Commit 39da13e6 authored by Leigh Stoller's avatar Leigh Stoller

Add a checkbox to control whether a new type is initially restricted

from users.
parent 1077ffe7
#!/usr/bin/perl -wT
#
# Copyright (c) 2000-2012 University of Utah and the Flux Group.
# Copyright (c) 2000-2013 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
......@@ -32,12 +32,13 @@ use Data::Dumper;
#
sub usage()
{
print("Usage: editnodetype [-v] <xmlfile>\n");
print("Usage: editnodetype [-v] [-p] <xmlfile>\n");
exit(-1);
}
my $optlist = "dv";
my $debug = 0;
my $verify = 0; # Check data and return status only.
my $optlist = "dvp";
my $restrict = 0;
my $debug = 0;
my $verify = 0; # Check data and return status only.
#
# Configure variables
......@@ -45,6 +46,7 @@ my $verify = 0; # Check data and return status only.
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $TBAUDIT = "@TBAUDITEMAIL@";
my $UPDATEPERMS = "$TB/sbin/update_permissions";
#
# Untaint the path
......@@ -86,6 +88,9 @@ if (defined($options{"d"})) {
if (defined($options{"v"})) {
$verify = 1;
}
if (defined($options{"p"})) {
$restrict = 1;
}
if (@ARGV != 1) {
usage();
}
......@@ -587,10 +592,17 @@ if ($new_type) {
" attrvalue='$value' ");
}
# And a group policy that prevents new type from being used.
DBQueryFatal("replace into group_policies ".
"(pid_idx, gid_idx, pid, gid, policy, auxdata, count) ".
"values (0, 0, '-', '-', 'type', '$node_type', 0)");
if ($restrict) {
# And a group policy that prevents new type from being used.
DBQueryFatal("replace into group_policies ".
"(pid_idx, gid_idx, pid, gid, policy, auxdata, count) ".
"values (0, 0, '-', '-', 'type', '$node_type', 0)");
#
# Now update the permissions table.
#
system($UPDATEPERMS);
}
}
else {
DBQueryFatal("update node_types set ".
......
<?php
#
# Copyright (c) 2000-2012 University of Utah and the Flux Group.
# Copyright (c) 2000-2013 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
......@@ -347,6 +347,24 @@ function SPITFORM($node_type, $formfields, $attributes, $deletes, $errors)
</td>
</tr>\n";
if ($new_type) {
echo "<tr>
<td colspan=2>Restricted?:</td>
<td class=left>
<input type=checkbox
name=\"formfields[restricted]\"
value=Yep";
if (isset($formfields["restricted"]) &&
$formfields["restricted"] == "Yep")
echo " checked";
echo " > (Initially restrict nodes to emulab-ops)
</td>
</tr>\n";
}
#
# Now do attributes.
#
......@@ -699,7 +717,14 @@ if (isset($newattribute_name) && $newattribute_name != "" &&
$args["attr_${newattribute_type}_$newattribute_name"] = $newattribute_value;
}
if (! ($result = SetNodeType($node_type, $args, $errors))) {
# Restricted checkbox.
$restricted = 0;
if (isset($new_type) &&
isset($formfields['restricted']) && $formfields['restricted'] == "Yep") {
$restricted = 1;
}
if (! ($result = SetNodeType($node_type, $restricted, $args, $errors))) {
# Always respit the form so that the form fields are not lost.
# I just hate it when that happens so lets not be guilty of it ourselves.
SPITFORM($node_type, $formfields, $attributes, $deletes, $errors);
......@@ -723,7 +748,7 @@ PAGEFOOTER();
#
# Create or edit a nodetype. (No class for that at present.)
#
function SetNodeType($node_type, $args, &$errors) {
function SetNodeType($node_type, $restricted, $args, &$errors) {
global $suexec_output, $suexec_output_array;
#
......@@ -754,7 +779,10 @@ function SetNodeType($node_type, $args, &$errors) {
fclose($fp);
chmod($xmlname, 0666);
$retval = SUEXEC("nobody", "nobody", "webeditnodetype $xmlname",
# Restricted checkbox.
$optarg = ($restricted ? "-p" : "");
$retval = SUEXEC("nobody", "nobody", "webeditnodetype $optarg $xmlname",
SUEXEC_ACTION_IGNORE);
if ($retval) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment