template_metadata.php 13.3 KB
Newer Older
1 2 3 4 5 6 7
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2006 University of Utah and the Flux Group.
# All rights reserved.
#
include("defs.php3");
8
include_once("template_defs.php");
9 10 11 12 13 14 15 16 17 18

#
# No PAGEHEADER since we spit out a Location header later. See below.
#

#
# Only known and logged in users.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
19
$isadmin  = ISADMIN($uid);
20 21 22 23 24 25 26

#
# Spit the form out using the array of data.
#
function SPITFORM($action, $formfields, $errors)
{
    global $template_guid, $template_vers;
27
    global $metadata_guid, $metadata_vers, $metadata_type;
28 29 30
    
    PAGEHEADER("Manage Template Metadata");

31 32
    if ($action == "add") {
	echo "<center>";
33 34 35 36 37 38
	echo "<h3>Attach metadata to your template.</h3>";
	echo "</center><br>\n";
    }
    elseif ($action == "delete") {
	echo "<center>";
	echo "<h3>Are you sure you want to delete this item?</h3>";
39 40 41
	echo "</center><br>\n";
    }

42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77
    if ($errors) {
	echo "<table class=nogrid
                     align=center border=0 cellpadding=6 cellspacing=0>
              <tr>
                 <th align=center colspan=2>
                   <font size=+1 color=red>
                      &nbsp;Oops, please fix the following errors!&nbsp;
                   </font>
                 </td>
              </tr>\n";

	while (list ($name, $message) = each ($errors)) {
	    echo "<tr>
                     <td align=right>
                       <font color=red>$name:&nbsp;</font></td>
                     <td align=left>
                       <font color=red>$message</font></td>
                  </tr>\n";
	}
	echo "</table><br>\n";
    }

    echo "<form action=template_metadata.php?action=$action method=post>\n";
    echo "<table align=center border=1>\n";

    #
    # Template GUID and Version. These are read-only fields.
    #
    echo "<tr>
              <td class='pad4'>Template GUID:</td>
              <td class='pad4' class=left>
                  $template_guid/$template_vers</td>\n";
    echo "</tr>\n";
    echo "<input type=hidden name=template_guid value=$template_guid>\n";
    echo "<input type=hidden name=template_vers value=$template_vers>\n";

78
    if ($action == "modify" || $action == "delete") {
79 80 81 82 83 84
	echo "<tr>
                  <td class='pad4'>Metadata GUID:</td>
                  <td class='pad4' class=left>
                      $metadata_guid/$metadata_vers</td>\n";
	echo "</tr>\n";
	echo "<input type=hidden name=metadata_guid value=$metadata_guid>\n";
85 86 87 88
	echo "<input type=hidden name=metadata_vers value=$metadata_vers>\n";
    }
    if (isset($metadata_type) && $metadata_type != "") {
	echo "<input type=hidden name=metadata_type value=$metadata_type>\n";
89 90
    }

91 92
    $readonly_name  = ($action == "add"    ? "" : "readonly");
    $readonly_value = ($action == "delete" ? "readonly" : "");
93 94 95 96 97 98 99 100

    #
    # Name of the item
    #
    echo "<tr>
              <td>*Name:<br>
                  (something short and pithy)</td>
              <td class=pad4 class=left>
101
	          <input type=text $readonly_name
102 103 104 105 106 107 108 109 110 111 112 113 114
                         name=\"formfields[name]\"
                         value=\"" . $formfields[name] . "\"
	                 size=64>
             </td>
          </tr>\n";

    echo "<tr>
              <td colspan=2>
               Value (use this area to enter the value of your metadata item).
              </td>
          </tr>
          <tr>
              <td colspan=2 align=center class=left>
115
                  <textarea $readonly_value name=\"formfields[value]\"
116 117 118 119 120 121 122 123 124
                    rows=10 cols=80>" .
	            ereg_replace("\r", "", $formfields[value]) .
	           "</textarea>
              </td>
          </tr>\n";

    if ($action == "modify") {
	$tag = "Modify Metadata";
    }
125 126 127
    elseif ($action == "delete") {
	$tag = "Delete Metadata";
    }
128 129 130 131 132 133 134 135 136 137 138 139 140
    else {
	$tag = "Add Metadata";
    }    
 
    echo "<tr>
              <td class='pad4' align=center colspan=2>
                 <b><input type=submit name=submit value='$tag'></b>
              </td>
         </tr>
        </form>
        </table>\n";
}

141 142 143 144
# Objects
$metadata = NULL;
$template = NULL;

145 146 147 148 149 150 151 152 153
#
# On first load, display virgin form and exit.
#
if (!isset($submit)) {
    #
    # Verify page arguments.
    # 
    if (!isset($guid) ||
	strcmp($guid, "") == 0) {
154
	USERERROR("You must provide a GUID.", 1);
155 156 157
    }
    if (!isset($version) ||
	strcmp($version, "") == 0) {
158
	USERERROR("You must provide a version", 1);
159 160 161 162 163 164 165 166
    }
    if (!TBvalid_guid($guid)) {
	PAGEARGERROR("Invalid characters in GUID!");
    }
    if (!TBvalid_integer($version)) {
	PAGEARGERROR("Invalid characters in version!");
    }

167 168 169 170 171
    #
    # In show mode, we can show any metadata entry, but it cannot be modified
    # unless its in the context of a template. That might change later?
    #
    if ($action == "show") {
172 173 174 175
	$metadata_guid = $guid;
	$metadata_vers = $version;

	#
176
	# Find this metadata item.
177
	#
178 179 180
	$metadata = TemplateMetadata::Lookup($metadata_guid, $metadata_vers);
	
	if (! $metadata) {
181 182
	    USERERROR("Invalid metadata $guid/$version", 1);
	}
183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198

        #
        # Verify Permission. Need permission for the template, any version.
        #
	$template = Template::Lookup($metadata->template_guid(), 1);

	if (!$template ||
	    !$template->AccessCheck($uid, $TB_EXPT_READINFO)) {
	    USERERROR("You do not have permission to view metadata in ".
		      " template $template_guid!", 1);
	}

	PAGEHEADER("Show Metadata");
	$metadata->Show();
	PAGEFOOTER();
	return;
199
    }
200
    elseif ($action == "modify" || $action == "delete") {
201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220
	$template_guid = $guid;
	$template_vers = $version;

	# Must get the metadata guid and vers we want to change.
	if (!isset($metadata_guid) || $metadata_guid == "") {
	    USERERROR("You must provide a metadata GUID", 1);
	}
	if (!isset($metadata_vers) || $metadata_vers == "") {
	    USERERROR("You must provide a metadata version", 1);
	}
	if (!TBvalid_guid($metadata_guid)) {
	    PAGEARGERROR("Invalid characters in GUID!");
	}
	if (!TBvalid_integer($metadata_vers)) {
	    PAGEARGERROR("Invalid characters in metadata version!");
	}

	#
	# Verify this metadata is attached to the template.
	#
221 222 223 224 225 226 227 228 229 230
	$template = Template::Lookup($template_guid, $template_vers);

	if (!$template) {
	    USERERROR("Invalid template $template_guid/$template_vers", 1);
	}

	$metadata = $template->LookupMetadataByGUID($metadata_guid,
						    $metadata_vers);

	if (!$template) {
231
	    USERERROR("Invalid metadata $metadata_guid/$metadata_vers", 1);
232
	}
233
	$metadata_type = $metadata->type();
234 235 236 237 238
    }
    else {
	$template_guid = $guid;
	$template_vers = $version;

239 240 241 242 243 244 245 246 247 248 249
	if (isset($type) && $type != "") {
	    if (!TBvalid_template_metadata_type($type)) {
		PAGEARGERROR("Invalid characters in metadata type!");
	    }
	    $metadata_type = $type;
	}
	else {
	    unset($type);
	    unset($metadata_type);
	}

250 251 252
        #
        # Check to make sure this is a valid template.
        #
253 254 255 256
	$template = Template::Lookup($template_guid, $template_vers);

	if (!$template) {
	    USERERROR("Invalid template $template_guid/$template_vers", 1);
257 258
	}
    }
259 260 261

    # Perm check for add/modify to the template.
    if (!$template->AccessCheck($uid, $TB_EXPT_MODIFY)) {
262 263
	USERERROR("You do not have permission to $action metadata in ".
		  " template $template_guid!", 1);
264 265
    }

266
    # Defaults for the form come from the DB.
267
    $defaults = array();
268
    if ($action == "modify" || $action == "delete") {
269 270
	$defaults["name"]  = $metadata->name();
	$defaults["value"] = $metadata->value();
271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292
    }
    
    #
    # Allow formfields that are already set to override defaults
    #
    if (isset($formfields)) {
	while (list ($field, $value) = each ($formfields)) {
	    $defaults[$field] = $formfields[$field];
	}
    }

    SPITFORM($action, $defaults, 0);
    PAGEFOOTER();
    return;
}
elseif (! isset($formfields)) {
    PAGEARGERROR();
}

#
# Verify page arguments, which depend on action.
#
293
if ($action == "modify" || $action == "delete") {
294 295 296 297 298 299 300 301 302 303 304 305
    if (!isset($metadata_guid) || $metadata_guid == "") {
	USERERROR("You must provide a Metadata GUID.", 1);
    }
    if (!isset($metadata_vers) || $metadata_vers == "") {
	USERERROR("You must provide a Metadata version", 1);
    }
    if (!TBvalid_guid($metadata_guid)) {
	PAGEARGERROR("Invalid characters in GUID!");
    }
    if (!TBvalid_integer($metadata_vers)) {
	PAGEARGERROR("Invalid characters in version!");
    }
306 307 308 309 310 311 312 313 314 315 316 317 318
    if (!isset($template_guid) || $template_guid == "") {
	USERERROR("You must provide a Template GUID.", 1);
    }
    if (!isset($template_vers) || $template_vers == "") {
	USERERROR("You must provide a Template version", 1);
    }
    if (!TBvalid_guid($template_guid)) {
	PAGEARGERROR("Invalid characters in GUID!");
    }
    if (!TBvalid_integer($template_vers)) {
	PAGEARGERROR("Invalid characters in version!");
    }
    
319
    #
320
    # Verify this metadata is attached to the template.
321
    #
322 323 324 325
    $template = Template::Lookup($template_guid, $template_vers);

    if (!$template) {
	USERERROR("Invalid template $template_guid/$template_vers", 1);
326 327
    }

328 329 330
    $metadata = $template->LookupMetadataByGUID($metadata_guid,$metadata_vers);

    if (!$template) {
331
	USERERROR("Invalid metadata $metadata_guid/$metadata_vers", 1);
332
    }
333 334
    # For checks below;
    $metadata_type = $metadata->type();
335 336 337 338 339 340 341 342 343 344 345 346 347 348
}
else {
    if (!isset($template_guid) || $template_guid == "") {
	USERERROR("You must provide a Template GUID.", 1);
    }
    if (!isset($template_vers) || $template_vers == "") {
	USERERROR("You must provide a Template version", 1);
    }
    if (!TBvalid_guid($template_guid)) {
	PAGEARGERROR("Invalid characters in GUID!");
    }
    if (!TBvalid_integer($template_vers)) {
	PAGEARGERROR("Invalid characters in version!");
    }
349 350 351 352 353 354 355 356
    if (isset($metadata_type) && $metadata_type != "") {
	if (!TBvalid_template_metadata_type($metadata_type)) {
	    PAGEARGERROR("Invalid characters in metadata type!");
	}
    }
    else {
	unset($metadata_type);
    }
357 358 359 360

    #
    # Check to make sure this is a valid template.
    #
361 362 363 364
    $template = Template::Lookup($template_guid, $template_vers);
    
    if (!$template) {
	USERERROR("Invalid template $template_guid/$template_vers", 1);
365 366 367
    }
}

368 369 370 371
# Perm check for add/modify to the template.
if (!$template->AccessCheck($uid, $TB_EXPT_MODIFY)) {
    USERERROR("You do not have permission to $action metadata in ".
	      " template $template_guid!", 1);
372 373 374 375 376 377
}

#
# Okay, validate form arguments.
#
$errors = array();
378
$command_opts = "";
379 380 381 382

#
# Name
#
383 384 385 386 387 388 389
if (!isset($formfields[name]) || $formfields[name] == "") {
    $errors["Metadata Name"] = "Missing Field";
}
elseif (!TBvalid_template_metadata_name($formfields[name])) {
    $errors["Metadata Name"] = TBFieldErrorString();
}

