function no_time_error()
{
relative_redirect("error-text.php?error=" . urlencode("No new sliver expiration time specified."));
// header('HTTP/1.1 404 Not Found');
// print 'No expiration time specified.';
exit;
}
function check_km_authorization($user)
{
global $NO_AUTHZ_REDIRECT;
if (isset($NO_AUTHZ_REDIRECT) && $NO_AUTHZ_REDIRECT) {
return;
}
if (!$user->portalIsAuthorized()) {
$request_uri = $_SERVER['REQUEST_URI'];
// $km_url = get_first_service_of_type(SR_SERVICE_TYPE::KEY_MANAGER);
relative_redirect("kmhome.php");
}
}
// included in all copies or substantial portions of the Work.
//
// THE WORK IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
// WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE WORK OR THE USE OR OTHER DEALINGS
// IN THE WORK.
//----------------------------------------------------------------------
require_once "user.php";
require_once 'portal.php';
require_once 'cs_constants.php';
require_once 'maintenance_mode.php';
relative_redirect("dashboard.php");
// include("tool-showmessage.php");
// if (is_null($user)) {
// // TODO: Handle unknown state
// print "Unable to load user record.<br/>";
// } else {
// if ($user->isRequested()) {
// include("home-requested.php");
// } else if ($user->isDisabled()) {
// print "User $user->eppn has been disabled.";
// } else if ($user->isActive()) {
// include("home-active.php");
// } else {
// // TODO: Handle unknown state
// print "Unknown account state: $user->status<br/>";
// }
maybe HTTP redirect there if this key exists in the session.
*/
$result = ma_lookup_certificate($ma_url, $km_signer, $member_id);
if (!is_null($result) && key_exists(MA_ARGUMENT::PRIVATE_KEY, $result)) {
/* If the user has an outside certificate AND key, redirect back to the
certificate loading page.
*/
$loc = $_SESSION['xml-signer'];
unset($_SESSION['xml-signer']);
relative_redirect($loc);
exit;
}
}
/* Auto-redirect to KM activate page if there's no member id. */
if (!isset($member_id)) {
relative_redirect("kmactivate.php");
exit;
}
$result = ma_lookup_certificate($ma_url, $km_signer, $member_id);
$has_cert = !is_null($result);
// Has the certificate expired?
$expired = false;
// Will the certificate expire soon?
$expiring = false;
if ($has_cert && array_key_exists('expiration', $result)) {
// Is expiration real soon or in the past?
$expiration = $result['expiration'];
$now = new DateTime('now', new DateTimeZone("UTC"));
$diff = $now->diff($expiration);
$days = $diff->days;
$expired = $days < 1;
//----------------------------------------------------------------------
require_once "settings.php";
require_once "util.php";
require_once "user.php";
require_once "pa_constants.php";
require_once "cs_client.php";
require_once "cs_constants.php";
require_once 'logging_client.php';
require_once 'logging_constants.php';
require_once 'ma_client.php';
require_once 'ma_constants.php';
require_once "db_utils.php";
include_once '/etc/geni-ch/settings.php';
$user = geni_loadUser();
if (!isset($user) || !$user->isActive()) {
relative_redirect("home.php");
}
$sr_url = get_sr_url();
$ma_url = get_first_service_of_type(SR_SERVICE_TYPE::MEMBER_AUTHORITY);
$log_url = get_first_service_of_type(SR_SERVICE_TYPE::LOGGING_SERVICE);
/*
* Pull info from the $_REQUEST
*/
$form_name = 'name';
$form_telephone = 'telephone';
$form_reference = 'reference';
$form_url = 'url';
$form_reason = 'reason';
$form_projectlead = 'projectlead';
function from_request($key)
{
}
// Do we have all the required params?
if ($slice_name) {
// Create the slice...
$result = sa_create_slice($user, $slice_name, $project_id, $project_name, $slice_description);
if (!$result) {
error_log("Create Slice failed for slice {$slice_name}");
$_SESSION['lasterror'] = "Slice creation failed for slice {$slice_name}";
relative_redirect('home.php');
} else {
/* $pretty_result = print_r($result, true); */
/* error_log("sa_create_slice result: $pretty_result\n"); */
// Redirect to this slice's page now...
$slice_id = $result[SA_SLICE_TABLE_FIELDNAME::SLICE_ID];
$_SESSION['lastmessage'] = "Created slice {$slice_name}";
relative_redirect('slice.php?slice_id=' . $slice_id);
}
}
// else if came from the createslice page then print an error or something
// If here, present the form
require_once "header.php";
show_header('GENI Portal: Slices');
if ($message) {
print "<i>" . $message . "</i>\n";
}
if ($show_breadcrumbs) {
include "tool-breadcrumbs.php";
}
include "tool-showmessage.php";
print "<h1>Create New Slice</h1>\n";
print "<p>A GENI slice is a container for reserving and managing a set of GENI resources.</p>\n";
if (!is_null($yesm)) {
$reason = $yesm;
}
}
// This is an 'add' selection
// Add member
add_project_member($sa_url, $user, $project_id, $member_id, $role);
// I _believe_ we'll have been redirected to the error page if the add fails
// and send acceptance letter
}
// Resolve pending request
resolve_pending_request($sa_url, $user, CS_CONTEXT_TYPE::PROJECT, $request_id, $resolution_status, $resolution_description);
// FIXME: Do not send the rejection mail if the user is already in the project - ticket #410
// FIXME: Allow the person rejecting your join request to edit/specify the email contents, so they can explain the rejection
// -- ticket #876
// Send acceptance/rejection letter
$hostname = $_SERVER['SERVER_NAME'];
$email_message = "Your request to join GENI project " . $project_name . " has been " . $resolution_status_label . " by " . $user->prettyName() . ".\n\n";
if (isset($reason) && $reason != '') {
$email_message = $email_message . "\n{$reason}\n\n";
}
$email_message = $email_message . "GENI Portal Operations";
$headers = "Cc: " . $user->prettyEmailAddress() . "\r\nContent-Type: text/plain; charset=UTF-8\r\nContent-Transfer-Encoding: 8bit";
mail($email_address, $email_subject, $email_message, $headers);
}
// end of loop over rows to process
$_SESSION['lastmessage'] = "Added {$num_members_added} members; Rejected {$num_members_rejected} members";
relative_redirect("project.php?project_id=" . $project_id);
?>
// Display errors
echo "<p>There were some problems with your form. Please go back and try again.</p><br /><br />";
// Display error messages
echo "<ul>\n";
for ($i = 0; $i < count($errors); $i++) {
echo "<li>" . $errors[$i] . "</li>";
}
echo "</ul>";
} else {
// Post comment
// Determine whether it's supposed to post a reply to a post or a comment
if ($_POST['parentType'] == "post") {
$commentid = add_reply_to_post($user_id, $_POST['parentID'], $_POST['replyContent']);
$post = get_post($_POST['parentID']);
$postid = $post['id'];
} else {
if ($_POST['parentType'] == "comment") {
$commentid = add_reply_to_comment($user_id, $_POST['parentID'], $_POST['replyContent']);
$comment = get_comment($_POST['parentID']);
$postid = $comment['postparent'];
}
}
echo "Post successful!";
//$domain = $_SERVER['HTTP_HOST'];
//header("Location: http://$domain/govit/viewpost.php?postid=$postid&commentid=$commentid#$commentid");
//exit();
relative_redirect("viewpost?postid={$postid}&commentid={$commentid}#{$commentid}");
}
require_once "footer.php";
ob_flush();
//for redirect
function create_sliver_success($link, $full_link)
{
global $background;
if ($background) {
show_page_header();
$string = "<p class='instruction'>Resource request submitted. If you are ";
$string .= "not automatically redirected, <a href='{$full_link}'>click here</a> ";
$string .= "to view request progress and results.</p>";
echo $string;
include "footer.php";
ob_end_clean();
print_r($link);
} else {
// FIXME: We probably want to redirect the user as
// quickly as possible, but
// is this the best way of doing it?
relative_redirect($link);
exit;
}
}
if ($error != NULL) {
echo "<div id=\"error-message\"" . " style=\"background: #dddddd;font-weight: bold\">\n";
echo "{$error}";
echo "</div>\n";
}
include 'uploadsshkey.html';
// show button only if there are no SSH keys on file
// don't let user generate public/private keypair if
// they already have 1+ public keys on file
$keys = $user->sshKeys();
if (count($keys) == 0) {
echo "<p>If you don't have an SSH keypair or want to create a new SSH keypair, <button onClick=\"window.location='generatesshkey.php'\">generate and download an SSH keypair</button>.</p>";
}
include "footer.php";
exit;
}
// The public key is in $_FILES["file"]["tmp_name"]
$contents = file_get_contents($_FILES["file"]["tmp_name"]);
$filename = $_FILES["file"]["name"];
$description = NULL;
if (array_key_exists("description", $_POST)) {
$description = $_POST["description"];
}
$ma_url = get_first_service_of_type(SR_SERVICE_TYPE::MEMBER_AUTHORITY);
register_ssh_key($ma_url, $user, $user->account_id, $filename, $description, $contents);
$_SESSION['lastmessage'] = "Uploaded SSH public key from " . $_FILES["file"]["name"];
relative_redirect('profile');
?>
Your key was uploaded.<br/>
<a href="profile.php">My Profile page</a>
return;
}
if ($in_maintenance_mode) {
print "This GENI Clearinghouse is currently in maintenance mode and cannot register new users.";
print "<br>";
print "<button onClick=\"history.back(-1)\"><b>Back</b></button>";
return;
}
// Get the EPPN now that we know it's there.
$eppn = strtolower($_SERVER['eppn']);
// If no email address and no preasserted email
// Then redirect to kmnoemail.php
if (!key_exists('mail', $_SERVER)) {
$asserted_attrs = get_asserted_attributes($eppn);
if (!key_exists('mail', $asserted_attrs)) {
relative_redirect('kmnoemail.php');
}
}
// Avoid double registration by checking if this is a valid
// user before displaying the page. If this user is already
// registered, redirect to the home page.
$ma_url = get_first_service_of_type(SR_SERVICE_TYPE::MEMBER_AUTHORITY);
$member = ma_lookup_member_by_eppn($ma_url, Portal::getInstance(), $eppn);
//$attrs = array('eppn' => $eppn);
//$ma_members = ma_lookup_members($ma_url, Portal::getInstance(), $attrs);
//$count = count($ma_members);
//if ($count !== 0) {
if (!is_null($member)) {
// Existing account, go to home page or to referer
redirect_referer("kmhome.php");
}
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and/or hardware specification (the "Work") to
// deal in the Work without restriction, including without limitation the
// rights to use, copy, modify, merge, publish, distribute, sublicense,
// and/or sell copies of the Work, and to permit persons to whom the Work
// is furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Work.
//
// THE WORK IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
// WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE WORK OR THE USE OR OTHER DEALINGS
// IN THE WORK.
//----------------------------------------------------------------------
require_once "user.php";
require_once "header.php";
$user = geni_loadUser();
if (!isset($user) || !$user->isActive()) {
relative_redirect("home.php");
}
include "tool-lookupids.php";
show_header('GENI Portal: Projects');
// FIXME do real stuff here!
relative_redirect('project.php?project_id=' . $project_id);
include "footer.php";
}
if (!isset($slice_urn)) {
header('HTTP/1.1 404 Not Found');
print 'No slice id specified.';
exit;
}
if (isset($slice_expired) && convert_boolean($slice_expired)) {
if (!isset($slice_name)) {
$slice_name = "";
}
$_SESSION['lasterror'] = "Slice " . $slice_name . " is expired.";
relative_redirect('dashboard.php#slices');
}
$keys = $user->sshKeys();
if (count($keys) == 0) {
relative_redirect("error-text.php?error=" . urlencode("No SSH keys " . "have been uploaded. Please <a href='uploadsshkey.php'>" . "Upload an SSH key</a> or <a href='generatesshkey.php'>Generate and Download an " . "SSH keypair</a> to enable access to nodes."));
}
/* Get the SA and CH URLs. These are really the PGCH URLs because
* Flack speaks the ProtoGENI Slice Authority and Clearinghouse APIs.
*
* If Flack is changed to support the Common Federation API these URLs
* will change.
*/
$pgchs = get_services_of_type(SR_SERVICE_TYPE::PGCH);
if (count($pgchs) != 1) {
error_log("flack must have exactly one PGCH service defined");
return "Should be exactly one PGCH url.";
} else {
$pgch = $pgchs[0];
$PGCH_URL = $pgch[SR_TABLE_FIELDNAME::SERVICE_URL];
}
// IN THE WORK.
//----------------------------------------------------------------------
require_once "user.php";
require_once "header.php";
require_once 'sr_constants.php';
require_once 'sr_client.php';
require_once 'sa_constants.php';
require_once 'sa_client.php';
$user = geni_loadUser();
if (!isset($user) || is_null($user) || !$user->isActive()) {
relative_redirect('home.php');
}
include "tool-lookupids.php";
if (isset($slice) && !is_null($slice)) {
// FIXME: Do anything to slices first? Members?
$result = "Disable Slice Not Implemented";
error_log("Disable Slice not implemented");
// $result = delete_slice($sa_url, $slice_id);
// if (! $result) {
// error_log("Failed to Disable slice $slice_id: $result");
// }
} else {
error_log("Didnt find to disable slice {$slice_id}");
}
// FIXME: remove the slice from the DB
// Invalidate credentials?
// FIXME
$_SESSION['lastmessage'] = "Asked to disable slice {$slice_name} - NOT IMPLEMENTED";
show_header('GENI Portal: Slices');
relative_redirect('dashboard.php#slices');
include "footer.php";
function default_put_message_result_handler($result)
{
// error_log("Decoded raw result : " . $result);
// error_log("MH.RESULT = " . print_r($result, true));
if ($result[RESPONSE_ARGUMENT::CODE] != RESPONSE_ERROR::NONE) {
error_log("SCRIPT_NAME = " . $_SERVER['SCRIPT_NAME']);
error_log("ERROR.CODE " . print_r($result[RESPONSE_ARGUMENT::CODE], true));
error_log("ERROR.VALUE " . print_r($result[RESPONSE_ARGUMENT::VALUE], true));
error_log("ERROR.OUTPUT " . print_r($result[RESPONSE_ARGUMENT::OUTPUT], true));
relative_redirect('error-text.php' . "?error=" . urlencode($result[RESPONSE_ARGUMENT::OUTPUT]));
}
// error_log("ERROR.OUTPUT " . print_r($result[RESPONSE_ARGUMENT::OUTPUT], true));
return $result[RESPONSE_ARGUMENT::VALUE];
}
$all_project_member_names = lookup_member_names_for_rows($ma_url, $user, $all_project_members, PA_PROJECT_MEMBER_TABLE_FIELDNAME::MEMBER_ID);
$all_project_member_ids = array();
foreach ($all_project_members as $apm) {
// error_log("APM = " . print_r($apm, true));
$all_project_member_ids[] = $apm[PA_PROJECT_MEMBER_TABLE_FIELDNAME::MEMBER_ID];
}
$all_project_member_details = lookup_member_details($ma_url, $user, $all_project_member_ids);
//foreach($all_project_member_details as $apmd) {
// error_log("APMD = " . print_r($apmd, true));
//}
$disabled = "disabled = " . '"' . "disabled" . '"';
$edit_members_disabled = "";
if (!$user->isAllowed(SA_ACTION::ADD_SLICE_MEMBER, CS_CONTEXT_TYPE::SLICE, $slice_id) || $in_lockdown_mode) {
$edit_members_disabled = $disabled;
$_SESSION['lasterror'] = "User has no privileges to edit slice '" . $slice_name . "'.";
relative_redirect("slice.php?slice_id={$slice_id}");
}
// First capture all the row details for the members
$all_project_member_row_elements = array();
foreach ($all_project_member_details as $apmd) {
$project_member_row_elements = compute_member_row_elements($apmd, $all_project_member_names, $project_id, $current_members);
$all_project_member_row_elements[] = $project_member_row_elements;
}
// Now sort them. Members first, sorted by role (Lead, admin,
// member, auditor, Operator)
// Then non-members
usort($all_project_member_row_elements, 'compare_project_member_row_elements');
show_header('GENI Portal: Slices');
include "tool-breadcrumbs.php";
include "tool-showmessage.php";
// Create a table with:
printHeader("Login", "Keywords", "Description", "login");
if (isset($_SESSION['user'])) {
// If session is set, user is logged in
echo "Logged in as " . $user_firstname;
} else {
// Check if form has been submitted
if (isset($_POST['email'])) {
// Form has been submitted
// Validate fields
// Username and password missing
if (strlen($_POST['email']) <= 0 || strlen($_POST['password']) <= 0) {
echo "Missing information!";
} else {
if (login($_POST['email'], $_POST['password'])) {
$domain = $_SERVER['HTTP_HOST'];
echo "Login successful.";
//header("Location: http://$domain/alpha/index.php");
//exit();
relative_redirect("index.php");
} else {
echo "The email address and password you entered don't match our records. Please go back and try again.";
}
}
} else {
// No form has been submitted
// So, display login form
print_login_box("loginpage");
}
}
require_once "footer.php";
ob_flush();
}
}
}
}
}
}
}
}
// If got half of the inputs I need to change project lead, add
// to errors
if (is_null($old_lead_new_role) and !is_null($new_lead_id) or !is_null($old_lead_new_role) and is_null($new_lead_id)) {
$error = true;
$msg = "To change project lead, specify both the new lead and a new role for the current lead";
error_log("Got only some needed inputs to change project lead for {$project_name}");
if ($errors == "") {
$errors = $msg;
} else {
$errors = $errors . "; " . $msg;
}
}
if ($error) {
$_SESSION['lasterror'] = "Editing project {$project_name} members: {$errors}";
if ($result != "No changes made") {
$_SESSION['lastmessage'] = "Edited project {$project_name} members: {$result}";
}
} else {
$_SESSION['lastmessage'] = "Edited project {$project_name} members: {$result}";
}
show_header('GENI Portal: Projects');
relative_redirect('project.php?project_id=' . $project_id . "&result=" . $result);
include "footer.php";
require_once "header.php";
require_once 'util.php';
require_once "sr_client.php";
require_once "sr_constants.php";
require_once "pa_client.php";
require_once "pa_constants.php";
require_once 'rq_client.php';
require_once "sa_client.php";
require_once "cs_client.php";
require_once "proj_slice_member.php";
require_once "services.php";
require_once "user-preferences.php";
$user = geni_loadUser();
if (!isset($user) || is_null($user) || !$user->isActive()) {
$msg = "Unable to load user record.";
relative_redirect('error-text.php?error=' . urlencode($msg));
}
if (!$user->portalIsAuthorized()) {
$km_url = get_first_service_of_type(SR_SERVICE_TYPE::KEY_MANAGER);
$params['redirect'] = selfURL();
$query = http_build_query($params);
$km_url = $km_url . "?" . $query;
print "<h2>Portal authorization</h2>";
print "<p>";
print "The GENI Portal is not authorized by you as a client tool. If you would like";
print " the GENI Portal to help you manage your projects and slices, you can";
print " <a href=\"{$km_url}\">authorize the portal</a> to do so.";
print "</p>";
return 0;
}
show_header('GENI Portal: Home', true, true);
/**
* Redirect to the referer. If no referer,
* redirect to $fallback.
*/
function redirect_referer($fallback)
{
$referer_key = 'HTTP_REFERER';
if (key_exists($referer_key, $_SERVER)) {
header("Location: " . $_SERVER[$referer_key]);
} else {
if (!is_null($fallback)) {
relative_redirect($fallback);
}
}
}
print '<h1>An error occurred while generating your SSH keypair.</h1>';
include "footer.php";
exit;
}
/* ssh keys (public and private) were successfully generated. Store them in the database. */
$private_key = file_get_contents($privatekeyfile);
$public_key = file_get_contents($publickeyfile);
unlink($privatekeyfile);
unlink($publickeyfile);
/* This is the name of the file on the experimenter's machine. */
$filename = "id_geni_ssh_rsa";
$description = "Generated SSH keypair";
$ma_url = get_first_service_of_type(SR_SERVICE_TYPE::MEMBER_AUTHORITY);
$result = register_ssh_key($ma_url, $user, $user->account_id, $filename, $description, $public_key, $private_key);
if (is_array($result) && array_key_exists(RESPONSE_ARGUMENT::CODE, $result) && $result[RESPONSE_ARGUMENT::CODE] != RESPONSE_ERROR::NONE) {
error_log("Failed to register SSH key for account " . $user->account_id . " from file {$filename}: " . $result);
$_SESSION['lasterror'] = "ERROR Generating SSH keypair";
relative_redirect('profile.php');
}
if (True) {
$_SESSION['lastmessage'] = "Generated SSH keypair - now download the private key";
relative_redirect('profile.php#ssh');
} else {
// Set headers for download
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename={$filename}");
header("Content-Type: application/pem");
header("Content-Transfer-Encoding: binary");
print $private_key;
}
relative_redirect('home.php');
} else {
$private_key_filename = tempnam("/tmp", "private-");
$putty_key_filename = tempnam("/tmp", "putty-");
// Write the private key
file_put_contents($private_key_filename, $private_key);
// Run the comand to generate the puttygen command
$cmd = "echo {$passphrase} | puttygen {$private_key_filename} -o {$putty_key_filename}";
// error_log("CMD = " . $cmd);
system($cmd);
// Read the putty key
$putty_key = file_get_contents($putty_key_filename);
// Delete the file with the private key
unlink($private_key_filename);
// Delete the file with the putty key
unlink($putty_key_filename);
// error_log("PRIV_FILE = " . $private_key_filename);
// error_log("PUTTY_FILE = " . $putty_key_filename);
// error_log("PRIV= " . $private_key);
// error_log("PUTTY= " . $putty_key);
if ($putty_key == NULL || strlen($putty_key) == 0) {
relative_redirect("error-text.php?error=" . urlencode("Invalid passphrase"));
}
// Set headers for download
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename={$filename}.ppk");
header("Content-Type: application/pem");
header("Content-Transfer-Encoding: binary");
print $putty_key;
}
// a copy of this software and/or hardware specification (the "Work") to
// deal in the Work without restriction, including without limitation the
// rights to use, copy, modify, merge, publish, distribute, sublicense,
// and/or sell copies of the Work, and to permit persons to whom the Work
// is furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Work.
//
// THE WORK IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
// WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE WORK OR THE USE OR OTHER DEALINGS
// IN THE WORK.
//----------------------------------------------------------------------
require_once 'db-util.php';
// This file is invoked to update an existing rspec with new rspec contents
// error_log("RSU: " . print_r($_POST, true));
if (!array_key_exists('rspec_id', $_POST) || !array_key_exists('rspec', $_POST)) {
error_log("Invalid call to rspecupdate: no rspec_id or rspec provided");
return;
}
$rspec_id = $_POST['rspec_id'];
$rspec = $_POST['rspec'];
$result = db_update_rspec_contents($rspec_id, $rspec);
// error_log("RSPEC_UPDATE = " . print_r($result, true));
relative_redirect('profile#rspecs');
function db_update_rspec($rspec_id, $user, $name, $description, $rspec, $schema, $schema_version, $visibility, $is_bound, $is_stitch, $am_urns, $uploaded_rspec)
{
if (!isset($description) or is_null($description) or $description == '') {
$msg = "Description missing for RSpec '{$name}'";
error_log($msg);
relative_redirect('error-text.php' . "?error=" . urlencode($msg));
return false;
}
if (!isset($name) or is_null($name) or $name == '') {
$msg = "Name missing for RSpec with description '{$description}'";
error_log($msg);
relative_redirect('error-text.php' . "?error=" . urlencode($msg));
return false;
}
$conn = portal_conn();
$sql = "UPDATE rspec SET ";
$sql .= "name = " . $conn->quote($name, 'text');
$sql .= ", description = " . $conn->quote($description, 'text');
$sql .= ", owner_id = " . $conn->quote($user->account_id, 'text');
$sql .= ", owner_name = " . $conn->quote($user->prettyName(), 'text');
$sql .= ", owner_email = " . $conn->quote($user->email(), 'text');
$sql .= ", visibility = " . $conn->quote($visibility, 'text');
if ($uploaded_rspec) {
$sql .= ", rspec = " . $conn->quote($rspec, 'text');
$sql .= ", schema = " . $conn->quote($schema, 'text');
$sql .= ", schema_version = " . $conn->quote($schema_version, 'text');
$sql .= ", bound = " . $conn->quote($is_bound, 'boolean');
$sql .= ", stitch = " . $conn->quote($is_stitch, 'boolean');
$sql .= ", am_urns = " . $conn->quote($am_urns, 'text');
}
$sql .= " where id = " . $rspec_id;
geni_syslog(GENI_SYSLOG_PREFIX::PORTAL, $sql);
// error_log($sql);
$result = db_execute_statement($sql, "db_update_rspec");
if ($result[RESPONSE_ARGUMENT::CODE] != RESPONSE_ERROR::NONE) {
$msg = "db_update_rspec: " . $result[RESPONSE_ARGUMENT::OUTPUT];
geni_syslog(GENI_SYSLOG_PREFIX::PORTAL, $msg);
error_log($msg);
return false;
}
return $result[RESPONSE_ARGUMENT::VALUE];
}
$show_form = False;
} else {
$error_msg = "Password entries don't match.";
}
}
if ($show_form) {
// Display the form and exit
$GENI_TITLE = "Download certificate and key";
$load_user = TRUE;
show_header('GENI Portal: Profile', $load_user);
include "tool-breadcrumbs.php";
show_form($error_msg);
include "footer.php";
exit;
}
/* Generate a keypair and a certificate. */
$uuid = $user->account_id;
$email = $user->email();
$urn = $user->urn();
$signer_cert_file = '/usr/share/geni-ch/ma/ma-cert.pem';
$signer_key_file = '/usr/share/geni-ch/ma/ma-key.pem';
if (!make_cert_and_key($uuid, $email, $urn, $signer_cert_file, $signer_key_file, $cert, $key)) {
print "An error occurred generating a key and certificate.\n";
exit;
}
/* Cert and key were successfully generated. Store them in the database. */
db_add_outside_key_cert($user->account_id, $cert, $key);
// FIXME: Check for errors
$_SESSION['lastmessage'] = "Created certificate and key.";
relative_redirect('profile.php');
unset($_REQUEST['slice_id']);
$slice_members = get_slice_members($sa_url, $user, $slice_id);
$slice_members_by_role = array();
foreach ($slice_members as $slice_member) {
$slice_member_id = $slice_member['member_id'];
$slice_member_role = $slice_member['role'];
$slice_members_by_role[$slice_member_id] = $slice_member_role;
}
$selections = $_REQUEST;
/* Remove project_id from selections so that it isn't confused
with a member id. */
if (array_key_exists('project_id', $selections)) {
unset($selections['project_id']);
}
$validation_result = validate_slice_member_requests($slice_members_by_role, $selections);
$success = $validation_result['success'];
if ($success) {
$result = do_modify_slice_membership($selections, $slice_id, $slice_members_by_role);
if ($result[RESPONSE_ARGUMENT::CODE] == RESPONSE_ERROR::NONE) {
$_SESSION['lastmessage'] = "Slice membership successfully changed.";
} else {
$_SESSION['lastmessage'] = 'Error changing slice membership : ' . $result[RESPONSE_ARGUMENT::OUTPUT];
}
} else {
$result = $validation_result['text'];
$_SESSION['lasterror'] = $result;
}
relative_redirect("slice.php?slice_id=" . $slice_id);
?>
/**
* Dispatch function to support migration to MA.
* @param unknown_type $account_id
*/
function geni_loadUser()
{
global $in_maintenance_mode;
// TODO: Look up in cache here
if (!array_key_exists('eppn', $_SERVER)) {
// Required attributes were not found - redirect to a gentle error page
send_attribute_fail_email();
incommon_attribute_redirect();
}
// Load current user based on Shibboleth environment
$eppn = strtolower($_SERVER['eppn']);
$sfcred = NULL;
global $speaks_for_enabled;
$sfcred = fetch_speaks_for($eppn, $expires);
if ($sfcred === FALSE) {
/* A DB error occurred. */
if (isset($speaks_for_enabled) && $speaks_for_enabled) {
return NULL;
}
} else {
if (is_null($sfcred)) {
if (isset($speaks_for_enabled) && $speaks_for_enabled) {
error_log("No speaks for cred on file for eppn '{$eppn}'");
relative_redirect('speaks-for.php');
}
}
}
$user = geni_load_user_by_eppn($eppn, $sfcred);
// Non-operators can't use the portal while in maintenance: they go to the 'Maintenance" page
if ($in_maintenance_mode && !$user->isAllowed(CS_ACTION::ADMINISTER_MEMBERS, CS_CONTEXT_TYPE::MEMBER, null)) {
error_log($user->prettyName() . " tried to access portal during maintenance");
relative_redirect("maintenance_redirect_page.php");
}
// TODO: Insert user in cache here
return $user;
}
function result_handler($result)
{
// allow a custom result handler
global $put_message_result_handler;
if (isset($put_message_result_handler)) {
if ($put_message_result_handler != null) {
return $put_message_result_handler($result);
}
}
$not_array = $result == null || !is_array($result);
$not_standard_result = $not_array || !array_key_exists(RESPONSE_ARGUMENT::CODE, $result) || !array_key_exists(RESPONSE_ARGUMENT::VALUE, $result) || !array_key_exists(RESPONSE_ARGUMENT::OUTPUT, $result);
$not_fault_result = $not_array || !isset($result['faultString']);
// error_log("NA = " . print_r($not_array, true));
// error_log("NSR = " . print_r($not_standard_result, true));
// error_log("NFR = " . print_r($not_fault_result, true));
// error_log("RESULT = " . print_r($result, true));
if ($not_standard_result && $not_fault_result) {
error_log("System error: Invalid response " . print_r($result, true));
$short_string = 'Invalid result received from Clearinghouse API: ';
$short_string .= substr(print_r($result, true), 0, MAX_ERROR_CHARS);
relative_redirect('error-text.php?system_error=1&error=' . urlencode($short_string));
}
// default handling
if (isset($result['faultString'])) {
// error_log("FS = " . $result['faultString']);
// error_log("FS.enc = " . urlencode($result['faultString']));
// error_log("SCRIPT_NAME = " . $_SERVER['SCRIPT_NAME']);
// error_log("ERROR.OUTPUT " . print_r($result['faultString'], true));
$short_string = substr($result['faultString'], 0, MAX_ERROR_CHARS);
relative_redirect('error-text.php?system_error=1&error=' . urlencode($short_string));
}
if ($result[RESPONSE_ARGUMENT::CODE] != RESPONSE_ERROR::NONE) {
error_log("SCRIPT_NAME = " . $_SERVER['SCRIPT_NAME']);
error_log("ERROR.CODE " . print_r($result[RESPONSE_ARGUMENT::CODE], true));
error_log("ERROR.VALUE " . print_r($result[RESPONSE_ARGUMENT::VALUE], true));
error_log("ERROR.OUTPUT " . print_r($result[RESPONSE_ARGUMENT::OUTPUT], true));
$short_string = substr($result[RESPONSE_ARGUMENT::OUTPUT], 0, MAX_ERROR_CHARS);
relative_redirect('error-text.php?error=' . urlencode($short_string));
}
return $result[RESPONSE_ARGUMENT::VALUE];
}
//
// wireless_operations?operation=disable&project_name=X&project_id=XID
// disable project X for wireless operations
//
?>
<?php
require_once 'user.php';
require_once 'sr_constants.php';
require_once 'sr_client.php';
require_once "pa_client.php";
require_once "pa_constants.php";
require_once "response_format.php";
$user = geni_loadUser();
if (!isset($user) || is_null($user) || !$user->isActive()) {
relative_redirect('home.php');
}
$ma_url = get_first_service_of_type(SR_SERVICE_TYPE::MEMBER_AUTHORITY);
$sa_url = get_first_service_of_type(SR_SERVICE_TYPE::SLICE_AUTHORITY);
// Invoke geni-sync-wireless tool on given project
function sync_object($object_type, $object_name)
{
# Should only provide error information on stderr: put stdout to syslog
$cmd = "geni-sync-wireless {$object_type} {$object_name}";
error_log("SYNC(cmd) " . $cmd);
$descriptors = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
$process = proc_open($cmd, $descriptors, $pipes);
$std_output = stream_get_contents($pipes[1]);
# Should be empty
$err_output = stream_get_contents($pipes[2]);
fclose($pipes[1]);
function test_requests_for_url($url, $context_type, $context_id)
{
global $signer;
$insert_result = create_request($url, $signer, $context_type, $context_id, RQ_REQUEST_TYPE::JOIN, 'foobar', '');
error_log("IR = " . print_r($insert_result, true));
$request_id = $insert_result;
$rows = get_requests_for_context($url, $signer, $context_type, $context_id);
dump_rows($rows);
$rows = get_requests_by_user($url, $signer, $signer->account_id, $context_type, $context_id);
dump_rows($rows);
$row = get_request_by_id($url, $signer, $request_id, $context_type);
dump_row($row);
$num_pending = get_number_of_pending_requests_for_user($url, $signer, $signer->account_id, $context_type, $context_id);
error_log("Num_pending(pre) = " . print_r($num_pending, true));
$pending = get_pending_requests_for_user($url, $signer, $signer->account_id, $context_type, $context_id);
dump_rows($pending);
resolve_pending_request($url, $signer, $context_type, $request_id, RQ_REQUEST_STATUS::APPROVED, 'resolved');
$num_pending = get_number_of_pending_requests_for_user($url, $signer, $signer->account_id, $context_type, $context_id);
error_log("Num_pending(post) = " . print_r($num_pending, true));
}
$project_ids = lookup_projects($sa_url, $signer);
// error_log("PIDS = " . print_r($project_ids, true));
$project_id = $project_ids[0]['project_id'];
// error_log("PID = " . print_r($project_id, true));
$slice_ids = lookup_slice_ids($sa_url, $signer, $project_id);
// error_log("SIDS = " . print_r($slice_ids, true));
$slice_id = $slice_ids[0];
test_requests_for_url($sa_url, CS_CONTEXT_TYPE::SLICE, $slice_id);
test_requests_for_url($sa_url, CS_CONTEXT_TYPE::PROJECT, $project_id);
relative_redirect('debug');
