Commit 4ed3d431 authored by Leigh Stoller's avatar Leigh Stoller

Okay, tricky change; ignore the path that comes into newimageid_ez; the

code to construct a path is duplicated is 5 different places and they
have gone out of sync. We have not allowed users to set the path for
years, but we were still constructing a path in php code and passing it
along. Throw them all away and construct the path the way we want it.

Apply same rules to admins; admins don't know what they are doing
either. I know, I'm an admin.

But if the admin sets the path to start with /usr/testbed/images, throw
that away, and construct proper path in /usr/testbed/images.
parent e1015373
#!/usr/bin/perl -w #!/usr/bin/perl -w
# #
# Copyright (c) 2000-2016 University of Utah and the Flux Group. # Copyright (c) 2000-2017 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -404,9 +404,14 @@ if (exists($newimageid_args{"nodetype"}) && ...@@ -404,9 +404,14 @@ if (exists($newimageid_args{"nodetype"}) &&
# we get a list of just the nodes that are currently in the testbed, not # we get a list of just the nodes that are currently in the testbed, not
# just in the node_types table. Limit by class if given. # just in the node_types table. Limit by class if given.
# #
# If we are using architectures, and the image has an architecture, then
# we will switch back to the non-allpc path since we have enough info to
# make a better decision.
#
my $types_querystring; my $types_querystring;
if ($allpc) { if ($allpc) {
$types_querystring = "select nt.type,nt.class from node_types as nt ". $types_querystring =
"select nt.type,nt.class,nt.architecture from node_types as nt ".
"left join node_type_attributes as a on a.type=nt.type ". "left join node_type_attributes as a on a.type=nt.type ".
"where a.attrkey='imageable' and a.attrvalue!='0' "; "where a.attrkey='imageable' and a.attrvalue!='0' ";
...@@ -540,51 +545,62 @@ if (exists($newimageid_args{"def_parentosid"})) { ...@@ -540,51 +545,62 @@ if (exists($newimageid_args{"def_parentosid"})) {
} }
# #
# The path must not contain illegal chars and it must be more than # We no longer allow users to set the path (via the web interface), so
# the original /proj/$pid we gave the user. We allow admins to specify # do not worry if it is not set, lets just set the path. In fact, we
# a path outside of /proj though. # are going to ignore all he places that pass in a path, that code is
# # duplicated in way too many places. The code below mirrors code in
if (!exists($newimageid_args{"path"}) || # clone_image, but we can throw that away and all the other places.
$newimageid_args{"path"} eq "") { #
UserError("Path: Missing Field"); # If its an admin, we allow the path to be set to /usr/testbed/images.
# We throw that away and set it the way we want it in /usr/testbed/images.
#
my $path;
my $spath = "/usr/testbed/images/";
my $ipid = $newimageid_args{"pid"};
my $igid = (exists($newimageid_args{"gid"}) &&
$newimageid_args{"gid"} ne "") ? $newimageid_args{"gid"} : "";
if ($ipid eq $igid || $global) {
$path = "$TBPROJ_DIR/$ipid/images/";
} }
elsif (! $isadmin) { else {
my $pdef = ""; $path = "$TBGROUP_DIR/$ipid/$igid/images/";
}
if (!($shared || $global) && if ($DOIMAGEDIRS) {
exists($newimageid_args{"gid"}) && $path .= "${imagename}/";
$newimageid_args{"gid"} ne "" && $spath .= "${imagename}/";
$newimageid_args{"gid"} ne $newimageid_args{"pid"}) { }
$pdef = "$TBGROUP_DIR/" . else {
$newimageid_args{"pid"} . "/" . $newimageid_args{"gid"} . "/"; $path .= "${imagename}.ndz";
$spath .= "${imagename}.ndz";
}
if ($isadmin) {
#
# Admins can provide a path, but this is probably a bad idea too.
# Ignore it unless /usr/testbed/images.
#
if (exists($newimageid_args{"path"}) &&
$newimageid_args{"path"} =~ /^\/usr\/testbed\/images/) {
$newimageid_args{"path"} = $spath;
} }
else { else {
$pdef = "$TBPROJ_DIR/" . $newimageid_args{"pid"} . "/images/"; $newimageid_args{"path"} = $path;
}
if (index($newimageid_args{"path"}, $pdef) < 0) {
UserError("Path: Invalid Path");
} }
} }
# else {
# Image path from the web interface does not respect the $newimageid_args{"path"} = $path;
# IMAGEDIRECTORIES feature or config variable. We fix it up here.
#
if ($newimageid_args{"path"} =~ /\/$/ &&
(! $DOIMAGEDIRS ||
! ($isadmin ||
EmulabFeatures->FeatureEnabled("ImageDirectories",
$this_user, $group)))) {
$newimageid_args{"path"} =~ s/\/$/.ndz/;
} }
if ($newimageid_args{"path"} =~ /\/$/) { if ($newimageid_args{"path"} =~ /\/$/) {
if (-e $newimageid_args{"path"} && ! -d $newimageid_args{"path"}) { if (-e $newimageid_args{"path"} && ! -d $newimageid_args{"path"}) {
UserError("Path: invalid path, it should be a directory"); UserError("Path: invalid path, it should be a directory");
} }
} }
elsif (-d $newimageid_args{"path"} =~ /\/$/) { elsif (-d $newimageid_args{"path"}) {
UserError("Path: invalid path, its a directory"); UserError("Path: invalid path, its a directory");
} }
if (1 || $debug) {
print "Setting path to " . $newimageid_args{"path"} . "\n";
}
# #
# We allow loadpart=0 for wholedisk images in the Long Form, and it # We allow loadpart=0 for wholedisk images in the Long Form, and it
...@@ -655,7 +671,7 @@ my $node_types_selected = 0; ...@@ -655,7 +671,7 @@ my $node_types_selected = 0;
# #
# If we have architectures defined in the node_types table, and we got # If we have architectures defined in the node_types table, and we got
# an architecture in the xml file for the image, we use those. Otherwise # an architecture in the xml file for the image, we use those. Otherwise
# fall back to the old method. # fall back to the old method.
# #
if (keys(%mtypes_arch) && if (keys(%mtypes_arch) &&
(exists($newimageid_args{"architecture"}) && (exists($newimageid_args{"architecture"}) &&
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment