//} // $error = null; $message = null; if (array_key_exists("message", $_REQUEST)) { $message = $_REQUEST["message"]; } // Get the sa_url for accessing request information if (!isset($sa_url)) { $sa_url = get_first_service_of_type(SR_SERVICE_TYPE::SLICE_AUTHORITY); if (!isset($sa_url) || is_null($sa_url) || $sa_url == '') { error_log("Found no Slice Authority Service"); } } // confirm member is not already in this project $pids = get_projects_for_member($sa_url, $user, $user->account_id, true); if (isset($pids) && !is_null($pids) && in_array($project_id, $pids)) { error_log($user->prettyName() . " already in project " . $project_id); $_SESSION['lasterror'] = "You are already in this project."; relative_redirect("project.php?project_id={$project_id}"); } // confirm member has not already requested to join this project $rpids = get_requests_by_user($sa_url, $user, $user->account_id, CS_CONTEXT_TYPE::PROJECT, $project_id, RQ_REQUEST_STATUS::PENDING); if (in_array($project_id, $rpids)) { error_log($user->prettyName() . " already requested to join project " . $project_id); $_SESSION['lasterror'] = "You already requested to join that project."; relative_redirect('home.php'); } if (isset($message) && !is_null($message) && (!isset($error) || is_null($error))) { $request_id = create_request($sa_url, $user, CS_CONTEXT_TYPE::PROJECT, $project_id, RQ_REQUEST_TYPE::JOIN, $message); // FIXME: sub handle-project-request.php with handle-project-request.php?project_id=$project_id&member_id=$user->account_id&request_id=$request_id
function get_user_project_info($user_id, $name, $signer) { $sa_url = get_first_service_of_type(SR_SERVICE_TYPE::SLICE_AUTHORITY); $projects = get_projects_for_member($sa_url, $signer, $user_id, true); $project_info = lookup_project_details($sa_url, $signer, $projects); $project_data = "<b style='text-decoration: underline;'>{$name}'s projects</b><br>"; foreach ($project_info as $project_id => $project_details) { if ($project_details['expired'] != 1) { $project_data .= "<b>Project name: </b>" . $project_details[PA_PROJECT_TABLE_FIELDNAME::PROJECT_NAME] . "<br>"; $project_data .= $project_details[PA_PROJECT_TABLE_FIELDNAME::LEAD_ID] == $user_id ? "<b>{$name} is lead on this project</b><br>" : ""; $project_data .= "<button onclick='remove_from_project(\"{$user_id}\", \"{$project_id}\");'>Remove</button>"; $project_data .= "<hr style='height: 1px; background-color: #5F584E; margin: 3px'>"; } } if (count($project_info) == 0) { $project_data .= "<i>user has no projects</i>"; } return $project_data; }
function get_project_slice_member_info($sa_url, $ma_url, $user, $allow_expired = False, $project_id = null) { $member_ids = array(); $slice_ids = array(); $slice_objects = array(); $project_objects = array(); $member_objects = array(); $project_slice_map = array(); $project_activeslice_map = array(); if (!is_null($project_id)) { $projects = array($project_id); } else { // This is all project IDs the member belongs to, even expired $projects = get_projects_for_member($sa_url, $user, $user->account_id, true); } if (count($projects) > 0) { // These are the details of these projects $project_objects = lookup_project_details($sa_url, $user, $projects); // We get back all the projects. But optionally filter out expired projects. if (!$allow_expired) { $unexpired_projects = array(); $unexpired_project_objects = array(); $now = new DateTime(); foreach ($project_objects as $project) { $project_id = $project[PA_PROJECT_TABLE_FIELDNAME::PROJECT_ID]; $project_expired = $project[PA_PROJECT_TABLE_FIELDNAME::EXPIRED]; $project_name = $project[PA_PROJECT_TABLE_FIELDNAME::PROJECT_NAME]; // error_log("PEXP = " . $project_id . " " . $project_name . // " " . $project_expired); if (convert_boolean($project_expired)) { continue; } $unexpired_project_objects[] = $project; $unexpired_projects[] = $project_id; } $projects = $unexpired_projects; $project_objects = $unexpired_project_objects; } // At this point, $projects and $project_objects have all // the projects we're interested in: expired or not // Get all slices of which user is a member (expired or not) $slice_member_role_ids = get_slices_for_member($sa_url, $user, $user->account_id, True); $slice_member_ids = array(); foreach ($slice_member_role_ids as $slice_member_role_id) { //NOTE: FOR NOW ONLY ALLOW UNEXPIRED SLICES if (!$slice_member_role_id[SA_SLICE_TABLE_FIELDNAME::EXPIRED]) { $slice_member_id = $slice_member_role_id[SA_SLICE_MEMBER_TABLE_FIELDNAME::SLICE_ID]; $slice_member_ids[] = $slice_member_id; } } // $slice_member_ids is the ID's of slices to which the member belongs // This is indexed by project_id, containing an array of slice data // CHAPI: this doesn't generally work any more, since non-members aren't allowed // to get details for slices they aren't members of //$slice_data = get_slices_for_projects($sa_url, $user, $projects, $allow_expired); $slice_data = get_slices_in_projects($sa_url, $user, $slice_member_ids, $projects, $allow_expired); // error_log("SLICE_MEMBER_IDS = " . print_r($slice_member_ids, true)); // error_log("SLICE_DATA = = " . print_r($slice_data, true)); // error_log("PROJECTS = " . print_r($projects, true)); foreach ($project_objects as $project) { $project_id = $project[PA_PROJECT_TABLE_FIELDNAME::PROJECT_ID]; $proj_lead_id = $project[PA_PROJECT_TABLE_FIELDNAME::LEAD_ID]; $proj_slices = $slice_data[$project_id]; $member_ids[] = $proj_lead_id; $proj_slice_ids = array(); $proj_activeslice_ids = array(); foreach ($proj_slices as $proj_slice) { $proj_slice_id = $proj_slice[SA_SLICE_TABLE_FIELDNAME::SLICE_ID]; $proj_slice_id_expired = $proj_slice[SA_SLICE_TABLE_FIELDNAME::EXPIRED]; if (!in_array($proj_slice_id, $slice_member_ids)) { continue; } $proj_slice_ids[] = $proj_slice_id; //error_log("slice id = ". $proj_slice_id . " expired = " . $proj_slice_id_expired); if (!$proj_slice_id_expired) { //error_log("Adding active slice to list ...."); $proj_activeslice_ids[] = $proj_slice_id; } $owner_id = $proj_slice[SA_SLICE_TABLE_FIELDNAME::OWNER_ID]; if (!in_array($owner_id, $member_ids)) { $member_ids[] = $owner_id; } // Optionally filter out expired slices if (!convert_boolean($proj_slice_id_expired) || $allow_expired) { $slice_objects[$proj_slice_id] = $proj_slice; } } // $proj_slice_ids = lookup_slice_ids($sa_url, $user, $project_id); $project_slice_map[$project_id] = $proj_slice_ids; $project_activeslice_map[$project_id] = $proj_activeslice_ids; //error_log("GPSMI: project ".$project_id." ids = ".print_r($proj_activeslice_ids,true)); $slice_ids = array_merge($slice_ids, $proj_slice_ids); // is this ok } } if (count($member_ids) > 0) { $member_objects = lookup_member_details($ma_url, $user, $member_ids); } // error_log("SIDS = " . print_r($slice_ids, true)); // error_log("MIDS = " . print_r($member_ids, true)); // error_log("SMIDS = " . print_r($slice_member_ids, true)); // foreach($project_objects as $po) { error_log("PO = " . print_r($po, true)); } // foreach($slice_objects as $so) { error_log("SO = " . print_r($so, true)); } // foreach($member_objects as $mo) { error_log("MO = " . print_r($mo, true)); } // error_log("PSM = " . print_r($project_slice_map, true)); // error_log("PASM = " . print_r($project_activeslice_map, true)); // At this point, we should have // project_objects has all the projects to which the member belongs // expired or not by request // slice_objects has all the slices to which the member belongs // expired or not by request // member_objects // all the members who are leads of slices or projects in previous lists return array($project_objects, $slice_objects, $member_objects, $project_slice_map, $project_activeslice_map); }
function get_template_omni_config($user, $version, $default_project = null) { $legal_versions = array("2.3.1", "2.5"); if (!in_array($version, $legal_versions)) { /* If $version is not understood, default to omni 2.5. */ $version = "2.5"; } /* Create OMNI config file */ $username = $user->username; $urn = $user->urn(); // Get the authority from the user's URN parse_urn($urn, $authority, $type, $name); $pgchs = get_services_of_type(SR_SERVICE_TYPE::PGCH); if (count($pgchs) != 1) { error_log("am_client must have exactly one PGCH service defined to generate an omni_config"); return "Should be exactly one PGCH url."; } else { $pgch = $pgchs[0]; $PGCH_URL = $pgch[SR_TABLE_FIELDNAME::SERVICE_URL]; } $omni_config = '# This omni configuration file is for use with omni version '; $omni_config .= $version . ' or higher'; $omni_config .= "\n"; $omni_config .= "[omni]\n"; if ($version == "2.5") { $omni_config .= "default_cf = portal_chapi\n"; } if ($version == "2.3.1") { $omni_config .= "default_cf = portal\n"; } $omni_config .= "# 'users' is a comma separated list of users which should be added to a slice.\n" . "# Each user is defined in a separate section below.\n" . "users = {$username}\n"; if ($version == "2.5") { // Note this isn't necessary for omni 2.7+, where the default is True $omni_config .= "# Over-ride the commandline setting of --useSliceMembers to force it True\n" . "useslicemembers = True\n"; } $omni_config = $omni_config . "# 'default_project' is the name of the project that will be assumed\n" . "# unless '--project' is specified on the command line.\n" . "# Uncomment only one of the following lines if you want to use this feature\n"; if (!isset($sa_url)) { $sa_url = get_first_service_of_type(SR_SERVICE_TYPE::SLICE_AUTHORITY); } if (!isset($ma_url)) { $ma_url = get_first_service_of_type(SR_SERVICE_TYPE::MEMBER_AUTHORITY); } $projects = get_projects_for_member($sa_url, $user, $user->account_id, true); if (count($projects) > 0 && is_null($default_project)) { $p0 = $projects[0]; $default_project = $p0[PA_PROJECT_TABLE_FIELDNAME::PROJECT_NAME]; } foreach ($projects as $project_id) { $project = lookup_project($sa_url, $user, $project_id); $proj_name = $project[PA_PROJECT_TABLE_FIELDNAME::PROJECT_NAME]; if ($proj_name == $default_project) { $omni_config .= "default_project = {$proj_name}\n"; } else { $omni_config .= "#default_project = {$proj_name}\n"; } } $omni_config .= "\n" . "[portal_chapi]\n" . "# For use with the Uniform Federation API\n" . "# NOTE: Only works with Omni 2.5 or newer\n" . "type = chapi\n" . "# Authority part of the control framework's URN\n" . "authority={$authority}\n" . "# Where the CH API server's Clearinghouse service is listening.\n" . "# This will be used to find the MA and SA\n" . "ch=https://{$authority}:8444/CH\n" . "# Optionally you may explicitly specify where the MA and SA are\n" . "# running, in which case the Clearinghouse service is not used\n" . "# to find them\n" . "ma = {$ma_url}\n" . "sa = {$sa_url}\n" . "cert = /PATH/TO/YOUR/CERTIFICATE/AS/DOWNLOADED/FROM/PORTAL/geni-{$username}.pem\n" . "key = /PATH/TO/YOUR/CERTIFICATE/AS/DOWNLOADED/FROM/PORTAL/geni-{$username}.pem\n" . "# For debugging\n" . "verbose=false\n" . "\n"; $omni_config .= "\n" . "[portal]\n" . "type = pgch\n" . "authority={$authority}\n" . "ch = {$PGCH_URL}\n" . "sa = {$PGCH_URL}\n" . "cert = /PATH/TO/YOUR/CERTIFICATE/AS/DOWNLOADED/FROM/PORTAL/geni-{$username}.pem\n" . "key = /PATH/TO/YOUR/CERTIFICATE/AS/DOWNLOADED/FROM/PORTAL/geni-{$username}.pem\n" . "\n"; $omni_config .= "[{$username}]\n" . "urn = {$urn}\n" . "# 'keys' is a comma separated list of ssh public keys which should be added to this user's account.\n" . "keys = /PATH/TO/SSH/PUBLIC/KEY.pub\n"; $omni_config = $omni_config . "\n"; return $omni_config; }