def run_command(
command_list,
target_path,
crontab_entry,
configuration,
):
"""Run backend command built from command_list on behalf of user from
crontab_entry and with args mapped to the backend variables.
"""
pid = multiprocessing.current_process().pid
client_id = crontab_entry['run_as']
command_str = ' '.join(command_list)
logger.info('(%s) run command for %s: %s' % (pid, target_path,
command_list))
# logger.debug('(%s) run %s on behalf of %s' % (pid, command_str,
# client_id))
(function, user_arguments_dict) = parse_command_args(configuration,
command_list)
form_method = 'post'
target_op = "%s" % function
csrf_limit = get_csrf_limit(configuration)
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
user_arguments_dict[csrf_field] = [csrf_token]
# logger.debug('(%s) import main from %s' % (pid, function))
main = id
txt_format = id
try:
exec 'from shared.functionality.%s import main' % function
exec 'from shared.output import txt_format'
# logger.debug('(%s) run %s on %s for %s' % \
# (pid, function, user_arguments_dict, client_id))
# Fake HTTP POST manually setting fields required for CSRF check
os.environ['HTTP_USER_AGENT'] = 'grid cron daemon'
os.environ['PATH_INFO'] = '%s.py' % function
os.environ['REQUEST_METHOD'] = form_method.upper()
# We may need a REMOTE_ADDR for gdplog call even if not really enabled
os.environ['REMOTE_ADDR'] = '127.0.0.1'
(output_objects, (ret_code, ret_msg)) = main(client_id,
user_arguments_dict)
except Exception, exc:
logger.error('(%s) failed to run %s main on %s: %s' %
(pid, function, user_arguments_dict, exc))
import traceback
logger.info('traceback:\n%s' % traceback.format_exc())
raise exc
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
client_dir = client_id_dir(client_id)
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
if not configuration.site_enable_jobs:
output_objects.append({
'object_type':
'error_text',
'text':
'''Job execution is not enabled on this system'''
})
return (output_objects, returnvalues.SYSTEM_ERROR)
status = returnvalues.OK
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'Job Manager'
user_settings = title_entry.get('user_settings', {})
title_entry['style'] = css_tmpl(configuration, user_settings)
csrf_map = {}
method = 'post'
limit = get_csrf_limit(configuration)
for target_op in csrf_backends:
csrf_map[target_op] = make_csrf_token(configuration, method, target_op,
client_id, limit)
(add_import, add_init, add_ready) = js_tmpl_parts(csrf_map)
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({'object_type': 'header', 'text': 'Job Manager'})
output_objects.append({
'object_type': 'table_pager',
'entry_name': 'jobs',
'default_entries': default_pager_entries,
'form_append': pager_append()
})
output_objects.append({'object_type': 'html_form', 'text': html_post()})
return (output_objects, status)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'People'
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
operation = accepted['operation'][-1]
caching = (accepted['caching'][-1].lower() in ('true', 'yes'))
if not operation in allowed_operations:
output_objects.append({'object_type': 'text', 'text':
'''Operation must be one of %s.''' %
', '.join(allowed_operations)})
return (output_objects, returnvalues.OK)
logger.info("%s %s begin for %s" % (op_name, operation, client_id))
pending_updates = False
if operation in show_operations:
# jquery support for tablesorter and confirmation on "send"
# table initially sorted by 0 (name)
# NOTE: We distinguish between caching on page load and forced refresh
refresh_helper = 'ajax_people(%s, %%s)'
refresh_call = refresh_helper % configuration.notify_protocols
table_spec = {'table_id': 'usertable', 'sort_order': '[[0,0]]',
'refresh_call': refresh_call % 'false'}
(add_import, add_init, add_ready) = man_base_js(configuration,
[table_spec],
{'width': 640})
if operation == "show":
add_ready += '%s;' % (refresh_call % 'true')
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({'object_type': 'html_form',
'text': man_base_html(configuration)})
output_objects.append({'object_type': 'header', 'text': 'People'})
output_objects.append(
{'object_type': 'text', 'text':
'View and communicate with other users.'
})
output_objects.append(
{'object_type': 'sectionheader', 'text': 'All users'})
# Helper form for sends
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
target_op = 'sendrequestaction'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper('sendmsg', '%s.py' % target_op,
{'cert_id': '__DYNAMIC__',
'protocol': '__DYNAMIC__',
'request_type': 'plain',
'request_text': '',
csrf_field: csrf_token})
output_objects.append({'object_type': 'html_form', 'text':
helper})
output_objects.append({'object_type': 'table_pager', 'entry_name':
'people', 'default_entries':
default_pager_entries})
users = []
if operation in list_operations:
logger.info("get vgrid and user map with caching %s" % caching)
visible_user = user_visible_user_confs(configuration, client_id,
caching)
vgrid_access = user_vgrid_access(configuration, client_id,
caching=caching)
anon_map = anon_to_real_user_map(configuration)
if not visible_user:
output_objects.append(
{'object_type': 'error_text', 'text': 'no users found!'})
return (output_objects, returnvalues.SYSTEM_ERROR)
if caching:
modified_users, _ = check_users_modified(configuration)
modified_vgrids, _ = check_vgrids_modified(configuration)
if modified_users:
logger.info("pending user cache updates: %s" % modified_users)
pending_updates = True
elif modified_vgrids:
logger.info("pending vgrid cache updates: %s" %
modified_vgrids)
pending_updates = True
else:
logger.info("no pending cache updates")
for (visible_user_id, user_dict) in visible_user.items():
user_id = visible_user_id
if visible_user_id in anon_map.keys():
# Maintain user anonymity
pretty_id = 'Anonymous user with unique ID %s' % visible_user_id
user_id = anon_map[visible_user_id]
else:
# Show user-friendly version of user ID
hide_email = user_dict.get(CONF, {}).get('HIDE_EMAIL_ADDRESS',
True)
pretty_id = pretty_format_user(user_id, hide_email)
user_obj = {'object_type': 'user', 'name': visible_user_id,
'pretty_id': pretty_id}
user_obj.update(user_dict)
# NOTE: datetime is not json-serializable so we force to string
created = user_obj.get(CONF, {}).get('CREATED_TIMESTAMP', '')
if created:
user_obj[CONF]['CREATED_TIMESTAMP'] = str(created)
user_obj['userdetailslink'] = \
{'object_type': 'link',
'destination':
'viewuser.py?cert_id=%s'
% quote(visible_user_id),
'class': 'infolink iconspace',
'title': 'View details for %s' %
visible_user_id,
'text': ''}
vgrids_allow_email = user_dict[CONF].get('VGRIDS_ALLOW_EMAIL', [])
vgrids_allow_im = user_dict[CONF].get('VGRIDS_ALLOW_IM', [])
if any_vgrid in vgrids_allow_email:
email_vgrids = vgrid_access
else:
email_vgrids = set(
vgrids_allow_email).intersection(vgrid_access)
if any_vgrid in vgrids_allow_im:
im_vgrids = vgrid_access
else:
im_vgrids = set(vgrids_allow_im).intersection(vgrid_access)
for proto in configuration.notify_protocols:
if not email_vgrids and proto == 'email':
continue
if not im_vgrids and proto != 'email':
continue
if user_obj[CONF].get(proto.upper(), None):
link = 'send%slink' % proto
user_obj[link] = {
'object_type': 'link',
'destination':
"javascript: confirmDialog(%s, '%s', '%s', %s);"
% ('sendmsg', 'Really send %s message to %s?'
% (proto, visible_user_id),
'request_text',
"{cert_id: '%s', 'protocol': '%s'}" %
(visible_user_id, proto)),
'class': "%s iconspace" % link,
'title': 'Send %s message to %s' %
(proto, visible_user_id),
'text': ''}
logger.debug("append user %s" % user_obj)
users.append(user_obj)
if operation == "show":
# insert dummy placeholder to build table
user_obj = {'object_type': 'user', 'name': ''}
users.append(user_obj)
output_objects.append({'object_type': 'user_list',
'pending_updates': pending_updates,
'users': users})
logger.info("%s %s end for %s" % (op_name, operation, client_id))
return (output_objects, returnvalues.OK)
def build_useritem_object_from_user_dict(configuration, client_id,
visible_user_id, user_home, user_dict,
allow_vgrids):
"""Build a user object based on input user_dict"""
profile_specs = get_profile_specs()
user_specs = get_settings_specs()
user_item = {
'object_type': 'user_info',
'user_id': visible_user_id,
'fields': [],
}
if visible_user_id.find('@') != -1:
show_user_id = pretty_format_user(visible_user_id)
else:
show_user_id = visible_user_id
user_item['fields'].append(('Public user ID', show_user_id))
public_image = user_dict[CONF].get('PUBLIC_IMAGE', [])
public_image = [
rel_path for rel_path in public_image
if os.path.exists(os.path.join(user_home, rel_path))
]
img_html = '<div class="public_image">'
if not public_image:
img_html += '<span class="anonymous-profile-img"></span>'
for rel_path in public_image:
img_path = os.path.join(user_home, rel_path)
img_data = inline_image(configuration, img_path)
img_html += '<img alt="portrait" class="profile-img" src="%s">' % \
img_data
img_html += '</div>'
public_profile = user_dict[CONF].get('PUBLIC_PROFILE', [])
if not public_profile:
public_profile = ['No public information provided']
profile_html = ''
profile_html += '<br/>'.join(public_profile)
profile_html += ''
public_html = '<div class="">\n%s\n</div>' % profile_html
profile_html += '<div class="clear"></div>'
public_html += '<div class="public_frame">\n%s\n</div>' % img_html
profile_html += '<div class="clear"></div>'
user_item['fields'].append(('Public information', public_html))
vgrids_allow_email = user_dict[CONF].get('VGRIDS_ALLOW_EMAIL', [])
vgrids_allow_im = user_dict[CONF].get('VGRIDS_ALLOW_IM', [])
hide_email = user_dict[CONF].get('HIDE_EMAIL_ADDRESS', True)
hide_im = user_dict[CONF].get('HIDE_IM_ADDRESS', True)
if hide_email:
email_vgrids = []
elif any_vgrid in vgrids_allow_email:
email_vgrids = allow_vgrids
else:
email_vgrids = set(vgrids_allow_email).intersection(allow_vgrids)
if hide_im:
im_vgrids = []
elif any_vgrid in vgrids_allow_im:
im_vgrids = allow_vgrids
else:
im_vgrids = set(vgrids_allow_im).intersection(allow_vgrids)
show_contexts = ['notify']
for (key, val) in user_specs:
proto = key.lower()
if not val['Context'] in show_contexts:
continue
saved = user_dict[CONF].get(key, None)
if val['Type'] != 'multiplestrings':
saved = [saved]
entry = ''
if not email_vgrids and key == 'EMAIL':
show_address = ' (email address hidden)'
elif not im_vgrids and key != 'EMAIL':
show_address = '(IM address hidden)'
else:
show_address = ', '.join(saved)
if saved:
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
target_op = 'sendrequestaction'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
js_name = 'send%s%s' % (proto, hexlify(visible_user_id))
helper = html_post_helper(
js_name, '%s.py' % target_op, {
'cert_id': visible_user_id,
'request_type': 'plain',
'protocol': proto,
'request_text': '',
csrf_field: csrf_token
})
entry += helper
link = 'send%slink' % proto
link_obj = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s', '%s');" %
(js_name, 'Send %s message to %s' %
(proto, visible_user_id), 'request_text'),
'class':
link,
'title':
'Send %s message to %s' % (proto, visible_user_id),
'text':
show_address
}
entry += "%s " % html_link(link_obj)
user_item['fields'].append((val['Title'], entry))
return user_item
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = "Show freeze"
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
freeze_id = accepted['freeze_id'][-1]
flavor = accepted['flavor'][-1]
checksum_list = [i for i in accepted['checksum'] if i]
operation = accepted['operation'][-1]
if not flavor in freeze_flavors.keys():
output_objects.append({
'object_type': 'error_text',
'text': 'Invalid freeze flavor: %s' % flavor
})
return (output_objects, returnvalues.CLIENT_ERROR)
title = freeze_flavors[flavor]['showfreeze_title']
title_entry['text'] = title
output_objects.append({'object_type': 'header', 'text': title})
sorted_algos = supported_hash_algos()
sorted_algos.sort()
for checksum in checksum_list:
if not checksum in sorted_algos:
output_objects.append({
'object_type':
'error_text',
'text':
'Invalid checksum algo(s): %s' % checksum
})
return (output_objects, returnvalues.CLIENT_ERROR)
if not configuration.site_enable_freeze:
output_objects.append({
'object_type':
'error_text',
'text':
'''Freezing archives is disabled on this site.
Please contact the site admins %s if you think it should be enabled.
''' % configuration.admin_email
})
return (output_objects, returnvalues.OK)
if not operation in allowed_operations:
output_objects.append({
'object_type':
'error_text',
'text':
'''Operation must be one of %s.''' % ', '.join(allowed_operations)
})
return (output_objects, returnvalues.OK)
# We don't generally know checksum and edit status until AJAX returns
hide_elems = {'edit': 'hidden', 'update': 'hidden', 'register': 'hidden'}
for algo in sorted_algos:
hide_elems['%ssum' % algo] = 'hidden'
if operation in show_operations:
# jquery support for tablesorter and confirmation dialog
# table initially sorted by col. 0 (filename)
refresh_call = 'ajax_showfreeze("%s", "%s", %s, "%s", "%s", "%s", "%s")' % \
(freeze_id, flavor, checksum_list, keyword_updating,
keyword_final, configuration.site_freeze_doi_url,
configuration.site_freeze_doi_url_field)
table_spec = {
'table_id': 'frozenfilestable',
'sort_order': '[[0,0]]',
'refresh_call': refresh_call
}
(add_import, add_init,
add_ready) = man_base_js(configuration, [table_spec])
if operation == "show":
add_ready += '%s;' % refresh_call
# Only show requested checksums
for algo in sorted_algos:
if algo in checksum_list:
add_ready += """
$('.%ssum').show();
""" % checksum
else:
add_ready += """
$('.%ssum').hide();
""" % algo
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({
'object_type': 'html_form',
'text': man_base_html(configuration)
})
output_objects.append({
'object_type': 'table_pager',
'entry_name': 'frozen files',
'default_entries': default_pager_entries,
'refresh_button': False
})
# Helper form for removes
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
target_op = 'deletefreeze'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper(
'delfreeze', '%s.py' % target_op, {
'freeze_id': '__DYNAMIC__',
'flavor': '__DYNAMIC__',
'path': '__DYNAMIC__',
'target': TARGET_PATH,
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
# NB: the restrictions on freeze_id prevents illegal directory traversal
if not is_frozen_archive(client_id, freeze_id, configuration):
logger.error("%s: invalid freeze '%s': %s" %
(op_name, client_id, freeze_id))
output_objects.append({
'object_type':
'error_text',
'text':
"'%s' is not an existing frozen archive!" % freeze_id
})
return (output_objects, returnvalues.CLIENT_ERROR)
if operation in list_operations:
(load_status,
freeze_dict) = get_frozen_archive(client_id, freeze_id, configuration,
checksum_list)
if not load_status:
logger.error("%s: load failed for '%s': %s" %
(op_name, freeze_id, freeze_dict))
output_objects.append({
'object_type':
'error_text',
'text':
'Could not read details for "%s"' % freeze_id
})
return (output_objects, returnvalues.SYSTEM_ERROR)
if freeze_dict.get('FLAVOR', 'freeze') != flavor:
logger.error("%s: flavor mismatch for '%s': %s vs %s" %
(op_name, freeze_id, flavor, freeze_dict))
output_objects.append({
'object_type':
'error_text',
'text':
'No such %s archive "%s"' % (flavor, freeze_id)
})
return (output_objects, returnvalues.CLIENT_ERROR)
# Allow edit if not in updating/final state and allow request DOI if
# finalized and not a backup archive.
freeze_state = freeze_dict.get('STATE', keyword_final)
if freeze_state == keyword_updating:
hide_elems['update'] = ''
elif freeze_state != keyword_final:
hide_elems['edit'] = ''
elif flavor != 'backup' and configuration.site_freeze_doi_url and \
freeze_dict.get('PUBLISH_URL', ''):
hide_elems['register'] = ''
logger.debug("%s: build obj for '%s': %s" %
(op_name, freeze_id, brief_freeze(freeze_dict)))
output_objects.append(
build_freezeitem_object(configuration, freeze_dict))
if operation == "show":
# insert dummy placeholder to build table
output_objects.append({
'object_type': 'frozenarchive',
'id': freeze_id,
'creator': client_id,
'flavor': flavor,
'frozenfiles': [],
'name': 'loading ...',
'description': 'loading ...',
'created': 'loading ...',
'state': 'loading ...'
})
if operation in show_operations:
output_objects.append({
'object_type':
'html_form',
'text':
"""<p>
Show archive with file checksums - might take quite a while to calculate:
</p>"""
})
for algo in sorted_algos:
output_objects.append({'object_type': 'html_form', 'text': '<p>'})
output_objects.append({
'object_type':
'link',
'destination':
"showfreeze.py?freeze_id=%s;flavor=%s;checksum=%s" %
(freeze_id, flavor, algo),
'class':
'infolink iconspace genericbutton',
'title':
'View archive with %s checksums' % algo.upper(),
'text':
'Show with %s checksums' % algo.upper()
})
output_objects.append({'object_type': 'html_form', 'text': '</p>'})
# We don't know state of archive in this case until AJAX returns
# so we hide the section and let AJAX show it if relevant
output_objects.append({
'object_type':
'html_form',
'text':
"""
<div class='updatearchive %(update)s'>
<p class='warn_message'>
Archive is currently in the process of being updated. No further changes can be
applied until running archive operations are completed.
</p>
</div>
<div class='editarchive %(edit)s'>
<p>
You can continue inspecting and changing your archive until you're satisfied,
then finalize it for actual persistent freezing.
</p>
<p>""" % hide_elems
})
output_objects.append({
'object_type':
'link',
'destination':
"adminfreeze.py?freeze_id=%s;flavor=%s" % (freeze_id, flavor),
'class':
'editarchivelink iconspace genericbutton',
'title':
'Further modify your pending %s archive' % flavor,
'text':
'Edit archive'
})
output_objects.append({'object_type': 'html_form', 'text': '</p>'})
form_method = 'post'
target_op = 'createfreeze'
csrf_limit = get_csrf_limit(configuration)
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper(
'createfreeze', '%s.py' % target_op, {
'freeze_id': freeze_id,
'flavor': flavor,
'freeze_state': keyword_final,
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
output_objects.append({
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s');" %
('createfreeze', 'Really finalize %s?' % freeze_id),
'class':
'finalizearchivelink iconspace genericbutton',
'title':
'Finalize %s archive to prevent further changes' % flavor,
'text':
'Finalize archive',
})
output_objects.append({
'object_type':
'html_form',
'text':
"""
</div>
<div class='registerarchive %(register)s'>
<p>
You can register a <a href='http://www.doi.org/index.html'>Digital Object
Identifier (DOI)</a> for finalized archives. This may be useful in case you
want to reference the contents in a publication.
</p>
""" % hide_elems
})
form_method = 'post'
target_op = 'registerfreeze'
csrf_limit = get_csrf_limit(configuration)
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper(
'registerfreeze', configuration.site_freeze_doi_url, {
'freeze_id': freeze_id,
'freeze_author': client_id,
configuration.site_freeze_doi_url_field: '__DYNAMIC__',
'callback_url': "%s.py" % target_op,
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
output_objects.append({
'object_type': 'html_form',
'text': configuration.site_freeze_doi_text
})
output_objects.append({
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s');" %
('registerfreeze', 'Really request DOI for %s?' % freeze_id),
'class':
'registerarchivelink iconspace genericbutton',
'title':
'Register a DOI for %s archive %s' % (flavor, freeze_id),
'text':
'Request archive DOI',
})
output_objects.append({
'object_type': 'html_form',
'text': """
</div>"""
})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<div class='vertical-spacer'></div>"""
})
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
client_dir = client_id_dir(client_id)
defaults = signature()[1]
title_entry = find_entry(output_objects, 'title')
label = "%s" % configuration.site_vgrid_label
title_entry['text'] = "Update %s Components" % label
output_objects.append({
'object_type': 'header',
'text': 'Update %s Components' % label
})
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
vgrid_name = accepted['vgrid_name'][-1]
if not safe_handler(configuration, 'post', op_name, client_id,
get_csrf_limit(configuration), accepted):
output_objects.append({
'object_type':
'error_text',
'text':
'''Only accepting
CSRF-filtered POST requests to prevent unintended updates'''
})
return (output_objects, returnvalues.CLIENT_ERROR)
if not vgrid_is_owner(vgrid_name, client_id, configuration):
output_objects.append({
'object_type':
'error_text',
'text':
'Only owners of %s can administrate it.' % vgrid_name
})
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'vgrid_label': label,
'vgrid_name': vgrid_name,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'sendrequestaction'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
output_objects.append({
'object_type':
'html_form',
'text':
'''
<form method="%(form_method)s" action="%(target_op)s.py">
<input type="hidden" name="%(csrf_field)s" value="%(csrf_token)s" />
<input type="hidden" name="vgrid_name" value="%(vgrid_name)s"/>
<input type="hidden" name="request_type" value="vgridowner"/>
<input type="text" size=50 name="request_text" />
<input type="hidden" name="output_format" value="html" />
<input type="submit" value="Request %(vgrid_label)s access" />
</form>
''' % fill_helpers
})
return (output_objects, returnvalues.SYSTEM_ERROR)
# Please note that base_dir must end in slash to avoid access to other
# user dirs when own name is a prefix of another user name
base_dir = os.path.abspath(
os.path.join(configuration.vgrid_home, vgrid_name)) + os.sep
public_base_dir = \
os.path.abspath(os.path.join(configuration.vgrid_public_base,
vgrid_name)) + os.sep
public_scm_dir = \
os.path.abspath(os.path.join(configuration.vgrid_public_base,
vgrid_name, '.vgridscm')) + os.sep
public_tracker_dir = \
os.path.abspath(os.path.join(configuration.vgrid_public_base,
vgrid_name, '.vgridtracker')) + os.sep
private_base_dir = \
os.path.abspath(os.path.join(configuration.vgrid_private_base,
vgrid_name)) + os.sep
private_scm_dir = \
os.path.abspath(os.path.join(configuration.vgrid_private_base,
vgrid_name, '.vgridscm')) + os.sep
private_tracker_dir = \
os.path.abspath(os.path.join(configuration.vgrid_private_base,
vgrid_name, '.vgridtracker')) + os.sep
private_forum_dir = \
os.path.abspath(os.path.join(configuration.vgrid_private_base,
vgrid_name, '.vgridforum')) + os.sep
vgrid_files_dir = \
os.path.abspath(os.path.join(configuration.vgrid_files_home,
vgrid_name)) + os.sep
vgrid_scm_dir = \
os.path.abspath(os.path.join(configuration.vgrid_files_home,
vgrid_name, '.vgridscm')) + os.sep
vgrid_tracker_dir = \
os.path.abspath(os.path.join(configuration.vgrid_files_home,
vgrid_name, '.vgridtracker')) + os.sep
output_objects.append({'object_type': 'text', 'text':
'Updating %s %s components ...' % \
(label, vgrid_name)})
# Try to create all base directories used for vgrid files
for path in (base_dir, public_base_dir, private_base_dir, vgrid_files_dir):
try:
os.mkdir(path)
except Exception, exc:
pass
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False, op_menu=False)
client_dir = client_id_dir(client_id)
defaults = signature()[1]
(validate_status, accepted) = validate_input(user_arguments_dict,
defaults,
output_objects,
allow_rejects=False)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
if not configuration.site_enable_openid or \
not 'migoid' in configuration.site_signup_methods:
output_objects.append({
'object_type':
'error_text',
'text':
'''Local OpenID login is not enabled on this site'''
})
return (output_objects, returnvalues.SYSTEM_ERROR)
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = '%s OpenID account request' % \
configuration.short_title
title_entry['skipmenu'] = True
form_fields = [
'full_name', 'organization', 'email', 'country', 'state', 'password',
'verifypassword', 'comment'
]
title_entry['style']['advanced'] += account_css_helpers(configuration)
add_import, add_init, add_ready = account_js_helpers(
configuration, form_fields)
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
title_entry['script']['body'] = "class='staticpage'"
header_entry = {
'object_type':
'header',
'text':
'Welcome to the %s OpenID account request page' %
configuration.short_title
}
output_objects.append(header_entry)
output_objects.append({
'object_type':
'html_form',
'text':
'''
<div id="contextual_help">
</div>
'''
})
# Please note that base_dir must end in slash to avoid access to other
# user dirs when own name is a prefix of another user name
base_dir = os.path.abspath(
os.path.join(configuration.user_home, client_dir)) + os.sep
user_fields = {
'full_name': '',
'organization': '',
'email': '',
'state': '',
'country': '',
'password': '',
'verifypassword': ''
}
if not os.path.isdir(base_dir) and client_id:
# Redirect to extcert page with certificate requirement but without
# changing access method (CGI vs. WSGI).
extcert_url = os.environ['REQUEST_URI'].replace('-sid', '-bin')
extcert_url = os.path.join(os.path.dirname(extcert_url), 'extcert.py')
extcert_link = {
'object_type': 'link',
'destination': extcert_url,
'text': 'Sign up with existing certificate (%s)' % client_id
}
output_objects.append({
'object_type':
'warning',
'text':
'''Apparently
you already have a suitable %s certificate that you may sign up with:''' %
configuration.short_title
})
output_objects.append(extcert_link)
output_objects.append({
'object_type':
'warning',
'text':
'''However,
if you want a dedicated %s %s User OpenID you can still request one below:''' %
(configuration.short_title, configuration.user_mig_oid_title)
})
elif client_id:
for entry in (title_entry, header_entry):
entry['text'] = entry['text'].replace('request', 'request / renew')
output_objects.append({
'object_type':
'html_form',
'text':
'''<p>
Apparently you already have valid %s credentials, but if you want to add %s
User OpenID access to the same account you can do so by posting the form below.
Changing fields is <span class="warningtext"> not </span> supported, so all fields
must remain unchanged for it to work.
Otherwise it results in a request for a new account and OpenID without access
to your old files, jobs and privileges. </p>''' %
(configuration.short_title, configuration.user_mig_oid_title)
})
user_fields.update(distinguished_name_to_user(client_id))
# Site policy dictates min length greater or equal than password_min_len
policy_min_len, policy_min_classes = parse_password_policy(configuration)
user_fields.update({
'valid_name_chars':
'%s (and common accents)' % html_escape(valid_name_chars),
'valid_password_chars':
html_escape(valid_password_chars),
'password_min_len':
max(policy_min_len, password_min_len),
'password_max_len':
password_max_len,
'password_min_classes':
max(policy_min_classes, 1),
'site':
configuration.short_title
})
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'reqoidaction'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
fill_helpers.update({'site_signup_hint': configuration.site_signup_hint})
fill_helpers.update(user_fields)
html = """
<p class="sub-title">Please enter your information in at least the <span>mandatory</span> fields below and press the Send button to submit the OpenID account request to the %(site)s administrators.</p>
%(site_signup_hint)s
<p class='criticaltext highlight_message'>
IMPORTANT: Please help us verify your identity by providing Organization and
Email data that we can easily validate!
</p>
<hr />
"""
user_country = user_fields.get('country', '')
html += account_request_template(configuration,
default_country=user_country)
# TODO: remove this legacy version?
html += """
<div style="height: 0; visibility: hidden; display: none;">
<!--OLD FORM-->
<form method='%(form_method)s' action='%(target_op)s.py' onSubmit='return validate_form();'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<table>
<!-- NOTE: javascript support for unicode pattern matching is lacking so we
only restrict e.g. Full Name to words separated by space here. The
full check takes place in the backend, but users are better of with
sane early warnings than the cryptic backend errors.
-->
<tr><td class='mandatory label'>Full name</td><td><input id='full_name_field' type=text name=cert_name value='%(full_name)s' required pattern='[^ ]+([ ][^ ]+)+' title='Your full name, i.e. two or more names separated by space' /></td><td class=fill_space><br /></td></tr>
<tr><td class='mandatory label'>Email address</td><td><input id='email_field' type=email name=email value='%(email)s' required title='A valid email address that you read' /> </td><td class=fill_space><br /></td></tr>
<tr><td class='mandatory label'>Organization</td><td><input id='organization_field' type=text name=org value='%(organization)s' required pattern='[^ ]+([ ][^ ]+)*' title='Name of your organisation: one or more abbreviations or words separated by space' /></td><td class=fill_space><br /></td></tr>
<tr><td class='mandatory label'>Two letter country-code</td><td><input id='country_field' type=text name=country minlength=2 maxlength=2 value='%(country)s' required pattern='[A-Z]{2}' title='The two capital letters used to abbreviate your country' /></td><td class=fill_space><br /></td></tr>
<tr><td class='optional label'>State</td><td><input id='state_field' type=text name=state value='%(state)s' pattern='([A-Z]{2})?' maxlength=2 title='Leave empty or enter the capital 2-letter abbreviation of your state if you are a US resident' /> </td><td class=fill_space><br /></td></tr>
<tr><td class='mandatory label'>Password</td><td><input id='password_field' type=password name=password minlength=%(password_min_len)d maxlength=%(password_max_len)d value='%(password)s' required pattern='.{%(password_min_len)d,%(password_max_len)d}' title='Password of your choice, see help box for limitations' /> </td><td class=fill_space><br /></td></tr>
<tr><td class='mandatory label'>Verify password</td><td><input id='verifypassword_field' type=password name=verifypassword minlength=%(password_min_len)d maxlength=%(password_max_len)d value='%(verifypassword)s' required pattern='.{%(password_min_len)d,%(password_max_len)d}' title='Repeat your chosen password' /></td><td class=fill_space><br /></td></tr>
<!-- NOTE: we technically allow saving the password on scrambled form hide it by default -->
<tr class='hidden'><td class='optional label'>Password recovery</td><td class=''><input id='passwordrecovery_checkbox' type=checkbox name=passwordrecovery></td>
</td><td class=fill_space><br/></td></tr>
<tr><td class='optional label'>Optional comment or reason why you should<br />be granted a %(site)s account:</td><td><textarea id='comment_field' rows=4 name=comment title='A free-form comment where you can explain what you need the account for' ></textarea></td><td class=fill_space><br /></td></tr>
<tr><td class='label'><!-- empty area --></td><td>
<input id='submit_button' type=submit value=Send /></td><td class=fill_space><br/></td></tr>
</table>
</form>
<hr />
<div class='warn_message'>Please note that if you enable password recovery your password will be saved on encoded format but recoverable by the %(site)s administrators</div>
</div>
<br />
<br />
<!-- Hidden help text -->
<div id='help_text'>
<div id='1full_name_help'>Your full name, restricted to the characters in '%(valid_name_chars)s'</div>
<div id='1organization_help'>Organization name or acronym matching email</div>
<div id='1email_help'>Email address associated with your organization if at all possible</div>
<div id='1country_help'>Country code of your organization and on the form DE/DK/GB/US/.. , <a href='https://en.wikipedia.org/wiki/ISO_3166-1'>help</a></div>
<div id='1state_help'>Optional 2-letter ANSI state code of your organization, please just leave empty unless it is in the US or similar, <a href='https://en.wikipedia.org/wiki/List_of_U.S._state_abbreviations'>help</a></div>
<div id='1password_help'>Password is restricted to the characters:<br/><tt>%(valid_password_chars)s</tt><br/>Certain other complexity requirements apply for adequate strength. For example it must be %(password_min_len)s to %(password_max_len)s characters long and contain at least %(password_min_classes)d different character classes.</div>
<div id='1verifypassword_help'>Please repeat password</div>
<!--<div id='1comment_help'>Optional, but a short informative comment may help us verify your account needs and thus speed up our response. Typically the name of a local collaboration partner or project may be helpful.</div>-->
</div>
"""
output_objects.append({
'object_type': 'html_form',
'text': html % fill_helpers
})
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
output_objects.append({
'object_type': 'header',
'text': 'Create runtime environment'
})
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
re_template = accepted['re_template'][-1].upper().strip()
software_entries = int(accepted['software_entries'][-1])
environment_entries = int(accepted['environment_entries'][-1])
testprocedure_entry = int(accepted['testprocedure_entry'][-1])
template = {}
if re_template:
if not is_runtime_environment(re_template, configuration):
output_objects.append({
'object_type':
'error_text',
'text':
"re_template ('%s') is not a valid existing runtime env!" %
re_template
})
return (output_objects, returnvalues.CLIENT_ERROR)
(template, msg) = get_re_dict(re_template, configuration)
if not template:
output_objects.append({
'object_type':
'error_text',
'text':
'Could not read re_template %s. %s' % (re_template, msg)
})
return (output_objects, returnvalues.SYSTEM_ERROR)
# Override template fields if user loaded a template and modified the
# required entries and chose update.
# Use default of 1 sw, 1 env and 0 test or template setting otherwise
if software_entries < 0:
software_entries = len(template.get('SOFTWARE', [None]))
if environment_entries < 0:
environment_entries = len(template.get('ENVIRONMENTVARIABLE', [None]))
if testprocedure_entry < 0:
testprocedure_entry = len(template.get('TESTPROCEDURE', []))
if template.has_key('SOFTWARE'):
new_sw = template['SOFTWARE'][:software_entries]
template['SOFTWARE'] = new_sw
if template.has_key('ENVIRONMENTVARIABLE'):
new_env = template['ENVIRONMENTVARIABLE'][:environment_entries]
template['ENVIRONMENTVARIABLE'] = new_env
if template.has_key('TESTPROCEDURE'):
new_test = template['TESTPROCEDURE'][:testprocedure_entry]
template['TESTPROCEDURE'] = new_test
# Avoid DoS, limit number of software_entries
if software_entries > max_software_entries:
output_objects.append(
{'object_type': 'error_text', 'text'
: 'Maximum number of software_entries %s exceeded (%s)' % \
(max_software_entries, software_entries)})
return (output_objects, returnvalues.CLIENT_ERROR)
# Avoid DoS, limit number of environment_entries
if environment_entries > max_environment_entries:
output_objects.append(
{'object_type': 'error_text', 'text'
: 'Maximum number of environment_entries %s exceeded (%s)' % \
(max_environment_entries, environment_entries)})
return (output_objects, returnvalues.CLIENT_ERROR)
rekeywords_dict = get_keywords_dict()
(list_status, ret) = list_runtime_environments(configuration)
if not list_status:
output_objects.append({'object_type': 'error_text', 'text': ret})
return (output_objects, returnvalues.SYSTEM_ERROR)
output_objects.append({
'object_type':
'text',
'text':
'Use existing Runtime Environment as template'
})
html_form = \
"""<form method='get' action='adminre.py'>
<select name='re_template'>
<option value=''>None</option>
"""
for existing_re in ret:
html_form += " <option value='%s'>%s</option>\n" % \
(existing_re, existing_re)
html_form += """
</select>
<input type='submit' value='Get' />
</form>"""
output_objects.append({'object_type': 'html_form', 'text': html_form})
output_objects.append({
'object_type':
'text',
'text':
'''Note that a runtime environment can not be changed after creation
and it can only be removed if not in use by any resources, so please be careful
when filling in the details'''
})
output_objects.append({
'object_type':
'text',
'text':
'''Changing the number of software and environment entries removes
all data in the form, so please enter the correct values before entering any
information.'''
})
html_form = \
"""<form method='get' action='adminre.py'>
<table>
"""
html_form += """
<tr>
<td>Number of needed software entries</td>
<td><input type='number' name='software_entries' min=0 max=99
minlength=1 maxlength=2 value='%s' required pattern='[0-9]{1,2}'
title='number of software entries needed in runtime environment' /></td>
</tr>""" % software_entries
html_form += """
<tr>
<td>Number of environment entries</td>
<td>
<input type='number' name='environment_entries' min=0 max=99
minlength=1 maxlength=2 value='%s' required pattern='[0-9]{1,2}'
title='number of environment variables provided by runtime environment' />
</td>
</tr>""" % environment_entries
output_objects.append({'object_type': 'html_form', 'text': html_form})
if testprocedure_entry == 0:
select_string = """<option value='0' selected>No</option>
<option value=1>Yes</option>"""
elif testprocedure_entry == 1:
select_string = """<option value='0'>No</option>
<option value='1' selected>Yes</option>"""
else:
output_objects.append({
'object_type':
'error_text',
'text':
'testprocedure_entry should be 0 or 1, you specified %s' %
testprocedure_entry
})
return (output_objects, returnvalues.CLIENT_ERROR)
html_form = """
<tr>
<td>Runtime environment has a testprocedure</td>
<td><select name='testprocedure_entry'>%s</select></td>
</tr>
<tr>
<td colspan=2>
<input type='hidden' name='re_template' value='%s' />
<input type='submit' value='Update fields' />
</td>
</tr>
</table>
</form><br />
""" % (select_string, re_template)
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'short_title': configuration.short_title,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'createre'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
html_form += """
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<b>Runtime Environment Name</b><br />
<small>(eg. BASH-2.X-1, must be unique):</small><br />
<input class='p80width' type='text' name='re_name' required
pattern='[a-zA-Z0-9_.-]+'
title='unique name of ASCII letters and digits separated only by underscores, periods and hyphens' />
<br />
<br /><b>Description:</b><br />
<textarea class='p80width' rows='4' name='redescription'>
"""
if template:
html_form += template['DESCRIPTION'].replace('<br />', '\n')
html_form += '</textarea><br />'
soft_list = []
if software_entries > 0:
html_form += '<br /><b>Needed Software:</b><br />'
if template:
if template.has_key('SOFTWARE'):
soft_list = template['SOFTWARE']
for soft in soft_list:
html_form += """
<textarea class='p80width' rows='6' name='software'>"""
for keyname in soft.keys():
if keyname != '':
html_form += '%s=%s\n' % (keyname, soft[keyname])
html_form += '</textarea><br />'
# loop and create textareas for any missing software entries
software = rekeywords_dict['SOFTWARE']
sublevel_required = []
sublevel_optional = []
if software.has_key('Sublevel') and software['Sublevel']:
sublevel_required = software['Sublevel_required']
sublevel_optional = software['Sublevel_optional']
for _ in range(len(soft_list), software_entries):
html_form += """
<textarea class='p80width' rows='6' name='software'>"""
for sub_req in sublevel_required:
html_form += '%s= # required\n' % sub_req
for sub_opt in sublevel_optional:
html_form += '%s= # optional\n' % sub_opt
html_form += '</textarea><br />'
if template and testprocedure_entry == 1:
if template.has_key('TESTPROCEDURE'):
html_form += """
<br /><b>Testprocedure</b> (in mRSL format):<br />
<textarea class='p80width' rows='15' name='testprocedure'>"""
base64string = ''
for stringpart in template['TESTPROCEDURE']:
base64string += stringpart
decodedstring = base64.decodestring(base64string)
html_form += decodedstring
html_form += '</textarea>'
output_objects.append({
'object_type': 'html_form',
'text': html_form
})
html_form = """
<br /><b>Expected .stdout file if testprocedure is executed</b><br />
<textarea class='p80width' rows='10' name='verifystdout'>"""
if template.has_key('VERIFYSTDOUT'):
for line in template['VERIFYSTDOUT']:
html_form += line
html_form += '</textarea>'
html_form += """
<br /><b>Expected .stderr file if testprocedure is executed</b><br />
<textarea cols='50' rows='10' name='verifystderr'>"""
if template.has_key('VERIFYSTDERR'):
for line in template['VERIFYSTDERR']:
html_form += line
html_form += '</textarea>'
html_form += """
<br /><b>Expected .status file if testprocedure is executed</b><br />
<textarea cols='50' rows='10' name='verifystatus'>"""
if template.has_key('VERIFYSTATUS'):
for line in template['VERIFYSTATUS']:
html_form += line
html_form += '</textarea>'
elif testprocedure_entry == 1:
html_form += """
<br /><b>Testprocedure</b> (in mRSL format):<br />
<textarea class='p80width' rows='15' name='testprocedure'>"""
html_form += \
"""::EXECUTE::
ls
</textarea>
<br /><b>Expected .stdout file if testprocedure is executed</b><br />
<textarea class='p80width' rows='10' name='verifystdout'></textarea>
<br /><b>Expected .stderr file if testprocedure is executed</b><br />
<textarea class='p80width' rows='10' name='verifystderr'></textarea>
<br /><b>Expected .status file if testprocedure is executed</b><br />
<textarea class='p80width' rows='10' name='verifystatus'></textarea>
"""
environmentvariable = rekeywords_dict['ENVIRONMENTVARIABLE']
sublevel_required = []
sublevel_optional = []
if environmentvariable.has_key('Sublevel')\
and environmentvariable['Sublevel']:
sublevel_required = environmentvariable['Sublevel_required']
sublevel_optional = environmentvariable['Sublevel_optional']
env_list = []
if environment_entries > 0:
html_form += '<br /><b>Environments:</b><br />'
if template:
if template.has_key('ENVIRONMENTVARIABLE'):
env_list = template['ENVIRONMENTVARIABLE']
for env in env_list:
html_form += """
<textarea class='p80width' rows='4' name='environment'>"""
for keyname in env.keys():
if keyname != '':
html_form += '%s=%s\n' % (keyname, env[keyname])
html_form += '</textarea><br />'
# loop and create textareas for any missing environment entries
for _ in range(len(env_list), environment_entries):
html_form += """
<textarea class='p80width' rows='4' name='environment'>"""
for sub_req in sublevel_required:
html_form += '%s= # required\n' % sub_req
for sub_opt in sublevel_optional:
html_form += '%s= # optional\n' % sub_opt
html_form += '</textarea><br />'
html_form += """<br /><br /><input type='submit' value='Create' />
</form>
"""
output_objects.append({
'object_type': 'html_form',
'text': html_form % fill_helpers
})
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'Frozen Archives'
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
operation = accepted['operation'][-1]
if not configuration.site_enable_freeze:
output_objects.append({
'object_type':
'text',
'text':
'''Freezing archives is disabled on this site.
Please contact the site admins %s if you think it should be enabled.
''' % configuration.admin_email
})
return (output_objects, returnvalues.OK)
if not operation in allowed_operations:
output_objects.append({
'object_type':
'text',
'text':
'''Operation must be one of %s.''' % ', '.join(allowed_operations)
})
return (output_objects, returnvalues.OK)
logger.info("%s %s begin for %s" % (op_name, operation, client_id))
if operation in show_operations:
# jquery support for tablesorter and confirmation on delete
# table initially sorted by col. 5 (State), 3 (Created date), 2 (name)
if client_id in configuration.site_freeze_admins:
permanent_flavors = []
else:
permanent_flavors = configuration.site_permanent_freeze
# NOTE: must insert permanent_flavors list as string here
refresh_call = 'ajax_freezedb(%s, "%s")' % (str(permanent_flavors),
keyword_final)
table_spec = {
'table_id': 'frozenarchivetable',
'sort_order': '[[5,1],[3,1],[2,0]]',
'refresh_call': refresh_call
}
(add_import, add_init,
add_ready) = man_base_js(configuration, [table_spec])
if operation == "show":
add_ready += '%s;' % refresh_call
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({
'object_type': 'html_form',
'text': man_base_html(configuration)
})
output_objects.append({
'object_type': 'header',
'text': 'Frozen Archives'
})
output_objects.append({
'object_type':
'text',
'text':
'''Frozen archives are write-once collections of files used e.g.
in relation to conference paper submissions. Please note that local policies
may prevent users from deleting frozen archives without explicit acceptance
from the management.
'''
})
output_objects.append({
'object_type': 'sectionheader',
'text': 'Existing frozen archives'
})
# Helper form for removes
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
target_op = 'deletefreeze'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper(
'delfreeze', '%s.py' % target_op, {
'freeze_id': '__DYNAMIC__',
'flavor': '__DYNAMIC__',
'target': TARGET_ARCHIVE,
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
output_objects.append({
'object_type': 'table_pager',
'entry_name': 'frozen archives',
'default_entries': default_pager_entries
})
frozenarchives = []
if operation in list_operations:
# NOTE: we do NOT enforce creator match here as edituser can't update
# without breaking any published archives
(list_status, ret) = list_frozen_archives(configuration,
client_id,
strict_owner=False)
if not list_status:
logger.error("%s: failed for '%s': %s" % (op_name, client_id, ret))
output_objects.append({'object_type': 'error_text', 'text': ret})
return (output_objects, returnvalues.SYSTEM_ERROR)
logger.debug("%s %s: building list of archives" % (op_name, operation))
for freeze_id in ret:
# TODO: add file count to meta and switch here
# (load_status, freeze_dict) = get_frozen_meta(client_id, freeze_id,
# configuration)
(load_status, freeze_dict) = get_frozen_archive(client_id,
freeze_id,
configuration,
checksum_list=[])
if not load_status:
logger.error("%s: load failed for '%s': %s" %
(op_name, freeze_id, freeze_dict))
output_objects.append({
'object_type':
'error_text',
'text':
'Could not read details for "%s"' % freeze_id
})
return (output_objects, returnvalues.SYSTEM_ERROR)
freeze_item = build_freezeitem_object(configuration,
freeze_dict,
summary=True)
freeze_id = freeze_item['id']
flavor = freeze_item.get('flavor', 'freeze')
# Users may view all their archives
freeze_item['viewfreezelink'] = {
'object_type':
'link',
'destination':
"showfreeze.py?freeze_id=%s;flavor=%s" % (freeze_id, flavor),
'class':
'infolink iconspace',
'title':
'View frozen archive %s' % freeze_id,
'text':
''
}
# Users may edit pending archives
if freeze_item['state'] != keyword_final:
freeze_item['editfreezelink'] = {
'object_type': 'link',
'destination': "adminfreeze.py?freeze_id=%s" % freeze_id,
'class': 'adminlink iconspace',
'title': 'Edit archive %s' % freeze_id,
'text': ''
}
# Users may delete pending or non permanent archives.
# Freeze admins may delete all their own archives.
if freeze_item['state'] != keyword_final or \
flavor not in configuration.site_permanent_freeze or \
client_id in configuration.site_freeze_admins:
freeze_item['delfreezelink'] = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s', %s, %s);" %
('delfreeze', 'Really remove %s?' % freeze_id, 'undefined',
"{freeze_id: '%s', flavor: '%s'}" % (freeze_id, flavor)),
'class':
'removelink iconspace',
'title':
'Remove %s' % freeze_id,
'text':
''
}
frozenarchives.append(freeze_item)
logger.debug("%s %s: inserting list of %d archives" %
(op_name, operation, len(frozenarchives)))
output_objects.append({
'object_type': 'frozenarchives',
'frozenarchives': frozenarchives
})
if operation in show_operations:
output_objects.append({
'object_type': 'sectionheader',
'text': 'Additional Frozen Archives'
})
output_objects.append({
'object_type':
'text',
'text':
"""
You can create frozen snapshots/archives of particular subsets of your data in
order to make sure a verbatim copy is preserved. The freeze archive method
includes support for persistent publishing, so that you can e.g. reference your
data in publications. Backup archives can be used as a basic backup mechanism,
so that you can manually recover from any erroneous file removals."""
})
output_objects.append({
'object_type':
'html_form',
'text':
"""<p>
Choose one of the archive methods below to make a manual archive:
</p>
<p>"""
})
output_objects.append({
'object_type': 'link',
'destination': 'adminfreeze.py?flavor=freeze',
'class': 'addlink iconspace',
'title': 'Make a new freeze archive of e.g. '
'research data to be published',
'text': 'Create a new freeze archive'
})
output_objects.append({'object_type': 'html_form', 'text': '</p><p>'})
output_objects.append({
'object_type':
'link',
'destination':
'adminfreeze.py?flavor=backup',
'class':
'addlink iconspace',
'title':
'Make a new backup archive of %s data' % configuration.short_title,
'text':
'Create a new backup archive'
})
output_objects.append({
'object_type': 'html_form',
'text': "<br/><br/></p>"
})
if configuration.site_enable_duplicati:
output_objects.append({
'object_type':
'text',
'text':
'''
Alternatively you can use Duplicati for traditional incremental backup/restore
with optional encryption of all your backup contents.'''
})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<p>For further details please refer to the """
})
output_objects.append({
'object_type': 'link',
'destination': 'setup.py?topic=duplicati',
'class': '',
'title': 'Open Duplicati settings',
'text': 'Duplicati Settings'
})
output_objects.append({
'object_type':
'html_form',
'text':
""" and the %s documentation.<br/><br/></p>""" %
configuration.short_title
})
if configuration.site_enable_seafile:
output_objects.append({
'object_type':
'text',
'text':
'''
We recommend our Seafile sync solution for any small or medium sized data sets,
for which you want automatic file versioning and easy roll-back support.'''
})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<p>For further details please refer to the """
})
output_objects.append({
'object_type': 'link',
'destination': 'setup.py?topic=seafile',
'class': '',
'title': 'Open Seafile settings',
'text': 'Seafile Settings'
})
output_objects.append({
'object_type':
'html_form',
'text':
""" and the %s documentation.</p>""" %
configuration.short_title
})
logger.info("%s %s end for %s" % (op_name, operation, client_id))
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
client_dir = client_id_dir(client_id)
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
status = returnvalues.OK
chroot = ''
if configuration.site_enable_gdp:
chroot = get_project_from_client_id(configuration, client_id)
all_paths = accepted['path']
entry_path = all_paths[-1]
title_entry = find_entry(output_objects, 'title')
user_settings = title_entry.get('user_settings', {})
title_entry['text'] = 'File Manager'
title_entry['style'] = css_tmpl(configuration, user_settings)
legacy_buttons = False
if legacy_user_interface(configuration, user_settings):
legacy_buttons = True
logger.info("enable legacy buttons")
if configuration.site_enable_jobs and \
'submitjob' in extract_menu(configuration, title_entry):
enable_submit = 'true'
else:
enable_submit = 'false'
csrf_map = {}
method = 'post'
limit = get_csrf_limit(configuration)
for target_op in csrf_backends:
csrf_map[target_op] = make_csrf_token(configuration, method, target_op,
client_id, limit)
(add_import, add_init,
add_ready) = js_tmpl_parts(configuration, entry_path, enable_submit,
str(configuration.site_enable_preview),
legacy_buttons, csrf_map, chroot)
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({
'object_type': 'header',
'class': 'fileman-title',
'container_class': 'fillwidth',
'text': 'File Manager'
})
output_objects.append({
'object_type':
'html_form',
'text':
html_tmpl(configuration, client_id, title_entry, csrf_map, chroot)
})
if len(all_paths) > 1:
output_objects.append({
'object_type': 'sectionheader',
'text': 'All requested paths:'
})
for path in all_paths:
output_objects.append({
'object_type': 'link',
'text': path,
'destination': 'fileman.py?path=%s' % path
})
output_objects.append({'object_type': 'text', 'text': ''})
return (output_objects, status)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
client_dir = client_id_dir(client_id)
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
action = accepted['action'][-1]
share_id = accepted['share_id'][-1]
path = accepted['path'][-1]
read_access = accepted['read_access'][-1].lower() in enabled_strings
write_access = accepted['write_access'][-1].lower() in enabled_strings
expire = accepted['expire'][-1]
# Merge and split invite to make sure 'a@b, c@d' entries are handled
invite_list = ','.join(accepted['invite']).split(',')
invite_list = [i for i in invite_list if i]
invite_msg = accepted['msg']
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'Share Link'
# jquery support for tablesorter and confirmation on delete/redo:
# table initially sorted by 5, 4 reversed (active first and in growing age)
table_spec = {'table_id': 'sharelinkstable', 'sort_order': '[[5,1],[4,1]]'}
(add_import, add_init, add_ready) = man_base_js(configuration,
[table_spec],
{'width': 600})
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({
'object_type': 'html_form',
'text': man_base_html(configuration)
})
header_entry = {'object_type': 'header', 'text': 'Manage share links'}
output_objects.append(header_entry)
if not configuration.site_enable_sharelinks:
output_objects.append({
'object_type':
'text',
'text':
'''
Share links are disabled on this site.
Please contact the site admins %s if you think they should be enabled.
''' % configuration.admin_email
})
return (output_objects, returnvalues.OK)
logger.info('sharelink %s from %s' % (action, client_id))
logger.debug('sharelink from %s: %s' % (client_id, accepted))
if not action in valid_actions:
output_objects.append({
'object_type':
'error_text',
'text':
'Invalid action "%s" (supported: %s)' %
(action, ', '.join(valid_actions))
})
return (output_objects, returnvalues.CLIENT_ERROR)
if action in post_actions:
if not safe_handler(configuration, 'post', op_name, client_id,
get_csrf_limit(configuration), accepted):
output_objects.append({
'object_type':
'error_text',
'text':
'''Only accepting
CSRF-filtered POST requests to prevent unintended updates'''
})
return (output_objects, returnvalues.CLIENT_ERROR)
(load_status, share_map) = load_share_links(configuration, client_id)
if not load_status:
share_map = {}
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
target_op = 'sharelink'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
if action in get_actions:
if action == "show":
# Table columns to skip
skip_list = ['owner', 'single_file', 'expire']
sharelinks = []
for (saved_id, share_dict) in share_map.items():
share_item = build_sharelinkitem_object(
configuration, share_dict)
js_name = 'delete%s' % hexlify(saved_id)
helper = html_post_helper(
js_name, '%s.py' % target_op, {
'share_id': saved_id,
'action': 'delete',
csrf_field: csrf_token
})
output_objects.append({
'object_type': 'html_form',
'text': helper
})
share_item['delsharelink'] = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s');" %
(js_name, 'Really remove %s?' % saved_id),
'class':
'removelink iconspace',
'title':
'Remove share link %s' % saved_id,
'text':
''
}
sharelinks.append(share_item)
# Display share links and form to add new ones
output_objects.append({
'object_type': 'sectionheader',
'text': 'Share Links'
})
output_objects.append({
'object_type': 'table_pager',
'entry_name': 'share links',
'default_entries': default_pager_entries
})
output_objects.append({
'object_type': 'sharelinks',
'sharelinks': sharelinks,
'skip_list': skip_list
})
output_objects.append({
'object_type': 'html_form',
'text': '<br/>'
})
output_objects.append({
'object_type': 'sectionheader',
'text': 'Create Share Link'
})
submit_button = '''<span>
<input type=submit value="Create share link" />
</span>'''
sharelink_html = create_share_link_form(configuration, client_id,
'html', submit_button,
csrf_token)
output_objects.append({
'object_type': 'html_form',
'text': sharelink_html
})
elif action == "edit":
header_entry['text'] = 'Edit Share Link'
share_dict = share_map.get(share_id, {})
if not share_dict:
output_objects.append({
'object_type':
'error_text',
'text':
'existing share link is required for edit'
})
return (output_objects, returnvalues.CLIENT_ERROR)
output_objects.append({
'object_type':
'html_form',
'text':
'''
<p>
Here you can send invitations for your share link %(share_id)s to one or more
comma-separated recipients.
