Commit 6372cb0d authored by Leigh B. Stoller's avatar Leigh B. Stoller

Allow normal users to change node control parameters for nodes in

their experiments, via the experiment information page.
parent aa7de27f
......@@ -9,15 +9,6 @@ include("defs.php3");
#
LOGGEDINORDIE($uid);
#
# Admin users can control other nodes.
#
$isadmin = ISADMIN($uid);
if (! $isadmin) {
PAGEHEADER("Node Control");
USERERROR("You do not have admin privledges!", 1);
}
#
# Check to make sure that this is a valid nodeid
#
......@@ -28,6 +19,29 @@ if (mysql_num_rows($query_result) == 0) {
USERERROR("The node $node_id is not a valid nodeid", 1);
}
#
# Admin users can control any node, but normal users can only control
# nodes in their own experiments.
#
$isadmin = ISADMIN($uid);
if (! $isadmin) {
$query_result = mysql_db_query($TBDBNAME,
"SELECT experiments.* ".
"FROM experiments LEFT JOIN reserved ".
"ON experiments.pid=reserved.pid and experiments.eid=reserved.eid ".
"WHERE reserved.node_id=\"$node_id\"");
if (mysql_num_rows($query_result) == 0) {
PAGEHEADER("Node Control");
USERERROR("The node $node_id is not in an experiment", 1);
}
$foorow = mysql_fetch_array($query_result);
$expt_head_uid = $foorow[expt_head_uid];
if ($expt_head_uid != $uid) {
PAGEHEADER("Node Control");
USERERROR("You do not have permission to modify node $node_id!", 1);
}
}
#
# Now change the information.
#
......@@ -46,9 +60,14 @@ if (! $insert_result) {
}
#
# Zap back to the list. Seems better than a silly "we did it" message.
#
header("Location: nodecontrol_list.php3?uid=$uid");
# Zap back to the referrer. Seems better than a silly "we did it" message.
#
if ($refer == "list") {
header("Location: nodecontrol_list.php3?uid=$uid");
}
else {
header("Location: showexp.php3?uid=$uid&exp_pideid=$refer");
}
#
# No need to do a footer!
......
......@@ -12,27 +12,40 @@ PAGEHEADER("Node Control Form");
LOGGEDINORDIE($uid);
#
# Admin users can control other nodes.
# Check to make sure that this is a valid nodeid
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT * FROM nodes WHERE node_id=\"$node_id\"");
if (mysql_num_rows($query_result) == 0) {
USERERROR("The node $node_id is not a valid nodeid", 1);
}
$row = mysql_fetch_array($query_result);
#
# Admin users can control any node, but normal users can only control
# nodes in their own experiments.
#
$isadmin = ISADMIN($uid);
if (! $isadmin) {
USERERROR("You do not have admin privledges!", 1);
$query_result = mysql_db_query($TBDBNAME,
"SELECT experiments.* ".
"FROM experiments LEFT JOIN reserved ".
"ON experiments.pid=reserved.pid and experiments.eid=reserved.eid ".
"WHERE reserved.node_id=\"$node_id\"");
if (mysql_num_rows($query_result) == 0) {
USERERROR("The node $node_id is not in an experiment", 1);
}
$foorow = mysql_fetch_array($query_result);
$expt_head_uid = $foorow[expt_head_uid];
if ($expt_head_uid != $uid) {
USERERROR("You do not have permission to modify node $node_id!", 1);
}
}
echo "<center><h1>
Node Control Center: $node_id
</h1></center>";
#
# Check to make sure thats this is a valid nodeid
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT * FROM nodes WHERE node_id=\"$node_id\"");
if (mysql_num_rows($query_result) == 0) {
USERERROR("The node $node_id is not a valid nodeid", 1);
}
$row = mysql_fetch_array($query_result);
$node_id = $row[node_id];
$type = $row[type];
$def_boot_image_id = $row[def_boot_image_id];
......@@ -44,9 +57,11 @@ echo "<table border=2 cellpadding=0 cellspacing=2
align='center'>\n";
#
# Generate the form.
# Generate the form. Note that $refer is set by the caller so we know
# how we got to the nodecontrol page.
#
echo "<form action=\"nodecontrol.php3?uid=$uid\" method=\"post\">\n";
echo "<form action=\"nodecontrol.php3?uid=$uid&refer=$refer\"
method=\"post\">\n";
echo "<tr>
<td>Node ID:</td>
......
......@@ -83,7 +83,7 @@ while ($row = mysql_fetch_array($query_result)) {
echo "<tr>
<td align=center>
<A href='nodecontrol_form.php3?uid=$uid&node_id=$node_id'>
<A href='nodecontrol_form.php3?uid=$uid&node_id=$node_id&refer=list'>
<img alt=\"o\" src=\"redball.gif\"></A></td>
<td>$node_id</td>
<td>$type</td>
......
......@@ -10,13 +10,6 @@ PAGEHEADER("Show Experiment Information");
#
# Only known and logged in users can end experiments.
#
$uid = "";
if ( ereg("php3\?([[:alnum:]]+)",$REQUEST_URI,$Vals) ) {
$uid=$Vals[1];
addslashes($uid);
} else {
unset($uid);
}
LOGGEDINORDIE($uid);
$isadmin = ISADMIN($uid);
......@@ -137,16 +130,20 @@ if (mysql_num_rows($reserved_result)) {
echo "<h3>Reserved Nodes</h3>
<table align=center border=1>
<tr>
<td>Change</td>
<td>Node ID</td>
<td>Node Type</td>
<td>Default Image</td>
<td>Default Cmdline</td>
<td>Next Path</td>
<td>Next Cmdline</td>
</tr>\n";
#
# I'm so proud!
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT nodes.node_id, nodes.type, nodes.def_boot_image_id ".
"SELECT nodes.* ".
"FROM nodes LEFT JOIN reserved ".
"ON nodes.node_id=reserved.node_id ".
"WHERE reserved.eid=\"$exp_eid\" and reserved.pid=\"$exp_pid\"");
......@@ -154,11 +151,28 @@ if (mysql_num_rows($reserved_result)) {
while ($row = mysql_fetch_array($query_result)) {
$node_id = $row[node_id];
$type = $row[type];
$defid = $row[def_boot_image_id];
$def_boot_image_id = $row[def_boot_image_id];
$def_boot_cmd_line = $row[def_boot_cmd_line];
$next_boot_path = $row[next_boot_path];
$next_boot_cmd_line = $row[next_boot_cmd_line];
if (!$def_boot_cmd_line)
$def_boot_cmd_line = "NULL";
if (!$next_boot_path)
$next_boot_path = "NULL";
if (!$next_boot_cmd_line)
$next_boot_cmd_line = "NULL";
echo "<tr>
<td align=center>
<A href='nodecontrol_form.php3?uid=$uid&node_id=$node_id&refer=$exp_pideid'>
<img alt=\"o\" src=\"redball.gif\"></A></td>
<td>$node_id</td>
<td>$type</td>
<td>$defid</td>
<td>$def_boot_image_id</td>
<td>$def_boot_cmd_line</td>
<td>$next_boot_path</td>
<td>$next_boot_cmd_line</td>
</tr>\n";
}
echo "</table>\n";
......
......@@ -71,7 +71,7 @@ you are a member of.</h2>
<table align="center" border="1">
<?php
echo "<form action=\"showexp.php3?$uid\" method=\"post\">";
echo "<form action=\"showexp.php3?uid=$uid\" method=\"post\">";
echo "<tr>
<td align='center'>Project/Experiment</td>
</tr>\n";
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment