function dispatchImageRequest() { genericAssertion('img', 'string'); global $pageno, $tabno; switch ($_REQUEST['img']) { case 'minirack': // rack security context $pageno = 'rack'; $tabno = 'default'; fixContext(); assertPermission(); dispatchMiniRackThumbRequest(getBypassValue()); break; case 'midirack': // rack security context $pageno = 'rack'; $tabno = 'default'; fixContext(); assertPermission(); genericAssertion('scale', 'uint'); # Scaling implies no caching, there is no special dispatching. header('Content-type: image/png'); printRackThumbImage(getBypassValue(), $_REQUEST['scale']); break; case 'preview': // file security context $pageno = 'file'; $tabno = 'download'; fixContext(); assertPermission(); renderImagePreview(getBypassValue()); break; case 'cactigraph': $pageno = 'object'; $tabno = 'cacti'; fixContext(); assertPermission(); genericAssertion('server_id', 'uint'); genericAssertion('graph_id', 'uint'); if (!array_key_exists($_REQUEST['graph_id'], getCactiGraphsForObject(getBypassValue()))) { throw new InvalidRequestArgException('graph_id', $_REQUEST['graph_id']); } proxyCactiRequest($_REQUEST['server_id'], $_REQUEST['graph_id']); break; case 'muningraph': $pageno = 'object'; $tabno = 'munin'; fixContext(); assertPermission(); genericAssertion('server_id', 'uint'); genericAssertion('graph', 'string'); if (!array_key_exists($_REQUEST['graph'], getMuninGraphsForObject(getBypassValue()))) { throw new InvalidRequestArgException('graph', $_REQUEST['graph']); } proxyMuninRequest($_REQUEST['server_id'], $_REQUEST['graph']); break; default: renderErrorImage(); } }
function requireMandatoryAttrGeneric($listsrc, $attr_id, $newval) { $object_id = getBypassValue(); $attrs = getAttrValues($object_id); if (array_key_exists($attr_id, $attrs) && considerGivenConstraint(spotEntity('object', $object_id), $listsrc) && !mb_strlen($newval)) { showError('Mandatory attribute "' . $attrs[$attr_id]['name'] . '" not set'); stopOpPropagation(); } return ''; }
function dispatchImageRequest() { genericAssertion('img', 'string'); global $pageno, $tabno; switch ($_REQUEST['img']) { case 'minirack': // rack security context $pageno = 'rack'; $tabno = 'default'; fixContext(); assertPermission(); renderRackThumb(getBypassValue()); break; case 'preview': // file security context $pageno = 'file'; $tabno = 'download'; fixContext(); assertPermission(); renderImagePreview(getBypassValue()); break; case 'cactigraph': $pageno = 'object'; $tabno = 'cacti'; fixContext(); assertPermission(); genericAssertion('graph_id', 'uint'); if (!array_key_exists($_REQUEST['graph_id'], getCactiGraphsForObject(getBypassValue()))) { throw new InvalidRequestArgException('graph_id', $_REQUEST['graph_id']); } proxyCactiRequest($_REQUEST['graph_id']); break; default: renderErrorImage(); } }
function trigger_livevlans() { return checkTypeAndAttribute(getBypassValue(), 8, 4, array(244, 251, 252)); }
function trigger_ipvs_convert() { return count(callHook('getVSIDsByGroup', getBypassValue())) ? 'std' : ''; }
function importFingData() { $net = spotEntity('ipv4net', getBypassValue()); assertUIntArg('addrcount'); $nbad = $ngood = 0; for ($i = 1; $i <= $_REQUEST['addrcount']; $i++) { $inputname = "import_{$i}"; if (!isCheckSet($inputname)) { continue; } $ip_bin = assertIPv4Arg("addr_{$i}"); assertStringArg("descr_{$i}", TRUE); assertStringArg("rsvd_{$i}"); // Non-existent addresses will not have this argument set in request. $rsvd = 'no'; if ($_REQUEST["rsvd_{$i}"] == 'yes') { $rsvd = 'yes'; } try { if (!ip_in_range($ip_bin, $net)) { throw new InvalidArgException('ip_bin', $ip_bin); } updateAddress($ip_bin, $_REQUEST["descr_{$i}"], $rsvd); $ngood++; } catch (RackTablesError $e) { $nbad++; } } if (!$nbad) { showFuncMessage(__FUNCTION__, 'OK', array($ngood)); } else { showFuncMessage(__FUNCTION__, 'ERR', array($nbad, $ngood)); } }
function renderPopupObjectSelector() { assertPermission('object', 'default'); $object_id = getBypassValue(); echo '<h2>Choose a container:</h2>'; echo '<form action="javascript:;">'; $parents = findObjectParentCandidates($object_id); printSelect($parents, array('name' => 'parents', 'size' => getConfigVar('MAXSELSIZE'))); echo '<br>'; echo "<input type=submit value='Proceed' onclick='" . "if (getElementById(\"parents\").value != \"\") {" . "\topener.location=\"?module=redirect&page=object&tab=edit&op=linkObjects&object_id={$object_id}&child_entity_type=object&child_entity_id={$object_id}&parent_entity_type=object&parent_entity_id=\"+getElementById(\"parents\").value; " . "\twindow.close();}'>"; echo '</form>'; }
function renderObjectLogEditor() { global $nextorder; echo "<center><h2>Log records for this object (<a href=?page=objectlog>complete list</a>)</h2></center>"; printOpFormIntro('add'); echo "<table with=80% align=center border=0 cellpadding=5 cellspacing=0 align=center class=cooltable><tr valign=top class=row_odd>"; echo '<td class=tdcenter>' . getImageHREF('CREATE', 'add record', TRUE, 101) . '</td>'; echo '<td><textarea name=logentry rows=10 cols=80 tabindex=100></textarea></td>'; echo '<td class=tdcenter>' . getImageHREF('CREATE', 'add record', TRUE, 101) . '</td>'; echo '</tr></form>'; $order = 'even'; foreach (getLogRecordsForObject(getBypassValue()) as $row) { echo "<tr class=row_{$order} valign=top>"; echo '<td class=tdleft>' . $row['date'] . '<br>' . $row['user'] . '</td>'; echo '<td class="logentry">' . string_insert_hrefs(htmlspecialchars($row['content'], ENT_NOQUOTES)) . '</td>'; echo "<td class=tdleft>"; echo getOpLink(array('op' => 'del', 'log_id' => $row['id']), '', 'DESTROY', 'Delete log entry'); echo "</td></tr>\n"; $order = $nextorder[$order]; } echo '</table>'; }
function updateObjectAllocation() { global $remote_username, $sic; if (!isset($_REQUEST['got_atoms'])) { unset($_GET['page']); unset($_GET['tab']); unset($_GET['op']); unset($_POST['page']); unset($_POST['tab']); unset($_POST['op']); return buildRedirectURL(NULL, NULL, $_REQUEST); } $object_id = getBypassValue(); $rf1 = $_REQUEST['rfid']; if (isset($_REQUEST['rfid'])) { // $rf1 = 1000000;//$_REQUEST['rfid']; $result = usePreparedSelectBlade("SELECT object_id FROM objecttorf WHERE rf_id = ?", array($rf1)); $row = $result->fetch(PDO::FETCH_ASSOC); if (isset($row)) { $object_id = $row['object_id']; } //получить значение из базы где rf1=njvenj //showError ('Permission deniedddddddd, "' . $object_id . '" left unchanged'); } $changecnt = 0; // Get a list of all of this object's parents, // then trim the list to only include parents that are racks $objectParents = getEntityRelatives('parents', 'object', $object_id); $parentRacks = array(); foreach ($objectParents as $parentData) { if ($parentData['entity_type'] == 'rack') { $parentRacks[] = $parentData['entity_id']; } } $workingRacksData = array(); foreach ($_REQUEST['rackmulti'] as $cand_id) { if (!isset($workingRacksData[$cand_id])) { $rackData = spotEntity('rack', $cand_id); amplifyCell($rackData); $workingRacksData[$cand_id] = $rackData; } // It's zero-U mounted to this rack on the form, but not in the DB. Mount it. if (isset($_REQUEST["zerou_{$cand_id}"]) && !in_array($cand_id, $parentRacks)) { $changecnt++; commitLinkEntities('rack', $cand_id, 'object', $object_id); } // It's not zero-U mounted to this rack on the form, but it is in the DB. Unmount it. if (!isset($_REQUEST["zerou_{$cand_id}"]) && in_array($cand_id, $parentRacks)) { $changecnt++; commitUnlinkEntities('rack', $cand_id, 'object', $object_id); } } foreach ($workingRacksData as &$rd) { applyObjectMountMask($rd, $object_id); } $oldMolecule = getMoleculeForObject($object_id); foreach ($workingRacksData as $rack_id => $rackData) { if (!processGridForm($rackData, 'F', 'T', $object_id)) { continue; } $changecnt++; // Reload our working copy after form processing. $rackData = spotEntity('rack', $cand_id); amplifyCell($rackData); applyObjectMountMask($rackData, $object_id); $workingRacksData[$rack_id] = $rackData; } if ($changecnt) { // Log a record. $newMolecule = getMoleculeForObject($object_id); usePreparedInsertBlade('MountOperation', array('object_id' => $object_id, 'old_molecule_id' => count($oldMolecule) ? createMolecule($oldMolecule) : NULL, 'new_molecule_id' => count($newMolecule) ? createMolecule($newMolecule) : NULL, 'user_name' => $remote_username, 'comment' => empty($sic['comment']) ? NULL : $sic['comment'])); } showFuncMessage(__FUNCTION__, 'OK', array($changecnt)); }
function renderPopupObjectSelector() { $object_id = getBypassValue(); echo '<div style="background-color: #f0f0f0; border: 1px solid #3c78b5; padding: 10px; height: 100%; text-align: center; margin: 5px;">'; echo '<h2>Choose a container:</h2>'; echo '<form action="javascript:;">'; $parents = findObjectParentCandidates($object_id); printSelect($parents, array('name' => 'parents', 'size' => getConfigVar('MAXSELSIZE'))); echo '<br>'; echo "<input type=submit value='Proceed' onclick='" . "if (getElementById(\"parents\").value != \"\") {" . "\topener.location=\"?module=redirect&page=object&tab=edit&op=linkObjects&object_id={$object_id}&child_entity_type=object&child_entity_id={$object_id}&parent_entity_type=object&parent_entity_id=\"+getElementById(\"parents\").value; " . "\twindow.close();}'>"; echo '</form></div>'; }
function trigger_ucs() { return checkTypeAndAttribute(getBypassValue(), 1787, 30, array(1788)); }
if ($op == 'addFile' && !isset($_FILES['file']['error'])) { throw new RackTablesError('File upload error, check upload_max_filesize in php.ini', RackTablesError::MISCONFIGURED); } fixContext(); if (!isset($ophandler[$pageno][$tabno][$op]) or !is_callable($ophandler[$pageno][$tabno][$op])) { throw new RackTablesError("Invalid navigation data for '{$pageno}-{$tabno}-{$op}'", RackTablesError::INTERNAL); } // We have a chance to handle an error before starting HTTP header. if (!isset($delayauth["{$pageno}-{$tabno}-{$op}"])) { assertPermission(); } # Call below does the job of bypass argument assertion, if such is required, # so the ophandler function doesn't have to re-assert this portion of its # arguments. And it would be even better to pass returned value to ophandler, # so it is not necessary to remember the name of bypass in it. getBypassValue(); if (strlen($redirect_to = call_user_func($ophandler[$pageno][$tabno][$op]))) { $location = $redirect_to; } } catch (InvalidRequestArgException $e) { ob_clean(); showError($e->getMessage()); } catch (RTDatabaseError $e) { ob_clean(); showError('Database error: ' . $e->getMessage()); } catch (RTPermissionDenied $e) { ob_clean(); showError('Operation not permitted'); } redirectUser($location); // any other error requires no special handling and will be caught outside
function handleNetworkStickerClear() { global $sic, $pageno; assertUIntArg('attr_id'); if (permitted(NULL, NULL, NULL, array(array('tag' => '$attr_' . $sic['attr_id'])))) { commitUpdateAttrForNetwork(spotEntity($pageno === 'ipv4net' ? 'ipv4net' : 'ipv6net', getBypassValue()), $sic['attr_id']); showSuccess("Attribute value cleared successfully"); } else { $oldvalues = getAttrValues(getBypassValue()); showError('Permission denied, "' . $oldvalues[$sic['attr_id']]['name'] . '" left unchanged'); } }
function proxyMuninRequest($server_id, $graph) { try { list($host, $domain) = getMuninNameAndDomain(getBypassValue()); } catch (InvalidArgException $e) { throw new RTImageError('munin_graph'); } $ret = array(); $servers = getMuninServers(); if (!array_key_exists($server_id, $servers)) { throw new InvalidRequestArgException('server_id', $server_id); } $munin_url = $servers[$server_id]['base_url']; $url = "{$munin_url}/{$domain}/{$host}.{$domain}/{$graph}-day.png"; $session = curl_init(); // Initial options up here so a specific type can override them curl_setopt($session, CURLOPT_FOLLOWLOCATION, FALSE); curl_setopt($session, CURLOPT_TIMEOUT, 10); curl_setopt($session, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($session, CURLOPT_URL, $url); if (isset($_SESSION['MUNINCOOKIE'][$munin_url])) { curl_setopt($session, CURLOPT_COOKIE, $_SESSION['MUNINCOOKIE'][$munin_url]); } // Request the image $ret['contents'] = curl_exec($session); $ret['type'] = curl_getinfo($session, CURLINFO_CONTENT_TYPE); $ret['size'] = curl_getinfo($session, CURLINFO_SIZE_DOWNLOAD); curl_close($session); if ($ret['type'] != NULL) { header("Content-Type: {$ret['type']}"); } if ($ret['size'] > 0) { header("Content-Length: {$ret['size']}"); } echo $ret['contents']; }
function snmpgeneric_tabtrigger() { // display tab only on IPv4 Objects return considerConfiguredConstraint(spotEntity('object', getBypassValue()), 'IPV4OBJ_LISTSRC') ? 'std' : ''; }
function renderEditUCSForm() { startPortlet('UCS Actions'); printOpFormIntro('autoPopulateUCS'); echo '<table cellspacing=0 cellpadding=5 align=center class=widetable>'; echo "<tr><th class=tdright><label for=ucs_login>Login:</label></th>"; echo "<td class=tdleft colspan=2><input type=text name=ucs_login id=ucs_login></td></tr>\n"; echo "<tr><th class=tdright><label for=ucs_password>Password:</label></th>"; echo "<td class=tdleft colspan=2><input type=password name=ucs_password id=ucs_password></td></tr>\n"; echo "<tr><th colspan=3><input type=checkbox name=use_terminal_settings id=use_terminal_settings>"; echo "<label for=use_terminal_settings>Use Credentials from terminal_settings()</label></th></tr>\n"; echo "<tr><th class=tdright>Actions:</th><td class=tdleft>"; printImageHREF('DQUEUE sync_ready', 'Auto-populate UCS', TRUE); echo '</td><td class=tdright>'; echo "<a href='" . makeHrefProcess(array('op' => 'cleanupUCS', 'object_id' => getBypassValue())) . "' onclick=\"javascript:return confirm('Are you sure you want to cleanup UCS Domain?')\">" . getImageHREF('CLEAR', 'Clean-up UCS domain') . "</a>"; echo "</td></tr></table></form>\n"; finishPortlet(); }
function renameObjectPorts() { $object_id = getBypassValue(); $n = 0; foreach (getObjectPortsAndLinks($object_id) as $port) { $canon_pn = shortenPortName($port['name'], $port['object_id']); if ($canon_pn != $port['name']) { commitUpdatePort($object_id, $port['id'], $canon_pn, $port['oif_id'], $port['label'], $port['l2address'], $port['reservation_comment']); $n++; } } if ($n) { showSuccess("Renamed {$n} ports"); } else { showNotice("Nothing renamed"); } }
function cleanupUCS() { global $ucsproductmap; $oinfo = spotEntity('object', getBypassValue()); $contents = getObjectContentsList($oinfo['id']); $clear = TRUE; foreach ($contents as $item_id) { $o = spotEntity('object', $item_id); $attrs = getAttrValues($item_id); # use HW type to decide if the object was produced by autoPopulateUCS() if (!array_key_exists(2, $attrs) or !in_array($attrs[2]['key'], $ucsproductmap)) { showWarning('Contained object ' . mkA($o['dname'], 'object', $item_id) . ' is not an automatic UCS object'); $clear = FALSE; } } if (!$clear) { showNotice('nothing was deleted'); return; } $done = 0; foreach ($contents as $item_id) { commitDeleteObject($item_id); $done++; } showSuccess("Removed {$done} items from UCS Domain '{$oinfo['name']}'"); }