1. 28 Nov, 2005 1 commit
  2. 18 Nov, 2005 1 commit
  3. 01 Nov, 2005 1 commit
  4. 16 Aug, 2005 1 commit
  5. 15 Aug, 2005 1 commit
    • Leigh B. Stoller's avatar
      The bulk of the mailman support. Still not turned on by default (cause · a64593f3
      Leigh B. Stoller authored
      Jay has "comments"), but I do not want it hanging around in my source
      tree. Here is my mail message:
      
      * The "My Mailing Lists" is context sensitive (copied from Tim's
        changes to the My Bug Databases). It takes you to the *archives* for
        the current project (or subgroup) list. Or it takes you to your
        first joined project.
      
      * The showproject and showgroup pages have direct links to the project
        and group specific archives. If you are in reddot mode, you also
        get a link to the admin page for the list. Note that project and
        group leaders are just plain members of these lists.
      
      * The interface to create a new "user" list is:
      
      	https://www.emulab.net/dev/stoller/newmmlist.php3
      
        We do not store the password, but just fire it over in the list
        creation process.
      
        Anyone can create their own mailing lists. They are not associated
        with projects, but just the person creating the list. That person
        is the list administrator and is given permission to access the
        configuration page.
      
        This page is not hooked in yet; not sure where.
      
      * Once you have your own lists, you user profile page includes a link
        in the sub menu: Show Mailman Lists. From this page you can delete
        lists, zap to the admin page, or change the admin password (which is
        really just a subpage of the admin page).
      
      * As usual, in reddot mode you can mess with anyone else's mailman lists,
        (via the magic of mailman cookies).
      
      * Note on cross machine login. The mailman stuff has a really easy way
        to generate the right kind of cookie to give users access. You can
        generate a cookie to give user access, or to the admin interface for
        a list (a different cookie). Behind the scenes, I ssh over and get
        the cookie, and set it in the user's browser from boss. When the
        browser is redirected over to ops, that cookie goes along and gives
        the user the requested access. No passwords need be sent around,
        since we do the authentication ourselves.
      a64593f3
  6. 13 May, 2005 1 commit
    • Leigh B. Stoller's avatar
      Automate initial user/project setup from setup-db.txt. Rather then · dd1b57bc
      Leigh B. Stoller authored
      have the user go through a set of hard to explain steps, just push
      them through it using the web interface.
      
      * New sitevars to control a little state machine used by the web
        interface.
      
      * When first setting up a testbed, the sitevar value will force the
        web interface to present the user with a single menu option "Create
        New Project" and the "Home" link will take the user to that page.
        The user is instructed to login is as elabman.
      
      * The user fills in the form as directed in setup-ops.txt. Even though
        he is logged in as elabman, the newproject form has been altered to
        operate as if no one is logged in. I also default a bunch more of
        the fields in this case.
      
      * The user submits the form. Rather then pend the new project, just
        jump straight into approveproject. That grinds along as usual, and
        when it is done, the elabman account is frozen and the user logged
        out. The user gets a link inviting him to log back in as the user
        just created.
      
      * Side effects of this new process:
      
      	* The user is made an admin user (admin=1) automatically.
      	* The user is added to the emulab-ops project as group_root.
      	* The user verification process is skipped.
      	* The user is added to the unixgroups wheel and tbadmin.
      
      * I reworked this entire section of setup-db.txt ...
      
      * The user still needs to give himself a real shell and password on
        boss, but I left that for the user to do explicitly. I also drop in
        a pointer to the shellonboss.txt. I might automate this part too at
        some point. Not sure yet.
      dd1b57bc
  7. 25 Mar, 2005 1 commit
    • Leigh B. Stoller's avatar
      Okay, I think I am finally done with WikiWhacking (or WhackingTheWiki?) · 90dcbbe2
      Leigh B. Stoller authored
      for the near future. Two big changes:
      
      * Add WikiOnly accounts. An external user can register for an account on
        the wiki. Rather then use the registration stuff that comes with TWiki,
        redirect to new Emulab web page so we can manage all of the wiki accounts
        from one place. I modified the joinproject page to spit out a subset of
        the required fields so that its simple to get a wiki only account (just a
        few things to fill in).
      
        In keeping with current security practices, we still generate a
        verification email message to ensure the email address works. However,
        when the user completes the verification, the wiki account is created right
        away, rather then waiting for someone to approve it (since that would
        defeat the entire point of the wiki).
      
        Aside: I have not thought much about the conversion from a wiki-only
        account to a real account. That is going to happen, and it would be nice
        if that step did not require one of use to go in and hack the DB. Will
        cross that moat later.
      
        Aside: Rather beat up on the modify user info page too much, I continue
        to spit out the same form, but mark most of the fields as not required,
        and allow wiki-only people to not specify them.
      
