# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
#
# }}}
#
include "defs.php3";
#
# Only admin users ...
#
$this_user = CheckLoginOrDie();
$uid = $this_user->uid();
$isadmin = ISADMIN();
if (!$isadmin) {
USERERROR("You do not have permission to change login names!", 1);
}
#
# Verify page/form arguments.
#
$reqargs = RequiredPageArguments("target_user", PAGEARG_USER);
$optargs = OptionalPageArguments("submit", PAGEARG_STRING, "new_uid", PAGEARG_STRING);
$target_uid = $target_user->uid();
$target_idx = $target_user->uid_idx();
if ($target_user->status() != TBDB_USERSTATUS_UNAPPROVED) {
USERERROR("The user {$target_uid} must be " . "unapproved (but verified) to change!", 1);
}
function SPITFORM($target_user, $new_uid, $error)
{
function Show($short = 0, $sortby = "")
{
global $TBDBNAME, $TBDOCBASE, $WIKIDOCURL;
$pid = $this->pid();
$eid = $this->eid();
$nodecounts = array();
# Node counts, by class.
$query_result = DBQueryFatal("select nt.class,count(*) from reserved as r " . "left join nodes as n on n.node_id=r.node_id " . "left join node_types as nt on n.type=nt.type " . "where pid='{$pid}' and eid='{$eid}' group by nt.class");
while ($row = mysql_fetch_array($query_result)) {
$class = $row[0];
$count = $row[1];
$nodecounts[$class] = $count;
}
$query_result = DBQueryFatal("select e.*, s.archive_idx, pl.slicename, " . "round(e.minimum_nodes+.1,0) as min_nodes, " . "round(e.maximum_nodes+.1,0) as max_nodes " . " from experiments as e " . "left join experiment_stats as s on s.exptidx=e.idx " . "left join plab_slices as pl" . " on e.pid = pl.pid and e.eid = pl.eid " . "where e.pid='{$pid}' and e.eid='{$eid}'");
if (($exprow = mysql_fetch_array($query_result)) == 0) {
TBERROR("Experiment {$eid} in project {$pid} is gone!\n", 1);
}
$exp_gid = $exprow["gid"];
$exp_name = $exprow["expt_name"];
$exp_swapped = $exprow["expt_swapped"];
$exp_swapuid = $exprow["expt_swap_uid"];
$exp_end = $exprow["expt_end"];
$exp_created = $exprow["expt_created"];
$exp_head = $exprow["expt_head_uid"];
$exp_swapper = $exprow["swapper_idx"];
$exp_state = $exprow["state"];
$exp_shared = $exprow["shared"];
$exp_path = $exprow["path"];
$batchmode = $exprow["batchmode"];
$canceled = $exprow["canceled"];
$attempts = $exprow["attempts"];
$expt_locked = $exprow["expt_locked"];
$priority = $exprow["priority"];
$swappable = $exprow["swappable"];
$noswap_reason = $exprow["noswap_reason"];
$idleswap = $exprow["idleswap"];
$idleswap_timeout = $exprow["idleswap_timeout"];
$noidleswap_reason = $exprow["noidleswap_reason"];
$autoswap = $exprow["autoswap"];
$autoswap_timeout = $exprow["autoswap_timeout"];
$idle_ignore = $exprow["idle_ignore"];
$savedisk = $exprow["savedisk"];
$swapreqs = $exprow["swap_requests"];
$lastswapreq = $exprow["last_swap_req"];
$minnodes = $exprow["min_nodes"];
$maxnodes = $exprow["max_nodes"];
$virtnodes = $exprow["virtnode_count"];
$syncserver = $exprow["sync_server"];
$mem_usage = $exprow["mem_usage"];
$cpu_usage = $exprow["cpu_usage"];
$exp_slice = $exprow["slicename"];
$linktest_level = $exprow["linktest_level"];
$linktest_pid = $exprow["linktest_pid"];
$usemodelnet = $exprow["usemodelnet"];
$mnet_cores = $exprow["modelnet_cores"];
$mnet_edges = $exprow["modelnet_edges"];
$lockdown = $exprow["lockdown"];
$skipvlans = $exprow["skipvlans"];
$exptidx = $exprow["idx"];
$archive_idx = $exprow["archive_idx"];
$dpdb = $exprow["dpdb"];
$dpdbname = $exprow["dpdbname"];
$dpdbpassword = $exprow["dpdbpassword"];
$uuid = $exprow["eid_uuid"];
$paniced = $exprow["paniced"];
$panic_date = $exprow["panic_date"];
$autoswap_hrs = $autoswap_timeout / 60.0;
$idleswap_hrs = $idleswap_timeout / 60.0;
$noswap = "({$noswap_reason})";
$noidleswap = "({$noidleswap_reason})";
$autoswap_str = $autoswap_hrs . " hour" . ($autoswap_hrs == 1 ? "" : "s");
$idleswap_str = $idleswap_hrs . " hour" . ($idleswap_hrs == 1 ? "" : "s");
if (!($head_user = User::Lookup($exp_head))) {
TBERROR("Error getting object for user {$exp_head}", 1);
}
$showuser_url = CreateURL("showuser", $head_user);
if (!($swapper = User::Lookup($exp_swapper))) {
TBERROR("Error getting object for user {$exp_swapper}", 1);
}
$swapper_uid = $swapper->uid();
$swapper_url = CreateURL("showuser", $swapper);
if ($swappable) {
$swappable = "Yes";
} else {
$swappable = "<b>No</b> {$noswap}";
}
if ($idleswap) {
$idleswap = "Yes (after {$idleswap_str})";
} else {
$idleswap = "<b>No</b> {$noidleswap}";
}
if ($autoswap) {
$autoswap = "<b>Yes</b> (after {$autoswap_str})";
} else {
$autoswap = "No";
}
if ($idle_ignore) {
$idle_ignore = "<b>Yes</b>";
} else {
$idle_ignore = "No";
}
if ($savedisk) {
$savedisk = "<b>Yes</b>";
} else {
$savedisk = "No";
}
if ($expt_locked) {
$expt_locked = "({$expt_locked})";
} else {
$expt_locked = "";
}
$query_result = DBQueryFatal("select cause_desc " . "from experiment_stats as s,errors,causes " . "where s.exptidx = {$exptidx} " . "and errors.cause = causes.cause " . "and s.last_error = errors.session");
if ($row = mysql_fetch_array($query_result)) {
$err_cause = $row[0];
} else {
$err_cause = '';
}
#
# Generate the table.
#
echo "<table align=center border=1>\n";
if (!$short) {
$thisurl = CreateURL("showexp", $this);
echo "<tr>\n <td>Name: </td>\n <td class=left><a href='{$thisurl}'>{$eid}</a></td>\n </tr>\n";
echo "<tr>\n <td>Description: </td>\n <td class=\"left\">{$exp_name}</td>\n </tr>\n";
echo "<tr>\n <td>Project: </td>\n <td class=\"left\">\n <a href='showproject.php3?pid={$pid}'>{$pid}</a></td>\n </tr>\n";
echo "<tr>\n <td>Group: </td>\n <td class=\"left\">\n <a href='showgroup.php3?pid={$pid}&gid={$exp_gid}'>{$exp_gid}</a>\n </td>\n </tr>\n";
if (isset($exp_slice)) {
echo "<tr>\n <td>Planetlab Slice: </td>\n <td class=\"left\">{$exp_slice}</td>\n </tr>\n";
}
}
echo "<tr>\n <td>Creator: </td>\n <td class=\"left\">\n <a href='{$showuser_url}'>{$exp_head}</a></td>\n </tr>\n";
if (!$swapper->SameUser($head_user)) {
echo "<tr>\n <td>Swapper: </td>\n <td class=\"left\">\n <a href='{$swapper_url}'>{$swapper_uid}</a></td>\n </tr>\n";
}
if (!$short) {
$instance = TemplateInstance::LookupByExptidx($exptidx);
if (!is_null($instance)) {
$guid = $instance->guid();
$vers = $instance->vers();
echo "<tr>\n <td>Template: </td>\n <td class=\"left\">\n <a href='template_show.php?guid={$guid}&version={$vers}'>\n {$guid}/{$vers}</a>";
if ($instance->runidx()) {
$runidx = $instance->runidx();
$runid = $instance->GetRunID($runidx);
$url = CreateURL("experimentrun_show", $instance, "runidx", $runidx);
echo " (Current Run:\n <a href='{$url}'>{$runid}</a>)</td>";
} else {
$runidx = $instance->LastRunIdx();
$runid = $instance->GetRunID($runidx);
$url = CreateURL("experimentrun_show", $instance, "runidx", $runidx);
echo " (Last Run:\n <a href='{$url}'>{$runid}</a>)</td>";
}
echo "</tr>\n";
}
echo "<tr>\n <td>Created: </td>\n <td class=\"left\">{$exp_created}</td>\n </tr>\n";
if ($exp_swapped) {
echo "<tr>\n <td>Last Swap/Modify: </td>\n <td class=\"left\">{$exp_swapped}\n (<a href='{$swapper_url}'>{$swapper_uid}</a>)</td>\n </tr>\n";
}
if (ISADMIN()) {
echo "<tr>\n <td><a href='{$WIKIDOCURL}/Swapping#swapping'>Swappable:</a></td>\n <td class=\"left\">{$swappable}</td>\n </tr>\n";
}
echo "<tr>\n <td><a href='{$WIKIDOCURL}/Swapping#idleswap'>Idle-Swap:</a></td>\n <td class=\"left\">{$idleswap}</td>\n </tr>\n";
echo "<tr>\n <td><a href='{$WIKIDOCURL}/Swapping#autoswap'>Max. Duration:</a></td>\n <td class=\"left\">{$autoswap}</td>\n </tr>\n";
echo "<tr>\n <td><a href='{$WIKIDOCURL}/Swapping#swapstatesave'>Save State:</a></td>\n <td class=\"left\">{$savedisk}</td>\n </tr>\n";
if (ISADMIN()) {
echo "<tr>\n <td>Idle Ignore:</td>\n <td class=\"left\">{$idle_ignore}</td>\n </tr>\n";
}
echo "<tr>\n <td>Path: </td>\n <td class=left>{$exp_path}</td>\n </tr>\n";
echo "<tr>\n <td>Status: </td>\n <td id=exp_state class=\"left\">{$exp_state} {$expt_locked}</td>\n </tr>\n";
if ($err_cause) {
echo "<tr>\n <td>Last Error: </td>\n <td class=\"left\"><a href=\"showlasterror.php3?pid={$pid}&eid={$eid}\">{$err_cause}</a></td>\n </tr>\n";
}
if ($paniced) {
echo "<tr>\n <td>Paniced on: </td>\n <td class=left>{$panic_date}</td>\n </tr>\n";
}
if ($linktest_pid) {
$linktest_running = "<b>(Linktest Running)</b>";
} else {
$linktest_running = "";
}
echo "<tr>\n <td><a href='{$WIKIDOCURL}/linktest'>" . "Linktest Level</a>: </td>\n <td class=\"left\">{$linktest_level} {$linktest_running}</td>\n </tr>\n";
}
if (count($nodecounts)) {
echo "<tr>\n <td>Reserved Nodes: </td>\n <td class=\"left\">\n";
while (list($class, $count) = each($nodecounts)) {
echo "{$count} ({$class}) ";
}
echo " </td>\n </tr>\n";
} elseif (!$short) {
if ($minnodes != "") {
echo "<tr>\n <td>Min/Max Nodes: </td>\n <td class=\"left\"><font color=green>\n {$minnodes}/{$maxnodes} (estimates)</font></td>\n </tr>\n";
} else {
echo "<tr>\n <td>Minumum Nodes: </td>\n <td class=\"left\"><font color=green>Unknown</font></td>\n </tr>\n";
}
if ($virtnodes) {
echo "<tr>\n <td>Virtual Nodes: </td>\n <td class=\"left\"><font>\n {$virtnodes}</font></td>\n </tr>\n";
} else {
echo "<tr>\n <td>Virtual Nodes: </td>\n <td class=\"left\"><font color=green>Unknown</font></td>\n </tr>\n";
}
}
if (!$short) {
if ($mem_usage || $cpu_usage) {
echo "<tr>\n <td>Mem Usage Est: </td>\n <td class=\"left\">{$mem_usage}</td>\n </tr>\n";
echo "<tr>\n <td>CPU Usage Est: </td>\n <td class=\"left\">{$cpu_usage}</td>\n </tr>\n";
}
$lastact = $this->LastAct();
$idletime = $this->IdleTime();
$stale = $this->IdleStale();
if ($lastact != -1) {
echo "<tr>\n <td>Last Activity: </td>\n <td class=\"left\">{$lastact}</td>\n </tr>\n";
if ($stale) {
$str = "(stale)";
} else {
$str = "";
}
echo "<tr>\n <td>Idle Time: </td>\n <td class=\"left\">{$idletime} hours {$str}</td>\n </tr>\n";
}
if (!($swapreqs == "" || $swapreqs == 0)) {
echo "<tr>\n <td>Swap Requests: </td>\n <td class=\"left\">{$swapreqs}</td>\n </tr>\n";
echo "<tr>\n <td>Last Swap Req.: </td>\n <td class=\"left\">{$lastswapreq}</td>\n </tr>\n";
}
$lockflip = $lockdown ? 0 : 1;
$lockval = $lockdown ? "Yes" : "No";
echo "<tr>\n <td>Locked Down:</td>\n <td>{$lockval} (<a href=toggle.php?pid={$pid}&eid={$eid}" . "&type=lockdown&value={$lockflip}>Toggle</a>)\n </td>\n </tr>\n";
if (ISADMIN() || STUDLY() || OPSGUY()) {
$thisflip = $skipvlans ? 0 : 1;
$flipval = $skipvlans ? "Yes" : "No";
echo "<tr>\n <td>Skip Vlans:</td>\n <td>{$flipval} (<a href=toggle.php?pid={$pid}&eid={$eid}" . "&type=skipvlans&value={$thisflip}>Toggle</a>)\n </td>\n </tr>\n";
}
}
if ($batchmode) {
echo "<tr>\n <td>Batch Mode: </td>\n <td class=\"left\">Yes</td>\n </tr>\n";
echo "<tr>\n <td>Start Attempts: </td>\n <td class=\"left\">{$attempts}</td>\n </tr>\n";
}
if ($canceled) {
echo "<tr>\n <td>Cancel Flag: </td>\n <td class=\"left\">{$canceled}</td>\n </tr>\n";
}
if (!$short) {
if (ISADMIN()) {
echo "<tr>\n <td>UUID: </td>\n <td class=left>{$uuid}</td>\n </tr>\n";
}
if ($usemodelnet) {
echo "<tr>\n <td>Use Modelnet: </td>\n <td class=\"left\">Yes</td>\n </tr>\n";
echo "<tr>\n <td>Modelnet Phys Core Nodes: </td>\n <td class=\"left\">{$mnet_cores}</td>\n </tr>\n";
echo "<tr>\n <td>Modelnet Phys Edge Nodes: </td>\n <td class=\"left\">{$mnet_edges}</td>\n </tr>\n";
}
if (isset($syncserver)) {
echo "<tr>\n <td>Sync Server: </td>\n <td class=\"left\">{$syncserver}</td>\n </tr>\n";
}
if ($dpdb && $dpdbname && $dpdbpassword) {
echo "<tr>\n <td>DataBase Name: </td>\n <td class=\"left\">{$dpdbname}</td>\n </tr>\n";
echo "<tr>\n <td>DataBase User: </td>\n <td class=\"left\">E{$exptidx}</td>\n </tr>\n";
echo "<tr>\n <td>DataBase Password: </td>\n <td class=\"left\">{$dpdbpassword}</td>\n </tr>\n";
}
echo "<tr>\n <td>Index: </td>\n <td class=\"left\">{$exptidx}";
if ($archive_idx) {
echo " ({$archive_idx}) ";
}
echo " </td>\n </tr>\n";
}
if (!$short) {
if ($this->geniflags()) {
$slice = GeniSlice::Lookup("geni-cm", $uuid);
if ($slice) {
$slice_hrn = $slice->hrn();
$slice_urn = $slice->urn();
if (ISADMIN()) {
$url = CreateURL("showslice", "slice_idx", $slice->idx(), "showtype", "cm");
echo "<tr>\n <td>Geni Slice (CM): </td>\n <td class=\"left\">\n <a href='{$url}'>{$slice_urn}</a></td>\n </tr>\n";
} else {
echo "<tr>\n <td>Geni Slice (CM): </td>\n <td class=\"left\">{$slice_urn}</td>\n </tr>\n";
}
}
} else {
$slice = GeniSlice::LookupByExperiment("geni-sa", $this);
if ($slice) {
$slice_hrn = $slice->hrn();
$slice_urn = $slice->urn();
if (ISADMIN()) {
$url = CreateURL("showslice", "slice_idx", $slice->idx(), "showtype", "sa");
echo "<tr>\n <td>Geni Slice (SA): </td>\n <td class=\"left\">\n <a href='{$url}'>{$slice_urn}</a></td>\n </tr>\n";
} else {
echo "<tr>\n <td>Geni Slice (SA): </td>\n <td class=\"left\">{$slice_urn}</td>\n </tr>\n";
}
$slice = GeniSlice::Lookup("geni-cm", $slice_hrn);
if ($slice) {
if (ISADMIN()) {
$url = CreateURL("showslice", "slice_idx", $slice->idx(), "showtype", "cm");
echo "<tr>\n <td>Geni Slice (CM): </td>\n <td class=\"left\">\n <a href='{$url}'>{$slice_urn}</a></td>\n </tr>\n";
} else {
echo "<tr>\n <td>Geni Slice (SA): </td>\n <td class=\"left\">{$slice_urn}</td>\n </tr>\n";
}
}
}
}
}
echo "</table>\n";
}
function AccessCheck($user, $access_type)
{
global $TB_IMAGEID_READINFO;
global $TB_IMAGEID_MODIFYINFO;
global $TB_IMAGEID_DESTROY;
global $TB_IMAGEID_ACCESS;
global $TB_IMAGEID_EXPORT;
global $TB_IMAGEID_MIN;
global $TB_IMAGEID_MAX;
global $TBDB_TRUST_USER;
global $TBDB_TRUST_GROUPROOT;
global $TBDB_TRUST_LOCALROOT;
$mintrust = $TB_IMAGEID_READINFO;
if ($access_type < $TB_IMAGEID_MIN || $access_type > $TB_IMAGEID_MAX) {
TBERROR("Invalid access type {$access_type}!", 1);
}
#
# Admins do whatever they want!
#
if (ISADMIN()) {
return 1;
}
$shared = $this->shared();
$global = $this->isglobal();
$imageid = $this->imageid();
$pid = $this->pid();
$gid = $this->gid();
$uid = $user->uid();
$uid_idx = $user->uid_idx();
$pid_idx = $user->uid_idx();
$gid_idx = $user->uid_idx();
#
# Global ImageIDs can be read by anyone but written with permission.
#
if ($global) {
if ($access_type == $TB_IMAGEID_READINFO) {
return 1;
}
}
#
# Otherwise must have proper trust in the project.
#
if ($access_type == $TB_IMAGEID_READINFO) {
$mintrust = $TBDB_TRUST_USER;
#
# Shared imageids are readable by anyone in the project.
#
if ($shared) {
$gid = $pid;
}
} else {
$mintrust = $TBDB_TRUST_LOCALROOT;
}
if (TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust) || TBMinTrust(TBGrpTrust($uid, $pid, $pid), $TBDB_TRUST_GROUPROOT)) {
return 1;
}
# No point in looking further; never allowed.
if ($access_type == $TB_IMAGEID_EXPORT) {
return 0;
}
#
# Look in the image permissions. First look for a user permission,
# then look for a group permission.
#
$query_result = DBQueryFatal("select allow_write from image_permissions " . "where imageid='{$imageid}' and " . " permission_type='user' and " . " permission_idx='{$uid_idx}'");
if (mysql_num_rows($query_result)) {
$row = mysql_fetch_array($query_result);
# Only allowed to read.
if ($access_type == $TB_IMAGEID_READINFO || $access_type == $TB_IMAGEID_ACCESS) {
return 1;
}
}
$trust_none = TBDB_TRUSTSTRING_NONE;
$query_result = DBQueryFatal("select allow_write from group_membership as g " . "left join image_permissions as p on " . " p.permission_type='group' and " . " p.permission_idx=g.gid_idx " . "where g.uid_idx='{$uid_idx}' and " . " p.imageid='{$imageid}' and " . " trust!='{$trust_none}'");
if (mysql_num_rows($query_result)) {
# Only allowed to read.
if ($access_type == $TB_IMAGEID_READINFO || $access_type == $TB_IMAGEID_ACCESS) {
return 1;
}
}
return 0;
}
function ProjectAccessList($access_type)
{
global $TB_PROJECT_CREATEEXPT;
global $TB_PROJECT_MAKEOSID;
global $TB_PROJECT_MAKEIMAGEID;
global $TB_PROJECT_MAKEGROUP;
global $TB_PROJECT_READINFO;
$uid_idx = $this->uid_idx();
$result = array();
$user_clause = "where uid_idx='{$uid_idx}' and";
$trust_clause = "";
# Constants.
$trust_none = TBDB_TRUSTSTRING_NONE;
$trust_user = TBDB_TRUSTSTRING_USER;
$trust_local = TBDB_TRUSTSTRING_LOCALROOT;
$trust_group = TBDB_TRUSTSTRING_GROUPROOT;
$trust_project = TBDB_TRUSTSTRING_PROJROOT;
if ($access_type == $TB_PROJECT_READINFO) {
$trust_clause = "trust!='{$trust_none}'";
} elseif ($access_type == $TB_PROJECT_MAKEGROUP) {
$trust_clause = "trust='{$trust_project}'";
} elseif ($access_type == $TB_PROJECT_CREATEEXPT) {
$trust_clause = "(trust='{$trust_project}' or trust='{$trust_group}' or " . " trust='{$trust_local}')";
} elseif ($access_type == $TB_PROJECT_MAKEOSID || $access_type == $TB_PROJECT_MAKEIMAGEID) {
if (ISADMIN()) {
$user_clause = "";
} else {
$trust_clause = "(trust='{$trust_project}' or trust='{$trust_group}' or " . " trust='{$trust_local}')";
}
} else {
TBERROR("Invalid access type {$access_type}!", 1);
}
$query_result = DBQueryFatal("SELECT distinct pid,gid FROM group_membership " . "{$user_clause} {$trust_clause} order by pid");
if (mysql_num_rows($query_result) == 0) {
return $result;
}
while ($row = mysql_fetch_array($query_result)) {
$pid = $row['pid'];
$gid = $row['gid'];
$result[$pid][] = $gid;
}
return $result;
}
# Proper idleswap timeout must be provided.
if (!isset($formfields["exp_idleswap_timeout"]) || !preg_match("/^[\\d]+\$/", $formfields["exp_idleswap_timeout"]) || $formfields["exp_idleswap_timeout"] + 0 <= 0 || $formfields["exp_idleswap_timeout"] + 0 > $idleswaptimeout) {
$errors["Idleswap"] = "Invalid time provided - " . "must be non-zero and less than {$idleswaptimeout}";
}
if (!isset($formfields["exp_autoswap"]) || strcmp($formfields["exp_autoswap"], "1")) {
if (!ISADMIN()) {
$errors["Max. Duration"] = "You must ask testbed operations to disable this";
}
$formfields["exp_autoswap"] = 0;
} else {
$formfields["exp_autoswap"] = 1;
if (!isset($formfields["exp_autoswap_timeout"]) || !preg_match("/^[\\d]+\$/", $formfields["exp_idleswap_timeout"]) || $formfields["exp_autoswap_timeout"] + 0 <= 0) {
$errors["Max. Duration"] = "No or invalid time provided";
}
# The user can override autoswap timeout, but limit unless an admin.
if ($formfields["exp_autoswap_timeout"] > $autoswap_max && !ISADMIN()) {
$errors["Max. Duration"] = "{$autoswap_max} hours maximum - " . "you must ask testbed operations for more";
}
}
#
# Linktest option
#
if (isset($formfields["exp_linktest"]) && $formfields["exp_linktest"] != "") {
if (!preg_match("/^[\\d]+\$/", $formfields["exp_linktest"]) || $formfields["exp_linktest"] < 0 || $formfields["exp_linktest"] > 4) {
$errors["Linktest Option"] = "Invalid level selection";
}
}
#
# If any errors, stop now. pid/eid/gid must be okay before continuing.
#
if (count($errors)) {
function AccessCheck($user, $access_type)
{
global $TB_OSID_READINFO;
global $TB_OSID_MODIFYINFO;
global $TB_OSID_DESTROY;
global $TB_OSID_MIN;
global $TB_OSID_MAX;
global $TBDB_TRUST_USER;
global $TBDB_TRUST_LOCALROOT;
$mintrust = $TB_OSID_READINFO;
if ($access_type < $TB_OSID_MIN || $access_type > $TB_OSID_MAX) {
TBERROR("Invalid access type {$access_type}!", 1);
}
#
# Admins do whatever they want!
#
if (ISADMIN()) {
return 1;
}
#
# No GIDs yet.
#
$pid = $this->pid();
$shared = $this->shared();
$uid = $user->uid();
#
# Global OSIDs can be read by anyone.
#
if ($shared) {
if ($access_type == $TB_OSID_READINFO) {
return 1;
}
return 0;
}
#
# Otherwise must have proper trust in the project.
#
if ($access_type == $TB_OSID_READINFO) {
$mintrust = $TBDB_TRUST_USER;
} else {
$mintrust = $TBDB_TRUST_LOCALROOT;
}
#
# Need the project object to complete this test.
#
if (!($project = Project::Lookup($pid))) {
TBERROR("Could not map project {$pid} to its object", 1);
}
if (TBMinTrust($project->UserTrust($user), $mintrust)) {
return 1;
} elseif (!$this->ezid()) {
return 0;
}
#
# If this is an ez image, look in the image permissions.
# First look for a user permission, then look for a group permission.
#
$osid = $this->osid();
$uid_idx = $user->uid_idx();
$trust_none = TBDB_TRUSTSTRING_NONE;
$query_result = DBQueryFatal("select allow_write from image_permissions " . "where imageid='{$osid}' and " . " permission_type='user' and " . " permission_idx='{$uid_idx}'");
if (mysql_num_rows($query_result)) {
$row = mysql_fetch_array($query_result);
# Only allowed to read.
if ($access_type == $TB_OSID_READINFO) {
return 1;
}
}
$trust_none = TBDB_TRUSTSTRING_NONE;
$query_result = DBQueryFatal("select allow_write from group_membership as g " . "left join image_permissions as p on " . " p.permission_type='group' and " . " p.permission_idx=g.gid_idx " . "where g.uid_idx='{$uid_idx}' and " . " p.imageid='{$osid}' and " . " trust!='{$trust_none}'");
if (mysql_num_rows($query_result)) {
# Only allowed to read.
if ($access_type == $TB_OSID_READINFO) {
return 1;
}
}
return 0;
}
function Show()
{
global $OURDOMAIN;
global $MAILMANSUPPORT;
echo "<center>\n <h3>Group Profile</h3>\n </center>\n <table align=center border=1>\n";
$pid = $this->pid();
$gid = $this->gid();
$gid_idx = $this->gid_idx();
$created = $this->created();
$leader = $this->leader();
$description = $this->description();
$expt_count = $this->expt_count();
$expt_last = $this->expt_last();
$unix_gid = $this->unix_gid();
$unix_name = $this->unix_name();
$uuid = $this->uuid();
if ($this->IsProjectGroup()) {
$mail = "{$pid}" . "-users@" . $OURDOMAIN;
} else {
$mail = "{$pid}-{$gid}" . "-users@" . $OURDOMAIN;
}
if (!$expt_last) {
$expt_last = " ";
}
if (!($leader_user = $this->GetLeader())) {
TBERROR("Could not lookup object for user {$leader}", 1);
}
$showuser_url = CreateURL("showuser", $leader_user);
echo "<tr>\n <td>GID: </td>\n <td class=\"left\">\n <a href='showgroup.php3?pid={$pid}&gid={$gid}'>{$gid} ({$gid_idx})" . "</a></td>\n </tr>\n";
echo "<tr>\n <td>PID: </td>\n <td class=\"left\">\n <a href='showproject.php3?pid={$pid}'>{$pid}</a></td>\n </tr>\n";
echo "<tr>\n <td>Description: </td>\n <td class=\"left\">{$description}</td>\n </tr>\n";
echo "<tr>\n <td>Unix GID: </td>\n <td class=\"left\">{$unix_gid}</td>\n </tr>\n";
echo "<tr>\n <td>Unix Group Name: </td>\n <td class=\"left\">{$unix_name}</td>\n </tr>\n";
echo "<tr>\n <td>Group Leader: </td>\n <td class=\"left\">\n <a href='{$showuser_url}'>{$leader}</a></td>\n </tr>\n";
if ($MAILMANSUPPORT) {
$mmurl = "gotommlist.php3?pid={$pid}&gid={$gid}";
echo "<tr>\n <td>Email List:</td>\n <td class=\"left\">\n <a href='{$mmurl}'>{$mail}</a> ";
if (ISADMIN()) {
$mmurl .= "&wantadmin=1";
echo "<a href='{$mmurl}'>(admin page)</a>";
}
echo " </td>\n </tr>\n";
} else {
echo "<tr>\n <td>Email List: </td>\n <td class=\"left\">{$mail}</td>\n </tr>\n";
}
if (ISADMIN()) {
echo "<tr>\n <td>UUID: </td>\n <td class=left>{$uuid}</td>\n </tr>\n";
}
echo "<tr>\n <td>Created: </td>\n <td class=\"left\">{$created}</td>\n </tr>\n";
echo "<tr>\n <td>Experiments Created:</td>\n <td class=\"left\">{$expt_count}</td>\n </tr>\n";
echo "<tr>\n <td>Date of last experiment:</td>\n <td class=\"left\">{$expt_last}</td>\n </tr>\n";
echo "</table>\n";
}
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
#
# }}}
#
include "defs.php3";
#
# Only known and logged in users allowed.
#
$this_user = CheckLoginOrDie();
if (!ISADMIN()) {
USERERROR("You do not have permission to do this!", 1);
}
#
# Verify arguments.
#
$reqargs = RequiredPageArguments("target_user", PAGEARG_USER);
$target_uid = $target_user->uid();
if (DOLOGIN_MAGIC($target_user->uid(), $target_user->uid_idx()) < 0) {
USERERROR("Could not log you in as {$target_uid}", 1);
}
# So the menu and headers get spit out properly.
$_COOKIE[$TBNAMECOOKIE] = $target_uid;
PAGEHEADER("SU as User");
echo "<center>";
echo "<br><br>";
function Show()
{
$metadata_guid = $this->guid();
$metadata_vers = $this->vers();
$created = $this->created();
$metadata_name = $this->name();
$metadata_value = $this->value();
$metadata_type = $this->type();
echo "<table align=center cellpadding=2 cellspacing=2 border=1>\n";
ShowItem("GUID", "{$metadata_guid}/{$metadata_vers}");
ShowItem("Name", $metadata_name);
if (ISADMIN() && isset($metadata_type)) {
ShowItem("Type", $metadata_type);
}
ShowItem("Created", $created);
if (!is_null($this->template)) {
$template_guid = $template->guid();
$template_vers = $template->vers();
ShowItem("Template", MakeLink("template", "guid={$template_guid}&version={$template_vers}", "{$template_guid}/{$template_vers}"));
}
if ($this->parent_guid()) {
$parent_guid = $this->parent_guid();
$parent_vers = $this->parent_vers();
ShowItem("Parent Version", MakeLink("metadata", "action=show&guid={$parent_guid}" . "&version={$parent_vers}", "{$parent_guid}/{$parent_vers}"));
}
echo "<tr>\n <td align=center colspan=2>\n Metadata Value\n </td>\n </tr>\n <tr>\n <td colspan=2 align=center class=left>\n <textarea readonly\n rows=10 cols=80>" . str_replace("\r", "", $metadata_value) . "</textarea>\n </td>\n </tr>\n";
echo "</table>\n";
}
function Show()
{
global $WIKISUPPORT, $CVSSUPPORT, $TBPROJ_DIR, $TBCVSREPO_DIR;
global $MAILMANSUPPORT, $OPSCVSURL, $USERNODE;
$group = $this->DefaultGroup();
$pid = $this->pid();
$proj_idx = $this->pid_idx();
$proj_created = $this->created();
$proj_name = $this->name();
$proj_URL = $this->URL();
$proj_public = YesNo($this->ispublic());
$proj_funders = $this->funders();
$proj_head_idx = $this->head_idx();
$proj_members = $this->num_members();
$proj_pcs = $this->num_pcs();
# These are now booleans, not actual counts.
$proj_linked = YesNo($this->linked_to_us());
$proj_why = nl2br($this->why());
$approved = YesNo($this->approved());
$expt_count = $this->expt_count();
$expt_last = $this->expt_last();
$wikiname = $group->wikiname();
$cvsrepo_public = $this->cvsrepo_public();
$allow_workbench = $this->allow_workbench();
# Before project approval, display ron/plab request status.
if ($this->approved()) {
$proj_ronpcs = YesNo(strpos($this->pcremote_ok(), "pcron") !== false);
$proj_plabpcs = YesNo(strpos($this->pcremote_ok(), "pcplabphys") !== false);
} else {
$proj_ronpcs = YesNo($this->num_ron());
$proj_plabpcs = YesNo($this->num_pcplab());
}
if (!($head_user = User::Lookup($proj_head_idx))) {
TBERROR("Could not lookup object for user {$proj_head_idx}", 1);
}
$showuser_url = CreateURL("showuser", $head_user);
$showproj_url = CreateURL("showproject", $this);
$proj_head_uid = $head_user->uid();
if (!$expt_last) {
$expt_last = " ";
}
echo "<center>\n <h3>Project Profile</h3>\n </center>\n <table align=center cellpadding=2 border=1>\n";
#
# Generate the table.
#
echo "<tr>\n <td>Name: </td>\n <td class=\"left\">\n <a href='{$showproj_url}'>{$pid} ({$proj_idx})</a></td>\n </tr>\n";
echo "<tr>\n <td>Description: </td>\n <td class=\"left\">{$proj_name}</td>\n </tr>\n";
echo "<tr>\n <td>Project Head: </td>\n <td class=\"left\">\n <a href='{$showuser_url}'>{$proj_head_uid}</a></td>\n </tr>\n";
echo "<tr>\n <td>URL: </td>\n <td class=\"left\">\n <a href='{$proj_URL}'>{$proj_URL}</a></td>\n </tr>\n";
if ($WIKISUPPORT && isset($wikiname)) {
$wikiurl = "gotowiki.php3?redurl={$wikiname}/WebHome";
echo "<tr>\n <td>Project Wiki:</td>\n <td class=\"left\">\n <a href='{$wikiurl}'>{$wikiname}</a></td>\n </tr>\n";
}
if ($CVSSUPPORT) {
$cvsdir = "{$TBCVSREPO_DIR}/{$pid}";
$cvsurl = "cvsweb/cvswebwrap.php3?pid={$pid}";
echo "<tr>\n <td>Project CVS Repository:</td>\n <td class=\"left\">\n {$cvsdir} <a href='{$cvsurl}'>(CVSweb)</a></td>\n </tr>\n";
$YesNo = YesNo($cvsrepo_public);
$flip = $cvsrepo_public ? 0 : 1;
echo "<tr>\n <td>CVS Repository Publically Readable?:</td>\n <td><a href=toggle.php?pid={$pid}&type=cvsrepo_public" . "&value={$flip}>{$YesNo}</a> (Click to toggle)</td>\n </tr>\n";
if ($cvsrepo_public) {
$puburl = "{$OPSCVSURL}/?cvsroot={$pid}";
$pserver = ":pserver:anoncvs@{$USERNODE}:/cvsrepos/{$pid}";
echo "<tr>\n <td>Public CVSWeb Address:</td>\n <td><a href={$puburl}>" . htmlspecialchars($puburl) . "</a></td>\n </tr>\n";
echo "<tr>\n <td>CVS pserver Address:</td>\n <td>" . htmlspecialchars($pserver) . "</td>\n </tr>\n";
}
}
if ($MAILMANSUPPORT) {
$mmurl = "gotommlist.php3?pid={$pid}";
echo "<tr>\n <td>Project Mailing List:</td>\n <td class=\"left\">\n <a href='{$mmurl}'>{$pid}-users</a> ";
if (ISADMIN()) {
$mmurl .= "&wantadmin=1";
echo "<a href='{$mmurl}'>(admin access)</a>";
}
echo " </td>\n </tr>\n";
if (ISADMIN()) {
$mmurl = "gotommlist.php3?listname={$pid}-admin&asadmin=1";
echo "<tr>\n <td>Project Admin Mailing List:</td>\n <td class=\"left\">\n <a href='{$mmurl}'>{$pid}-admin</a> ";
$mmurl = "gotommlist.php3?listname={$pid}-admin&wantadmin=1";
echo "<a href='{$mmurl}'>(admin access)</a>";
echo " </td>\n </tr>\n";
}
}
echo "<tr>\n <td>Publicly Visible: </td>\n <td class=\"left\">{$proj_public}</td>\n </tr>\n";
echo "<tr>\n <td>Link to Us?: </td>\n <td class=\"left\">{$proj_linked}</td>\n </tr>\n";
echo "<tr>\n <td>Funders: </td>\n <td class=\"left\">{$proj_funders}</td>\n </tr>\n";
echo "<tr>\n <td>#Project Members: </td>\n <td class=\"left\">{$proj_members}</td>\n </tr>\n";
echo "<tr>\n <td>#PCs: </td>\n <td class=\"left\">{$proj_pcs}</td>\n </tr>\n";
echo "<tr>\n <td>Planetlab Access: </td>\n <td class=\"left\">{$proj_plabpcs}</td>\n </tr>\n";
echo "<tr>\n <td>RON Access: </td>\n <td class=\"left\">{$proj_ronpcs}</td>\n </tr>\n";
# Fine-grained Datapository access: show node_ids over all sub-groups.
# Should probably do likewise in individual sub-group pages.
# "dp_projects" node_attributes are lists of group gid_idxs.
$query_result = DBQueryFatal("select distinct g.gid_idx, a.node_id " . " from groups as g, node_attributes as a " . "where g.pid_idx='{$proj_idx}' " . " and a.attrkey='dp_projects' " . " and FIND_IN_SET(g.gid_idx, a.attrvalue) " . "order by g.gid_idx, a.node_id");
$proj_dp_nodes = "";
while ($row = mysql_fetch_array($query_result)) {
$node_id = $row["node_id"];
if ($proj_dp_nodes) {
$proj_dp_nodes .= ", ";
}
$proj_dp_nodes .= $node_id;
}
if ($proj_dp_nodes) {
echo "<tr>\n\t\t <td>Datapository Access: </td>\n\t\t <td class=\"left\">{$proj_dp_nodes}</td>\n\t\t </tr>\n";
}
echo "<tr>\n <td>Created: </td>\n <td class=\"left\">{$proj_created}</td>\n </tr>\n";
echo "<tr>\n <td>Experiments Created:</td>\n <td class=\"left\">{$expt_count}</td>\n </tr>\n";
echo "<tr>\n <td>Date of last experiment:</td>\n <td class=\"left\">{$expt_last}</td>\n </tr>\n";
echo "<tr>\n <td>Approved?: </td>\n <td class=\"left\">{$approved}</td>\n\t </tr>\n";
if (ISADMIN()) {
$YesNo = YesNo($allow_workbench);
$flip = $allow_workbench ? 0 : 1;
echo "<tr>\n <td>Allow Workbench:</td>\n <td><a href=toggle.php?pid={$pid}&type=workbench" . "&value={$flip}>{$YesNo}</a> (Click to toggle)</td>\n </tr>\n";
}
echo "<tr>\n <td colspan='2'>Why?:</td>\n </tr>\n";
echo "<tr>\n <td colspan='2' width=600>{$proj_why}</td>\n </tr>\n";
echo "</table>\n";
}
