All new accounts created on Gitlab now require administrator approval. If you invite any collaborators, please let Flux staff know so they can approve the accounts.

nodetipacl.php3 1.56 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
<?php
include("defs.php3");

#
# This script generates an "acl" file.
#

#
# Only known and logged in users can get acls..
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);

#
# Verify form arguments.
# 
if (!isset($node_id) ||
    strcmp($node_id, "") == 0) {
    USERERROR("You must provide a node ID.", 1);
}

#
# Admin users can look at any node, but normal users can only control
# nodes in their own experiments.
#
# XXX is MODIFYINFO the correct one to check? (probably)
27
$isadmin = ISADMIN($uid);
28
if (! $isadmin) {
29
    if (! TBNodeAccessCheck($uid, $node_id, $TB_NODEACCESS_READINFO)) {
30 31 32 33
        USERERROR("You do not have permission to tip to node $node_id!", 1);
    }
}

34 35
$query_result = DBQueryFatal("SELECT server, portnum, keylen, keydata " . 
			     "FROM tiplines WHERE node_id='$node_id'" );
36 37

if (mysql_num_rows($query_result) == 0) {
38
  USERERROR("The node $node_id does not exist, or seem to have a tipline!", 1);
39 40
}

41 42 43 44
$filename = $node_id . ".acl"; 

header("Content-Type: text/testbed-acl");
header("Content-Disposition: attachment; filename=$filename;");
45
header("Content-Description: ACL key file for a testbed node serial port");
46

47 48
# XXX, should handle multiple tip lines gracefully somehow, 
# but not important for now.
49 50 51 52 53 54 55 56

$row = mysql_fetch_array($query_result);
$server  = $row[server];
$portnum = $row[portnum];
$keylen  = $row[keylen];
$keydata = $row[keydata];

# XXX fix me!!!
57
$certhash = "7161bb44818e7be5a5bcd58506163e1583e6aa1c";
58 59 60 61 62 63 64

echo "host:   $server\n";	
echo "port:   $portnum\n";
echo "keylen: $keylen\n";
echo "key:    $keydata\n";
echo "ssl-server-cert: $certhash\n";
?>