      * Both the joinproject and newproject pages sport a new WikiName field so
        that users can select their own WikiName. I added some JavaScript to
        both pages that generate a suitable wikiname from the FullName field, so
        that as soon as the user clicks out of the FullName, a default wikiname is
        inserted in the field.
      
        Both pages verify the wikinames by checking to make sure it is not
        already in use, and that it meets the WikiRules for WikiTopic names.
        (someone please shoot me if I continue to use WikiNotation).
      90dcbbe2
  8. 11 Mar, 2005 1 commit
  9. 20 Jan, 2004 1 commit
    • Robert Ricci's avatar
      Check for an account on boss with the submitted username - this will · e48dc6ba
      Robert Ricci authored
      prevent people from asking for 'root', 'toor', etc. as usernames, and
      will hopefully help with new installations, which may have created
      accounts by hand. Note that this checks boss only, not ops.
      
      Also fixed a bug in newproject.php3 that was incorrectly letting
      through duplicate usernames.
      e48dc6ba
  10. 22 Dec, 2003 2 commits
  11. 19 Dec, 2003 1 commit
  12. 18 Dec, 2003 2 commits
    • Leigh B. Stoller's avatar
      Added check to make sure that uid does not already exist. This is · 7e50b223
      Leigh B. Stoller authored
      usually handled via uid cookie we get back from the browser, but if
      the user Clicks stop or maybe has cookies off, we don't that info.
      7e50b223
    • Leigh B. Stoller's avatar
      First try at solving the problem of validating user input for the · 8dbead16
      Leigh B. Stoller authored
      zillions of DB fields that we have to set. My solution was to add a
      meta table that describes what is a legal value for each table/slot
      for which we take from user input. The table looks like this right
      now, but is likely to adapt as we get more experience with this
      approach (or it might get tossed if it turns out to be a pain in the
      ass!).
      
      	CREATE TABLE table_regex (
      	  table_name varchar(64) NOT NULL default '',
      	  column_name varchar(64) NOT NULL default '',
      	  column_type enum('text','int','float') default NULL,
      	  check_type enum('regex','function','redirect') default NULL,
      	  check tinytext NOT NULL,
      	  min int(11) NOT NULL default '0',
      	  max int(11) NOT NULL default '0',
      	  comment tinytext,
      	  UNIQUE KEY table_name (table_name,column_name)
      	) TYPE=MyISAM;
      
      Entries in this table look like this:
      
      	('virt_nodes','vname','text','regex','^[-\\w]+$',1,32,NULL);
      
      Which says that the vname slot of the virt_nodes table (which we trust the
      user to give us in some form) is a text field to be checked with the given
      regex (perlre of course), and that the min/max length of the text field is
      1 and 32 chars respectively.
      
      Now, you wouldn't want to write the same regex over and over, and since we
      use the same fields in many tables (like pid, eid, vname, etc) there is an
      option to redirect to another entry (recursively). So, for "PID" I do this:
      
              ('eventlist','pid','text','redirect','projects:pid',0,0,NULL);
      
      which redirects to:
      
      	('projects','pid','text','regex','^[a-zA-Z][-\\w]+$',2,12,NULL);
      
      And, for many fields you just want to describe generically what could go
      into it. For that I have defined some default fields. For example, a user
      description:
      
              ('experiment,'usr_name','text','redirect','default:tinytext',0,0,NULL);
      
      which redirects to:
      
      	('default','tinytext','text','regex','^[\\040-\\176]*$',0,256,NULL);
      
      and this says that a tinytext (in our little corner of the database
      universe) field can have printable characters (but not a newline), and
      since its a tinytext field, its maxlen is 256 chars.
      
      You also have integer fields, but these are little more irksome in the
      details.
      
      	('default','tinyint,'int,'regex','^[\\d]+$',-128,127,NULL);
      
      and you would use this anyplace you do not care about the min/max values
      being something specific in the tinyint range. The range for a float is of
      course stated as an integer, and thats kinda bogus, but we do not have many
      floats, and they generally do not take on specific values anyway.
      
      A note about the min/max fields and redirecting. If the initial entry has
      non-zero min/max fields, those are the min mac fields used. Otherwise they
      come from the default. So for example, you can do this:
      
          ('experiments','mem_usage','int','redirect','default:tinyint',0,5,NULL);
      
      So, you can redirect to the standard "tinyint" regular expression, but you
      still get to define min/max for the specific field.
      
      Isn't this is really neat and really obtuse too? Sure, you can say it.
      
      Anyway, xmlconvert now sends all of its input through these checks (its
      all wrapped up in library calls), and if a slot does not have an entry, it
      throws an error so that we are forced to define entries for new slots as we
      add them.
      
