Beispiel #1
0
function dispatchImageRequest()
{
    genericAssertion('img', 'string');
    global $pageno, $tabno;
    switch ($_REQUEST['img']) {
        case 'minirack':
            // rack security context
            $pageno = 'rack';
            $tabno = 'default';
            fixContext();
            assertPermission();
            dispatchMiniRackThumbRequest(getBypassValue());
            break;
        case 'midirack':
            // rack security context
            $pageno = 'rack';
            $tabno = 'default';
            fixContext();
            assertPermission();
            genericAssertion('scale', 'uint');
            # Scaling implies no caching, there is no special dispatching.
            header('Content-type: image/png');
            printRackThumbImage(getBypassValue(), $_REQUEST['scale']);
            break;
        case 'preview':
            // file security context
            $pageno = 'file';
            $tabno = 'download';
            fixContext();
            assertPermission();
            renderImagePreview(getBypassValue());
            break;
        case 'cactigraph':
            $pageno = 'object';
            $tabno = 'cacti';
            fixContext();
            assertPermission();
            genericAssertion('server_id', 'uint');
            genericAssertion('graph_id', 'uint');
            if (!array_key_exists($_REQUEST['graph_id'], getCactiGraphsForObject(getBypassValue()))) {
                throw new InvalidRequestArgException('graph_id', $_REQUEST['graph_id']);
            }
            proxyCactiRequest($_REQUEST['server_id'], $_REQUEST['graph_id']);
            break;
        case 'muningraph':
            $pageno = 'object';
            $tabno = 'munin';
            fixContext();
            assertPermission();
            genericAssertion('server_id', 'uint');
            genericAssertion('graph', 'string');
            if (!array_key_exists($_REQUEST['graph'], getMuninGraphsForObject(getBypassValue()))) {
                throw new InvalidRequestArgException('graph', $_REQUEST['graph']);
            }
            proxyMuninRequest($_REQUEST['server_id'], $_REQUEST['graph']);
            break;
        default:
            renderErrorImage();
    }
}
Beispiel #2
0
function dispatchImageRequest()
{
    genericAssertion('img', 'string');
    global $pageno, $tabno;
    switch ($_REQUEST['img']) {
        case 'minirack':
            // rack security context
            $pageno = 'rack';
            $tabno = 'default';
            fixContext();
            assertPermission();
            renderRackThumb(getBypassValue());
            break;
        case 'preview':
            // file security context
            $pageno = 'file';
            $tabno = 'download';
            fixContext();
            assertPermission();
            renderImagePreview(getBypassValue());
            break;
        case 'cactigraph':
            $pageno = 'object';
            $tabno = 'cacti';
            fixContext();
            assertPermission();
            genericAssertion('graph_id', 'uint');
            if (!array_key_exists($_REQUEST['graph_id'], getCactiGraphsForObject(getBypassValue()))) {
                throw new InvalidRequestArgException('graph_id', $_REQUEST['graph_id']);
            }
            proxyCactiRequest($_REQUEST['graph_id']);
            break;
        default:
            renderErrorImage();
    }
}
function updateCableIdAJAX()
{
    global $sic;
    assertUIntArg('id');
    assertStringArg('text', TRUE);
    $port_info = getPortInfo($sic['id']);
    fixContext(spotEntity('object', $port_info['object_id']));
    assertPermission('object', 'ports', 'editPort');
    if (!$port_info['linked']) {
        throw new RackTablesError('Cant update cable ID: port is not linked');
    }
    if ($port_info['reservation_comment'] !== $sic['text']) {
        commitUpdatePortLink($sic['id'], $sic['text']);
    }
    echo 'OK';
}
Beispiel #4
0
function del8021QOrder()
{
    assertUIntArg('object_id');
    assertUIntArg('vdom_id');
    assertUIntArg('vst_id');
    global $sic, $pageno;
    fixContext();
    if ($pageno != 'object') {
        spreadContext(spotEntity('object', $sic['object_id']));
    }
    if ($pageno != 'vst') {
        spreadContext(spotEntity('vst', $sic['vst_id']));
    }
    assertPermission();
    usePreparedDeleteBlade('VLANSwitch', array('object_id' => $sic['object_id']));
    $focus_hints = array('prev_objid' => $_REQUEST['object_id'], 'prev_vstid' => $_REQUEST['vst_id'], 'prev_vdid' => $_REQUEST['vdom_id']);
    showFuncMessage(__FUNCTION__, 'OK');
    return buildRedirectURL(NULL, NULL, $focus_hints);
}
Beispiel #5
0
function createIPv6Prefix($range = '', $name = '', $is_connected = FALSE, $taglist = array(), $vlan_ck = NULL)
{
    // $range is in aaa0:b::c:d/x format, split into ip/mask vars
    $rangeArray = explode('/', $range);
    if (count($rangeArray) != 2) {
        throw new InvalidRequestArgException('range', $range, 'Invalid IPv6 prefix');
    }
    $ip = $rangeArray[0];
    $mask = $rangeArray[1];
    $net = constructIPRange(ip6_parse($ip), $mask);
    usePreparedInsertBlade('IPv6Network', array('ip' => $net['ip_bin'], 'last_ip' => ip_last($net), 'mask' => $mask, 'name' => $name));
    $network_id = lastInsertID();
    # RFC3513 2.6.1 - Subnet-Router anycast
    if ($is_connected) {
        updateV6Address($net['ip_bin'], 'Subnet-Router anycast', 'yes');
    }
    produceTagsForNewRecord('ipv6net', $taglist, $network_id);
    if ($vlan_ck != NULL) {
        $ctx = getContext();
        fixContext(spotEntity('ipv6net', $network_id));
        if (permitted('ipv6net', '8021q', 'bind')) {
            commitSupplementVLANIPv6($vlan_ck, $network_id);
        }
        restoreContext($ctx);
    }
    return $network_id;
}
Beispiel #6
0
function renderPopupHTML()
{
    global $pageno, $tabno;
    header('Content-Type: text/html; charset=UTF-8');
    ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" style="height: 100%;">
<?php 
    assertStringArg('helper');
    $text = '';
    switch ($_REQUEST['helper']) {
        case 'objlist':
            $pageno = 'object';
            $tabno = 'default';
            fixContext();
            assertPermission();
            $text .= getOutputOf('renderPopupObjectSelector');
            break;
        case 'portlist':
            $pageno = 'depot';
            $tabno = 'default';
            fixContext();
            assertPermission();
            $text .= '<div style="background-color: #f0f0f0; border: 1px solid #3c78b5; padding: 10px; height: 100%; text-align: center; margin: 5px;">';
            if (isset($_REQUEST['do_link'])) {
                $text .= getOutputOf('callHook', 'handlePopupPortLink');
            } else {
                $text .= getOutputOf('callHook', 'renderPopupPortSelector');
            }
            $text .= '</div>';
            break;
        case 'inet4list':
            $pageno = 'ipv4space';
            $tabno = 'default';
            fixContext();
            assertPermission();
            $text .= getOutputOf('renderPopupIPv4Selector');
            break;
        default:
            throw new InvalidRequestArgException('helper', $_REQUEST['helper']);
    }
    echo '<head><title>RackTables pop-up</title>';
    printPageHeaders();
    echo '</head>';
    echo '<body style="height: 100%;">' . $text . '</body>';
    ?>
</html>
<?php 
}
Beispiel #7
0
 require_once 'inc/ophandlers.php';
 // snmp.php is an exception, it is treated by a special hack
 if (isset($_REQUEST['op']) and $_REQUEST['op'] == 'querySNMPData') {
     require_once 'inc/snmp.php';
 }
 require_once 'inc/init.php';
 try {
     genericAssertion('op', 'string');
     $op = $_REQUEST['op'];
     prepareNavigation();
     $location = buildRedirectURL();
     // FIXME: find a better way to handle this error
     if ($op == 'addFile' && !isset($_FILES['file']['error'])) {
         throw new RackTablesError('File upload error, check upload_max_filesize in php.ini', RackTablesError::MISCONFIGURED);
     }
     fixContext();
     if (!isset($ophandler[$pageno][$tabno][$op]) or !is_callable($ophandler[$pageno][$tabno][$op])) {
         throw new RackTablesError("Invalid navigation data for '{$pageno}-{$tabno}-{$op}'", RackTablesError::INTERNAL);
     }
     // We have a chance to handle an error before starting HTTP header.
     if (!isset($delayauth["{$pageno}-{$tabno}-{$op}"])) {
         assertPermission();
     }
     # Call below does the job of bypass argument assertion, if such is required,
     # so the ophandler function doesn't have to re-assert this portion of its
     # arguments. And it would be even better to pass returned value to ophandler,
     # so it is not necessary to remember the name of bypass in it.
     getBypassValue();
     if (strlen($redirect_to = call_user_func($ophandler[$pageno][$tabno][$op]))) {
         $location = $redirect_to;
     }
Beispiel #8
0
function isolatedPermission($p, $t, $cell)
{
    // This function is called from both "file" page and a number of other pages,
    // which have already fixed security context and authorized the user for it.
    // OTOH, it is necessary here to authorize against the current file, which
    // means saving the current context and building a new one.
    global $expl_tags, $impl_tags, $target_given_tags, $auto_tags;
    // push current context
    $orig_expl_tags = $expl_tags;
    $orig_impl_tags = $impl_tags;
    $orig_target_given_tags = $target_given_tags;
    $orig_auto_tags = $auto_tags;
    // retarget
    fixContext($cell);
    // remember decision
    $ret = permitted($p, $t);
    // pop context
    $expl_tags = $orig_expl_tags;
    $impl_tags = $orig_impl_tags;
    $target_given_tags = $orig_target_given_tags;
    $auto_tags = $orig_auto_tags;
    return $ret;
}