instantiate.php 14.5 KB
Newer Older
Leigh B Stoller's avatar
Leigh B Stoller committed
1 2
<?php
#
3
# Copyright (c) 2000-2014 University of Utah and the Flux Group.
Leigh B Stoller's avatar
Leigh B Stoller committed
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
#
chdir("..");
include("defs.php3");
include_once("osinfo_defs.php");
include_once("geni_defs.php");
28
chdir("apt");
Leigh B Stoller's avatar
Leigh B Stoller committed
29
include("quickvm_sup.php");
30
$page_title = "QuickVM Create";
Leigh B Stoller's avatar
Leigh B Stoller committed
31
$dblink = GetDBLink("sa");
Leigh B Stoller's avatar
Leigh B Stoller committed
32

33 34 35 36 37 38
#
# Get current user but make sure coming in on SSL.
#
RedirectSecure();
$this_user = CheckLogin($check_status);

Leigh B Stoller's avatar
Leigh B Stoller committed
39 40 41
#
# Verify page arguments.
#
42 43 44 45 46 47
$optargs = OptionalPageArguments("create",        PAGEARG_STRING,
				 "profile",       PAGEARG_STRING,
				 "stuffing",      PAGEARG_STRING,
				 "verify",        PAGEARG_STRING,
				 "project",       PAGEARG_PROJECT,
				 "formfields",    PAGEARG_ARRAY,
Leigh B Stoller's avatar
Leigh B Stoller committed
48 49 50 51 52 53 54
				 "ajax_request",  PAGEARG_BOOLEAN,
				 "ajax_method",   PAGEARG_STRING,
				 "ajax_argument", PAGEARG_STRING);

#
# Deal with ajax requests.
#
55 56
# XXX Need permission checks here. 
#
Leigh B Stoller's avatar
Leigh B Stoller committed
57 58
if (isset($ajax_request)) {
    if ($ajax_method == "getprofile") {
59
	$profile_idx = addslashes($ajax_argument);
Leigh B Stoller's avatar
Leigh B Stoller committed
60
	$query_result =
61 62
	    DBQueryWarn("select * from apt_profiles ".
			"where idx='$profile_idx'");
Leigh B Stoller's avatar
Leigh B Stoller committed
63 64

	if (!$query_result || !mysql_num_rows($query_result)) {
65
	    SPITAJAX_ERROR(1, "No such profile $profile_idx!");
Leigh B Stoller's avatar
Leigh B Stoller committed
66 67 68 69 70 71
	    exit();
	}
	$row = mysql_fetch_array($query_result);
	
	SPITAJAX_RESPONSE(array('rspec' => $row['rspec'],
				'name'  => $row['name'],
72
				'idx'   => $row['idx'],
Leigh B Stoller's avatar
Leigh B Stoller committed
73 74 75 76
				'description' => $row['description']));
    }
    exit();
}
Leigh B Stoller's avatar
Leigh B Stoller committed
77

78
$profile_default  = "ThreeVMs";
Leigh B Stoller's avatar
Leigh B Stoller committed
79
$profile_array    = array();
Leigh B Stoller's avatar
Leigh B Stoller committed
80

Leigh B Stoller's avatar
Leigh B Stoller committed
81
$query_result =
82 83 84
    DBQueryFatal("select * from apt_profiles ".
		 "where public=1 " .
		 ($this_user ? "or creator_idx=" . $this_user->uid_idx() : ""));
Leigh B Stoller's avatar
Leigh B Stoller committed
85
while ($row = mysql_fetch_array($query_result)) {
86 87 88 89
    $profile_array[$row["idx"]] = $row["name"];
    if ($row["pid"] == $TBOPSPID && $row["name"] == $profile_default) {
	$profile_default = $row["idx"];
    }
90 91 92 93 94 95 96 97 98 99 100
    if (isset($profile)) {
        # Look for the profile by project/name and switch to index.
	if (isset($project) &&
	    $row["pid"] == $project->pid() &&
	    $row["name"] == $profile) {
	    $profile = $row["idx"];
	}
        # Look for the profile by uuid and switch to index.
	elseif ($profile == $row["uuid"]) {
	    $profile = $row["idx"];
	}
101
    }
Leigh B Stoller's avatar
Leigh B Stoller committed
102
}
Leigh B Stoller's avatar
Leigh B Stoller committed
103

104
function SPITFORM($formfields, $newuser, $errors)
Leigh B Stoller's avatar
Leigh B Stoller committed
105 106
{
    global $TBBASE, $TBMAIL_OPS;
107
    global $profile_array, $this_user;
Leigh B Stoller's avatar
Leigh B Stoller committed
108

109 110 111
    # XSS prevention.
    while (list ($key, $val) = each ($formfields)) {
	$formfields[$key] = CleanString($val);
Leigh B Stoller's avatar
Leigh B Stoller committed
112
    }
113
    # XSS prevention.
Leigh B Stoller's avatar
Leigh B Stoller committed
114
    if ($errors) {
115 116
	while (list ($key, $val) = each ($errors)) {
	    $errors[$key] = CleanString($val);
Leigh B Stoller's avatar
Leigh B Stoller committed
117 118
	}
    }
119 120 121 122 123 124 125 126 127 128 129 130 131 132 133

    $formatter = function($field, $html) use ($errors) {
	$class = "form-group";
	if ($errors && array_key_exists($field, $errors)) {
	    $class .= " has-error";
	}
	echo "<div class='$class'>\n";
	echo "     $html\n";
	if ($errors && array_key_exists($field, $errors)) {
	    echo "<label class='control-label' for='inputError'>" .
		$errors[$field] . "</label>\n";
	}
	echo "</div>\n";
    };

Leigh B Stoller's avatar
Leigh B Stoller committed
134
    SPITHEADER(1);
Leigh B Stoller's avatar
Leigh B Stoller committed
135

136
    echo "<div class='row'>
Leigh B Stoller's avatar
Leigh B Stoller committed
137
          <div class='col-lg-6  col-lg-offset-3
138
                      col-md-6  col-md-offset-3
Leigh B Stoller's avatar
Leigh B Stoller committed
139 140
                      col-sm-8  col-sm-offset-2
                      col-xs-12 col-xs-offset-0'>\n";
141
    echo "<form id='quickvm_form' role='form'
142
            method='post' action='instantiate.php'>\n";
143 144 145 146
    echo "<div class='panel panel-default'>
           <div class='panel-heading'>
              <h3 class='panel-title'>
                 Create an Experiment</h3></div>
147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167
           <div class='panel-body'>\n";
    echo "   <fieldset>\n";

    #
    # Look for non-specific error.
    #
    if ($errors && array_key_exists("error", $errors)) {
	echo "<font color=red><center>" . $errors["error"] . "</center></font>";
    }
    if (!isset($this_user)) {
	$formatter("username", 
		  "<input name=\"formfields[username]\"
		          value='" . $formfields["username"] . "'
                          class='form-control'
                          placeholder='Pick a user name'
                          autofocus type='text'>");
   
	$formatter("email", 
		  "<input name=\"formfields[email]\"
                          type='text'
                          value='" . $formfields["email"] . "'
168
                          class='form-control'
169
                          placeholder='Your email address' type='text'>");
Keith Downie's avatar
Keith Downie committed
170

171 172 173 174 175 176 177 178
	$formatter("sshkey", 
		  "<textarea name=\"formfields[sshkey]\" 
                             placeholder='Your ssh public key'
                             class='form-control'
                             rows=4 cols=45>" . $formfields["sshkey"] .
                  "</textarea>");
    }
    echo "<div id='profile_well' class='form-group well well-md'>
Keith Downie's avatar
Keith Downie committed
179 180
            <span id='selected_profile_text' class='pull-left'>
            </span>
181 182
            <input id='selected_profile' type='hidden' 
                   name='formfields[profile]'/>
Keith Downie's avatar
Keith Downie committed
183
              <button id='profile' class='btn btn-primary btn-xs pull-right' 
184 185
                     type='button' name='profile_button'>
                Select a Profile
Keith Downie's avatar
Keith Downie committed
186
              </button>\n";
187 188 189 190 191 192 193 194
    if ($errors && array_key_exists("profile", $errors)) {
	echo "<label class='control-label' for='inputError'>" .
	    $errors["profile"] .
	    " </label>\n";
    }
    echo " </div>\n";
    echo "</fieldset>
           <button class='btn btn-success pull-right'
Keith Downie's avatar
Keith Downie committed
195
              type='submit' name='create'>Create!
196 197
           </button>
           <br> 
198 199 200
        </div>
        </div>
        </div>
Leigh B Stoller's avatar
Leigh B Stoller committed
201
        </div>\n";
202 203
    if (!isset($this_user)) {
	SpitVerifyModal("verify_modal", "Create");
204
    
205 206 207 208 209 210 211 212 213 214 215 216 217 218
	if ($newuser) {
	    if (is_string($newuser)) {
		$stuffing = $newuser;
	    }
	    else {
		$stuffing = substr(GENHASH(), 0, 16);
	    }
	    mail($formfields["email"],
		 "Confirm your email to create your Experiment",
		 "Here is your user verification code. Please copy and\n".
		 "paste this code into the box on the experiment page.\n\n".
		 "      $stuffing\n",
		 "From: $TBMAIL_OPS");
	    echo "<input type='hidden' name='stuffing' value='$stuffing' />";
Leigh B Stoller's avatar
Leigh B Stoller committed
219 220 221 222
	}
    }
    echo "</form>\n";

223
    SpitTopologyViewModal("quickvm_topomodal", $profile_array);
Keith Downie's avatar
Keith Downie committed
224

225
    echo "<script type='text/javascript'>\n";
226
    echo "    window.PROFILE = '" . $formfields["profile"] . "';\n";
227 228 229 230
    if ($newuser) {
	echo "window.APT_OPTIONS.isNewUser = true;\n";
    }
    echo "</script>\n";
231
    echo "<script src='js/lib/require.js' data-main='js/instantiate'></script>";
Leigh B Stoller's avatar
Leigh B Stoller committed
232 233 234
}

if (!isset($create)) {
235 236 237 238 239 240
    $defaults = array();
    $defaults["username"] = "";
    $defaults["email"]    = "";
    $defaults["sshkey"]   = "";
    $defaults["profile"]  = (isset($profile) ? $profile : $profile_default);
	
241
    # 
242
    # Look for current user or cookie that tells us who the user is. 
243
    #
244
    if ($this_user) {
245 246
	$defaults["username"] = $this_user->uid();
	$defaults["email"]    = $this_user->email();
247 248
    }
    elseif (isset($_COOKIE['quickvm_user'])) {
Leigh B Stoller's avatar
Leigh B Stoller committed
249 250 251 252 253 254 255 256
	$geniuser = GeniUser::Lookup("sa", $_COOKIE['quickvm_user']);
	if ($geniuser) {
	    #
	    # Look for existing quickvm. User not allowed to create
	    # another one.
	    #
	    $quickvm = QuickVM::LookupByCreator($geniuser->uuid());
	    if ($quickvm && $quickvm->status() != "terminating") {
257
		header("Location: status.php?uuid=" . $quickvm->uuid());
Leigh B Stoller's avatar
Leigh B Stoller committed
258 259
		return;
	    }
260 261 262
	    $defaults["username"] = $geniuser->name();
	    $defaults["email"]    = $geniuser->email();
	    $defaults["sshkey"]   = $geniuser->SSHKey();
Leigh B Stoller's avatar
Leigh B Stoller committed
263 264
	}
    }
265
    SPITFORM($defaults, false, array());
Leigh B Stoller's avatar
Leigh B Stoller committed
266 267 268 269 270 271 272 273 274
    SPITFOOTER();
    return;
}
#
# Otherwise, must validate and redisplay if errors
#
$errors = array();
$args   = array();

275 276 277 278
if (!$this_user) {
    #
    # These check do not matter for a logged in user; we ignore the values.
    #
279
    if (!isset($formfields["email"]) || $formfields["email"] == "") {
280 281
	$errors["email"] = "Missing Field";
    }
282
    elseif (! TBvalid_email($formfields["email"])) {
283 284
	$errors["email"] = TBFieldErrorString();
    }
285
    if (!isset($formfields["username"]) || $formfields["username"] == "") {
286 287
	$errors["username"] = "Missing Field";
    }
288
    elseif (! TBvalid_uid($formfields["username"])) {
289 290
	$errors["username"] = TBFieldErrorString();
    }
291
    elseif (User::LookupByUid($formfields["username"])) {
292 293 294
        # Do not allow uid overlap with real users.
	$errors["username"] = "Already in use";
    }
Leigh B Stoller's avatar
Leigh B Stoller committed
295
}
296
if (!isset($formfields["profile"]) || $formfields["profile"] == "") {
Leigh B Stoller's avatar
Leigh B Stoller committed
297
    $errors["profile"] = "No selection made";
Leigh B Stoller's avatar
Leigh B Stoller committed
298
}
299 300
elseif (! array_key_exists($formfields["profile"], $profile_array)) {
    $errors["profile"] = "Invalid Profile: " . $formfields["profile"];
Leigh B Stoller's avatar
Leigh B Stoller committed
301 302 303
}

if (count($errors)) {
304
    SPITFORM($formfields, false, $errors);
Leigh B Stoller's avatar
Leigh B Stoller committed
305 306 307 308 309 310 311
    SPITFOOTER();
    return;
}