</p>
''' % share_dict
})
sharelinks = []
share_item = build_sharelinkitem_object(configuration, share_dict)
saved_id = share_item['share_id']
js_name = 'delete%s' % hexlify(saved_id)
helper = html_post_helper(js_name, '%s.py' % target_op, {
'share_id': saved_id,
'action': 'delete',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
# Hide link to self
del share_item['editsharelink']
share_item['delsharelink'] = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s');" %
(js_name, 'Really remove %s?' % saved_id),
'class':
'removelink iconspace',
'title':
'Remove share link %s' % saved_id,
'text':
''
}
sharelinks.append(share_item)
output_objects.append({
'object_type': 'sharelinks',
'sharelinks': sharelinks
})
submit_button = '''<span>
<input type=submit value="Send invitation(s)" />
</span>'''
sharelink_html = invite_share_link_form(configuration, client_id,
share_dict, 'html',
submit_button, csrf_token)
output_objects.append({
'object_type': 'html_form',
'text': sharelink_html
})
output_objects.append({
'object_type': 'link',
'destination': 'sharelink.py',
'text': 'Return to share link overview'
})
return (output_objects, returnvalues.OK)
elif action in post_actions:
share_dict = share_map.get(share_id, {})
if not share_dict and action != 'create':
logger.warning('%s tried to %s missing or not owned link %s!' %
(client_id, action, share_id))
output_objects.append({
'object_type':
'error_text',
'text':
'%s requires existing share link' % action
})
return (output_objects, returnvalues.CLIENT_ERROR)
share_path = share_dict.get('path', path)
# Please note that base_dir must end in slash to avoid access to other
# user dirs when own name is a prefix of another user name
base_dir = os.path.abspath(
os.path.join(configuration.user_home, client_dir)) + os.sep
rel_share_path = share_path.lstrip(os.sep)
# IMPORTANT: path must be expanded to abs for proper chrooting
abs_path = os.path.abspath(os.path.join(base_dir, rel_share_path))
relative_path = abs_path.replace(base_dir, '')
real_path = os.path.realpath(abs_path)
single_file = os.path.isfile(real_path)
vgrid_name = in_vgrid_share(configuration, abs_path)
if action == 'delete':
header_entry['text'] = 'Delete Share Link'
(save_status, _) = delete_share_link(share_id, client_id,
configuration, share_map)
if save_status and vgrid_name:
logger.debug("del vgrid sharelink pointer %s" % share_id)
(del_status,
del_msg) = vgrid_remove_sharelinks(configuration, vgrid_name,
[share_id], 'share_id')
if not del_status:
logger.error("del vgrid sharelink pointer %s failed: %s" %
(share_id, del_msg))
return (False, share_map)
desc = "delete"
elif action == "update":
header_entry['text'] = 'Update Share Link'
# Try to point replies to client_id email
client_email = extract_field(client_id, 'email')
if invite_list:
invites = share_dict.get('invites', []) + invite_list
invites_uniq = list(set([i for i in invites if i]))
invites_uniq.sort()
share_dict['invites'] = invites_uniq
auto_msg = invite_share_link_message(configuration, client_id,
share_dict, 'html')
msg = '\n'.join(invite_msg)
# Now send request to all targets in turn
threads = []
for target in invite_list:
job_dict = {
'NOTIFY': [target.strip()],
'JOB_ID': 'NOJOBID',
'USER_CERT': client_id,
'EMAIL_SENDER': client_email
}
logger.debug('invite %s to %s' % (target, share_id))
threads.append(
notify_user_thread(
job_dict,
[auto_msg, msg],
'INVITESHARE',
logger,
'',
configuration,
))
# Try finishing delivery but do not block forever on one message
notify_done = [False for _ in threads]
for _ in range(3):
for i in range(len(invite_list)):
if not notify_done[i]:
logger.debug('check done %s' % invite_list[i])
notify = threads[i]
notify.join(3)
notify_done[i] = not notify.isAlive()
notify_sent, notify_failed = [], []
for i in range(len(invite_list)):
if notify_done[i]:
notify_sent.append(invite_list[i])
else:
notify_failed.append(invite_list[i])
logger.debug('notify sent %s, failed %s' %
(notify_sent, notify_failed))
if notify_failed:
output_objects.append({
'object_type':
'html_form',
'text':
'''
<p>Failed to send invitation to %s</p>''' % ', '.join(notify_failed)
})
if notify_sent:
output_objects.append({
'object_type':
'html_form',
'text':
'''<p>Invitation sent to %s</p>
<textarea class="fillwidth padspace" rows="%d" readonly="readonly">
%s
%s
</textarea>
''' %
(', '.join(notify_sent),
(auto_msg + msg).count('\n') + 3, auto_msg, msg)
})
if expire:
share_dict['expire'] = expire
(save_status, _) = update_share_link(share_dict, client_id,
configuration, share_map)
desc = "update"
elif action == "create":
header_entry['text'] = 'Create Share Link'
if not read_access and not write_access:
output_objects.append({
'object_type':
'error_text',
'text':
'No access set - please select read, write or both'
})
return (output_objects, returnvalues.CLIENT_ERROR)
# NOTE: check path here as relative_path is empty for path='/'
if not path:
output_objects.append({
'object_type': 'error_text',
'text': 'No path provided!'
})
return (output_objects, returnvalues.CLIENT_ERROR)
# We refuse sharing of entire home for security reasons
elif not valid_user_path(
configuration, abs_path, base_dir, allow_equal=False):
logger.warning('%s tried to %s restricted path %s ! (%s)' %
(client_id, action, abs_path, path))
output_objects.append({
'object_type':
'error_text',
'text':
'''Illegal path "%s":
you can only share your own data, and not your entire home direcory.''' % path
})
return (output_objects, returnvalues.CLIENT_ERROR)
elif not os.path.exists(abs_path):
output_objects.append({
'object_type':
'error_text',
'text':
'Provided path "%s" does not exist!' % path
})
return (output_objects, returnvalues.CLIENT_ERROR)
# Refuse sharing of (mainly auth) dot dirs in root of user home
elif real_path.startswith(os.path.join(base_dir, '.')):
output_objects.append({
'object_type':
'error_text',
'text':
'Provided path "%s" cannot be shared for security reasons'
% path
})
return (output_objects, returnvalues.CLIENT_ERROR)
elif single_file and write_access:
output_objects.append({
'object_type':
'error_text',
'text':
'''Individual files
cannot be shared with write access - please share a directory with the file in
it or only share with read access.
'''
})
return (output_objects, returnvalues.CLIENT_ERROR)
# We check if abs_path is in vgrid share, but do not worry about
# private_base or public_base since they are only available to
# owners, who can always share anyway.
if vgrid_name is not None and \
not vgrid_is_owner(vgrid_name, client_id, configuration):
# share is inside vgrid share so we must check that user is
# permitted to create sharelinks there.
(load_status, settings_dict) = vgrid_settings(vgrid_name,
configuration,
recursive=True,
as_dict=True)
if not load_status:
# Probably owners just never saved settings, use defaults
settings_dict = {'vgrid_name': vgrid_name}
allowed = settings_dict.get('create_sharelink', keyword_owners)
if allowed != keyword_members:
output_objects.append({
'object_type': 'error_text',
'text': '''The settings
for the %(vgrid_name)s %(vgrid_label)s do not permit you to re-share
%(vgrid_label)s shared folders. Please contact the %(vgrid_name)s owners if you
think you should be allowed to do that.
''' % {
'vgrid_name': vgrid_name,
'vgrid_label': configuration.site_vgrid_label
}
})
return (output_objects, returnvalues.CLIENT_ERROR)
access_list = []
if read_access:
access_list.append('read')
if write_access:
access_list.append('write')
share_mode = '-'.join((access_list + ['only'])[:2])
# TODO: more validity checks here
if share_dict:
desc = "update"
else:
desc = "create"
# IMPORTANT: always use expanded path
share_dict.update({
'path': relative_path,
'access': access_list,
'expire': expire,
'invites': invite_list,
'single_file': single_file
})
attempts = 1
generate_share_id = False
if not share_id:
attempts = 3
generate_share_id = True
for i in range(attempts):
if generate_share_id:
share_id = generate_sharelink_id(configuration, share_mode)
share_dict['share_id'] = share_id
(save_status,
save_msg) = create_share_link(share_dict, client_id,
configuration, share_map)
if save_status:
logger.info('created sharelink: %s' % share_dict)
break
else:
# ID Collision?
logger.warning('could not create sharelink: %s' % save_msg)
if save_status and vgrid_name:
logger.debug("add vgrid sharelink pointer %s" % share_id)
(add_status,
add_msg) = vgrid_add_sharelinks(configuration, vgrid_name,
[share_dict])
if not add_status:
logger.error(
"save vgrid sharelink pointer %s failed: %s " %
(share_id, add_msg))
return (False, share_map)
else:
output_objects.append({
'object_type': 'error_text',
'text': 'No such action %s' % action
})
return (output_objects, returnvalues.CLIENT_ERROR)
if not save_status:
output_objects.append({
'object_type':
'error_text',
'text':
'Error in %s share link %s: ' % (desc, share_id) +
'save updated share links failed!'
})
return (output_objects, returnvalues.CLIENT_ERROR)
output_objects.append({
'object_type':
'text',
'text':
'%sd share link %s on %s .' %
(desc.title(), share_id, relative_path)
})
if action in ['create', 'update']:
sharelinks = []
share_item = build_sharelinkitem_object(configuration, share_dict)
saved_id = share_item['share_id']
js_name = 'delete%s' % hexlify(saved_id)
helper = html_post_helper(js_name, '%s.py' % target_op, {
'share_id': saved_id,
'action': 'delete',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
share_item['delsharelink'] = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s');" %
(js_name, 'Really remove %s?' % saved_id),
'class':
'removelink iconspace',
'title':
'Remove share link %s' % saved_id,
'text':
''
}
sharelinks.append(share_item)
output_objects.append({
'object_type': 'sharelinks',
'sharelinks': sharelinks
})
if action == 'create':
# NOTE: Leave editsharelink here for use in fileman overlay
#del share_item['editsharelink']
output_objects.append({
'object_type': 'html_form',
'text': '<br />'
})
submit_button = '''<span>
<input type=submit value="Send invitation(s)" />
</span>'''
invite_html = invite_share_link_form(configuration, client_id,
share_dict, 'html',
submit_button, csrf_token)
output_objects.append({
'object_type': 'html_form',
'text': invite_html
})
else:
output_objects.append({
'object_type': 'error_text',
'text': 'Invalid share link action: %s' % action
})
return (output_objects, returnvalues.CLIENT_ERROR)
output_objects.append({'object_type': 'html_form', 'text': '<br />'})
output_objects.append({
'object_type': 'link',
'destination': 'sharelink.py',
'text': 'Return to share link overview'
})
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
title_entry = find_entry(output_objects, 'title')
label = "%s" % configuration.site_vgrid_label
title_entry['text'] = "Add %s Resource" % label
output_objects.append({
'object_type': 'header',
'text': 'Add %s Resource(s)' % label
})
status = returnvalues.OK
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
vgrid_name = accepted['vgrid_name'][-1].strip()
res_id_list = accepted['unique_resource_name']
request_name = unhexlify(accepted['request_name'][-1])
rank_list = accepted['rank'] + ['' for _ in res_id_list]
if not safe_handler(configuration, 'post', op_name, client_id,
get_csrf_limit(configuration), accepted):
output_objects.append({
'object_type':
'error_text',
'text':
'''Only accepting
CSRF-filtered POST requests to prevent unintended updates'''
})
return (output_objects, returnvalues.CLIENT_ERROR)
user_map = get_full_user_map(configuration)
user_dict = user_map.get(client_id, None)
# Optional site-wide limitation of manage vgrid permission
if not user_dict or \
not vgrid_manage_allowed(configuration, user_dict):
logger.warning("user %s is not allowed to manage vgrids!" % client_id)
output_objects.append({
'object_type':
'error_text',
'text':
'Only privileged users can manage %ss' % label
})
return (output_objects, returnvalues.CLIENT_ERROR)
# make sure vgrid settings allow this owner to edit resources
(allow_status, allow_msg) = allow_resources_adm(configuration, vgrid_name,
client_id)
if not allow_status:
output_objects.append({'object_type': 'error_text', 'text': allow_msg})
return (output_objects, returnvalues.CLIENT_ERROR)
res_id_added = []
for (res_id, rank_str) in zip(res_id_list, rank_list):
unique_resource_name = res_id.lower().strip()
try:
rank = int(rank_str)
except ValueError:
rank = None
# Validity of user and vgrid names is checked in this init function so
# no need to worry about illegal directory traversal through variables
(ret_val, msg, ret_variables) = \
init_vgrid_script_add_rem(vgrid_name, client_id,
unique_resource_name, 'resource',
configuration)
if not ret_val:
output_objects.append({'object_type': 'error_text', 'text': msg})
status = returnvalues.CLIENT_ERROR
continue
elif msg:
# In case of warnings, msg is non-empty while ret_val remains True
output_objects.append({'object_type': 'warning', 'text': msg})
# don't add if already in vgrid or parent vgrid unless rank is given
if rank is None and vgrid_is_resource(vgrid_name, unique_resource_name,
configuration):
output_objects.append({
'object_type':
'error_text',
'text':
'%s is already a resource in the %s' %
(unique_resource_name, label)
})
status = returnvalues.CLIENT_ERROR
continue
# don't add if already in subvgrid
(list_status,
subvgrids) = vgrid_list_subvgrids(vgrid_name, configuration)
if not list_status:
output_objects.append({
'object_type':
'error_text',
'text':
'Error getting list of sub%ss: %s' % (label, subvgrids)
})
status = returnvalues.SYSTEM_ERROR
continue
skip_entity = False
for subvgrid in subvgrids:
if vgrid_is_resource(subvgrid,
unique_resource_name,
configuration,
recursive=False):
output_objects.append({
'object_type': 'error_text',
'text': '''%(res_name)s is already in a
sub-%(vgrid_label)s (%(subvgrid)s). Please remove the resource from the
sub-%(vgrid_label)s and try again''' % {
'res_name': unique_resource_name,
'subvgrid': subvgrid,
'vgrid_label': label
}
})
status = returnvalues.CLIENT_ERROR
skip_entity = True
break
if skip_entity:
continue
# Check if only rank change was requested and apply if so
if rank is not None:
(add_status, add_msg) = vgrid_add_resources(configuration,
vgrid_name,
[unique_resource_name],
rank=rank)
if not add_status:
output_objects.append({
'object_type': 'error_text',
'text': add_msg
})
status = returnvalues.SYSTEM_ERROR
else:
output_objects.append({
'object_type':
'text',
'text':
'changed %s to resource %d' % (res_id, rank)
})
# No further action after rank change as everything else exists
continue
# Getting here means res_id is neither resource of any parent or
# sub-vgrids.
# Please note that base_dir must end in slash to avoid access to other
# vgrid dirs when own name is a prefix of another name
base_dir = os.path.abspath(configuration.vgrid_home + os.sep +
vgrid_name) + os.sep
resources_file = base_dir + 'resources'
# Add to list and pickle
(add_status, add_msg) = vgrid_add_resources(configuration, vgrid_name,
[unique_resource_name])
if not add_status:
output_objects.append({
'object_type': 'error_text',
'text': '%s' % add_msg
})
status = returnvalues.SYSTEM_ERROR
continue
res_id_added.append(unique_resource_name)
if request_name:
request_dir = os.path.join(configuration.vgrid_home, vgrid_name)
if not delete_access_request(configuration, request_dir, request_name):
logger.error("failed to delete res request for %s in %s" %
(vgrid_name, request_name))
output_objects.append({
'object_type':
'error_text',
'text':
'Failed to remove saved request for %s in %s!' %
(vgrid_name, request_name)
})
if res_id_added:
output_objects.append({
'object_type':
'html_form',
'text':
'New resource(s)<br />%s<br />successfully added to %s %s!'
'' % ('<br />'.join(res_id_added), vgrid_name, label)
})
res_id_fields = ''
for res_id in res_id_added:
res_id_fields += """
<input type=hidden name=unique_resource_name value='%s' />""" % res_id
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'vgrid_name': vgrid_name,
'unique_resource_name': unique_resource_name,
'protocol': any_protocol,
'short_title': configuration.short_title,
'vgrid_label': label,
'res_id_fields': res_id_fields,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'sendrequestaction'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<input type=hidden name=request_type value='vgridaccept' />
<input type=hidden name=vgrid_name value='%(vgrid_name)s' />
%(res_id_fields)s
<input type=hidden name=protocol value='%(protocol)s' />
<table>
<tr>
<td class='title'>Custom message to resource owners</td>
</tr><tr>
<td><textarea name=request_text cols=72 rows=10>
We have granted your %(unique_resource_name)s resource access to our
%(vgrid_name)s %(vgrid_label)s.
You can assign it to accept jobs from the %(vgrid_name)s %(vgrid_label)s from
your Resources page on %(short_title)s.
Regards, the %(vgrid_name)s %(vgrid_label)s owners
</textarea></td>
</tr>
<tr>
<td><input type='submit' value='Inform owners' /></td>
</tr>
</table>
</form>
<br />
""" % fill_helpers
})
output_objects.append({
'object_type': 'link',
'destination': 'adminvgrid.py?vgrid_name=%s' % vgrid_name,
'text': 'Back to administration for %s' % vgrid_name
})
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
status = returnvalues.OK
output_objects.append({
'object_type': 'header',
'text': 'Add Resource Owner(s)'
})
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
unique_resource_name = accepted['unique_resource_name'][-1].strip()
cert_id_list = accepted['cert_id']
request_name = unhexlify(accepted['request_name'][-1])
if not safe_handler(configuration, 'post', op_name, client_id,
get_csrf_limit(configuration), accepted):
output_objects.append({
'object_type':
'error_text',
'text':
'''Only accepting
CSRF-filtered POST requests to prevent unintended updates'''
})
return (output_objects, returnvalues.CLIENT_ERROR)
if not is_owner(client_id, unique_resource_name,
configuration.resource_home, logger):
output_objects.append({
'object_type':
'error_text',
'text':
'You must be an owner of %s to add a new owner!' %
unique_resource_name
})
return (output_objects, returnvalues.CLIENT_ERROR)
# is_owner incorporates unique_resource_name verification - no need to
# specifically check for illegal directory traversal
cert_id_added = []
for cert_id in cert_id_list:
cert_id = cert_id.strip()
if not cert_id:
continue
if not is_user(cert_id, configuration.mig_server_home):
output_objects.append({
'object_type':
'error_text',
'text':
'%s is not a valid %s user!' %
(cert_id, configuration.short_title)
})
status = returnvalues.CLIENT_ERROR
continue
# don't add if already an owner
if resource_is_owner(unique_resource_name, cert_id, configuration):
output_objects.append({
'object_type':
'error_text',
'text':
'%s is already an owner of %s.' %
(cert_id, unique_resource_name)
})
status = returnvalues.CLIENT_ERROR
continue
# Add owner
(add_status, add_msg) = resource_add_owners(configuration,
unique_resource_name,
[cert_id])
if not add_status:
output_objects.append({
'object_type':
'error_text',
'text':
'Could not add new owner, reason: %s' % add_msg
})
status = returnvalues.SYSTEM_ERROR
continue
cert_id_added.append(cert_id)
if request_name:
request_dir = os.path.join(configuration.resource_home,
unique_resource_name)
if not delete_access_request(configuration, request_dir, request_name):
logger.error("failed to delete owner request for %s in %s" % \
(unique_resource_name, request_name))
output_objects.append({
'object_type': 'error_text', 'text':
'Failed to remove saved request for %s in %s!' % \
(unique_resource_name, request_name)})
if cert_id_added:
output_objects.append({
'object_type':
'html_form',
'text':
'New owner(s)<br/>%s<br/>successfully added to %s!' %
('<br />'.join(cert_id_added), unique_resource_name)
})
cert_id_fields = ''
for cert_id in cert_id_added:
cert_id_fields += """<input type=hidden name=cert_id value='%s' />
""" % cert_id
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'res_id': unique_resource_name,
'cert_id_fields': cert_id_fields,
'any_protocol': any_protocol,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'sendrequestaction'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<input type=hidden name=request_type value='resourceaccept' />
<input type=hidden name=unique_resource_name value='%(res_id)s' />
%(cert_id_fields)s
<input type=hidden name=protocol value='%(any_protocol)s' />
<table>
<tr>
<td class='title'>Custom message to user(s)</td>
</tr>
<tr>
<td><textarea name=request_text cols=72 rows=10>
We have granted you ownership access to our %(res_id)s resource.
You can access the resource administration page from the Resources page.
Regards, the %(res_id)s resource owners
</textarea></td>
</tr>
<tr>
<td><input type='submit' value='Inform user(s)' /></td>
</tr>
</table>
</form>
<br />
""" % fill_helpers
})
output_objects.append({'object_type': 'link', 'destination':
'resadmin.py?unique_resource_name=%s' % \
unique_resource_name, 'class':
'adminlink iconspace', 'title':
'Administrate resource', 'text': 'Manage resource'})
return (output_objects, status)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False,
op_menu=client_id)
defaults = signature()[1]
(validate_status, accepted) = validate_input(user_arguments_dict,
defaults, output_objects, allow_rejects=False)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
queue = accepted['queue'][-1]
action = accepted['action'][-1]
iosessionid = accepted['iosessionid'][-1]
msg = accepted['msg'][-1]
msg_id = accepted['msg_id'][-1]
# Web format for cert access and no header for SID access
if client_id:
output_objects.append({'object_type': 'header', 'text'
: 'Message queue %s' % action})
else:
output_objects.append({'object_type': 'start'})
# Always return at least a basic file_output entry
file_entry = {'object_type': 'file_output',
'lines': [],
'wrap_binary': True,
'wrap_targets': ['lines']}
if not action in valid_actions:
output_objects.append({'object_type': 'error_text', 'text'
: 'Invalid action "%s" (supported: %s)' % \
(action, ', '.join(valid_actions))})
output_objects.append(file_entry)
return (output_objects, returnvalues.CLIENT_ERROR)
if action in post_actions:
if not safe_handler(configuration, 'post', op_name, client_id,
get_csrf_limit(configuration), accepted):
output_objects.append(
{'object_type': 'error_text', 'text': '''Only accepting
CSRF-filtered POST requests to prevent unintended updates'''
})
return (output_objects, returnvalues.CLIENT_ERROR)
# Find user home from session or certificate
if iosessionid:
client_home = os.path.realpath(os.path.join(configuration.webserver_home,
iosessionid))
client_dir = os.path.basename(client_home)
elif client_id:
client_dir = client_id_dir(client_id)
else:
output_objects.append({'object_type': 'error_text', 'text'
: 'Either certificate or session ID is required'
})
output_objects.append(file_entry)
return (output_objects, returnvalues.CLIENT_ERROR)
# Please note that base_dir must end in slash to avoid access to other
# user dirs when own name is a prefix of another user name
base_dir = os.path.abspath(os.path.join(configuration.user_home,
client_dir)) + os.sep
if not os.path.isdir(base_dir):
output_objects.append({'object_type': 'error_text', 'text'
: 'No matching session or user home!'})
output_objects.append(file_entry)
return (output_objects, returnvalues.CLIENT_ERROR)
mqueue_base = os.path.join(base_dir, mqueue_prefix) + os.sep
default_queue_dir = os.path.join(mqueue_base, default_mqueue)
# Create mqueue base and default queue dir if missing
if not os.path.exists(default_queue_dir):
try:
os.makedirs(default_queue_dir)
except:
pass
# IMPORTANT: path must be expanded to abs for proper chrooting
queue_path = os.path.abspath(os.path.join(mqueue_base, queue))
if not valid_user_path(configuration, queue_path, mqueue_base):
output_objects.append({'object_type': 'error_text', 'text'
: 'Invalid queue name: "%s"' % queue})
output_objects.append(file_entry)
return (output_objects, returnvalues.CLIENT_ERROR)
lock_path = os.path.join(mqueue_base, lock_name)
lock_handle = open(lock_path, 'a')
fcntl.flock(lock_handle.fileno(), fcntl.LOCK_EX)
status = returnvalues.OK
if action == "interactive":
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {'queue': queue,
'msg': msg,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit, }
target_op = 'mqueue'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
output_objects.append({'object_type': 'text', 'text': '''
Fill in the fields below to control and access your personal message queues.
Jobs can receive from and send to the message queues during execution, and use
them as a means of job inter-communication. Expect message queue operations to
take several seconds on the resources, however. That is, use it for tasks like
orchestrating long running jobs, and not for low latency communication.
'''})
html = '''
<form name="mqueueform" method="%(form_method)s" action="%(target_op)s.py">
<table class="mqueue">
<tr><td class=centertext>
</td></tr>
<tr><td>
Action:<br />
<input type="hidden" name="%(csrf_field)s" value="%(csrf_token)s" />
<input type=radio name=action value="create" onclick="javascript: document.mqueueform.queue.disabled=false; document.mqueueform.msg.disabled=true;" />create queue
<input type=radio name=action checked value="send" onclick="javascript: document.mqueueform.queue.disabled=false; document.mqueueform.msg.disabled=false;" />send message to queue
<input type=radio name=action value="receive" onclick="javascript: document.mqueueform.queue.disabled=false; document.mqueueform.msg.disabled=true;" />receive message from queue
<input type=radio name=action value="remove" onclick="javascript: document.mqueueform.queue.disabled=false; document.mqueueform.msg.disabled=true;" />remove queue
<input type=radio name=action value="listqueues" onclick="javascript: document.mqueueform.queue.disabled=true; document.mqueueform.msg.disabled=true;" />list queues
<input type=radio name=action value="listmessages" onclick="javascript: document.mqueueform.queue.disabled=false; document.mqueueform.msg.disabled=true;" />list messages
<input type=radio name=action value="show" onclick="javascript: document.mqueueform.queue.disabled=false; document.mqueueform.msg.disabled=true;" />show message
</td></tr>
<tr><td>
Queue:<br />
<input class="fillwidth" type=text name=queue value="%(queue)s" />
</td></tr>
<tr><td>
<div id="msgfieldf">
<input class="fillwidth" type=text name=msg value="%(msg)s" /><br />
</div>
</td></tr>
<tr><td>
<input type="submit" value="Apply" />
</td></tr>
</table>
</form>
''' % fill_helpers
output_objects.append({'object_type': 'html_form', 'text'
: html})
output_objects.append({'object_type': 'text', 'text': '''
Further live job control is avalable through the live I/O interface.
They provide a basic interface for centrally managing input and output files
for active jobs.
'''
})
output_objects.append({'object_type': 'link', 'destination':
'liveio.py',
'text': 'Live I/O interface'})
return (output_objects, returnvalues.OK)
elif action == 'create':
try:
os.mkdir(queue_path)
output_objects.append({'object_type': 'text', 'text':
'New "%s" queue created' % queue})
except Exception, err:
output_objects.append({'object_type': 'error_text', 'text'
: 'Could not create "%s" queue: "%s"' % \
(queue, err)})
status = returnvalues.CLIENT_ERROR
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
target_list = accepted['target']
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'List Scheduled Tasks'
header_entry = {'object_type': 'header', 'text': 'Scheduled Tasks'}
output_objects.append(header_entry)
if not configuration.site_enable_crontab:
output_objects.append({
'object_type':
'text',
'text':
'''
Scheduled tasks are disabled on this site.
Please contact the site admins %s if you think they should be enabled.
''' % configuration.admin_email
})
return (output_objects, returnvalues.OK)
logger.info('%s from %s' % (op_name, client_id))
#logger.debug('%s from %s: %s' % (op_name, client_id, accepted))
# Include handy CSRF helpers for use in subsequent client crontab changes
csrf_helpers = {'csrf_field': csrf_field}
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
for target_op in ('addcrontab', 'rmcrontab', 'crontab'):
csrf_helpers[target_op] = make_csrf_token(configuration, form_method,
target_op, client_id,
csrf_limit)
crontab_listing = {
'object_type': 'crontab_listing',
'crontab': [],
'atjobs': [],
'csrf_helpers': csrf_helpers
}
if not target_list:
output_objects.append({
'object_type': 'error_text',
'text': 'No at/cron target to list!'