      In the web page, I have changed all of the public pages (login, join
      project, new project, and a couple of others) to also use these checks.
      As with the perl code, its all wrapped up in a library. Lots more code
      needs to be changed of course, but this is a start.
      8dbead16
  13. 10 Dec, 2003 1 commit
  14. 01 Dec, 2003 1 commit
  15. 14 Nov, 2003 1 commit
  16. 11 Nov, 2003 1 commit
  17. 12 Sep, 2003 1 commit
  18. 09 Sep, 2003 1 commit
  19. 20 May, 2003 1 commit
    • Chad Barb's avatar
      · 4df405d6
      Chad Barb authored
      Users can, via, moduserinfo, set a preferred shell.
      One of {tcsh, bash, csh, sh}.
      When users are created, they are given tcsh.
      All users which already exist have been given tcsh.
      4df405d6
  20. 28 Apr, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add support for new {user,group,project,experiment}_stats tables. · 5e5508bf
      Leigh B. Stoller authored
      The first three are aggregate tables, while the experiment stats table
      gets a record for each new experiment, and is updated when an
      experiment is swapped in/out/modify or terminated. Look at the table
      to see what is tracked. Once the experiment_stats record is updated,
      the aggregate tables are updated as necessary. There are a bunch of
      ugly changes to assign_wrapper to get the stats. Note that pnodes is
      not incremented until an experiment sucessfully swaps in. This is in
      leu of getting status codes; I'm not tracking failed operations yet,
      nor creating the log file that Jay wants. I'll do that in the next
      round of changes when we see how useful these numbers are.
      
      Most of the changes are to create/delete table entries where
      appropriate, and to display the records. Display is only under admin
      mode, and the display is raw; just a dump of the assoc tables in php.
      The last 100 experiment stats records are available via the Experiment
      List page, using the "Stats" show option at the top. Bad place, but
      will do for now.
      5e5508bf
  21. 24 Apr, 2003 1 commit
  22. 22 Apr, 2003 1 commit
  23. 15 Apr, 2003 1 commit
    • Chad Barb's avatar
      · ccefbf0e
      Chad Barb authored
      Nit; remove legend for "+" (recommended) on fields,
      since there are no recommended fields!
      ccefbf0e
  24. 14 Apr, 2003 1 commit
    • Chad Barb's avatar
      · 67a08472
      Chad Barb authored
      - Added 'Country' to users table
      - Changed "Zip" to "ZIP/Postal Code"
      - Reformatted Postal Address Forms
      67a08472
  25. 04 Apr, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add "Address Line 2", City, State, and Zip as independent entities, · 5e38412f
      Leigh B. Stoller authored
      finally! These have been in the DB for a long time, but never used.
      As Eric pointed out, its easier to get realistic address info from
      people if we provide the right forms. The downside is that all current
      users will have to adjust their info the next time they edit their
      info. Thats okay. I thought about forcing all users to do it the next
      time they log in, but I figured people would scream.
      5e38412f
  26. 29 Mar, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add target_pid,target_gid arguments to joinproject page so that · 26bccd9e
      Leigh B. Stoller authored
      we can send links that cause those fields to be filled in for people.
      Add those links to email generated by newproject and newgroup pages
      so that they can be saved by the leaders.
      
      Add a bit of referrer magic to login page. When clicked from the join
      or new project pages, tell login page to pass along the referrer page
      so that when login is complete, user is zapped back to the original
      page. This is especially nice when combined with the above change to
      joinproject, whereby we send along the target pid/gid, but the user
      has not yet logged in and remembers to do so via the link at the top
      of the page.
      26bccd9e
  27. 25 Mar, 2003 1 commit
  28. 06 Mar, 2003 3 commits
  29. 10 Dec, 2002 2 commits
  30. 09 Dec, 2002 2 commits
  31. 05 Dec, 2002 1 commit
    • Mac Newbold's avatar
      First set of changes for proj head and all group roots in the group to get · 0c8a345c
      Mac Newbold authored
      mail instead of just the proj head. So far, the only mail that really does
      it is the swap requests, but others are coming soon, especially new user
      application mail and the like.
      
      Also clarified some of the documentation about students starting projects.
      New project page says they can't, and that their advisor has to do it,
      then links to auth.html, which says they can with prior special
      permission. Hopefully we won't get too many more students making project
      apps and messing things up.
      0c8a345c
  32. 24 Oct, 2002 1 commit
  33. 01 Oct, 2002 1 commit
    • Robert Ricci's avatar
      Change user verification keys. Verification key is now an md5 hash · a4e8ca5b
      Robert Ricci authored
      of a random number, as suggested in the php manual. This number
      is stashed in the database, in the new verify_key column in the
      users table.
      
      Rename the functions that generate and get the keys, and move from
      defs.php3 to dbdefs.php3, since they're now DB operations.
      a4e8ca5b
  34. 20 Sep, 2002 1 commit