#
# More sanity checks. 
#
312
if (!$this_user) {
313
    $geniuser = GeniUser::LookupByEmail("sa", $formfields["email"]);
314
    if ($geniuser) {
315
	if ($geniuser->name() != $formfields["username"]) {    
316 317 318
	    $errors["email"] = "Already in use by another user";
	    unset($geniuser);
	}
Leigh B Stoller's avatar
Leigh B Stoller committed
319 320
    }
}
321
# Existing guest users are allowed to resuse their ssh key, but can supply
Leigh B Stoller's avatar
Leigh B Stoller committed
322
# a new one if they want.
323
if (!isset($formfields["sshkey"]) || $formfields["sshkey"] == "") {
324
    if (!($geniuser || $this_user)) {
Leigh B Stoller's avatar
Leigh B Stoller committed
325 326 327 328
	$errors["sshkey"] = "Missing Field";
    }
}
else {
329
    $args["sshkey"] = $formfields["sshkey"];
Leigh B Stoller's avatar
Leigh B Stoller committed
330 331 332
}

if (count($errors)) {
333
    SPITFORM($formfields, false, $errors);
Leigh B Stoller's avatar
Leigh B Stoller committed
334 335 336
    SPITFOOTER();
    return;
}
337
# Silently ignore the form for a logged in user. 
338 339 340
$args["username"] = ($this_user ? $this_user->uid() : $formfields["username"]);
$args["email"]    = ($this_user ? $this_user->email() : $formfields["email"]);
$args["profile"]  = $formfields["profile"];
Leigh B Stoller's avatar
Leigh B Stoller committed
341 342 343 344 345

#
# See if user exists and is verified. We send email with a code, which
# they have to paste back into a box we add to the form. See above.
#
Leigh B Stoller's avatar
Leigh B Stoller committed
346 347 348 349 350
# We also get here if the user exists, but the browser did not have
# the tokens, as will happen if switching to another browser. We
# force the user to repeat the verification with the same code we
# have stored in the DB.
#
351 352 353
if (!$this_user &&
    (!$geniuser || !isset($_COOKIE['quickvm_authkey']) ||
     $_COOKIE['quickvm_authkey'] != $geniuser->auth_token())) {
Leigh B Stoller's avatar
Leigh B Stoller committed
354 355
    if (isset($stuffing) && $stuffing != "") {
	if (! (isset($verify) && $verify == $stuffing)) {
356
	    SPITFORM($formfields, $stuffing, $errors);
Leigh B Stoller's avatar
Leigh B Stoller committed
357 358 359
	    SPITFOOTER();
	    return;
	}
Leigh B Stoller's avatar
Leigh B Stoller committed
360 361 362 363 364
	#
	# If this is an existing user and they give us the right code,
	# we can check again for an existing VM and redirect to the
	# status page, like we do above.
	#
365 366
	if ($geniuser) {
	    $quickvm = QuickVM::LookupByCreator($geniuser->uuid());
Leigh B Stoller's avatar
Leigh B Stoller committed
367
	    if ($quickvm && $quickvm->status() != "terminating") {
368
		header("Location: status.php?uuid=" . $quickvm->uuid());
Leigh B Stoller's avatar
Leigh B Stoller committed
369 370 371
		return;
	    }
	}
Leigh B Stoller's avatar
Leigh B Stoller committed
372 373 374 375
	# Pass to backend to save in user object.
	$args["auth_token"] = $stuffing;
    }
    else {
Leigh B Stoller's avatar
Leigh B Stoller committed
376 377
	# Existing user, use existing auth token.
	# New user, we create a new one.
378
	$token = ($geniuser ? $geniuser->auth_token() : true);
Leigh B Stoller's avatar
Leigh B Stoller committed
379

380
	SPITFORM($formfields, $token, $errors);
Leigh B Stoller's avatar
Leigh B Stoller committed
381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412
	SPITFOOTER();
	return;
    }
}