})
return (output_objects, returnvalues.CLIENT_ERROR)
if keyword_all in target_list or 'crontab' in target_list:
crontab_contents = load_crontab(client_id, configuration)
cronjobs = []
for line in crontab_contents.split('\n'):
# Skip comments and blank lines
line = line.split('#', 1)[0].strip()
if not line:
continue
cronjobs.append(line)
crontab_listing['crontab'] = cronjobs
if keyword_all in target_list or 'atjobs' in target_list:
atjobs_contents = load_atjobs(client_id, configuration)
atjobs = []
for line in atjobs_contents.split('\n'):
# Skip comments and blank lines
line = line.split('#', 1)[0].strip()
if not line:
continue
atjobs.append(line)
crontab_listing['atjobs'] = atjobs
output_objects.append(crontab_listing)
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
client_dir = client_id_dir(client_id)
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
action = accepted['action'][-1]
transfer_id = accepted['transfer_id'][-1]
protocol = accepted['protocol'][-1]
fqdn = accepted['fqdn'][-1]
port = accepted['port'][-1]
src_list = accepted['transfer_src']
dst = accepted['transfer_dst'][-1]
username = accepted['username'][-1]
password = accepted['transfer_pw'][-1]
key_id = accepted['key_id'][-1]
# Skip empty exclude entries as they break backend calls
exclude_list = [i for i in accepted['exclude'] if i]
notify = accepted['notify'][-1]
compress = accepted['compress'][-1]
flags = accepted['flags']
anon_checked, pw_checked, key_checked = '', '', ''
if username:
if key_id:
key_checked = 'checked'
init_login = "******"
else:
pw_checked = 'checked'
init_login = "******"
else:
anon_checked = 'checked'
init_login = "******"
use_compress = False
if compress.lower() in ("true", "1", "yes", "on"):
use_compress = True
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'Background Data Transfers'
# jquery support for tablesorter and confirmation on delete/redo:
# datatransfer and key tables initially sorted by 0 (id) */
datatransfer_spec = {
'table_id': 'datatransferstable',
'pager_id': 'datatransfers_pager',
'sort_order': '[[0,0]]'
}
transferkey_spec = {
'table_id': 'transferkeystable',
'pager_id': 'transferkeys_pager',
'sort_order': '[[0,0]]'
}
(add_import, add_init,
add_ready) = man_base_js(configuration,
[datatransfer_spec, transferkey_spec])
add_init += '''
var fields = 0;
var max_fields = 20;
var src_input = "<label for=\'transfer_src\'>Source path(s)</label>";
src_input += "<input id=\'src_FIELD\' type=text size=60 name=transfer_src value=\'PATH\' title=\'relative source path: local for exports and remote for imports\' />";
src_input += "<input id=\'src_file_FIELD\' type=radio onclick=\'setSrcDir(FIELD, false);\' checked />Source file";
src_input += "<input id=\'src_dir_FIELD\' type=radio onclick=\'setSrcDir(FIELD, true);\' />Source directory (recursive)";
src_input += "<br />";
var exclude_input = "<label for=\'exclude\'>Exclude path(s)</label>";
exclude_input += "<input type=text size=60 name=exclude value=\'PATH\' title=\'relative path or regular expression to exclude\' />";
exclude_input += "<br />";
function addSource(path, is_dir) {
if (path === undefined) {
path = "";
}
if (is_dir === undefined) {
is_dir = false;
}
if (fields < max_fields) {
$("#srcfields").append(src_input.replace(/FIELD/g, fields).replace(/PATH/g, path));
setSrcDir(fields, is_dir);
fields += 1;
} else {
alert("Maximum " + max_fields + " source fields allowed!");
}
}
function addExclude(path) {
if (path === undefined) {
path = "";
}
$("#excludefields").append(exclude_input.replace(/PATH/g, path));
}
function setDir(target, field_no, is_dir) {
var id_prefix = "#"+target+"_";
var input_id = id_prefix+field_no;
var file_id = id_prefix+"file_"+field_no;
var dir_id = id_prefix+"dir_"+field_no;
var value = $(input_id).val();
$(file_id).removeAttr("checked");
$(dir_id).removeAttr("checked");
if (is_dir) {
$(dir_id).prop("checked", "checked");
if(value.substr(-1) != "/") {
value += "/";
}
} else {
$(file_id).prop("checked", "checked");
if(value.substr(-1) == "/") {
value = value.substr(0, value.length - 1);
}
}
$(input_id).val(value);
return false;
}
function setSrcDir(field_no, is_dir) {
return setDir("src", field_no, is_dir);
}
function setDstDir(field_no, is_dir) {
return setDir("dst", field_no, is_dir);
}
function refreshSrcDir(field_no) {
var dir_id = "#src_dir_"+field_no;
var is_dir = $(dir_id).prop("checked");
return setSrcDir(field_no, is_dir);
}
function refreshDstDir(field_no) {
var dir_id = "#dst_dir_"+field_no;
var is_dir = $(dir_id).prop("checked");
return setDstDir(field_no, is_dir);
}
function setDefaultPort() {
port_map = {"http": 80, "https": 443, "sftp": 22, "scp": 22, "ftp": 21,
"ftps": 21, "webdav": 80, "webdavs": 443, "rsyncssh": 22,
"rsyncd": 873};
var protocol = $("#protocol_select").val();
var port = port_map[protocol];
if (port != undefined) {
$("#port_input").val(port);
} else {
alert("no default port provided for "+protocol);
}
}
function beforeSubmit() {
for(var i=0; i < fields; i++) {
refreshSrcDir(i);
}
refreshDstDir(0);
// Proceed with submit
return true;
}
function doSubmit() {
$("#submit-request-transfer").click();
}
function enableLogin(method) {
$("#anonymous_choice").removeAttr("checked");
$("#userpassword_choice").removeAttr("checked");
$("#userkey_choice").removeAttr("checked");
$("#username").prop("disabled", false);
$("#password").prop("disabled", true);
$("#key").prop("disabled", true);
$("#login_fields").show();
$("#password_entry").hide();
$("#key_entry").hide();
if (method == "password") {
$("#userpassword_choice").prop("checked", "checked");
$("#password").prop("disabled", false);
$("#password_entry").show();
} else if (method == "key") {
$("#userkey_choice").prop("checked", "checked");
$("#key").prop("disabled", false);
$("#key_entry").show();
} else {
$("#anonymous_choice").prop("checked", "checked");
$("#username").prop("disabled", true);
$("#login_fields").hide();
}
}
'''
# Mangle ready handling to begin with dynamic init and end with tab init
pre_ready = '''
enableLogin("%s");
''' % init_login
for src in src_list or ['']:
pre_ready += '''
addSource("%s", %s);
''' % (src, ("%s" % src.endswith('/')).lower())
for exclude in exclude_list or ['']:
pre_ready += '''
addExclude("%s");
''' % exclude
add_ready = '''
%s
%s
/* NOTE: requires managers CSS fix for proper tab bar height */
$(".datatransfer-tabs").tabs();
$("#logarea").scrollTop($("#logarea")[0].scrollHeight);
''' % (pre_ready, add_ready)
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({
'object_type': 'html_form',
'text': man_base_html(configuration)
})
output_objects.append({
'object_type': 'header',
'text': 'Manage background data transfers'
})
if not configuration.site_enable_transfers:
output_objects.append({
'object_type':
'text',
'text':
'''Backgroung data transfers are disabled on
this site.
Please contact the site admins %s if you think they should be enabled.
''' % configuration.admin_email
})
return (output_objects, returnvalues.OK)
logger.info('datatransfer %s from %s' % (action, client_id))
if not action in valid_actions:
output_objects.append({
'object_type':
'error_text',
'text':
'Invalid action "%s" (supported: %s)' %
(action, ', '.join(valid_actions))
})
return (output_objects, returnvalues.CLIENT_ERROR)
if action in post_actions:
if not safe_handler(configuration, 'post', op_name, client_id,
get_csrf_limit(configuration), accepted):
output_objects.append({
'object_type':
'error_text',
'text':
'''Only accepting
CSRF-filtered POST requests to prevent unintended updates'''
})
return (output_objects, returnvalues.CLIENT_ERROR)
(load_status, transfer_map) = load_data_transfers(configuration, client_id)
if not load_status:
transfer_map = {}
restrict_list = []
for from_fqdn in configuration.site_transfers_from:
restrict_list += [from_fqdn, socket.gethostbyname(from_fqdn)]
restrict_str = 'from="%s",no-pty,' % ','.join(restrict_list)
restrict_str += 'no-port-forwarding,no-agent-forwarding,no-X11-forwarding'
restrict_template = '''
As usual it is a good security measure to prepend a <em>from</em> restriction
when you know the key will only be used from a single location.<br/>
In this case the keys will only ever be used from %s and will not need much
else, so the public key can be inserted in your authorized_keys file as:
<br/>
<p>
<textarea class="publickey" rows="5" readonly="readonly">%s %%s</textarea>
</p>
''' % (configuration.short_title, restrict_str)
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
target_op = 'datatransfer'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
if action in get_actions:
datatransfers = []
for (saved_id, transfer_dict) in transfer_map.items():
transfer_item = build_transferitem_object(configuration,
transfer_dict)
transfer_item['status'] = transfer_item.get('status', 'NEW')
data_url = ''
# NOTE: we need to urlencode any exotic chars in paths here
if transfer_item['action'] == 'import':
enc_path = quote(("%(dst)s" % transfer_item))
data_url = "fileman.py?path=%s" % enc_path
elif transfer_item['action'] == 'export':
enc_paths = [quote(i) for i in transfer_item['src']]
data_url = "fileman.py?path=" + ';path='.join(enc_paths)
if data_url:
transfer_item['viewdatalink'] = {
'object_type': 'link',
'destination': data_url,
'class': 'viewlink iconspace',
'title': 'View local component of %s' % saved_id,
'text': ''
}
transfer_item['viewoutputlink'] = {
'object_type': 'link',
'destination':
"fileman.py?path=transfer_output/%s/" % saved_id,
'class': 'infolink iconspace',
'title': 'View status files for %s' % saved_id,
'text': ''
}
# Edit is just a call to self with fillimport set
args = [('action', 'fill%(action)s' % transfer_dict),
('key_id', '%(key)s' % transfer_dict),
('transfer_dst', '%(dst)s' % transfer_dict)]
for src in transfer_dict['src']:
args.append(('transfer_src', src))
for exclude in transfer_dict.get('exclude', []):
args.append(('exclude', exclude))
for field in edit_fields:
val = transfer_dict.get(field, '')
args.append((field, val))
transfer_args = urlencode(args, True)
transfer_item['edittransferlink'] = {
'object_type': 'link',
'destination': "%s.py?%s" % (target_op, transfer_args),
'class': 'editlink iconspace',
'title': 'Edit or duplicate transfer %s' % saved_id,
'text': ''
}
js_name = 'delete%s' % hexlify(saved_id)
helper = html_post_helper(
js_name, '%s.py' % target_op, {
'transfer_id': saved_id,
'action': 'deltransfer',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
transfer_item['deltransferlink'] = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s');" %
(js_name, 'Really remove %s?' % saved_id),
'class':
'removelink iconspace',
'title':
'Remove %s' % saved_id,
'text':
''
}
js_name = 'redo%s' % hexlify(saved_id)
helper = html_post_helper(
js_name, '%s.py' % target_op, {
'transfer_id': saved_id,
'action': 'redotransfer',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
transfer_item['redotransferlink'] = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s');" %
(js_name, 'Really reschedule %s?' % saved_id),
'class':
'refreshlink iconspace',
'title':
'Reschedule %s' % saved_id,
'text':
''
}
datatransfers.append(transfer_item)
#logger.debug("found datatransfers: %s" % datatransfers)
log_path = os.path.join(configuration.user_home,
client_id_dir(client_id), "transfer_output",
configuration.site_transfer_log)
show_lines = 40
log_lines = read_tail(log_path, show_lines, logger)
available_keys = load_user_keys(configuration, client_id)
if available_keys:
key_note = ''
else:
key_note = '''No keys available - you can add a key for use in
transfers below.'''
if action.endswith('import'):
transfer_action = 'import'
elif action.endswith('export'):
transfer_action = 'export'
else:
transfer_action = 'unknown'
import_checked, export_checked = 'checked', ''
toggle_quiet, scroll_to_create = '', ''
if action in ['fillimport', 'fillexport']:
if quiet(flags):
toggle_quiet = '''
<script>
$("#wrap-tabs").hide();
$("#quiet-mode-content").show();
</script>
'''
scroll_to_create = '''
<script>
$("html, body").animate({
scrollTop: $("#createtransfer").offset().top
}, 2000);
</script>
'''
if action == 'fillimport':
import_checked = 'checked'
elif action == 'fillexport':
export_checked = 'checked'
import_checked = ''
fill_helpers = {
'import_checked': import_checked,
'export_checked': export_checked,
'anon_checked': anon_checked,
'pw_checked': pw_checked,
'key_checked': key_checked,
'transfer_id': transfer_id,
'protocol': protocol,
'fqdn': fqdn,
'port': port,
'username': username,
'password': password,
'key_id': key_id,
'transfer_src_string': ', '.join(src_list),
'transfer_src': src_list,
'transfer_dst': dst,
'exclude': exclude_list,
'compress': use_compress,
'notify': notify,
'toggle_quiet': toggle_quiet,
'scroll_to_create': scroll_to_create,
'transfer_action': transfer_action,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit,
'target_op': target_op,
'csrf_token': csrf_token
}
# Make page with manage transfers tab and manage keys tab
output_objects.append({
'object_type':
'html_form',
'text':
'''
<div id="quiet-mode-content" class="hidden">
<p>
Accept data %(transfer_action)s of %(transfer_src_string)s from
%(protocol)s://%(fqdn)s:%(port)s/ into %(transfer_dst)s ?
</p>
<p>
<input type=button onClick="doSubmit();"
value="Accept %(transfer_action)s" />
</p>
</div>
<div id="wrap-tabs" class="datatransfer-tabs">
<ul>
<li><a href="#transfer-tab">Manage Data Transfers</a></li>
<li><a href="#keys-tab">Manage Transfer Keys</a></li>
</ul>
''' % fill_helpers
})
# Display external transfers, log and form to add new ones
output_objects.append({
'object_type': 'html_form',
'text': '''
<div id="transfer-tab">
'''
})
output_objects.append({
'object_type': 'sectionheader',
'text': 'External Data Transfers'
})
output_objects.append({
'object_type': 'table_pager',
'id_prefix': 'datatransfers_',
'entry_name': 'transfers',
'default_entries': default_pager_entries
})
output_objects.append({
'object_type': 'datatransfers',
'datatransfers': datatransfers
})
output_objects.append({
'object_type': 'sectionheader',
'text': 'Latest Transfer Results'
})
output_objects.append({
'object_type':
'html_form',
'text':
'''
<textarea id="logarea" class="fillwidth" rows=5 readonly="readonly">%s</textarea>
''' % (''.join(log_lines))
})
output_objects.append({
'object_type': 'sectionheader',
'text': 'Create External Data Transfer'
})
transfer_html = '''
<table class="addexttransfer">
<tr><td>
Fill in the import/export data transfer details below to request a new
background data transfer task.<br/>
Source must be a path without wildcard characters and it must be specifically
pointed out if the src is a directory. In that case recursive transfer will
automatically be used and otherwise the src is considered a single file, so it
will fail if that is not the case.<br/>
Destination is a single location directory to transfer the data to. It is
considered in relation to your user home for <em>import</em> requests. Source
is similarly considered in relation to your user home in <em>export</em>
requests.<br/>
Destination is a always handled as a directory path to transfer source files
into.<br/>
<form method="%(form_method)s" action="%(target_op)s.py"
onSubmit="return beforeSubmit();">
<input type="hidden" name="%(csrf_field)s" value="%(csrf_token)s" />
<fieldset id="transferbox">
<table id="createtransfer" class="addexttransfer">
<tr><td>
<label for="action">Action</label>
<input type=radio name=action %(import_checked)s value="import" />import data
<input type=radio name=action %(export_checked)s value="export" />export data
</td></tr>
<tr><td>
<label for="transfer_id">Optional Transfer ID / Name </label>
<input type=text size=60 name=transfer_id value="%(transfer_id)s"
pattern="[a-zA-Z0-9._-]*"
title="Optional ID string containing only ASCII letters and digits possibly with separators like hyphen, underscore and period" />
</td></tr>
<tr><td>
<label for="protocol">Protocol</label>
<select id="protocol_select" class="protocol-select themed-select html-select"
name="protocol" onblur="setDefaultPort();">
'''
# select requested protocol
for (key, val) in valid_proto:
if protocol == key:
selected = 'selected'
else:
selected = ''
transfer_html += '<option %s value="%s">%s</option>' % \
(selected, key, val)
transfer_html += '''
</select>
</td></tr>
<tr><td>
<label for="fqdn">Host and port</label>
<input type=text size=37 name=fqdn value="%(fqdn)s" required
pattern="[a-zA-Z0-9]+(\.[a-zA-Z0-9]+)+"
title="A fully qualified domain name or Internet IP address for the remote location"/>
<input id="port_input" type=number step=1 min=1 max=65535 name=port
value="%(port)s" required />
</td></tr>
<tr><td>
<label for="">Login method</label>
<input id="anonymous_choice" type=radio %(anon_checked)s
onclick="enableLogin(\'anonymous\');" />
anonymous access
<input id="userpassword_choice" type=radio %(pw_checked)s
onclick="enableLogin(\'password\');" />
login with password
<input id="userkey_choice" type=radio %(key_checked)s
onclick="enableLogin(\'key\');" />
login with key
</td></tr>
<tr id="login_fields" style="display: none;"><td>
<label for="username">Username</label>
<input id="username" type=text size=60 name=username value="%(username)s"
pattern="[a-zA-Z0-9._-]*"
title="Optional username used to login on the remote site, if required" />
<br/>
<span id="password_entry">
<label for="transfer_pw">Password</label>
<input id="password" type=password size=60 name=transfer_pw value="" />
</span>
<span id="key_entry">
<label for="key_id">Key</label>
<select id="key" class="key-select themed-select html-select" name=key_id />
'''
# select requested key
for key_dict in available_keys:
if key_dict['key_id'] == key_id:
selected = 'selected'
else:
selected = ''
transfer_html += '<option %s value="%s">%s</option>' % \
(selected, key_dict['key_id'], key_dict['key_id'])
selected = ''
transfer_html += '''
</select> %s
''' % key_note
transfer_html += '''
</span>
</td></tr>
<tr><td>
<div id="srcfields">
<!-- NOTE: automatically filled by addSource function -->
</div>
<input id="addsrcbutton" type="button" onclick="addSource(); return false;"
value="Add another source field" />
</td></tr>
<tr><td>
<label for="transfer_dst">Destination path</label>
<input id=\'dst_0\' type=text size=60 name=transfer_dst
value="%(transfer_dst)s" required
title="relative destination path: local for imports and remote for exports" />
<input id=\'dst_dir_0\' type=radio checked />Destination directory
<input id=\'dst_file_0\' type=radio disabled />Destination file<br />
</td></tr>
<tr><td>
<div id="excludefields">
<!-- NOTE: automatically filled by addExclude function -->
</div>
<input id="addexcludebutton" type="button" onclick="addExclude(); return false;"
value="Add another exclude field" />
</td></tr>
<tr><td>
<label for="compress">Enable compression (leave unset except for <em>slow</em> sites)</label>
<input type=checkbox name=compress>
</td></tr>
<tr><td>
<label for="notify">Optional notify on completion (e.g. email address)</label>
<input type=text size=60 name=notify value=\'%(notify)s\'>
</td></tr>
<tr><td>
<span>
<input id="submit-request-transfer" type=submit value="Request transfer" />
<input type=reset value="Clear" />
</span>
</td></tr>
</table>
</fieldset>
</form>
</td>
</tr>
</table>
%(toggle_quiet)s
%(scroll_to_create)s
'''
output_objects.append({
'object_type': 'html_form',
'text': transfer_html % fill_helpers
})
output_objects.append({
'object_type': 'html_form',
'text': '''
</div>
'''
})
# Display key management
output_objects.append({
'object_type': 'html_form',
'text': '''
<div id="keys-tab">
'''
})
output_objects.append({
'object_type': 'sectionheader',
'text': 'Manage Data Transfer Keys'
})
key_html = '''
<form method="%(form_method)s" action="%(target_op)s.py">
<input type="hidden" name="%(csrf_field)s" value="%(csrf_token)s" />
<table class="managetransferkeys">
<tr><td>
'''
transferkeys = []
for key_dict in available_keys:
key_item = build_keyitem_object(configuration, key_dict)
saved_id = key_item['key_id']
js_name = 'delete%s' % hexlify(saved_id)
helper = html_post_helper(js_name, '%s.py' % target_op, {
'key_id': saved_id,
'action': 'delkey',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
key_item['delkeylink'] = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s');" %
(js_name, 'Really remove %s?' % saved_id),
'class':
'removelink iconspace',
'title':
'Remove %s' % saved_id,
'text':
''
}
transferkeys.append(key_item)
output_objects.append({
'object_type': 'table_pager',
'id_prefix': 'transferkeys_',
'entry_name': 'keys',
'default_entries': default_pager_entries
})
output_objects.append({
'object_type': 'transferkeys',
'transferkeys': transferkeys
})
key_html += '''
Please copy the public key to your ~/.ssh/authorized_keys or
~/.ssh/authorized_keys2 file on systems where you want to login with the
corresponding key.<br/>
%s
</td></tr>
<tr><td>
Select a name below to create a new key for use in future transfers. The key is
generated and stored in a private storage area on %s, so that only the transfer
service can access and use it for your transfers.
</td></tr>
<tr><td>
<input type=hidden name=action value="generatekey" />
Key name:<br/>
<input type=text size=60 name=key_id value="" required pattern="[a-zA-Z0-9._-]+"
title="internal name for the key when used in transfers. I.e. letters and digits separated only by underscores, periods and hyphens" />
<br/>
<input type=submit value="Generate key" />
</td></tr>
</table>
</form>
''' % (restrict_template % 'ssh-rsa AAAAB3NzaC...', configuration.short_title)
output_objects.append({
'object_type': 'html_form',
'text': key_html % fill_helpers
})
output_objects.append({
'object_type': 'html_form',
'text': '''
</div>
'''
})
output_objects.append({
'object_type': 'html_form',
'text': '''
</div>
'''
})
return (output_objects, returnvalues.OK)
elif action in transfer_actions:
# NOTE: all path validation is done at run-time in grid_transfers
transfer_dict = transfer_map.get(transfer_id, {})
if action == 'deltransfer':
if transfer_dict is None:
output_objects.append({
'object_type':
'error_text',
'text':
'existing transfer_id is required for delete'
})
return (output_objects, returnvalues.CLIENT_ERROR)
(save_status, _) = delete_data_transfer(configuration, client_id,
transfer_id, transfer_map)
desc = "delete"
elif action == 'redotransfer':
if transfer_dict is None:
output_objects.append({
'object_type':
'error_text',
'text':
'existing transfer_id is required for reschedule'
})
return (output_objects, returnvalues.CLIENT_ERROR)
transfer_dict['status'] = 'NEW'
(save_status, _) = update_data_transfer(configuration, client_id,
transfer_dict,
transfer_map)
desc = "reschedule"
else:
if not fqdn:
output_objects.append({
'object_type': 'error_text',
'text': 'No host address provided!'
})
return (output_objects, returnvalues.CLIENT_ERROR)
if not [src for src in src_list if src] or not dst:
output_objects.append({
'object_type':
'error_text',
'text':
'transfer_src and transfer_dst parameters '
'required for all data transfers!'
})
return (output_objects, returnvalues.CLIENT_ERROR)
if protocol == "rsyncssh" and not key_id:
output_objects.append({
'object_type':
'error_text',
'text':
'RSYNC over SSH is only supported with key!'
})
return (output_objects, returnvalues.CLIENT_ERROR)
if not password and not key_id and protocol in warn_anon:
output_objects.append({
'object_type':
'warning',
'text':
'''
%s transfers usually require explicit authentication with your credentials.
Proceeding as requested with anonymous login, but the transfer is likely to
fail.''' % valid_proto_map[protocol]
})
if key_id and protocol in warn_key:
output_objects.append({
'object_type':
'warning',
'text':
'''
%s transfers usually only support authentication with username and password
rather than key. Proceeding as requested, but the transfer is likely to
fail if it really requires login.''' % valid_proto_map[protocol]
})
# Make pseudo-unique ID based on msec time since epoch if not given
if not transfer_id:
transfer_id = "transfer-%d" % (time.time() * 1000)
if transfer_dict:
desc = "update"
else:
desc = "create"
if password:
# We don't want to store password in plain text on disk
password_digest = make_digest('datatransfer', client_id,
password,
configuration.site_digest_salt)
else:
password_digest = ''
transfer_dict.update({
'transfer_id': transfer_id,
'action': action,
'protocol': protocol,
'fqdn': fqdn,
'port': port,
'username': username,
'password_digest': password_digest,
'key': key_id,
'src': src_list,
'dst': dst,
'exclude': exclude_list,
'compress': use_compress,
'notify': notify,
'status': 'NEW'
})
(save_status, _) = create_data_transfer(configuration, client_id,
transfer_dict,
transfer_map)
if not save_status:
output_objects.append({
'object_type':
'error_text',
'text':
'Error in %s data transfer %s: ' % (desc, transfer_id) +
'save updated transfers failed!'
})
return (output_objects, returnvalues.CLIENT_ERROR)
output_objects.append({
'object_type':
'text',
'text':
'%sd transfer request %s.' % (desc.title(), transfer_id)
})
if action != 'deltransfer':
output_objects.append({
'object_type':
'link',
'destination':
"fileman.py?path=transfer_output/%s/" % transfer_id,
'title':
'Transfer status and output',
'text':
'Transfer status and output folder'
})
output_objects.append({
'object_type':
'text',
'text':
'''
Please note that the status files only appear after the transfer starts, so it
may be empty now.
'''
})
logger.debug('datatransfer %s from %s done: %s' %
(action, client_id, transfer_dict))
elif action in key_actions:
if action == 'generatekey':
(gen_status, pub) = generate_user_key(configuration, client_id,
key_id)
if gen_status:
output_objects.append({
'object_type':
'html_form',
'text':
'''
Generated new key with name %s and associated public key:<br/>
<textarea class="publickey" rows="5" readonly="readonly">%s</textarea>
<p>
Please copy it to your ~/.ssh/authorized_keys or ~/.ssh/authorized_keys2 file
on the host(s) where you want to use this key for background transfer login.
<br/>
%s
</p>
''' % (key_id, pub, restrict_template % pub)
})
else:
output_objects.append({
'object_type':
'error_text',
'text':
'''
Key generation for name %s failed with error: %s''' % (key_id, pub)
})
return (output_objects, returnvalues.CLIENT_ERROR)
elif action == 'delkey':
pubkey = '[unknown]'
available_keys = load_user_keys(configuration, client_id)
for key_dict in available_keys:
if key_dict['key_id'] == key_id:
pubkey = key_dict.get('public_key', pubkey)
(del_status, msg) = delete_user_key(configuration, client_id,
key_id)
if del_status:
output_objects.append({
'object_type':
'html_form',
'text':
'''
<p>
Deleted the key "%s" and the associated public key:<br/>
</p>
<textarea class="publickey" rows="5" readonly="readonly">%s</textarea>
<p>
You will no longer be able to use it in your data transfers and can safely
remove the public key from your ~/.ssh/authorized_keys* files on any hosts
where you may have previously added it.
</p>
''' % (key_id, pubkey)
})
else:
output_objects.append({
'object_type':
'error_text',
'text':
'''
Key removal for name %s failed with error: %s''' % (key_id, msg)
})
return (output_objects, returnvalues.CLIENT_ERROR)
else:
output_objects.append({
'object_type':
'error_text',
'text':
'Invalid data transfer action: %s' % action
})
return (output_objects, returnvalues.CLIENT_ERROR)
output_objects.append({
'object_type': 'link',
'destination': 'datatransfer.py',
'text': 'Return to data transfers overview'
})
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'Runtime Environments'
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
operation = accepted['operation'][-1]
if not operation in allowed_operations:
output_objects.append({
'object_type':
'text',
'text':
'''Operation must be one of %s.''' % ', '.join(allowed_operations)
})
return (output_objects, returnvalues.OK)
logger.info("%s %s begin for %s" % (op_name, operation, client_id))
if operation in show_operations:
# jquery support for tablesorter and confirmation on delete
# table initially sorted by col. 2 (admin), then 0 (name)
refresh_call = 'ajax_redb()'
table_spec = {
'table_id': 'runtimeenvtable',
'sort_order': '[[2,1],[0,0]]',
'refresh_call': refresh_call
}
(add_import, add_init,
add_ready) = man_base_js(configuration, [table_spec])
if operation == "show":
add_ready += '%s;' % refresh_call
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({
'object_type': 'html_form',
'text': man_base_html(configuration)
})
output_objects.append({
'object_type': 'header',
'text': 'Runtime Environments'
})
output_objects.append({
'object_type':
'text',
'text':
'Runtime environments specify software/data available on resources.'
})
output_objects.append({
'object_type': 'link',
'destination': 'docs.py?show=Runtime+Environments',
'class': 'infolink iconspace',
'title': 'Show information about runtime environment',
'text': 'Documentation on runtime environments'
})
output_objects.append({
'object_type': 'sectionheader',
'text': 'Existing runtime environments'
})
# Helper form for removes
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
target_op = 'deletere'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper('delre', '%s.py' % target_op, {
're_name': '__DYNAMIC__',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
output_objects.append({
'object_type': 'table_pager',
'entry_name': 'runtime envs',
'default_entries': default_pager_entries
})
runtimeenvironments = []
if operation in list_operations:
re_map = get_re_map(configuration)
provider_map = get_re_provider_map(configuration)
for (re_name, cache_dict) in re_map.items():
re_dict = cache_dict[CONF]
# Set providers explicitly after build_reitem_object to avoid import loop
re_item = build_reitem_object(configuration, re_dict)
re_name = re_item['name']
re_item['providers'] = provider_map.get(re_name, [])
re_item['resource_count'] = len(re_item['providers'])
re_item['viewruntimeenvlink'] = {
'object_type': 'link',
'destination': "showre.py?re_name=%s" % re_name,
'class': 'infolink iconspace',
'title': 'View %s runtime environment' % re_name,
'text': ''
}
if client_id == re_item['creator']:
re_item['ownerlink'] = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s', %s, %s);" %
('delre', 'Really delete %s?' % re_name, 'undefined',
"{re_name: '%s'}" % re_name),
'class':
'removelink iconspace',
'title':
'Delete %s runtime environment' % re_name,
'text':
''
}
runtimeenvironments.append(re_item)
output_objects.append({
'object_type': 'runtimeenvironments',
'runtimeenvironments': runtimeenvironments
})
if operation in show_operations:
if configuration.site_swrepo_url:
output_objects.append({
'object_type': 'sectionheader',
'text': 'Software Packages'
})
output_objects.append({
'object_type':
'link',
'destination':
configuration.site_swrepo_url,
'class':
'swrepolink iconspace',
'title':
'Browse available software packages',
'text':
'Open software catalogue for %s' % configuration.short_title,
})
output_objects.append({
'object_type': 'sectionheader',
'text': 'Additional Runtime Environments'
})
output_objects.append({
'object_type': 'link',
'destination': 'adminre.py',
'class': 'addlink iconspace',
'title': 'Specify a new runtime environment',
'text': 'Create a new runtime environment'
})
logger.info("%s %s end for %s" % (op_name, operation, client_id))
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
hosturl = accepted['hosturl'][-1]
hostidentifier = accepted['hostidentifier'][-1]
resource_id = '%s.%s' % (hosturl, hostidentifier)
extra_selects = 3
if not configuration.site_enable_resources:
output_objects.append({
'object_type':
'error_text',
'text':
'''Resources are not enabled on this system'''
})
return (output_objects, returnvalues.SYSTEM_ERROR)
# Find allowed VGrids and Runtimeenvironments and add them to
# configuration object for automated choice handling
allowed_vgrids = [''] + res_vgrid_access(configuration, resource_id)
allowed_vgrids.sort()
configuration.vgrids = allowed_vgrids
(re_status, allowed_run_envs) = list_runtime_environments(configuration)
allowed_run_envs.sort()
area_cols = 80
area_rows = 5
status = returnvalues.OK
logger.info('Starting Resource edit GUI.')
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'Resource Editor'
output_objects.append({'object_type': 'header', 'text': 'Resource Editor'})
output_objects.append({
'object_type':
'sectionheader',
'text':
'%s Resource Editor' % configuration.short_title
})
output_objects.append({
'object_type':
'text',
'text':
'''
Please fill in or edit the fields below to fit your %s resource reservation. Most fields
will work with their default values. So if you are still in doubt after reading the help
description, you can likely just leave the field alone.''' %
configuration.short_title
})
if hosturl and hostidentifier:
conf = init_conf(configuration, hosturl, hostidentifier)
if not conf:
status = returnvalues.CLIENT_ERROR
output_objects.append({
'object_type':
'error_text',
'text':
'''No such resource! (%s.%s)''' % (hosturl, hostidentifier)
})
return (output_objects, status)
else:
conf = empty_resource_config(configuration)
res_fields = resconfkeywords.get_resource_specs(configuration)
exe_fields = resconfkeywords.get_exenode_specs(configuration)
store_fields = resconfkeywords.get_storenode_specs(configuration)
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'short_title': configuration.short_title,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'reseditaction'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
""" % fill_helpers
})
# Resource overall fields
output_objects.append({
'object_type': 'sectionheader',
'text': "Main Resource Settings"
})
output_objects.append({
'object_type':
'text',
'text':
"""This section configures general options for the resource."""
})
(title, field) = ('Host FQDN', 'HOSTURL')
if hosturl:
try:
hostip = conf.get('HOSTIP', socket.gethostbyname(hosturl))
except:
hostip = '<unknown>'
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#res-%s'>help</a><br />
<input type='hidden' name='%s' value='%s' />
<input type='hidden' name='hostip' value='%s' />
%s
<br />
<br />""" % (title, field, field, conf[field], hostip, conf[field])
})
else:
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#res-%s'>help</a><br />
<input class='fillwidth padspace' type='text' name='%s' size='%d' value='%s'
required pattern='[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)+'
title='Fully qualified domain name or Internet IP address of the resource'
/>
<br />
<br />""" % (title, field, field, field_size(conf[field]), conf[field])
})
(title, field) = ('Host identifier', 'HOSTIDENTIFIER')
if hostidentifier:
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#res-%s'>help</a><br />
<input type='hidden' name='%s' value='%s' />
%s
<br />
<br />""" % (title, field, field, conf[field], conf[field])
})
(field, title) = 'frontendhome', 'Frontend Home Path'
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#%s'>help</a><br />
<input class='fillwidth padspace' type='text' name='%s' size='%d' value='%s'
required pattern='[^ ]+' title='Absolute path to user home on the resource'
/>
<br />
<br />""" % (title, field, field, field_size(conf[field]), conf[field])
})
for (field, spec) in res_fields:
title = spec['Title']
field_type = spec['Type']
if spec['Required']:
required_str = 'required'
else:
required_str = ''
if 'invisible' == spec['Editor']:
continue
elif 'input' == spec['Editor']:
if spec['Type'] == 'int':
input_str = """
<input class='fillwidth padspace' type='number' name='%s' size='%d' value='%s'
min=0 pattern='[0-9]+' %s />
""" % (field, field_size(conf[field]), conf[field], required_str)
else:
input_str = """
<input class='fillwidth padspace' type='text' name='%s' size='%d' value='%s'
%s />
""" % (field, field_size(conf[field]), conf[field], required_str)
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#res-%s'>help</a>
<br />
%s<br />
<br />""" % (title, field, input_str)
})
elif 'select' == spec['Editor']:
choices = available_choices(configuration, client_id, resource_id,
field, spec)
res_value = conf[field]
value_select = ''
if field_type.startswith('multiple'):
select_count = len(res_value) + extra_selects
else:
select_count = 1
res_value = [res_value]
for i in range(select_count):
value_select += "<select name='%s'>\n" % field
for name in choices:
selected = ''
if i < len(res_value) and res_value[i] == name:
selected = 'selected'
display = "%s" % name
if display == '':
display = ' '
value_select += """<option %s value='%s'>%s</option>\n""" \
% (selected, name, display)
value_select += """</select><br />\n"""
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#res-%s'>help</a><br />
%s
<br />""" % (title, field, value_select)
})
# Not all resource fields here map directly to keywords/specs input field
(title, field) = ('Runtime Environments', 'RUNTIMEENVIRONMENT')
re_list = conf[field]
show = re_list + [('', []) for i in range(extra_selects)]
re_select = "<input type='hidden' name='runtime_env_fields' value='%s'/>\n" \
% len(show)
i = 0
for active in show:
re_select += "<select name='runtimeenvironment%d'>\n" % i
for name in allowed_run_envs + ['']:
selected = ''
if active[0] == name:
selected = 'selected'
display = "%s" % name
if display == '':
display = ' '
re_select += """<option %s value='%s'>%s</option>\n""" % \
(selected, name, display)
re_select += """</select><br />\n"""
values = '\n'.join(['%s=%s' % pair for pair in active[1]])
re_select += "<textarea class='fillwidth padspace' cols='%d' rows='%d' name='re_values%d'>%s</textarea><br />\n" % \
(area_cols, area_rows, i, values)
i += 1
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#res-%s'>help</a><br />
Please enter any required environment variable settings on the form NAME=VALUE in the box below
each selected runtimeenvironment.<br />
%s
<br />""" % (title, field, re_select)
})
# Execution node fields
output_objects.append({
'object_type': 'sectionheader',
'text': "Execution nodes"
})
output_objects.append({
'object_type':
'text',
'text':
"""This section configures execution nodes on the resource."""
})
(field, title) = 'executionnodes', 'Execution Node(s)'
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#exe-%s'>help</a><br />
<input class='fillwidth padspace' type='text' name='exe-%s' size='%d' value='%s' />
<br />
<br />""" % (title, field, field, field_size(
conf['all_exes'][field]), conf['all_exes'][field])
})
(field, title) = 'executionhome', 'Execution Home Path'
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#exe-%s'>help</a><br />
<input class='fillwidth padspace' type='text' name='exe-%s' size='%d' value='%s' />
<br />
<br />""" % (title, field, field, field_size(
conf['all_exes'][field]), conf['all_exes'][field])
})
for (field, spec) in exe_fields:
title = spec['Title']
field_type = spec['Type']
# We don't really have a good map of required fields here so disable
required_str = ''
if 'invisible' == spec['Editor']:
continue
elif 'input' == spec['Editor']:
if spec['Type'] == 'int':
input_str = """
<input class='fillwidth padspace' type='number' name='exe-%s' size='%d' value='%s'
min=0 pattern='[0-9]+' %s />
""" % (field, field_size(conf['all_exes'][field]), conf['all_exes'][field],
required_str)
else:
input_str = """
<input class='fillwidth padspace' type='text' name='exe-%s' size='%d' value='%s'
%s />
""" % (field, field_size(conf['all_exes'][field]), conf['all_exes'][field],
required_str)
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#exe-%s'>help</a>
<br />
%s
<br />
<br />""" % (title, field, input_str)
})
elif 'select' == spec['Editor']:
choices = available_choices(configuration, client_id, resource_id,
field, spec)
exe_value = conf['all_exes'][field]
value_select = ''
if field_type.startswith('multiple'):
select_count = len(exe_value) + extra_selects
else:
select_count = 1
exe_value = [exe_value]
for i in range(select_count):
value_select += "<select name='exe-%s'>\n" % field
for name in choices:
selected = ''
if i < len(exe_value) and exe_value[i] == name:
selected = 'selected'
display = "%s" % name
if display == '':
display = ' '
value_select += """<option %s value='%s'>%s</option>\n""" \
% (selected, name, display)
value_select += """</select><br />\n"""
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#exe-%s'>help</a><br />
%s
<br />""" % (title, field, value_select)
})
# Storage node fields
output_objects.append({
'object_type': 'sectionheader',
'text': "Storage nodes"
})
output_objects.append({
'object_type':
'text',
'text':
"""This section configures storage nodes on the resource."""
})
(field, title) = 'storagenodes', 'Storage Node(s)'
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#store-%s'>help</a><br />
<input class='fillwidth padspace' type='text' name='store-%s' size='%d' value='%s' />
<br />
<br />""" % (title, field, field, field_size(
conf['all_stores'][field]), conf['all_stores'][field])
})
(field, title) = 'storagehome', 'Storage Home Path'
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#store-%s'>help</a><br />
<input class='fillwidth padspace' type='text' name='store-%s' size='%d' value='%s' />
<br />
<br />""" % (title, field, field, field_size(
conf['all_stores'][field]), conf['all_stores'][field])
})
for (field, spec) in store_fields:
title = spec['Title']
field_type = spec['Type']
# We don't really have a good map of required fields here so disable
required_str = ''
if 'invisible' == spec['Editor']:
continue
elif 'input' == spec['Editor']:
if spec['Type'] == 'int':
input_str = """
<input class='fillwidth padspace' type='number' name='store-%s' size='%d' value='%s'
min=0 pattern='[0-9]+' %s />
""" % (field, field_size(conf['all_stores'][field]), conf['all_stores'][field],
required_str)
else:
input_str = """
<input class='fillwidth padspace' type='text' name='store-%s' size='%d' value='%s'
%s />
""" % (field, field_size(conf['all_stores'][field]), conf['all_stores'][field],
required_str)
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#store-%s'>help</a>
<br />
%s
<br />
<br />""" % (title, field, input_str)
})
elif 'select' == spec['Editor']:
choices = available_choices(configuration, client_id, resource_id,
field, spec)
store_value = conf['all_stores'][field]
value_select = ''
if field_type.startswith('multiple'):
select_count = len(store_value) + extra_selects
else:
select_count = 1
store_value = [store_value]
for i in range(select_count):
value_select += "<select name='store-%s'>\n" % field
for name in choices:
selected = ''
if i < len(store_value) and store_value[i] == name:
selected = 'selected'
display = "%s" % name
if display == '':
display = ' '
value_select += """<option %s value='%s'>%s</option>\n""" \
% (selected, name, display)
value_select += """</select><br />\n"""
output_objects.append({
'object_type':
'html_form',
'text':
"""<br />
<b>%s:</b> <a class='infolink iconspace' href='resedithelp.py#store-%s'>help</a><br />
%s
<br />""" % (title, field, value_select)
})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<input type='submit' value='Save' />
</form>
"""
})
return (output_objects, status)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
title_entry = find_entry(output_objects, 'title')
label = "%s" % configuration.site_vgrid_label
title_entry['text'] = "Create Archive"
# NOTE: Delay header entry here to include freeze flavor
# All non-file fields must be validated
validate_args = dict([(key, user_arguments_dict.get(key, val)) for
(key, val) in defaults.items()])
# IMPORTANT: we must explicitly inlude CSRF token
validate_args[csrf_field] = user_arguments_dict.get(csrf_field, [
'AllowMe'])
(validate_status, accepted) = validate_input_and_cert(
validate_args,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
flavor = accepted['flavor'][-1].strip()
freeze_state = accepted['freeze_state'][-1].strip()
if not safe_handler(configuration, 'post', op_name, client_id,
get_csrf_limit(configuration), accepted):
output_objects.append(
{'object_type': 'error_text', 'text': '''Only accepting
CSRF-filtered POST requests to prevent unintended updates'''
})
return (output_objects, returnvalues.CLIENT_ERROR)
if not flavor in freeze_flavors.keys():
output_objects.append({'object_type': 'error_text', 'text':
'Invalid freeze flavor: %s' % flavor})
return (output_objects, returnvalues.CLIENT_ERROR)
if not freeze_state in freeze_flavors[flavor]['states'] + [keyword_auto]:
output_objects.append({'object_type': 'error_text', 'text':
'Invalid freeze state: %s' % freeze_state})
return (output_objects, returnvalues.CLIENT_ERROR)
title = freeze_flavors[flavor]['createfreeze_title']
output_objects.append({'object_type': 'header', 'text': title})
if not configuration.site_enable_freeze:
output_objects.append({'object_type': 'text', 'text':
'''Freezing archives is disabled on this site.
Please contact the site admins %s if you think it should be enabled.
''' % configuration.admin_email})
return (output_objects, returnvalues.OK)
# jquery support for confirmation on freeze
(add_import, add_init, add_ready) = man_base_js(configuration, [])
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({'object_type': 'html_form',
'text': man_base_html(configuration)})
freeze_id = accepted['freeze_id'][-1].strip()
freeze_name = accepted['freeze_name'][-1].strip()
freeze_description = accepted['freeze_description'][-1]
freeze_author = accepted['freeze_author'][-1].strip()
freeze_department = accepted['freeze_department'][-1].strip()
freeze_organization = accepted['freeze_organization'][-1].strip()
freeze_publish = accepted['freeze_publish'][-1].strip()
do_publish = (freeze_publish.lower() in ('on', 'true', 'yes', '1'))
# Share init of base meta with lookup of default state in freeze_flavors
if not freeze_state or freeze_state == keyword_auto:
freeze_state = freeze_flavors[flavor]['states'][0]
freeze_meta = {'ID': freeze_id, 'STATE': freeze_state}
# New archives must have name and description set
if freeze_id == keyword_auto:
logger.debug("creating a new %s archive for %s" % (flavor, client_id))
if not freeze_name or freeze_name == keyword_auto:
freeze_name = '%s-%s' % (flavor, datetime.datetime.now())
if not freeze_description:
if flavor == 'backup':
freeze_description = 'manual backup archive created on %s' % \
datetime.datetime.now()
else:
output_objects.append(
{'object_type': 'error_text', 'text':
'You must provide a description for the archive!'})
return (output_objects, returnvalues.CLIENT_ERROR)
if flavor == 'phd' and (not freeze_author or not freeze_department):
output_objects.append({'object_type': 'error_text', 'text': """
You must provide author and department for the thesis!"""})
return (output_objects, returnvalues.CLIENT_ERROR)
freeze_meta.update(
{'FLAVOR': flavor, 'NAME': freeze_name,
'DESCRIPTION': freeze_description,
'AUTHOR': freeze_author, 'DEPARTMENT': freeze_department,
'ORGANIZATION': freeze_organization, 'PUBLISH': do_publish})
elif is_frozen_archive(client_id, freeze_id, configuration):
logger.debug("updating existing %s archive for %s" % (flavor,
client_id))
# Update any explicitly provided fields (may be left empty on finalize)
changes = {}
if freeze_name and freeze_name != keyword_auto:
changes['NAME'] = freeze_name
if freeze_author:
changes['AUTHOR'] = freeze_author
if freeze_description:
changes['DESCRIPTION'] = freeze_description
if freeze_publish:
changes['PUBLISH'] = do_publish
logger.debug("updating existing %s archive for %s with: %s" %
(flavor, client_id, changes))
logger.debug("publish is %s based on %s" %
(do_publish, freeze_publish))
freeze_meta.update(changes)
else:
logger.error("no such %s archive for %s: %s" % (flavor, client_id,
freeze_id))
output_objects.append({'object_type': 'error_text', 'text': """
Invalid archive ID %s - you must either create a new archive or edit an
existing archive of yours!""" % freeze_id})
return (output_objects, returnvalues.CLIENT_ERROR)
# Now parse and validate files to archive
for name in defaults.keys():
if user_arguments_dict.has_key(name):
del user_arguments_dict[name]
(copy_files, copy_rejected) = parse_form_copy(user_arguments_dict,
client_id, configuration)
(move_files, move_rejected) = parse_form_move(user_arguments_dict,
client_id, configuration)
(upload_files, upload_rejected) = parse_form_upload(user_arguments_dict,
client_id,
configuration)
if copy_rejected + move_rejected + upload_rejected:
output_objects.append({'object_type': 'error_text', 'text':
'Errors parsing freeze files: %s' %
'\n '.join(copy_rejected + move_rejected +
upload_rejected)})
return (output_objects, returnvalues.CLIENT_ERROR)
# NOTE: this may be a new or an existing pending archive, and it will fail
# if archive is already under update
(retval, retmsg) = create_frozen_archive(freeze_meta, copy_files,
move_files, upload_files,
client_id, configuration)
if not retval:
output_objects.append({'object_type': 'error_text', 'text':
'Error creating/updating archive: %s'
% retmsg})
return (output_objects, returnvalues.SYSTEM_ERROR)
# Make sure we have freeze_id and other updated fields
freeze_meta.update(retmsg)
freeze_id = freeze_meta['ID']
logger.info("%s: successful for '%s': %s" % (op_name,
freeze_id, client_id))
# Return simple status mainly for use in scripting
output_objects.append({'object_type': 'freezestatus', 'freeze_id': freeze_id,
'flavor': flavor, 'freeze_state': freeze_state})
publish_note = ''
if freeze_state == keyword_pending:
publish_hint = 'Preview published archive page in a new window/tab'
publish_text = 'Preview publishing'
output_objects.append({'object_type': 'text', 'text': """
Saved *preliminary* %s archive with ID %s . You can continue inspecting and
changing it until you're satisfied, then finalize it for actual persistent
freezing.""" % (flavor, freeze_id)})
else:
publish_hint = 'View published archive page in a new window/tab'
publish_text = 'Open published archive'
output_objects.append({'object_type': 'text', 'text':
'Successfully froze %s archive with ID %s .'
% (flavor, freeze_id)})
if do_publish:
public_url = published_url(freeze_meta, configuration)
output_objects.append({'object_type': 'text', 'text': ''})
output_objects.append({
'object_type': 'link',
'destination': public_url,
'class': 'previewarchivelink iconspace genericbutton',
'title': publish_hint,
'text': publish_text,
'target': '_blank',
})
output_objects.append({'object_type': 'text', 'text': ''})
# Always allow show archive
output_objects.append({
'object_type': 'link',
'destination': 'showfreeze.py?freeze_id=%s;flavor=%s' % (freeze_id,
flavor),
'class': 'viewarchivelink iconspace genericbutton',
'title': 'View details about your %s archive' % flavor,
'text': 'View details',
})
if freeze_state == keyword_pending:
output_objects.append({'object_type': 'text', 'text': ''})
output_objects.append({
'object_type': 'link',
'destination': 'adminfreeze.py?freeze_id=%s' % freeze_id,
'class': 'editarchivelink iconspace genericbutton',
'title': 'Further modify your pending %s archive' % flavor,
'text': 'Edit archive',
})
output_objects.append({'object_type': 'text', 'text': ''})
output_objects.append({'object_type': 'html_form', 'text': """
<br/><hr/><br/>
<p class='warn_message'>IMPORTANT: you still have to explicitly finalize your
archive before you get the additional data integrity/persistance guarantees
like tape archiving.
</p>"""})
form_method = 'post'
target_op = 'createfreeze'
csrf_limit = get_csrf_limit(configuration)
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper('createfreeze', '%s.py' % target_op,
{'freeze_id': freeze_id,
'freeze_state': keyword_final,
'flavor': flavor,
csrf_field: csrf_token})
output_objects.append({'object_type': 'html_form', 'text': helper})
output_objects.append({
'object_type': 'link',
'destination':
"javascript: confirmDialog(%s, '%s');" %
('createfreeze', 'Really finalize %s?' % freeze_id),
'class': 'finalizearchivelink iconspace genericbutton',
'title': 'Finalize %s archive to prevent further changes' % flavor,
'text': 'Finalize archive',
})
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
client_dir = client_id_dir(client_id)
status = returnvalues.OK
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
show_description = accepted['description'][-1].lower() == 'true'
if not configuration.site_enable_jobs:
output_objects.append({
'object_type':
'error_text',
'text':
'''Job execution is not enabled on this system'''
})
return (output_objects, returnvalues.SYSTEM_ERROR)
# Please note that base_dir must end in slash to avoid access to other
# user dirs when own name is a prefix of another user name
base_dir = os.path.abspath(
os.path.join(configuration.user_home, client_dir)) + os.sep
template_path = os.path.join(base_dir, default_mrsl_filename)
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'Submit Job'
user_settings = title_entry.get('user_settings', {})
output_objects.append({'object_type': 'header', 'text': 'Submit Job'})
default_mrsl = get_default_mrsl(template_path)
if not user_settings or not user_settings.has_key('SUBMITUI'):
logger.info('Settings dict does not have SUBMITUI key - using default')
submit_style = configuration.submitui[0]
else:
submit_style = user_settings['SUBMITUI']
# We generate all 3 variants of job submission (fields, textarea, files),
# initially hide them and allow to switch between them using js.
# could instead extract valid prefixes as in settings.py
# (means: by "eval" from configuration). We stick to hard-coding.
submit_options = ['fields_form', 'textarea_form', 'files_form']
open_button_id = 'open_fancy_upload'
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'dest_dir': '.' + os.sep,
'fancy_open': open_button_id,
'default_mrsl': default_mrsl,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'uploadchunked'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
(add_import, add_init, add_ready) = fancy_upload_js(configuration,
csrf_token=csrf_token)
add_init += '''
submit_options = %s;
function setDisplay(this_id, new_d) {
//console.log("setDisplay with: "+this_id);
el = document.getElementById(this_id)
if (el == undefined || el.style == undefined) {
console.log("failed to locate display element: "+this_id);
return; // avoid js null ref errors
}
el.style.display=new_d;
}
function switchTo(name) {
//console.log("switchTo: "+name);
for (o=0; o < submit_options.length; o++) {
if (name == submit_options[o]) {
setDisplay(submit_options[o],"block");
} else {
setDisplay(submit_options[o],"none");
}
}
}
''' % submit_options
add_ready += '''
switchTo("%s");
setUploadDest("%s");
/* wrap openFancyUpload in function to avoid event data as argument */
$("#%s").click(function() { openFancyUpload(); });
''' % (submit_style + "_form", fill_helpers['dest_dir'], open_button_id)
fancy_dialog = fancy_upload_html(configuration)
# TODO: can we update style inline to avoid explicit themed_styles?
title_entry['style'] = themed_styles(
configuration,
base=['jquery.fileupload.css', 'jquery.fileupload-ui.css'],
skin=['fileupload-ui.custom.css'],
user_settings=user_settings)
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({
'object_type':
'text',
'text':
'This page is used to submit jobs to the grid.'
})
output_objects.append({
'object_type':
'verbatim',
'text':
'''
There are %s interface styles available that you can choose among:''' %
len(submit_options)
})
links = []
for opt in submit_options:
name = opt.split('_', 2)[0]
links.append({
'object_type': 'link',
'destination': "javascript:switchTo('%s')" % opt,
'class': 'submit%slink iconspace' % name,
'title': 'Switch to %s submit interface' % name,
'text': '%s style' % name,
})
output_objects.append({'object_type': 'multilinkline', 'links': links})
output_objects.append({
'object_type':
'text',
'text':
'''
Please note that changes to the job description are *not* automatically
transferred if you switch style.'''
})
output_objects.append({
'object_type':
'html_form',
'text':
'<div id="fields_form" style="display:none;">\n'
})
# Fields
output_objects.append({
'object_type':
'sectionheader',
'text':
'Please fill in your job description in the fields'
' below:'
})
output_objects.append({
'object_type':
'text',
'text':
"""
Please fill in one or more fields below to define your job before hitting
Submit Job at the bottom of the page.
Empty fields will simply result in the default value being used and each field
is accompanied by a help link providing further details about the field."""
})
fill_helpers.update({'fancy_dialog': fancy_dialog})
target_op = 'submitfields'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<div class='submitjob'>
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
""" % fill_helpers
})
show_fields = get_job_specs(configuration)
try:
parsed_mrsl = dict(parse_lines(default_mrsl))
except:
parsed_mrsl = {}
# Find allowed VGrids and Runtimeenvironments and add them to
# configuration object for automated choice handling
vgrid_access = user_vgrid_access(configuration, client_id) + \
[any_vgrid]
vgrid_access.sort()
configuration.vgrids = vgrid_access
(re_status, allowed_run_envs) = list_runtime_environments(configuration)
if not re_status:
logger.error('Failed to extract allowed runtime envs: %s' %
allowed_run_envs)
allowed_run_envs = []
allowed_run_envs.sort()
configuration.runtimeenvironments = allowed_run_envs
# TODO: next call is slow because we walk and reload all pickles
user_res = user_allowed_res_exes(configuration, client_id)
# Add valid MAXFILL values to automated choice handling
configuration.maxfills = [keyword_all] + maxfill_fields
# Allow any exe unit on all allowed resources
allowed_resources = ['%s_*' % res for res in user_res.keys()]
allowed_resources.sort()
configuration.resources = allowed_resources
field_size = 30
area_cols = 80
area_rows = 5
for (field, spec) in show_fields:
title = spec['Title']
if show_description:
description = '%s<br />' % spec['Description']
else:
description = ''
field_type = spec['Type']
# Use saved value and fall back to default if it is missing
saved = parsed_mrsl.get('::%s::' % field, None)
if saved:
if not spec['Type'].startswith('multiple'):
default = saved[0]
else:
default = saved
else:
default = spec['Value']
# Hide sandbox field if sandboxes are disabled
if field == 'SANDBOX' and not configuration.site_enable_sandboxes:
continue
if 'invisible' == spec['Editor']:
continue
if 'custom' == spec['Editor']:
continue
output_objects.append({
'object_type':
'html_form',
'text':
"""
<b>%s:</b> <a class='infolink iconspace' href='docs.py?show=job#%s'>
help</a><br />
%s""" % (title, field, description)
})
if 'input' == spec['Editor']:
if field_type.startswith('multiple'):
output_objects.append({
'object_type':
'html_form',
'text':
"""
<textarea class='fillwidth padspace' name='%s' cols='%d' rows='%d'>%s</textarea><br />
""" % (field, area_cols, area_rows, '\n'.join(default))
})
elif field_type == 'int':
output_objects.append({
'object_type':
'html_form',
'text':
"""
<input type='number' name='%s' size='%d' value='%s' min=0 required pattern='[0-9]+' /><br />
""" % (field, field_size, default)
})
else:
output_objects.append({
'object_type':
'html_form',
'text':
"""
<input type='text' name='%s' size='%d' value='%s' /><br />
""" % (field, field_size, default)
})
elif 'select' == spec['Editor']:
choices = available_choices(configuration, client_id, field, spec)
res_value = default
value_select = ''
if field_type.startswith('multiple'):
value_select += '<div class="scrollselect">'
for name in choices:
# Blank default value does not make sense here
if not str(name):
continue
selected = ''
if str(name) in res_value:
selected = 'checked'
value_select += '''
<input type="checkbox" name="%s" %s value=%s>%s<br />
''' % (field, selected, name, name)
value_select += '</div>\n'
else:
value_select += "<select name='%s'>\n" % field
for name in choices:
selected = ''
if str(res_value) == str(name):
selected = 'selected'
display = "%s" % name
if display == '':
display = ' '
value_select += """<option %s value='%s'>%s</option>\n""" \
% (selected, name, display)
value_select += """</select><br />\n"""
output_objects.append({
'object_type': 'html_form',
'text': value_select
})
output_objects.append({'object_type': 'html_form', 'text': "<br />"})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<br />
<table class='centertext'>
<tr><td><input type='submit' value='Submit Job' />
<input type='checkbox' name='save_as_default'> Save as default job template
</td></tr>
</table>
<br />
</form>
</div>
"""
})
output_objects.append({
'object_type':
'html_form',
'text':
'''
</div><!-- fields_form-->
<div id="textarea_form" style="display:none;">
'''
})
# Textarea
output_objects.append({
'object_type':
'sectionheader',
'text':
'Please enter your mRSL job description below:'
})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<div class='smallcontent'>
Job descriptions can use a wide range of keywords to specify job requirements
and actions.<br />
Each keyword accepts one or more values of a particular type.<br />
The full list of keywords with their default values and format is available in
the on-demand <a href='docs.py?show=job'>mRSL Documentation</a>.
<p>
Actual examples for inspiration:
<a href=/public/cpuinfo.mRSL>CPU Info</a>,
<a href=/public/basic-io.mRSL>Basic I/O</a>,
<a href=/public/notification.mRSL>Job Notification</a>,
<a href=/public/povray.mRSL>Povray</a> and
<a href=/public/vcr.mRSL>VCR</a>
</div>
"""
})
target_op = 'textarea'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<!--
Please note that textarea.py chokes if no nonempty KEYWORD_X_Y_Z fields
are supplied: thus we simply send a bogus jobname which does nothing
-->
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<table class='submitjob'>
<tr><td class='centertext'>
<input type=hidden name=jobname_0_0_0 value=' ' />
<textarea class='fillwidth padspace' rows='25' name='mrsltextarea_0'>
%(default_mrsl)s
</textarea>
</td></tr>
<tr><td class='centertext'>
<input type='submit' value='Submit Job' />
<input type='checkbox' name='save_as_default' >Save as default job template
</td></tr>
</table>
</form>
""" % fill_helpers
})
output_objects.append({
'object_type':
'html_form',
'text':
'''
</div><!-- textarea_form-->
<div id="files_form" style="display:none;">
'''
})
# Upload form
output_objects.append({
'object_type':
'sectionheader',
'text':
'Please upload your job file or packaged job files'
' below:'
})
output_objects.append({
'object_type':
'html_form',
'text':
"""
<form enctype='multipart/form-data' method='%(form_method)s'
action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<table class='files'>
<tr class='title'><td class='centertext' colspan=4>
Upload job files
</td></tr>
<tr><td colspan=3>
Upload file to current directory (%(dest_dir)s)
</td><td><br /></td></tr>
<tr><td colspan=2>
Extract package files (.zip, .tar.gz, .tar.bz2)
</td><td colspan=2>
<input type=checkbox name='extract_0' />
</td></tr>
<tr><td colspan=2>
Submit mRSL files (also .mRSL files included in packages)
</td><td colspan=2>
<input type=checkbox name='submitmrsl_0' checked />
</td></tr>
<tr><td>
File to upload
</td><td class='righttext' colspan=3>
<input name='fileupload_0_0_0' type='file'/>
</td></tr>
<tr><td>
Optional remote filename (extra useful in windows)
</td><td class='righttext' colspan=3>
<input name='default_remotefilename_0' type='hidden' value='%(dest_dir)s'/>
<input name='remotefilename_0' type='text' size='50' value='%(dest_dir)s'/>
<input type='submit' value='Upload' name='sendfile'/>
</td></tr>
</table>
</form>
<table class='files'>
<tr class='title'><td class='centertext'>
Upload other files efficiently (using chunking).
</td></tr>
<tr><td class='centertext'>
<button id='%(fancy_open)s'>Open Upload dialog</button>
</td></tr>
</table>
</div><!-- files_form-->
%(fancy_dialog)s
""" % fill_helpers
})
return (output_objects, status)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
output_objects.append({'object_type': 'header', 'text':
'%s Request Virtual Machine' % \
configuration.short_title})
status = returnvalues.OK
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'Virtual Machines'
if not configuration.site_enable_vmachines:
output_objects.append({
'object_type':
'text',
'text':
'''Virtual machines are disabled on this site.
Please contact the site admins %s if you think they should be enabled.
''' % configuration.admin_email
})
return (output_objects, returnvalues.OK)
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'vmachines'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
build_form = '''
<form method="%(form_method)s" action="%(target_op)s.py">
<input type="hidden" name="%(csrf_field)s" value="%(csrf_token)s" />
<input type="hidden" name="output_format" value="html">
<input type="hidden" name="action" value="create">
''' % fill_helpers
build_form += '''
<table style="margin: 0px; width: 100%;">
<tr>
<td style="width: 20%;">Machine name</td>
<td>
<input type="text" name="machine_name" size="30" value="MyVirtualDesktop">
</td>
</tr>
</table>
<fieldset>
<legend><input type="radio" name="machine_type" value="pre" checked="checked">Prebuilt</legend>
<table>
<tr>
<td style="width: 20%;">Choose a OS version</td>
<td>
<select name="os">
'''
for os in vms.available_os_list(configuration):
build_form += '<option value="%s">%s</option>\n' % \
(os, os.capitalize())
build_form += '''
</select>
</td>
</tr>
<tr>
<td>Choose a machine image</td>
<td>
<select name="flavor">
'''
for flavor in vms.available_flavor_list(configuration):
build_form += '<option value="%s">%s</option>\n' % \
(flavor, flavor.capitalize())
build_form += """
</select>
</td>
</tr>
<tr>
<td>Select a runtime environment providing the chosen OS and
flavor combination.
For Ubuntu systems you can typically just use a runtime env from the same year,
like VBOX3.1-IMAGES-2010-1 for ubuntu-10.* versions.</td>
<td>
<input type="hidden" name="hypervisor_re" value="%s">
<select name="sys_re">
""" % configuration.vm_default_hypervisor_re
for sys_re in vms.available_sys_re_list(configuration):
build_form += '<option value="%s">%s</option>\n' % \
(sys_re, sys_re)
build_form += '''
</select>
</td>
</tr>
</table>
</fieldset>
<fieldset>
<legend><input type="radio" name="machine_type" value="custom" disabled>Custom:</legend>
<span class="warningtext">Custom builds are currently unavailable.</span>
<table>
<tr>
<td style="width: 20%;">Software</td>
<td>
<input type=text size=80 name="machine_software" readonly
value="iptables acpid x11vnc xorg gdm xfce4 gcc make netsurf python-openssl" />
</td>
</tr>
</table>
</fieldset>
<input type="submit" value="Submit machine request!">
</form>
'''
output_objects.append({'object_type': 'html_form', 'text': build_form})
return (output_objects, status)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
output_objects.append({
'object_type': 'header',
'text': 'Virtual Machines'
})
status = returnvalues.OK
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
machine_name = accepted['machine_name'][-1].strip()
memory = int(accepted['memory'][-1])
disk = int(accepted['disk'][-1])
vgrid = [name.strip() for name in accepted['vgrid']]
architecture = accepted['architecture'][-1].strip()
cpu_count = int(accepted['cpu_count'][-1])
cpu_time = int(accepted['cpu_time'][-1])
op_sys = accepted['os'][-1].strip()
flavor = accepted['flavor'][-1].strip()
hypervisor_re = accepted['hypervisor_re'][-1].strip()
sys_re = accepted['sys_re'][-1].strip()
action = accepted['action'][-1].strip()
if action in edit_actions and \
not safe_handler(configuration, 'post', op_name, client_id,
get_csrf_limit(configuration), accepted):
output_objects.append({
'object_type':
'error_text',
'text':
'''Only accepting
CSRF-filtered POST requests to prevent unintended updates'''
})
return (output_objects, returnvalues.CLIENT_ERROR)
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = 'Virtual Machines'
# jquery support for confirmation on delete:
(add_import, add_init, add_ready) = confirm_js(configuration)
add_ready += '''
$(".vm-tabs").tabs();
'''
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({
'object_type': 'html_form',
'text': confirm_html(configuration)
})
if not configuration.site_enable_vmachines:
output_objects.append({
'object_type':
'text',
'text':
'''Virtual machines are disabled on this site.
Please contact the site admins %s if you think they should be enabled.
''' % configuration.admin_email
})
return (output_objects, returnvalues.OK)
machine_req = {
'memory': memory,
'disk': disk,
'cpu_count': cpu_count,
'cpu_time': cpu_time,
'architecture': architecture,
'vgrid': vgrid,
'os': op_sys,
'flavor': flavor,
'hypervisor_re': hypervisor_re,
'sys_re': sys_re
}
menu_items = ['vmrequest']
# Html fragments
submenu = render_menu(configuration,
menu_class='navsubmenu',
base_menu=[],
user_menu=menu_items)
welcome_text = 'Welcome to your %s virtual machine management!' % \
configuration.short_title
desc_text = '''On this page you can:
<ul>
<li>Request Virtual Machines, by clicking on the button above</li>
<li>See your virtual machines in the list below.</li>
<li>Start, and connect to your Virtual Machine by clicking on it.</li>
<li>Edit or delete your Virtual Machine from the Advanced tab.</li>
</ul>
'''
output_objects.append({
'object_type':
'html_form',
'text':
'''
<div id="confirm_dialog" title="Confirm" style="background:#fff;">
<div id="confirm_text"><!-- filled by js --></div>
<textarea cols="40" rows="4" id="confirm_input" style="display:none;"></textarea>
</div>
'''
})
output_objects.append({'object_type': 'html_form', 'text': submenu})
output_objects.append({
'object_type': 'html_form',
'text': '<p> </p>'
})
output_objects.append({
'object_type': 'sectionheader',
'text': welcome_text
})
output_objects.append({'object_type': 'html_form', 'text': desc_text})
user_vms = vms.vms_list(client_id, configuration)
if action == 'create':
if not configuration.site_enable_vmachines:
output_objects.append({
'object_type':
'error_text',
'text':
"Virtual machines are disabled on this server"
})
status = returnvalues.CLIENT_ERROR
return (output_objects, status)
if not machine_name:
output_objects.append({
'object_type':
'error_text',
'text':
"requested build without machine name"
})
status = returnvalues.CLIENT_ERROR
return (output_objects, status)
elif machine_name in [vm["name"] for vm in user_vms]:
output_objects.append({
'object_type':
'error_text',
'text':
"requested machine name '%s' already exists!" % machine_name
})
status = returnvalues.CLIENT_ERROR
return (output_objects, status)
elif not flavor in vms.available_flavor_list(configuration):
output_objects.append({
'object_type':
'error_text',
'text':
"requested pre-built flavor not available: %s" % flavor
})
status = returnvalues.CLIENT_ERROR
return (output_objects, status)
elif not hypervisor_re in \
vms.available_hypervisor_re_list(configuration):
output_objects.append({
'object_type':
'error_text',
'text':
"requested hypervisor runtime env not available: %s" %
hypervisor_re
})
elif not sys_re in vms.available_sys_re_list(configuration):
output_objects.append({
'object_type':
'error_text',
'text':
"requested system pack runtime env not available: %s" % sys_re
})
status = returnvalues.CLIENT_ERROR
return (output_objects, status)
# TODO: support custom build of machine using shared/vmbuilder.py
# request for existing pre-built machine
logger.debug("create new vm: %s" % machine_req)
(create_status, create_msg) = vms.create_vm(client_id, configuration,
machine_name, machine_req)
if not create_status:
output_objects.append({
'object_type':
'error_text',
'text':
"requested virtual machine could not be created: %s" %
create_msg
})
status = returnvalues.SYSTEM_ERROR
return (output_objects, status)
(action_status, action_msg, job_id) = (True, '', None)
if action in ['start', 'stop', 'edit', 'delete']:
if not configuration.site_enable_vmachines:
output_objects.append({
'object_type':
'error_text',
'text':
"Virtual machines are disabled on this server"
})
status = returnvalues.CLIENT_ERROR
return (output_objects, status)
if action == 'start':
machine = {}
for entry in user_vms:
if machine_name == entry['name']:
for name in machine_req.keys():
if isinstance(entry[name], basestring) and \
entry[name].isdigit():
machine[name] = int(entry[name])
else:
machine[name] = entry[name]
break
(action_status, action_msg, job_id) = \
vms.enqueue_vm(client_id, configuration, machine_name,
machine)
elif action == 'edit':
if not machine_name in [vm['name'] for vm in user_vms]:
output_objects.append({
'object_type':
'error_text',
'text':
"No such virtual machine: %s" % machine_name
})
status = returnvalues.CLIENT_ERROR
return (output_objects, status)
(action_status, action_msg) = \
vms.edit_vm(client_id, configuration, machine_name,
machine_req)
elif action == 'delete':
if not machine_name in [vm['name'] for vm in user_vms]:
output_objects.append({
'object_type':
'error_text',
'text':
"No such virtual machine: %s" % machine_name
})
status = returnvalues.CLIENT_ERROR
return (output_objects, status)
(action_status, action_msg) = \
vms.delete_vm(client_id, configuration, machine_name)
elif action == 'stop':
# TODO: manage stop - use live I/O to create vmname.stop in job dir
pass
if not action_status:
output_objects.append({
'object_type': 'error_text',
'text': action_msg
})
# List the machines here
output_objects.append({
'object_type': 'sectionheader',
'text': 'Your machines:'
})
# Grab the vms available for the user
machines = vms.vms_list(client_id, configuration)
# Visual representation mapping of the machine state
machine_states = {
'EXECUTING': 'vm_running.jpg',
'CANCELED': 'vm_off.jpg',
'FAILED': 'vm_off.jpg',
'FINISHED': 'vm_off.jpg',
'UNKNOWN': 'vm_off.jpg',
'QUEUED': 'vm_booting.jpg',
'PARSE': 'vm_booting.jpg',
}
# Empirical upper bound on boot time in seconds used to decide between
# desktop init and ready states
boot_secs = 130
# CANCELED/FAILED/FINISHED -> Powered Off
# QUEUED -> Booting
if len(machines) > 0:
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'vmachines'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
# Create a pretty list with start/edit/stop/connect links
pretty_machines = \
'<table style="border: 0; background: none;"><tr>'
side_by_side = 3 # How many machines should be shown in a row?
col = 0
for machine in machines:
# Machines on a row
if col % side_by_side == 0:
pretty_machines += '</tr><tr>'
col += 1
# Html format machine specifications in a fieldset
password = '******'
exec_time = 0
if machine['job_id'] != 'UNKNOWN' and \
machine['status'] == 'EXECUTING':
# TODO: improve on this time selection...
# ... in distributed there is no global clock!
exec_time = time.time() - 3600 \
- time.mktime(machine['execution_time'])
password = vms.vnc_jobid(machine['job_id'])
machine_specs = {}
machine_specs.update(machine)
machine_specs['password'] = password
show_specs = """<fieldset>
<legend>VM Specs:</legend><ul class="no-bullets">
<li><input type="text" readonly value="%(os)s"> base system</li>
<li><input type="text" readonly value="%(flavor)s"> software flavor</li>
<li><input type="text" readonly value="%(memory)s"> MB memory</li>
<li><input type="text" readonly value="%(disk)s"> GB disk</li>
<li><input type="text" readonly value="%(cpu_count)s"> CPU's</li>
<li><input type="text" readonly value="%(vm_arch)s"> architecture</li>
"""
if password != 'UNKNOWN':
show_specs += """
<li><input type="text" readonly value="%(password)s"> as VNC password</li>
"""
show_specs += """
</form></ul></fieldset>"""
edit_specs = """<fieldset>
<legend>Edit VM Specs:</legend><ul class="no-bullets">
<form method="%(form_method)s" action="%(target_op)s.py">
<input type="hidden" name="%(csrf_field)s" value="%(csrf_token)s" />
<input type="hidden" name="action" value="edit">
""" % fill_helpers
edit_specs += """
<input type="hidden" name="machine_name" value="%(name)s">
<input type="hidden" name="output_format" value="html">
<li><input type="text" readonly name="os" value="%(os)s"> base system</li>
<li><input type="text" readonly name="flavor" value="%(flavor)s"> software flavor</li>
<li><input type="text" readonly name="hypervisor_re" value="%(hypervisor_re)s"> hypervisor runtime env</li>
<li><input type="text" readonly name="sys_re" value="%(sys_re)s"> image pack runtime env</li>
<li><input type="text" name="memory" value="%(memory)s"> MB memory</li>
<li><input type="text" name="disk" value="%(disk)s"> GB disk</li>
<li><input type="text" name="cpu_count" value="%(cpu_count)s"> CPU's</li>
<li><select name="architecture">
"""
for arch in [''] + configuration.architectures:
select = ''
if arch == machine_specs['architecture']:
select = 'selected'
edit_specs += "<option %s value='%s'>%s</option>" % (
select, arch, arch)
edit_specs += """</select> resource architecture
<li><input type="text" name="cpu_time" value="%(cpu_time)s"> s time slot</li>
<li><select name="vgrid" multiple>"""
for vgrid_name in [any_vgrid] + \
user_vgrid_access(configuration, client_id):
select = ''
if vgrid_name in machine_specs['vgrid']:
select = 'selected'
edit_specs += "<option %s>%s</option>" % (select, vgrid_name)
edit_specs += """</select> %s(s)</li>""" % \
configuration.site_vgrid_label
if password != 'UNKNOWN':
edit_specs += """
<li><input type="text" readonly value="%(password)s"> as VNC password</li>
"""
edit_specs += """
<input class="styled_button" type="submit" value="Save Changes">
</form>"""
js_name = 'deletevm%s' % hexlify("%(name)s" % machine_specs)
helper = html_post_helper(
js_name, '%s.py' % target_op, {
'machine_name': machine_specs['name'],
'action': 'delete',
csrf_field: csrf_token
})
edit_specs += helper
edit_specs += """<input class="styled_button" type="submit"
value="Delete Machine" onClick="javascript: confirmDialog(%s, '%s');" >
""" % (js_name, "Really permanently delete %(name)s VM?" % machine_specs)
edit_specs += """</ul></fieldset>"""
if machine['status'] == 'EXECUTING' and exec_time > boot_secs:
machine_image = '<img src="/images/vms/' \
+ machine_states[machine['status']] + '">'
elif machine['status'] == 'EXECUTING' and exec_time < boot_secs:
machine_image = \
'<img src="/images/vms/vm_desktop_loading.jpg' \
+ '">'
else:
machine_image = '<img src="/images/vms/' \
+ machine_states[machine['status']] + '">'
machine_link = vms.machine_link(machine_image, machine['job_id'],
machine['name'], machine['uuid'],
machine['status'], machine_req)
# Smack all the html together
fill_dict = {}
fill_dict.update(machine)
fill_dict['link'] = machine_link
fill_dict['show_specs'] = show_specs % machine_specs
fill_dict['edit_specs'] = edit_specs % machine_specs
pretty_machines += '''
<td style="vertical-align: top;">
<fieldset><legend>%(name)s</legend>
<div id="%(name)s-tabs" class="vm-tabs">
<ul>
<li><a href="#%(name)s-overview">Overview</a></li>
<li><a href="#%(name)s-edit">Advanced</a></li>
</ul>
<div id="%(name)s-overview">
<p>%(link)s</p>
%(show_specs)s
</div>
<div id="%(name)s-edit">
%(edit_specs)s
</div>
</div>
</fieldset>
</td>''' % fill_dict
pretty_machines += '</tr></table>'
output_objects.append({
'object_type': 'html_form',
'text': pretty_machines
})
else:
output_objects.append({
'object_type':
'text',
'text':
"You don't have any virtual machines! "
"Click 'Request Virtual Machine' to become a proud owner :)"
})
return (output_objects, status)
def show_download(configuration, userdb, user, passwd, expert):
"""Shows download form"""
# Download sandbox section
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'user': user,
'passwd': passwd,
'toggle_expert': not expert,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'ssscreateimg'
csrf_token = make_csrf_token(configuration, form_method, target_op, user,
csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
html = """
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<table class=sandboxcreateimg>
<tr class='title'>
<td class='centertext' colspan='2'>
Download New Sandbox
</td>
</tr>
""" % fill_helpers
html += print_hd_selection()
html += print_mem_selection()
html += print_net_selection()
html += print_os_selection()
html += print_windows_solution_selection()
html += print_expert_settings(configuration, expert)
html += """
<tr>
<td colspan='2'>
<input type='hidden' name='username' value='%(user)s' />
<input type='hidden' name='password' value='%(passwd)s' />
</td>
</tr>
""" % fill_helpers
html += """
<tr>
<td>Press 'Submit' to download - please note that it may take up
to 2 minutes to generate your sandbox</td>
<td><input type='submit' value='Submit' />
</td>
</tr>
</table>
</form>
<br />
"""
target_op = 'sssadmin'
csrf_token = make_csrf_token(configuration, form_method, target_op, user,
csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
html += """
<table class=sandboxadmin>
<tr>
<td class='centertext'>
Advanced users may want to fine tune the sandbox to download by
switching to expert mode:
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<input type='hidden' name='username' value='%(user)s' />
<input type='hidden' name='password' value='%(passwd)s' />
<input type='hidden' name='expert' value='%(toggle_expert)s' />
<input type='submit' value='Toggle expert mode' />
</form>
</td>
</tr>
</table>
""" % fill_helpers
return html
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
require_user=False
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = '%s certificate account sign up' % \
configuration.short_title
title_entry['skipmenu'] = True
form_fields = ['cert_id', 'cert_name', 'organization', 'email', 'country',
'state', 'comment']
title_entry['style']['advanced'] += account_css_helpers(configuration)
add_import, add_init, add_ready = account_js_helpers(configuration,
form_fields)
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
title_entry['script']['body'] = "class='staticpage'"
# output_objects.append({'object_type': 'html_form',
# 'text': '''
# <div id="contextual_help">
# <div class="help_gfx_bubble"><!-- graphically connect field with help text--></div>
# <div class="help_message"><!-- filled by js --></div>
# </div>
# '''})
header_entry = {'object_type': 'header', 'text':
'Welcome to the %s certificate account sign up page' %
configuration.short_title}
output_objects.append(header_entry)
# Redirect to reqcert page without certificate requirement but without
# changing access method (CGI vs. WSGI).
certreq_url = os.environ['REQUEST_URI'].replace('-bin', '-sid')
certreq_url = os.path.join(os.path.dirname(certreq_url), 'reqcert.py')
certreq_link = {'object_type': 'link', 'destination': certreq_url,
'text': 'Request a new %s certificate account' %
configuration.short_title}
new_user = distinguished_name_to_user(client_id)
# If cert auto create is on, add user without admin interaction
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {'valid_name_chars': valid_name_chars,
'client_id': client_id,
'dn_max_len': dn_max_len,
'full_name': new_user.get('full_name', ''),
'organization': new_user.get('organization', ''),
'email': new_user.get('email', ''),
'state': new_user.get('state', ''),
'country': new_user.get('country', ''),
'site': configuration.short_title,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit}
if configuration.auto_add_cert_user == False:
target_op = 'extcertaction'
else:
target_op = 'autocreate'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
fill_helpers.update({'site_signup_hint': configuration.site_signup_hint})
html = """This page is
used to sign up for %(site)s with an existing certificate from a Certificate
Authority (CA) allowed for %(site)s.
You can use it if you already have a x509 certificate from another accepted CA.
In this way you can simply use your existing certificate for %(site)s access
instead of requesting a new one.
<br />
The page tries to auto load any certificate your browser provides and fill in
the fields accordingly, but in case it can't guess all
<span class=mandatory>mandatory</span> fields, you still need to fill in
those.<br />
Please enter any missing information below and press the Send button to submit
the external certificate sign up request to the %(site)s administrators.
<p class='criticaltext highlight_message'>
IMPORTANT: Please help us verify your identity by providing Organization and
Email data that we can easily validate!
</p>
%(site_signup_hint)s
<hr />
"""
html += account_request_template(configuration, password=False)
# TODO : remove this legacy version?
html += """
<div style="height: 0; visibility: hidden; display: none;">
<!--OLD FORM-->
<div class=form_container>
<!-- use post here to avoid field contents in URL -->
<form method='%(form_method)s' action='%(target_op)s.py' onSubmit='return validate_form();'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<table>
<!-- NOTE: javascript support for unicode pattern matching is lacking so we
only restrict e.g. Full Name to words separated by space here. The
full check takes place in the backend, but users are better of with
sane early warnings than the cryptic backend errors.
-->
<tr><td class='mandatory label'>Certificate DN</td><td><input id='cert_id_field' type=text size=%(dn_max_len)s maxlength=%(dn_max_len)s name=cert_id value='%(client_id)s' required pattern='(/[a-zA-Z]+=[^/ ]+([ ][^/ ]+)*)+' title='The Distinguished Name field of your certificate, i.e. key=value pairs separated by slashes' /></td><td class=fill_space></td></tr>
<tr><td class='mandatory label'>Full name</td><td><input id='cert_name_field' type=text name=cert_name value='%(full_name)s' required pattern='[^ ]+([ ][^ ]+)+' title='Your full name, i.e. two or more names separated by space' /></td><td class=fill_space></td></tr>
<tr><td class='mandatory label'>Email address</td><td><input id='email_field' type=email name=email value='%(email)s' title='A valid email address that you read' /></td><td class=fill_space></td></tr>
<tr><td class='mandatory label'>Organization</td><td><input id='organization_field' type=text name=org value='%(organization)s' required pattern='[^ ]+([ ][^ ]+)*' title='Name of your organisation: one or more abbreviations or words separated by space' /></td><td class=fill_space></td></tr>
<tr><td class='mandatory label'>Two letter country-code</td><td><input id='country_field' type=text name=country minlength=2 maxlength=2 value='%(country)s' required pattern='[A-Z]{2}' title='The two capital letters used to abbreviate your country' /></td><td class=fill_space></td></tr>
<tr><td class='optional label'>State</td><td><input id='state_field' type=text name=state value='%(state)s' pattern='([A-Z]{2})?' maxlength=2 title='Leave empty or enter the capital 2-letter abbreviation of your state if you are a US resident' /></td><td class=fill_space></td></tr>
<tr><td class='optional label'>Comment or reason why you should<br />be granted a %(site)s certificate:</td><td><textarea id='comment_field' rows=4 name=comment title='A free-form comment where you can explain what you need the certificate for'></textarea></td><td class=fill_space></td></tr>
<tr><td class='label'><!-- empty area --></td><td><input id='submit_button' type='submit' value='Send' /></td><td class=fill_space></td></tr>
</table>
</form>
</div>
<!-- Hidden help text -->
<div id='help_text'>
<div id='cert_id_help'>Must be the exact Distinguished Name (DN) of your certificate</div>
<div id='cert_name_help'>Your full name, restricted to the characters in '%(valid_name_chars)s'</div>
<div id='organization_help'>Organization name or acronym matching email</div>
<div id='email_help'>Email address associated with your organization if at all possible</div>
<div id='country_help'>Country code of your organization and on the form DE/DK/GB/US/.. , <a href='https://en.wikipedia.org/wiki/ISO_3166-1'>help</a></div>
<div id='state_help'>Optional 2-letter ANSI state code of your organization, please just leave empty unless it is in the US or similar, <a href='https://en.wikipedia.org/wiki/List_of_U.S._state_abbreviations'>help</a></div>
<div id='comment_help'>Optional, but a short informative comment may help us verify your certificate needs and thus speed up our response.</div>
</div>
</div>
"""
output_objects.append({'object_type': 'html_form', 'text':
html % fill_helpers})
return (output_objects, returnvalues.OK)
for cert_id in cert_id_added:
cert_id_fields += """<input type=hidden name=cert_id value='%s' />
""" % cert_id
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {'vgrid_name': vgrid_name, 'cert_id': cert_id,
'protocol': any_protocol,
'short_title': configuration.short_title,
'vgrid_label': label,
'cert_id_fields': cert_id_fields,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit}
target_op = 'sendrequestaction'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
output_objects.append({'object_type': 'html_form', 'text': """
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<input type=hidden name=request_type value='vgridaccept' />
<input type=hidden name=vgrid_name value='%(vgrid_name)s' />
%(cert_id_fields)s
<input type=hidden name=protocol value='%(protocol)s' />
<table>
<tr>
<td class='title'>Custom message to user(s)</td>
</tr><tr>
<td><textarea name=request_text cols=72 rows=10>
We have granted you membership access to our %(vgrid_name)s %(vgrid_label)s.
You can access the %(vgrid_label)s components and collaboration tools from your
def html_tmpl(configuration, client_id, title_entry, csrf_map={}, chroot=''):
"""HTML page base: some upload and menu entries depend on configuration"""
active_menu = extract_menu(configuration, title_entry)
user_settings = title_entry.get('user_settings', {})
legacy_ui = legacy_user_interface(configuration, user_settings)
fill_helpers = {'short_title': configuration.short_title}
html = '''
<!-- CONTENT -->
<div class="container">
<div id="app-nav-container" class="row">
<h1>Welcome to %(short_title)s!</h1>
<div class="home-page__header col-12">
<p class="sub-title">Tools from %(short_title)s helps you with storage, sharing and archiving of data. %(short_title)s delivers centralised storage space for personal and shared files.</p>
</div>
''' % fill_helpers
html += render_apps(configuration, title_entry, active_menu)
html += '''
<div class="col-lg-12 vertical-spacer"></div>
</div>
</div>
'''
# Dynamic app selection
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
target_op = 'settingsaction'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
settings_specs = get_keywords_dict()
current_settings_dict = load_settings(client_id, configuration)
if not current_settings_dict:
# no current settings found
current_settings_dict = {}
fill_helpers['form_prefix'] = '''
<form class="save_settings save_apps" action="settingsaction.py" method="%s">
<input type="hidden" name="%s" value="%s">
''' % (form_method, csrf_field, csrf_token)
fill_helpers['form_suffix'] = '''
%s
<input type="submit" value="Save">
</form>
''' % save_settings_html(configuration)
apps_field = 'SITE_USER_MENU'
# NOTE: build list of all default and user selectable apps in that order
app_list = [app_id for app_id in configuration.site_default_menu]
app_list += [
app_id for app_id in configuration.site_user_menu
if not app_id in app_list
]
mandatory_apps = []
for app_name in configuration.site_default_menu:
mandatory_apps.append(menu_items[app_name]['title'])
fill_helpers['mandatory_apps'] = ', '.join(mandatory_apps)
html += '''
<!-- APP POP-UP -->
<div id="add-app__window" class="app-container hidden">
<span class="add-app__close far fa-times-circle" onclick="closeAddApp()"></span>
<div class="container">
<div class="row">
<div class="app-page__header col-12">
<h1>Your apps & app-setup</h1>
<p class="sub-title-white">Here you can select which apps you want to use in your %(short_title)s system. Only %(mandatory_apps)s are mandatory.</p>
</div>
<div class="app-page__header col-12">
<h2>Select your apps</h2>
%(form_prefix)s
''' % fill_helpers
# The backend form requires all user settings even if we only want to edit
# the user apps subset here - just fill as hidden values.
# TODO: consider a save version with only relevant values.
for (key, val) in current_settings_dict.items():
if key == apps_field:
continue
spec = settings_specs[key]
if spec['Type'] == 'multiplestrings':
html += ''' <textarea class="hidden" name="%s">%s</textarea>
''' % (key, '\n'.join(val))
elif spec['Type'] == 'string':
html += ''' <input type="hidden" name="%s" value="%s">
''' % (key, val)
elif spec['Type'] == 'boolean':
html += ''' <input type="hidden" name="%s" value="%s">
''' % (key, val)
html += ''' <div class="app-grid row">
'''
for app_id in app_list:
app = menu_items[app_id]
app_name = app['title']
if not legacy_ui and app.get('legacy_only', False):
continue
if app_id == 'vgrids':
app_name = '%ss' % configuration.site_vgrid_label
mandatory = (app_id in configuration.site_default_menu)
app_btn_classes = 'app__btn col-12 '
if mandatory:
app_btn_classes += "mandatory"
else:
app_btn_classes += "optional"
app_icon_classes = app['class']
check_field = ''
if not mandatory:
checked, checkmark = "", "checkmark"
if app_id in current_settings_dict.get(apps_field, []):
checked = "checked='checked'"
checkmark = "checkmark"
check_field = '''
<input type="checkbox" name="SITE_USER_MENU" %s value="%s">
<span class="%s"></span>
''' % (checked, app_id, checkmark)
html += '''
<div class="col-lg-2">
<div class="%s">
<label class="app-content">
%s
<div class="background-app">
<span class="%s"></span><h3>%s</h3>
</div>
</label>
</div>
</div>
''' % (app_btn_classes, check_field, app_icon_classes,
app_name)
html += '''
</div>
<br />
%(form_suffix)s
</div>
</div>
</div>
<div class="col-lg-12 vertical-spacer"></div>
</div>
''' % fill_helpers
return html
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
title_entry = find_entry(output_objects, 'title')
label = "%s" % configuration.site_vgrid_label
title_entry['text'] = "Administrate %s" % label
# NOTE: Delay header entry here to include vgrid name
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
vgrid_name = accepted['vgrid_name'][-1]
# prepare for confirm dialog, tablesort and toggling the views (css/js)
# jquery support for tablesorter and confirmation on request and leave
# requests table initially sorted by 0, 4, 3 (type first, then date and
# with alphabetical client ID last)
# sharelinks table initially sorted by 5, 4 reversed (active first and
# in growing age)
table_specs = [{
'table_id': 'accessrequeststable',
'pager_id': 'accessrequests_pager',
'sort_order': '[[0,0],[4,0],[3,0]]'
}, {
'table_id': 'sharelinkstable',
'pager_id': 'sharelinks_pager',
'sort_order': '[[5,1],[4,1]]'
}]
(add_import, add_init, add_ready) = man_base_js(configuration, table_specs,
{'width': 600})
add_init += '''
var toggleHidden = function(classname) {
// classname supposed to have a leading dot
$(classname).toggleClass("hidden");
};
/* helpers for dynamic form input fields */
function onOwnerInputChange() {
makeSpareFields("#dynownerspares", "cert_id");
}
function onMemberInputChange() {
makeSpareFields("#dynmemberspares", "cert_id");
}
function onResourceInputChange() {
makeSpareFields("#dynresourcespares", "unique_resource_name");
}
'''
add_ready += '''
/* init add owners/member/resource forms with dynamic input fields */
onOwnerInputChange();
$("#dynownerspares").on("blur", "input[name=cert_id]",
function(event) {
//console.debug("in add owner blur handler");
onOwnerInputChange();
}
);
onMemberInputChange();
$("#dynmemberspares").on("blur", "input[name=cert_id]",
function(event) {
//console.debug("in add member blur handler");
onMemberInputChange();
}
);'''
if configuration.site_enable_resources:
add_ready += '''
onResourceInputChange();
$("#dynresourcespares").on("blur", "input[name=unique_resource_name]",
function(event) {
console.debug("in resource blur handler");
onResourceInputChange();
}
);
'''
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({
'object_type': 'html_form',
'text': man_base_html(configuration)
})
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'short_title': configuration.short_title,
'vgrid_label': label,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
output_objects.append({
'object_type': 'header',
'text': "Administrate '%s'" % vgrid_name
})
if not vgrid_is_owner(vgrid_name, client_id, configuration):
output_objects.append({
'object_type':
'error_text',
'text':
'Only owners of %s can administrate it.' % vgrid_name
})
target_op = "sendrequestaction"
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
js_name = 'reqvgridowner%s' % hexlify(vgrid_name)
helper = html_post_helper(
js_name, '%s.py' % target_op, {
'vgrid_name': vgrid_name,
'request_type': 'vgridowner',
'request_text': '',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
output_objects.append({
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s', '%s');" %
(js_name, "Request ownership of " + vgrid_name + ":<br/>" +
"\nPlease write a message to the owners below.", 'request_text'),
'class':
'addadminlink iconspace',
'title':
'Request ownership of %s' % vgrid_name,
'text':
'Apply to become an owner'
})
return (output_objects, returnvalues.SYSTEM_ERROR)
for (item, scr) in zip(['owner', 'member', 'resource'],
['vgridowner', 'vgridmember', 'vgridres']):
if item == 'resource' and not configuration.site_enable_resources:
continue
output_objects.append({
'object_type': 'sectionheader',
'text': "%ss" % item.title()
})
(init_status, oobjs) = vgrid_add_remove_table(client_id, vgrid_name,
item, scr, configuration)
if not init_status:
output_objects.extend(oobjs)
return (output_objects, returnvalues.SYSTEM_ERROR)
else:
output_objects.append({
'object_type': 'html_form',
'text': '<div class="div-%s">' % item
})
output_objects.append({
'object_type':
'link',
'destination':
"javascript:toggleHidden('.div-%s');" % item,
'class':
'removeitemlink iconspace',
'title':
'Toggle view',
'text':
'Hide %ss' % item.title()
})
output_objects.extend(oobjs)
output_objects.append({
'object_type':
'html_form',
'text':
'</div><div class="hidden div-%s">' % item
})
output_objects.append({
'object_type':
'link',
'destination':
"javascript:toggleHidden('.div-%s');" % item,
'class':
'additemlink iconspace',
'title':
'Toggle view',
'text':
'Show %ss' % item.title()
})
output_objects.append({
'object_type': 'html_form',
'text': '</div>'
})
# Pending requests
target_op = "addvgridowner"
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper(
"acceptvgridownerreq", "%s.py" % target_op, {
'vgrid_name': vgrid_name,
'cert_id': '__DYNAMIC__',
'request_name': '__DYNAMIC__',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
target_op = "addvgridmember"
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper(
"acceptvgridmemberreq", "%s.py" % target_op, {
'vgrid_name': vgrid_name,
'cert_id': '__DYNAMIC__',
'request_name': '__DYNAMIC__',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
target_op = "addvgridres"
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper(
"acceptvgridresourcereq", "%s.py" % target_op, {
'vgrid_name': vgrid_name,
'unique_resource_name': '__DYNAMIC__',
'request_name': '__DYNAMIC__',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
target_op = "rejectvgridreq"
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
helper = html_post_helper(
"rejectvgridreq", "%s.py" % target_op, {
'vgrid_name': vgrid_name,
'request_name': '__DYNAMIC__',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
request_dir = os.path.join(configuration.vgrid_home, vgrid_name)
request_list = []
for req_name in list_access_requests(configuration, request_dir):
req = load_access_request(configuration, request_dir, req_name)
if not req:
continue
if not req.get('request_type',
None) in ["vgridowner", "vgridmember", "vgridresource"]:
logger.error("unexpected request_type %(request_type)s" % req)
continue
request_item = build_accessrequestitem_object(configuration, req)
# Convert filename with exotic chars into url-friendly pure hex version
shared_args = {"request_name": hexlify(req["request_name"])}
accept_args, reject_args = {}, {}
accept_args.update(shared_args)
reject_args.update(shared_args)
if req['request_type'] == "vgridresource":
accept_args["unique_resource_name"] = req["entity"]
else:
accept_args["cert_id"] = req["entity"]
request_item['acceptrequestlink'] = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s', %s, %s);" %
("accept%(request_type)sreq" % req,
"Accept %(target)s %(request_type)s request from %(entity)s" %
req, 'undefined', "{%s}" %
', '.join(["'%s': '%s'" % pair for pair in accept_args.items()])),
'class':
'addlink iconspace',
'title':
'Accept %(target)s %(request_type)s request from %(entity)s' % req,
'text':
''
}
request_item['rejectrequestlink'] = {
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s', %s, %s);" %
("rejectvgridreq",
"Reject %(target)s %(request_type)s request from %(entity)s" %
req, 'undefined', "%s" % reject_args),
'class':
'removelink iconspace',
'title':
'Reject %(target)s %(request_type)s request from %(entity)s' % req,
'text':
''
}
request_list.append(request_item)
output_objects.append({
'object_type': 'sectionheader',
'text': "Pending Requests"
})
output_objects.append({
'object_type': 'table_pager',
'id_prefix': 'accessrequests_',
'entry_name': 'access requests',
'default_entries': default_pager_entries
})
output_objects.append({
'object_type': 'accessrequests',
'accessrequests': request_list
})
# VGrid Share links
# Table columns to skip
skip_list = [
'editsharelink', 'delsharelink', 'invites', 'expire', 'single_file'
]
# NOTE: Inheritance is a bit tricky for sharelinks because parent shares
# only have relevance if they actually share a path that is a prefix of
# vgrid_name.
(share_status, share_list) = vgrid_sharelinks(vgrid_name, configuration)
sharelinks = []
if share_status:
for share_dict in share_list:
rel_path = share_dict['path'].strip(os.sep)
parent_vgrids = vgrid_list_parents(vgrid_name, configuration)
include_share = False
# Direct sharelinks (careful not to greedy match A/B with A/BCD)
if rel_path == vgrid_name or \
rel_path.startswith(vgrid_name+os.sep):
include_share = True
# Parent vgrid sharelinks that in effect also give access here
for parent in parent_vgrids:
if rel_path == parent:
include_share = True
if include_share:
share_item = build_sharelinkitem_object(
configuration, share_dict)
sharelinks.append(share_item)
else:
logger.warning("failed to load vgrid sharelinks for %s: %s" %
(vgrid_name, share_list))
output_objects.append({
'object_type': 'sectionheader',
'text': "Share Links"
})
output_objects.append({
'object_type':
'html_form',
'text':
'<p>Current share links in %s shared folder</p>' % vgrid_name
})
output_objects.append({
'object_type': 'table_pager',
'id_prefix': 'sharelinks_',
'entry_name': 'share links',
'default_entries': default_pager_entries
})
output_objects.append({
'object_type': 'sharelinks',
'sharelinks': sharelinks,
'skip_list': skip_list
})
# VGrid settings
output_objects.append({'object_type': 'sectionheader', 'text': "Settings"})
(direct_status, direct_dict) = vgrid_settings(vgrid_name,
configuration,
recursive=False,
as_dict=True)
if not direct_status or not direct_dict:
direct_dict = {}
(settings_status, settings_dict) = vgrid_settings(vgrid_name,
configuration,
recursive=True,
as_dict=True)
if not settings_status or not settings_dict:
settings_dict = {}
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
# Always set these values
settings_dict.update({
'vgrid_name': vgrid_name,
'vgrid_label': label,
'owners': keyword_owners,
'members': keyword_members,
'all': keyword_all,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
})
target_op = 'vgridsettings'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
settings_dict.update({'target_op': target_op, 'csrf_token': csrf_token})
settings_form = '''
<form method="%(form_method)s" action="%(target_op)s.py">
<fieldset>
<legend>%(vgrid_label)s configuration</legend>
<input type="hidden" name="%(csrf_field)s" value="%(csrf_token)s" />
<input type="hidden" name="vgrid_name" value="%(vgrid_name)s" />
'''
description = settings_dict.get('description', '')
settings_form += '''
<h4>Public description</h4>
<textarea class="fillwidth padspace" name="description" rows=10
>%s</textarea>
''' % description
settings_form += '<br/>'
settings_form += '''<p>All visibility options below can be set to owners,
members or everyone and by default only owners can see participation. In effect
setting visibility to <em>members</em> means that owners and members can see
the corresponding participants. Similarly setting a visibility flag to
<em>everyone</em> means that all %s users can see the participants.</p>
''' % configuration.short_title
visibility_options = [("Owners are visible to", "visible_owners"),
("Members are visible to", "visible_members"),
("Resources are visible to", "visible_resources")]
for (title, field) in visibility_options:
settings_form += '<h4>%s</h4>' % title
if direct_dict.get(field, False):
choices = _valid_visible + _reset_choice
else:
choices = _valid_visible + _keep_choice
for (key, val) in choices:
checked = ''
if settings_dict.get(field, keyword_owners) == val:
checked = "checked"
settings_form += '''
<input type="radio" name="%s" value="%s" %s/> %s
''' % (field, val, checked, key)
settings_form += '<br/>'
field = 'restrict_settings_adm'
restrict_settings_adm = settings_dict.get(field,
default_vgrid_settings_limit)
if direct_dict.get(field, False):
direct_note = _reset_note
else:
direct_note = _keep_note
settings_form += '''
<h4>Restrict Settings</h4>
Restrict changing of these settings to only the first
<input type="number" name="restrict_settings_adm" min=0 max=999
minlength=1 maxlength=3 value=%d required />
owners %s.
''' % (restrict_settings_adm, direct_note)
settings_form += '<br/>'
field = 'restrict_owners_adm'
restrict_owners_adm = settings_dict.get(field,
default_vgrid_settings_limit)
if direct_dict.get(field, False):
direct_note = _reset_note
else:
direct_note = _keep_note
settings_form += '''
<h4>Restrict Owner Administration</h4>
Restrict administration of owners to only the first
<input type="number" name="restrict_owners_adm" min=0 max=999
minlength=1 maxlength=3 value=%d required />
owners %s.
''' % (restrict_owners_adm, direct_note)
settings_form += '<br/>'
field = 'restrict_members_adm'
restrict_members_adm = settings_dict.get(field,
default_vgrid_settings_limit)
if direct_dict.get(field, False):
direct_note = _reset_note
else:
direct_note = _keep_note
settings_form += '''
<h4>Restrict Member Administration</h4>
Restrict administration of members to only the first
<input type="number" name="restrict_members_adm" min=0 max=999
minlength=1 maxlength=3 value=%d required />
owners %s.
''' % (restrict_members_adm, direct_note)
settings_form += '<br/>'
field = 'restrict_resources_adm'
restrict_resources_adm = settings_dict.get(field,
default_vgrid_settings_limit)
if direct_dict.get(field, False):
direct_note = _reset_note
else:
direct_note = _keep_note
settings_form += '''
<h4>Restrict Resource Administration</h4>
Restrict administration of resources to only the first
<input type="number" name="restrict_resources_adm" min=0 max=999
minlength=1 maxlength=3 value=%d required />
owners %s.
''' % (restrict_resources_adm, direct_note)
settings_form += '<br/>'
if vgrid_restrict_write_support(configuration):
settings_form += '''<p>All write access options below can be set to
owners, members or none. By default only owners can write web pages while
owners and members can edit data in the shared folders. In effect setting write
access to <em>members</em> means that owners and members have full access.
Similarly setting a write access flag to <em>owners</em> means that only owners
can modify the data, while members can only read and use it. Finally setting a
write access flag to <em>none</em> means that neither owners nor members can
modify the data there, effectively making it read-only. Some options are not
yet supported and thus are disabled below.
</p>
'''
writable_options = [
("Shared files write access", "write_shared_files",
keyword_members),
("Private web page write access", "write_priv_web",
keyword_owners),
("Public web page write access", "write_pub_web", keyword_owners),
]
else:
writable_options = []
for (title, field, default) in writable_options:
settings_form += '<h4>%s</h4>' % title
if direct_dict.get(field, False):
choices = _valid_write_access + _reset_choice
else:
choices = _valid_write_access + _keep_choice
for (key, val) in choices:
disabled = ''
# TODO: remove these artifical limits once we support changing
# TODO: also add check for vgrid web reshare in sharelink then
if field == 'write_shared_files' and val == keyword_owners:
disabled = 'disabled'
elif field == 'write_priv_web' and val in [
keyword_members, keyword_none
]:
disabled = 'disabled'
elif field == 'write_pub_web' and val in [
keyword_members, keyword_none
]:
disabled = 'disabled'
checked = ''
if settings_dict.get(field, default) == val:
checked = "checked"
settings_form += '''
<input type="radio" name="%s" value="%s" %s %s /> %s
''' % (field, val, checked, disabled, key)
settings_form += '<br/>'
sharelink_options = [("Limit sharelink creation to", "create_sharelink")]
for (title, field) in sharelink_options:
settings_form += '<h4>%s</h4>' % title
if direct_dict.get(field, False):
choices = _valid_sharelink + _reset_choice
else:
choices = _valid_sharelink + _keep_choice
for (key, val) in choices:
checked = ''
if settings_dict.get(field, keyword_owners) == val:
checked = "checked"
settings_form += '''
<input type="radio" name="%s" value="%s" %s/> %s
''' % (field, val, checked, key)
settings_form += '<br/>'
field = 'request_recipients'
request_recipients = settings_dict.get(field, default_vgrid_settings_limit)
if direct_dict.get(field, False):
direct_note = _reset_note
else:
direct_note = _keep_note
settings_form += '''
<h4>Request Recipients</h4>
Notify only first
<input type="number" name="request_recipients" min=0 max=999
minlength=1 maxlength=3 value=%d required />
owners about access requests %s.
''' % (request_recipients, direct_note)
settings_form += '<br/>'
bool_options = [
("Hidden", "hidden"),
]
for (title, field) in bool_options:
settings_form += '<h4>%s</h4>' % title
if direct_dict.get(field, False):
choices = _valid_bool + _reset_choice
else:
choices = _valid_bool + _keep_choice
for (key, val) in choices:
checked, inherit_note = '', ''
if settings_dict.get(field, False) == val:
checked = "checked"
if direct_dict.get(field, False) != \
settings_dict.get(field, False):
inherit_note = ''' <span class="warningtext iconspace">
Forced by a parent %(vgrid_label)s. Please disable there first if you want to
change the value here.</span>''' % settings_dict
settings_form += '''
<input type="radio" name="%s" value="%s" %s /> %s
''' % (field, val, checked, key)
settings_form += '%s<br/>' % inherit_note
settings_form += '<br/>'
settings_form += '''
<input type="submit" value="Save settings" />
</fieldset>
</form>
'''
output_objects.append({
'object_type': 'html_form',
'text': settings_form % settings_dict
})
# Checking/fixing of missing components
output_objects.append({
'object_type': 'sectionheader',
'text': "Repair/Add Components"
})
target_op = 'updatevgrid'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
settings_dict.update({'target_op': target_op, 'csrf_token': csrf_token})
output_objects.append({
'object_type':
'html_form',
'text':
'''
<form method="%(form_method)s" action="%(target_op)s.py">
<input type="hidden" name="%(csrf_field)s" value="%(csrf_token)s" />
<input type="hidden" name="vgrid_name" value="%(vgrid_name)s" />
<input type="submit" value="Repair components" />
</form>
''' % settings_dict
})
(owners_status, owners_direct) = vgrid_owners(vgrid_name, configuration,
False)
if not owners_status:
logger.error("failed to load owners for %s: %s" %
(vgrid_name, owners_direct))
return (output_objects, returnvalues.SYSTEM_ERROR)
(members_status, members_direct) = vgrid_members(vgrid_name, configuration,
False)
if not members_status:
logger.error("failed to load members for %s: %s" %
(vgrid_name, members_direct))
return (output_objects, returnvalues.SYSTEM_ERROR)
(resources_status,
resources_direct) = vgrid_resources(vgrid_name, configuration, False)
if not resources_status:
logger.error("failed to load resources for %s: %s" %
(vgrid_name, resources_direct))
return (output_objects, returnvalues.SYSTEM_ERROR)
output_objects.append({
'object_type': 'sectionheader',
'text': "Delete %s " % vgrid_name
})
if len(owners_direct) > 1 or members_direct or resources_direct:
output_objects.append({
'object_type': 'html_form',
'text': '''
To delete <b>%(vgrid)s</b> first remove all resources, members and owners
ending with yourself.
''' % {
'vgrid': vgrid_name
}
})
else:
output_objects.append({
'object_type': 'html_form',
'text': '''
<p>As the last owner you can leave and delete <b>%(vgrid)s</b> including all
associated shared files and components.<br/>
</p>
<p class="warningtext">
You cannot undo such delete operations, so please use with great care!
</p>
''' % {
'vgrid': vgrid_name
}
})
target_op = "rmvgridowner"
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
js_name = 'rmlastvgridowner'
helper = html_post_helper(
js_name, '%s.py' % target_op, {
'vgrid_name': vgrid_name,
'cert_id': client_id,
'flags': 'f',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
output_objects.append({
'object_type':
'link',
'destination':
"javascript: confirmDialog(%s, '%s');" %
(js_name, 'Really leave and delete %s?' % vgrid_name),
'class':
'removelink iconspace',
'title':
'Leave and delete %s' % vgrid_name,
'text':
'Leave and delete %s' % vgrid_name
})
# Spacing
output_objects.append({
'object_type':
'html_form',
'text':
'''
<div class="vertical-spacer"></div>
'''
})
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
title_entry = find_entry(output_objects, 'title')
label = "%s" % configuration.site_vgrid_label
title_entry['text'] = '%s send request' % configuration.short_title
output_objects.append({'object_type': 'header', 'text': 'Send request'})
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
output_objects.append({'object_type': 'warning', 'text':
'''Remember that sending a membership or ownership
request generates a message to the owners of the target. All requests are
logged together with the ID of the submitter. Spamming and other abuse will
not be tolerated!'''})
output_objects.append({'object_type': 'sectionheader', 'text':
'Request %s membership/ownership' % label})
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {'vgrid_label': label,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit}
target_op = 'sendrequestaction'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
output_objects.append({'object_type': 'html_form', 'text': """
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<table align='center'>
<tr><td>Request type</td><td><select name=request_type>
<option value=vgridmember>%(vgrid_label)s membership</option>
<option value=vgridowner>%(vgrid_label)s ownership</option>
</select></td></tr>
<tr><td>
%(vgrid_label)s name </td><td><input name=vgrid_name />
</td></tr>
<tr>
<td>Reason (text to owners)</td><td><input name=request_text size=40 /></td>
</tr>
<tr><td><input type='submit' value='Submit' /></td><td></td></tr></table>
</form>""" % fill_helpers})
output_objects.append({'object_type': 'sectionheader', 'text':
'Request resource ownership'})
output_objects.append({'object_type': 'html_form', 'text': """
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<table align='center'>
<tr><td>Request type</td><td><select name=request_type>
<option value=resourceowner>Resource ownership</option>
</select></td></tr>
<tr><td>
Resource ID </td><td><input name=unique_resource_name />
</td></tr>
<tr>
<td>Reason (text to owners)</td><td><input name=request_text size=40 /></td>
</tr>
<tr><td><input type='submit' value='Submit' /></td><td></td></tr></table>
</form>""" % fill_helpers})
output_objects.append({'object_type': 'sectionheader', 'text':
'Send message'})
protocol_options = ''
for proto in [any_protocol] + configuration.notify_protocols:
protocol_options += '<option value=%s>%s</option>\n' % (proto, proto)
fill_helpers['protocol_options'] = protocol_options
output_objects.append({'object_type': 'html_form', 'text': """
<form method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<table align='center'>
<tr><td>Request type</td><td><select name=request_type>
<option value=plain>Plain message</option>
</select></td></tr>
<tr><td>
User ID </td><td><input name=cert_id size=50 />
</td></tr>
<tr><td>Protocol</td><td><select name=protocol>
%(protocol_options)s
</select></td></tr>
<tr>
<td>Message</td>
<td><textarea name=request_text cols=72 rows=10 /></textarea></td>
</tr>
<tr><td><input type='submit' value='Send' /></td><td></td></tr></table>
</form>""" % fill_helpers})
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
flavor = accepted['flavor'][-1].strip()
freeze_id = accepted['freeze_id'][-1].strip()
if not flavor in freeze_flavors.keys():
output_objects.append({
'object_type': 'error_text',
'text': 'Invalid freeze flavor: %s' % flavor
})
return (output_objects, returnvalues.CLIENT_ERROR)
title = freeze_flavors[flavor]['adminfreeze_title']
output_objects.append({'object_type': 'header', 'text': title})
title_entry = find_entry(output_objects, 'title')
title_entry['text'] = title
if not configuration.site_enable_freeze:
output_objects.append({
'object_type':
'text',
'text':
'''Freezing archives is disabled on this site.
