result);

    $result = DBQuery($query);

    if (! $result) {
1050
	DBFatal("DB Query failed");
1051
1052
1053
1054
    }
    return $result;
}

1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
#
# Same as above, but just send email on error. This info is useful
# to the TB system, but the caller has to retain control.
# 
sub DBQueryWarn($)
{
    my($query) = $_[0];
    my($result);

    $result = DBQuery($query);

    if (! $result) {
	DBWarn("DB Query failed");
    }
    return $result;
}

1072
#
1073
# Warn and send email after a failed DB query. First argument is the error
1074
1075
# message to display. The contents of $DBErrorString is also printed.
# 
1076
# usage: DBWarn(char *message)
1077
#
1078
sub DBWarn($)
1079
1080
{
    my($message) = $_[0];
1081
    my($text, $progname);
1082

1083
    #
1084
    # Must taint check $PROGRAM_NAME cause it comes from outside. Silly!
1085
1086
1087
1088
1089
1090
1091
1092
    #
    if ($PROGRAM_NAME =~ /^([-\w.\/]+)$/) {
	$progname = $1;
    }
    else {
	$progname = "Tainted";
    }

1093
1094
    $text = "$message - In $progname\n" .
  	    "$DBErrorString\n";
1095

1096
    print STDERR "*** $text\n";
1097
1098

    system("echo \"$text\" | /usr/bin/mail ".
1099
	   "-s 'TESTBED: DBError - $message' \"$TBOPS\"");
1100
1101
1102
1103
1104
}

#
# Same as above, but die after the warning.
# 
1105
# usage: DBFatal(char *message);
1106
1107
1108
1109
1110
1111
#
sub DBFatal($)
{
    my($message) = $_[0];

    DBWarn($message);
1112

Leigh B. Stoller's avatar
Leigh B. Stoller committed
1113
    die("\n");
1114
1115
}

1116
1117
1118
#
# Quote a string for DB insertion.
#
1119
# usage: char *DBQuoteSpecial(char *string);
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
#
sub DBQuoteSpecial($)
{
    my($string) = $_[0];

    $string = $DB->quote($string);

    return $string;
}

1130
1131
1132
1133
#
# Return a (current) string suitable for DB insertion in datetime slot.
# Of course, you can use this for anything you like!
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1134
# usage: char *DBDateTime(int seconds-to-add);
1135
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1136
sub DBDateTime(;$)
1137
{
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
    my($seconds) = @_;

    if (! defined($seconds)) {
	$seconds = 0;
    }
    
    return strftime("20%y-%m-%d %H:%M:%S", localtime(time() + $seconds));
}

#
# Helper. Test if numeric. Convert to dbuid if numeric.
#
sub MapNumericUID($)
{
    my ($uid) = @_;
    my $name;
    
    if ($uid =~ /^[0-9]+$/) {
	UNIX2DBUID($uid, \$name)
	    or die("*** $uid not a valid Emulab user!\n");
    }
    else {
	$name = $uid;
    }
    return $name;
1163
1164
}

1165
1166
1;