# This is so we can look up the slice after the backend creates it.
$args["name"] = substr(GENHASH(), 0, 16);

#
# Generate a temporary file and write in the XML goo. 
#
$xmlname = tempnam("/tmp", "quickvm");
if (! $xmlname) {
    TBERROR("Could not create temporary filename", 0);
    $errors["internal"] = "Transient error(1); please try again later.";
}
elseif (! ($fp = fopen($xmlname, "w"))) {
    TBERROR("Could not open temp file $xmlname", 0);
    $errors["internal"] = "Transient error(2); please try again later.";
}
else {
    fwrite($fp, "<quickvm>\n");
    foreach ($args as $name => $value) {
	fwrite($fp, "<attribute name=\"$name\">");
	fwrite($fp, "  <value>" . htmlspecialchars($value) . "</value>");
	fwrite($fp, "</attribute>\n");
    }
    fwrite($fp, "</quickvm>\n");
    fclose($fp);
    chmod($xmlname, 0666);
}
if (count($errors)) {
413
    SPITFORM($formfields, false, $errors);
Leigh B Stoller's avatar
Leigh B Stoller committed
414 415 416 417 418 419 420 421 422 423 424
    SPITFOOTER();
    return;
}

#
# Invoke the backend. This will create the user and the slice record
# in the SA database, and then fork off in the background. If the
# first part works, we can return to the user and use some nifty ajax
# and javascript to watch for progress. We use a cookie that holds
# the slice uuid so that the JS code can ask about it.
#
425 426
# This option is used to tell the backend that it is okay to look
# in the emulab users table.
Leigh B Stoller's avatar
Leigh B Stoller committed
427
#
428 429 430
$opt = ($this_user ? "-l" : "");

$retval = SUEXEC("nobody", "nobody", "webquickvm $opt $xmlname",
Leigh B Stoller's avatar
Leigh B Stoller committed
431
		 SUEXEC_ACTION_CONTINUE);
Leigh B Stoller's avatar
Leigh B Stoller committed
432 433 434

if ($retval != 0) {
    if ($retval < 0) {
435
	$errors["error"] = "Transient error(3); please try again later.";
Leigh B Stoller's avatar
Leigh B Stoller committed
436 437 438 439
    }
    else {
	if (count($suexec_output_array)) {
	    $line = $suexec_output_array[$i];
440
	    $errors["error"] = $line;
Leigh B Stoller's avatar
Leigh B Stoller committed
441 442
	}
	else {
443
	    $errors["error"] = "Transient error(4); please try again later.";
Leigh B Stoller's avatar
Leigh B Stoller committed
444 445
	}
    }
446
    SPITFORM($formfields, false, $errors);
Leigh B Stoller's avatar
Leigh B Stoller committed
447 448 449 450 451 452 453
    SPITFOOTER();
    return;
}
unlink($xmlname);

$quickvm = QuickVM::LookupByName($args["name"]);
if (!$quickvm) {
454 455
    $errors["error"] = "Transient error(5); please try again later.";
    SPITFORM($formfields, false, $errors);
Leigh B Stoller's avatar
Leigh B Stoller committed
456 457 458
    SPITFOOTER();
    return;
}
459 460 461 462 463 464
if ($this_user) {
    $creator = $this_user;
}
else {
    $creator = GeniUser::Lookup("sa", $quickvm->creator_uuid());
}
Leigh B Stoller's avatar
Leigh B Stoller committed
465
if (! $creator) {
466 467
    $errors["error"] = "Transient error(6); please try again later.";
    SPITFORM($formfields, false, $errors);
Leigh B Stoller's avatar
Leigh B Stoller committed
468 469 470
    SPITFOOTER();
    return;
}
471
#
Leigh B Stoller's avatar
Leigh B Stoller committed
472
# Remember the user and auth key so that we can verify.
473 474 475 476 477 478
#
# The cookie handling is a pain since we run this under the aptlab
# virtual host, but the config uses a different domain, and so the
# cookies do not work. So, we have to look at our SERVER_NAME and
# set the cookie appropriately. 
#
479
if (!$this_user) {
Leigh B Stoller's avatar
Leigh B Stoller committed
480 481
    $cookiedomain = $TBAUTHDOMAIN;

482 483 484 485 486 487
    setcookie("quickvm_user",
	      $creator->uuid(), time() + (24 * 3600 * 30),
	      "/", $cookiedomain, 0);
    setcookie("quickvm_authkey",
	      $creator->auth_token(), time() + (24 * 3600 * 30),
	      "/", $cookiedomain, 0);
488
}
489
header("Location: status.php?uuid=" . $quickvm->uuid());
Leigh B Stoller's avatar
Leigh B Stoller committed
490
?>