Please contact the site admins %s if you think it should be enabled.
''' % configuration.admin_email
})
return (output_objects, returnvalues.OK)
# Load existing freeze for stepwise construction if requested
freeze_dict = {'ID': freeze_id, 'FLAVOR': flavor}
if freeze_id != keyword_auto:
(load_status, freeze_dict) = get_frozen_archive(client_id,
freeze_id,
configuration,
checksum_list=[])
if not load_status:
logger.error("%s: load failed for '%s': %s" %
(op_name, freeze_id, brief_freeze(freeze_dict)))
output_objects.append({
'object_type':
'error_text',
'text':
'Could not read details for "%s"' % freeze_id
})
return (output_objects, returnvalues.SYSTEM_ERROR)
logger.debug("%s: loaded freeze: %s" %
(op_name, brief_freeze(freeze_dict)))
# Preserve already saved flavor
flavor = freeze_dict.get('FLAVOR', 'freeze')
freeze_state = freeze_dict.get('STATE', keyword_final)
if freeze_state == keyword_final:
logger.error("%s tried to edit finalized %s archive %s" %
(client_id, flavor, freeze_id))
output_objects.append({
'object_type':
'error_text',
'text':
'You cannot edit finalized %s archive %s' % (flavor, freeze_id)
})
output_objects.append({
'object_type':
'link',
'destination':
'showfreeze.py?freeze_id=%s;flavor=%s' % (freeze_id, flavor),
'class':
'viewarchivelink iconspace genericbutton',
'title':
'View details about your %s archive' % flavor,
'text':
'View details',
})
return (output_objects, returnvalues.CLIENT_ERROR)
elif freeze_state == keyword_updating:
logger.error("%s tried to edit %s archive %s under update" %
(client_id, flavor, freeze_id))
output_objects.append({
'object_type':
'error_text',
'text':
'You cannot edit %s archive %s until active update completes' %
(flavor, freeze_id)
})
output_objects.append({
'object_type':
'link',
'destination':
'showfreeze.py?freeze_id=%s;flavor=%s' % (freeze_id, flavor),
'class':
'viewarchivelink iconspace genericbutton',
'title':
'View details about your %s archive' % flavor,
'text':
'View details',
})
return (output_objects, returnvalues.CLIENT_ERROR)
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'flavor': flavor,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'uploadchunked'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
lookup_map = {
'freeze_id': 'ID',
'freeze_name': 'NAME',
'freeze_author': 'AUTHOR',
'freeze_description': 'DESCRIPTION'
}
for (key, val) in lookup_map.items():
fill_helpers[key] = freeze_dict.get(val, '')
fill_helpers['publish_value'] = 'no'
if freeze_dict.get('PUBLISH', False):
fill_helpers['publish_value'] = 'yes'
# jquery fancy upload
(add_import, add_init, add_ready) = fancy_upload_js(configuration,
csrf_token=csrf_token)
# We need filechooser deps and dynamic addition of copy/upload fields
add_import += '''
<script type="text/javascript" src="/images/js/jquery.tablesorter.js"></script>
<script type="text/javascript" src="/images/js/jquery.prettyprint.js"></script>
<script type="text/javascript" src="/images/js/jquery.contextmenu.js"></script>
<script type="text/javascript" src="/images/js/jquery.xbreadcrumbs.js"></script>
<!-- The preview image plugin -->
<script type="text/javascript" src="/images/js/preview.js"></script>
<!-- The image manipulation CamanJS plugin used by the preview image plugin -->
<script type="text/javascript" src="/images/lib/CamanJS/dist/caman.full.js"></script>
<!-- The nouislider plugin used by the preview image plugin -->
<script type="text/javascript" src="/images/lib/noUiSlider/jquery.nouislider.all.js"></script>
'''
add_init += '''
Caman.DEBUG = false
var copy_fields = 0;
var upload_fields = 0;
var open_file_chooser;
var open_upload_dialog;
/* default upload destination */
var remote_path = "%s";
var trash_linkname = "%s";
var copy_div_id = "copyfiles";
var upload_div_id = "uploadfiles";
/* for upload_callback */
var field_id, field_name, wrap_id, upload_path, on_remove;
function add_copy() {
var div_id = copy_div_id;
var field_id = "freeze_copy_"+copy_fields;
var field_name = "freeze_copy_"+copy_fields;
var wrap_id = field_id+"_wrap";
var browse_id = field_id+"_browse";
copy_entry = "<span id=\'"+wrap_id+"\'>";
copy_entry += "<input type=\'button\' value=\'Remove\' ";
copy_entry += " onClick=\'remove_field(\"+wrap_id+\");\'/>";
// add browse button to mimic upload field
copy_entry += "<input type=\'button\' id=\'"+browse_id+"\' ";
copy_entry += " value=\'Browse...\' />";
copy_entry += "<input type=\'text\' id=\'"+field_id+"\' ";
copy_entry += " name=\'" + field_name + "\' size=80 /><br / >";
copy_entry += "</span>";
$("#"+div_id).append(copy_entry);
$("#"+field_id).click(function() {
open_file_chooser("Add file or directory (right click to select)",
function(file) {
$("#"+field_id).val(file);
});
});
$("#"+browse_id).click(function() {
$("#"+field_id).click();
});
$("#"+field_id).click();
copy_fields += 1;
}
function upload_callback() {
var div_id = upload_div_id;
console.log("in upload callback");
$(".uploadfileslist > tr > td > p.name > a").each(
function(index) {
console.log("callback for upload item no. "+index);
upload_path = $(this).text();
if ($(this).attr("href") == "") {
console.log("skipping empty (error) upload: "+upload_path);
// Continue to next iteration on errors
return true;
}
console.log("callback for upload path "+upload_path);
field_id = "freeze_move_"+upload_fields;
field_name = "freeze_move_"+upload_fields;
wrap_id = field_id+"_wrap";
if ($("#"+div_id+" > span > input[value=\\""+upload_path+"\\"]").length) {
console.log("skipping duplicate path: "+upload_path);
// Continue to next iteration on errors
return true;
} else {
console.log("adding new path: "+upload_path);
}
on_remove = "";
on_remove += "remove_field("+wrap_id+");";
on_remove += "$.fn.delete_upload(\\""+upload_path+"\\");";
upload_entry = "<span id=\'"+wrap_id+"\'>";
upload_entry += "<input type=\'button\' value=\'Remove\' ";
upload_entry += " onClick=\'"+on_remove+"\'/>";
upload_entry += "<input type=\'text\' id=\'"+field_id+"\' ";
upload_entry += " name=\'" + field_name + "\' size=50 ";
upload_entry += "value=\\""+upload_path+"\\" /><br / >";
upload_entry += "</span>";
$("#"+div_id).append(upload_entry);
console.log("callback added upload: "+upload_entry);
upload_fields += 1;
});
console.log("callback done");
}
function add_upload() {
openFancyUpload("Upload Files", upload_callback, "", remote_path, true,
"", "%s");
}
function remove_field(field_id) {
$(field_id).remove();
}
// init file chooser dialogs with directory selection support
function init_dialogs() {
open_file_chooser = mig_filechooser_init("fm_filechooser",
function(file) {
return;
}, false, "/");
/* We reuse shared init function but use custom actual opener above
to mangle resulting files into archive form. */
initFancyUpload();
/* Alias open_dialog to open_upload_dialog for clarity */
open_upload_dialog = open_dialog;
$("#addfilebutton").click(function() { add_copy(); });
$("#adduploadbutton").click(function() { add_upload(); });
}
function init_page() {
init_dialogs();
}
''' % (upload_tmp_dir, trash_linkname, csrf_token)
add_ready += '''
// do sequenced initialisation (separate function)
init_page();
'''
# TODO: can we update style inline to avoid explicit themed_styles?
title_entry['style'] = themed_styles(
configuration,
base=[
'jquery.contextmenu.css', 'jquery.managers.contextmenu.css',
'jquery.xbreadcrumbs.css', 'jquery.fmbreadcrumbs.css',
'jquery.fileupload.css', 'jquery.fileupload-ui.css'
],
skin=['fileupload-ui.custom.css', 'xbreadcrumbs.custom.css'],
user_settings=title_entry.get('user_settings', {}))
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
if flavor == 'freeze':
fill_helpers['freeze_name'] = fill_helpers.get('freeze_name', '')
fill_helpers["archive_header"] = "Freeze Archive Files"
fill_helpers["button_label"] = "Save and Preview"
intro_text = """
Please enter your archive details below and select any files to be included in
the archive.
"""
elif flavor == 'phd':
fill_helpers['freeze_name'] = fill_helpers.get('freeze_name', '')
fill_helpers[
"archive_header"] = "Thesis and Associated Files to Archive"
fill_helpers["button_label"] = "Save and Preview"
intro_text = """
Please enter your PhD details below and select any files associated with your
thesis.
"""
elif flavor == 'backup':
fill_helpers['freeze_name'] = fill_helpers.get('freeze_name', '')
if not fill_helpers['freeze_name']:
now = datetime.datetime.now().isoformat().replace(':', '')
fill_helpers['freeze_name'] = 'backup-%s' % now
fill_helpers["archive_header"] = "Files and folders to Archive"
fill_helpers["button_label"] = "Save and Preview"
intro_text = """
Please select the files and folders to backup below.
"""
else:
output_objects.append({
'object_type': 'error_text',
'text': "unknown flavor: %s" % flavor
})
return (output_objects, returnvalues.SYSTEM_ERROR)
# Only warn here if default state is final and persistent
if freeze_flavors[flavor]['states'][0] == keyword_final and \
flavor in configuration.site_permanent_freeze:
intro_text += """
<p class='warn_message'>Note that frozen archives <em>cannot</em> be changed
after final creation and then they can only be manually removed by management,
so please be careful when filling in the details.
</p>
"""
fill_helpers["fancy_dialog"] = fancy_upload_html(configuration)
files_form = """
<!-- and now this... we do not want to see it, except in a dialog: -->
<div id='fm_filechooser' style='display:none'>
<div class='tree-container container-fluid'>
<div class='tree-row row'>
<div class='tree-header col-3'></div>
<div class='fm_path_breadcrumbs col-6'>
<ul id='fm_xbreadcrumbs' class='xbreadcrumbs'><!-- dynamic --></ul>
</div>
<div class='fm_buttonbar col-3 d-none d-lg-block'>
<ul id='fm_buttons' class='buttonbar'>
<!-- dynamically modified by js to show optional buttons -->
<li class='datatransfersbutton hidden' title='Manage Data Transfers'> </li>
<li class='sharelinksbutton hidden' title='Manage Share Links'> </li>
<li class='parentdirbutton' title='Open Parent Directory'> </li>
<li class='refreshbutton' title='Refresh'> </li>
</ul>
</div>
<div class='fm_buttonbar-big col-6 d-block d-lg-none hidden'>
<ul id='fm_buttons' class='buttonbar'>
<!-- dynamically modified by js to show optional buttons -->
<li class='datatransfersbutton hidden' title='Manage Data Transfers'> </li>
<li class='sharelinksbutton hidden' title='Manage Share Links'> </li>
<li class='parentdirbutton' title='Open Parent Directory'> </li>
<li class='refreshbutton' title='Refresh'> </li>
</ul>
</div>
</div>
</div>
<div class='fm_addressbar'>
<input type='hidden' value='/' name='fm_current_path' />
</div>
<div class='fm_folders'>
<ul class='jqueryFileTree'>
<li class='directory expanded'>
<a>...</a>
</li>
</ul>
</div>
<div class='fm_files'>
<table id='fm_filelisting' style='font-size:13px; border-spacing=0;'>
<thead>
<tr>
<th class='fm_name'>Name</th>
<th class='fm_size'>Size</th>
<th class='fm_type'>Type</th>
<th class='fm_date'>Date Modified</th>
<th class='fm_toolbox'>...</th>
</tr>
</thead>
<tbody>
<!-- this is a placeholder for contents: do not remove! -->
</tbody>
</table>
</div>
<div id='fm_statusbar' class='col-lg-12'>
<div id='fm_statusprogress' class=' col-lg-3'>
<div class='progress-label'>Loading...</div>
</div>
<div id='fm_statusinfo' class='col-lg-9'> </div>
</div>
</div>
<div id='cmd_dialog' title='Command output' style='display: none;'></div>
%(fancy_dialog)s
""" % fill_helpers
target_op = 'createfreeze'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
freeze_form = """
<form enctype='multipart/form-data' method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<input type='hidden' name='flavor' value='%(flavor)s' />
<input type='hidden' name='freeze_id' value='%(freeze_id)s' />
<b>Name:</b><br />
<input class='fillwidth padspace' type='text' name='freeze_name'
value='%(freeze_name)s' autofocus required pattern='[a-zA-Z0-9_. -]+'
title='unique name for the freeze archive. I.e. letters and digits separated only by spaces, underscores, periods and hyphens' />
"""
if flavor != 'backup':
# TODO: do these make sense to have here or just forced in backend?
freeze_form += """
<input type='hidden' name='freeze_department' value='' />
<input type='hidden' name='freeze_organization' value='' />
<br><b>Author(s):</b><br />
<input class='fillwidth padspace' type='text' name='freeze_author'
value='%(freeze_author)s' title='optional archive author(s) in case archive is created on behalf of one or more people' />
<br /><b>Description:</b><br />
<textarea class='fillwidth padspace' rows='20' name='freeze_description'>%(freeze_description)s</textarea>
<br />
"""
freeze_form += """
<br />
<div id='freezefiles'>
<b>%(archive_header)s:</b><br/>
"""
freeze_form += """
<input type='button' id='addfilebutton' value='Add file/directory' />
"""
if flavor != 'backup':
freeze_form += """
<input type='button' id='adduploadbutton' value='Add upload' />
"""
freeze_form += """
<div id='copyfiles'>
<!-- Dynamically filled -->
</div>
"""
if flavor != 'backup':
freeze_form += """
<div id='uploadfiles'>
<!-- Dynamically filled -->
</div>
"""
freeze_form += """
</div>
<br />
"""
if flavor != 'backup':
freeze_form += """
<div id='freezepublish'>
<b>Make Dataset Publicly Available</b>
"""
for val in ('yes', 'no'):
checked = ''
if fill_helpers['publish_value'] == val:
checked = 'checked="checked"'
freeze_form += """
<input type='radio' name='freeze_publish' value='%s' %s />%s
""" % (val, checked, val)
freeze_form += """
</div>
<br />
"""
freeze_form += """
<input type='submit' value='%(button_label)s' />
</form>
"""
# TODO: consider in-lining showfreeze file table for direct modify instead
# probably requires more AJAX handling of actions.
# for rel_path in frozen_files:
# freeze_form += """%s<br/>""" % rel_path
output_objects.append({'object_type': 'html_form', 'text': intro_text})
output_objects.append({'object_type': 'html_form', 'text': files_form})
output_objects.append({
'object_type': 'html_form',
'text': freeze_form % fill_helpers
})
# Link to view if archive already exists
if freeze_id != keyword_auto:
frozen_files = [
i['name'] for i in freeze_dict.get('FILES', [])
if i['name'] != public_archive_index
]
# Info about contents and spacing before view button otherwise
if frozen_files:
output_objects.append({
'object_type':
'html_form',
'text':
"""
<h3>Previously Added Files</h3>
<p>There are already %d file(s) saved in the archive and you can view and
manage those through the link below e.g. in case you change your mind
about including any of them.
</p>""" % len(frozen_files)
})
else:
output_objects.append({'object_type': 'text', 'text': ''})
output_objects.append({
'object_type':
'link',
'destination':
'showfreeze.py?freeze_id=%s;flavor=%s' % (freeze_id, flavor),
'class':
'viewarchivelink iconspace genericbutton',
'title':
'View details about your %s archive' % flavor,
'text':
'View details',
'target':
'_blank',
})
# Spacing
output_objects.append({
'object_type':
'html_form',
'text':
'''
<div class="vertical-spacer"></div>
'''
})
return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict):
"""Main function used by front end"""
(configuration, logger, output_objects, op_name) = \
initialize_main_variables(client_id, op_header=False)
client_dir = client_id_dir(client_id)
defaults = signature()[1]
(validate_status, accepted) = validate_input_and_cert(
user_arguments_dict,
defaults,
output_objects,
client_id,
configuration,
allow_rejects=False,
)
if not validate_status:
return (accepted, returnvalues.CLIENT_ERROR)
logger.debug("User: %s executing %s", client_id, op_name)
if not configuration.site_enable_cloud:
output_objects.append({
'object_type':
'error_text',
'text':
'The cloud service is not enabled on the system'
})
return (output_objects, returnvalues.SYSTEM_ERROR)
status = returnvalues.OK
user_map = get_full_user_map(configuration)
user_dict = user_map.get(client_id, None)
# Optional limitation of cloud access permission
if not user_dict or not cloud_access_allowed(configuration, user_dict):
output_objects.append({
'object_type':
'error_text',
'text':
"You don't have permission to access the cloud facilities on "
"this site"
})
return (output_objects, returnvalues.CLIENT_ERROR)
services = configuration.cloud_services
# Show cloud services menu
(add_import, add_init, add_ready) = man_base_js(configuration, [])
add_init += '''
function get_instance_id() {
console.log("in get_instance_id");
console.log("found val: "+$("#select-instance-id").val());
return $("#select-instance-id").val();
}
function get_instance_label() {
console.log("in get_instance_label");
console.log("found val: "+$("#select-instance-id > option:selected").text());
return $("#select-instance-id > option:selected").text();
}
'''
add_ready += '''
/* NOTE: requires managers CSS fix for proper tab bar height */
$(".cloud-tabs").tabs();
'''
title_entry = find_entry(output_objects, 'title')
title_entry['script']['advanced'] += add_import
title_entry['script']['init'] += add_init
title_entry['script']['ready'] += add_ready
output_objects.append({
'object_type': 'html_form',
'text': man_base_html(configuration)
})
output_objects.append({
'object_type': 'header',
'text': 'Select a Cloud Service'
})
fill_helpers = {
'cloud_tabs':
''.join([
'<li><a href="#%s-tab">%s</a></li>' %
(service['service_name'], service['service_title'])
for service in services
])
}
output_objects.append({
'object_type':
'html_form',
'text':
'''
<div id="wrap-tabs" class="cloud-tabs">
<ul>
%(cloud_tabs)s
</ul>
''' % fill_helpers
})
form_method = 'post'
csrf_limit = get_csrf_limit(configuration)
fill_helpers = {
'site': configuration.short_title,
'form_method': form_method,
'csrf_field': csrf_field,
'csrf_limit': csrf_limit
}
target_op = 'reqcloudservice'
csrf_token = make_csrf_token(configuration, form_method, target_op,
client_id, csrf_limit)
fill_helpers.update({'target_op': target_op, 'csrf_token': csrf_token})
action_list = [
('start', 'Start'),
('stop', 'Stop'),
('softrestart', 'Soft boot'),
('hardrestart', 'Hard boot'),
('status', 'Status'),
# NOTE: expose console on status page
#('webaccess', 'Console'),
('updatekeys', 'Set keys on'),
('create', 'Create'),
('delete', 'Delete')
]
# Delete instance form helper shared for all cloud services
helper = html_post_helper(
"%s" % target_op, '%s.py' % target_op, {
'instance_id': '__DYNAMIC__',
'service': '__DYNAMIC__',
'action': 'delete',
csrf_field: csrf_token
})
output_objects.append({'object_type': 'html_form', 'text': helper})
for service in services:
logger.debug("service: %s" % service)
cloud_id = service['service_name']
cloud_title = service['service_title']
rules_of_conduct = service['service_rules_of_conduct']
cloud_flavor = service.get("service_provider_flavor", "openstack")
output_objects.append({
'object_type':
'html_form',
'text':
'''
<div id="%s-tab">
''' % cloud_id
})
if service['service_desc']:
output_objects.append({
'object_type': 'sectionheader',
'text': 'Service Description'
})
output_objects.append({
'object_type':
'html_form',
'text':
'''
<div class="cloud-description">
<span>%s</span>
</div>
''' % service['service_desc']
})
output_objects.append({
'object_type': 'html_form',
'text': '''
<br/>
'''
})
if not check_cloud_available(configuration, client_id, cloud_id,
cloud_flavor):
logger.error("Failed to connect to cloud: %s" % cloud_id)
output_objects.append(
{'object_type': 'error_text', 'text':
'The %s cloud service is currently unavailable' % \
cloud_title})
output_objects.append({
'object_type': 'html_form',
'text': '''
</div>
'''
})
status = returnvalues.SYSTEM_ERROR
continue
# Lookup user-specific allowed images (colon-separated image names)
allowed_images = allowed_cloud_images(configuration, client_id,
cloud_id, cloud_flavor)
if not allowed_images:
output_objects.append({
'object_type':
'error_text',
'text':
"No valid instance images for %s" % cloud_title
})
output_objects.append({
'object_type': 'html_form',
'text': '''
</div>
'''
})
continue
fill_helpers.update({
'cloud_id': cloud_id,
'cloud_title': cloud_title,
'target_op': target_op,
'rules_of_conduct': rules_of_conduct
})
delete_html = ""
# Manage existing instances
saved_instances = cloud_load_instance(configuration, client_id,
cloud_id, keyword_all)
saved_fields = ['INSTANCE_IMAGE']
instance_fields = ['public_fqdn', 'status']
status_map = status_all_cloud_instances(configuration, client_id,
cloud_id, cloud_flavor,
saved_instances.keys(),
instance_fields)
# TODO: halfwidth styling does not really work on select elements
delete_html += """
<div class='cloud-instance-delete fillwidth'>
<h3>Permanently delete a %(cloud_title)s cloud instance</h3>
<form class='delete-cloud-instance' target='#'>
<p class='cloud-instance-input fillwidth'>
<label class='fieldlabel halfwidth'>Instance</label>
<span class='halfwidth'>
<select id='select-instance-id'
class='styled-select html-select halfwidth padspace'
name='instance_id'>
""" % fill_helpers
output_objects.append({
'object_type':
'html_form',
'text':
"""
<div class='cloud-management fillwidth'>
<h3>Manage %(cloud_title)s instances</h3>
<br/>
<div class='cloud-instance-grid'>
<div class='cloud-instance-grid-left'>
<label class='fieldlabel fieldheader'>Name</label>
</div>
<div class='cloud-instance-grid-middle'>
<label class='fieldlabel fieldheader'>Instance Details</label>
</div>
<div class='cloud-instance-grid-right'>
<label class='fieldlabel fieldheader'>Actions</label>
</div>
""" % fill_helpers
})
for (instance_id, instance_dict) in saved_instances.items():
instance_label = instance_dict.get('INSTANCE_LABEL', instance_id)
logger.debug("Management entries for %s %s cloud instance %s" %
(client_id, cloud_id, instance_id))
instance_html = """
<div class='cloud-instance-grid-left'>
<label class='fieldlabel'>%s</label>
</div>
<div class='cloud-instance-grid-middle'>
""" % instance_label
for field in saved_fields:
field_val = saved_instances[instance_id].get(field, "-")
if field == 'INSTANCE_IMAGE':
for (img_name, _, img_alias) in allowed_images:
if img_name == field_val:
field_val = img_alias
instance_html += """
<span class='fieldstatus entry leftpad'>%s</span>
""" % field_val
for field in instance_fields:
field_val = status_map[instance_id].get(field, "-")
instance_html += """
<span class='fieldstatus entry leftpad'>%s</span>
""" % field_val
instance_html += """
</div>
<div class='cloud-instance-grid-right'>
"""
output_objects.append({
'object_type': 'html_form',
'text': instance_html
})
for (action, title) in action_list:
if action in cloud_edit_actions:
continue
query = 'action=%s;service=%s;instance_id=%s' % \
(action, cloud_id, instance_id)
url = 'reqcloudservice.py?%s' % query
#output_service = {
# 'object_type': 'service',
# 'name': "%s" % title,
# 'targetlink': url
#}
#output_objects.append(output_service)
output_objects.append({
'object_type':
'link',
'destination':
url,
'text':
title,
'class':
'ui-button',
'title':
'%s %s' % (title, instance_label)
})
output_objects.append({
'object_type':
'html_form',
'text':
"""
</div>
"""
})
delete_html += """<option value='%s'>%s</option>
""" % (instance_id, instance_label)
output_objects.append({
'object_type':
'html_form',
'text':
"""
</div>
</div>
"""
})
delete_html += """
</select>
</span>
</p>
<p class='fillwidth'>
<input type='submit' value='Delete Instance' onClick='javascript:confirmDialog(%(target_op)s, \"Really permanently delete your %(cloud_title)s \"+get_instance_label()+\" instance including all local data?\", undefined, {instance_id: get_instance_id(), service: \"%(cloud_id)s\"}); return false;' />
</p>
</form>
</div>
""" % fill_helpers
# Create new instance
create_html = """
<div class='cloud-instance-create fillwidth'>
<h3>Create a new %(cloud_title)s cloud instance</h3>
<form class='create_cloud_instance' method='%(form_method)s' action='%(target_op)s.py'>
<input type='hidden' name='%(csrf_field)s' value='%(csrf_token)s' />
<input type='hidden' name='service' value='%(cloud_id)s' />
<input type='hidden' name='action' value='create' />
<p class='cloud-instance-input fillwidth'>
<label class='fieldlabel halfwidth'>Label</label>
<span class='halfwidth'>
<input class='halfwidth padspace' type='text' name='instance_label' value='' />
</span>
</p>
<p class='cloud-instance-input fillwidth'>
<label class='fieldlabel halfwidth'>Image</label>
<span class='halfwidth'>
<select class='styled-select html-select halfwidth padspace' name='instance_image'>
"""
for (image_name, _, image_alias) in allowed_images:
create_html += """<option value='%s'>%s</option>
""" % (image_name, image_alias)
create_html += """
</select>
</span>
</p>
<p class='cloud-instance-input fillwidth'>
<label class='fieldlabel halfwidth'>
Accept <a href='%(rules_of_conduct)s'>Cloud Rules of Conduct</a>
</label>
<span class='halfwidth'>
<label class='switch'>
<input type='checkbox' mandatory name='accept_terms'>
<span class='slider round'></span></label>
</span>
</p>
<p class='fillwidth'>
<input type='submit' value='Create Instance' />
</p>
</form>
</div>
"""
output_objects.append({
'object_type': 'html_form',
'text': create_html % fill_helpers
})
if saved_instances:
output_objects.append({
'object_type': 'html_form',
'text': delete_html % fill_helpers
})
output_objects.append({
'object_type': 'html_form',
'text': '''
</div>
'''
})
output_objects.append({
'object_type': 'html_form',
'text': '''
</div>
'''
})
return (output_objects, status)