390
if ($action == "add") {
391
    if ($template->LookupMetadataByName($formfields[name])) {
392
	$errors["Metadata Name"] = "Name already in use";
393
    }
394 395 396
    if (isset($metadata_type)) {
	$command_opts .= "-t $metadata_type ";
    }
397 398
    $command_opts .= "-a add " . escapeshellarg($formfields[name]);
}
399 400 401
elseif ($action == "delete") {
    $command_opts .= "-a delete " . escapeshellarg($formfields[name]);
}
402
else {
403
    # Had to already exist above. 
404
    $command_opts .= "-a modify " . escapeshellarg($formfields[name]);
405 406 407 408
}

#
# Value:
409 410 411 412 413 414 415 416 417 418 419 420
#
if ($action != "delete") {
    if (!isset($formfields[value]) || $formfields[value] == "") {
	$errors["Metadata Value"] = "Missing Field";
    }
    elseif (!TBvalid_template_metadata_value($formfields[value])) {
	$errors["Metadata Value"] = TBFieldErrorString();
    }
    if ($action == "modify" &&
	$formfields[value] == $metadata_data[value]) {
	$errors["Metadata Value"] = "New value identical to old value";
    }
421 422
}

423 424 425
#
# XXX Some metadata is special ...
#
426 427 428 429 430 431
if (isset($metadata_type)) {
    if ($metadata_type == "tid") {
	if ($action == "delete") {
	    $errors["TID"] = "Not allowed to delete this";
	}
	elseif (!TBvalid_eid($formfields[value])) {
432 433 434
	    $errors["TID"] = TBFieldErrorString();
	}
    }
435 436 437 438 439 440 441 442 443 444
    elseif ($metadata_type == "template_description") {
	if ($action == "delete") {
	    $errors["Description"] = "Not allowed to delete this";
	}
	elseif (!TBvalid_template_description($formfields[value])) {
	    $errors["Description"] = TBFieldErrorString();
	}
    }
    elseif ($metadata_type == "parameter_description") {
	if (!TBvalid_template_parameter_description($formfields[value])) {
445 446 447 448 449
	    $errors["Description"] = TBFieldErrorString();
	}
    }
}

450 451 452 453 454 455 456
if (count($errors)) {
    SPITFORM($action, $formfields, $errors);
    PAGEFOOTER();
    exit(1);
}

#
457
# Generate a temporary file and write in the data.
458
#
459 460 461 462
if ($action != "delete") {
    list($usec, $sec) = explode(' ', microtime());
    srand((float) $sec + ((float) $usec * 100000));
    $foo = rand();
463

464
    $datafile = "/tmp/$uid-$foo.txt";
465

466 467 468 469 470 471 472
    if (! ($fp = fopen($datafile, "w"))) {
	TBERROR("Could not create temporary file $datafile", 1);
    }

    fwrite($fp, $formfields[value]);
    fclose($fp);
    chmod($datafile, 0666);
473

474 475
    $command_opts = " -f $datafile $command_opts";
}
476

477
#
478
# The backend does the actual work.
479
#
480 481
$pid = $template->pid();
$gid = $template->gid();
482 483 484
TBGroupUnixInfo($pid, $gid, $unix_gid, $unix_name);

$retval = SUEXEC($uid, "$pid,$unix_gid",
485
		 "webtemplate_metadata ".
486 487 488
		 "$command_opts $template_guid/$template_vers",
		 SUEXEC_ACTION_IGNORE);

489 490 491
if ($action != "delete") {
    unlink($datafile);
}
492 493

#
494 495 496 497 498
# Fatal Error. Report to the user, even though there is not much he can
# do with the error. Also reports to tbops.
# 
if ($retval < 0) {
    SUEXECERROR(SUEXEC_ACTION_CONTINUE);
499 500
}

501 502 503 504
# User error. Tell user and exit.
if ($retval) {
    SUEXECERROR(SUEXEC_ACTION_USERERROR);
    return;
Leigh B. Stoller's avatar
Leigh B. Stoller committed
505 506
}

507 508
header("Location: ".
       "template_show.php?guid=$template_guid&version=$template_vers");