Modified: incubator/vcl/trunk/web/.ht-inc/utils.php URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/utils.php?rev=1049551&r1=1049550&r2=1049551&view=diff ============================================================================== --- incubator/vcl/trunk/web/.ht-inc/utils.php (original) +++ incubator/vcl/trunk/web/.ht-inc/utils.php Wed Dec 15 13:43:31 2010 @@ -34,16 +34,9 @@ define("ARG_STRING", 1 << 1); define("ARG_MULTINUMERIC", 1 << 2); /// used for processInputVar, means the input variable should be an array of strings define("ARG_MULTISTRING", 1 << 3); -/// define adminlevel developer -define("ADMIN_DEVELOPER", 3); -/// define adminlevel full -define("ADMIN_FULL", 2); -/// define adminlevel none -define("ADMIN_NONE", 1); /// define semaphore key define("SEMKEY", 192365819256598); - /// global array used to hold request information between calling isAvailable /// and addRequest $requestInfo = array(); @@ -67,7 +60,7 @@ $printedHTMLheader = 0; /// //////////////////////////////////////////////////////////////////////////////// function initGlobals() { - global $mode, $user, $remoteIP, $authed, $oldmode, $viewmode, $semid; + global $mode, $user, $remoteIP, $authed, $oldmode, $semid; global $semislocked, $days, $phpVer, $keys, $pemkey, $AUTHERROR; global $passwdArray, $skin, $contdata, $lastmode, $inContinuation; global $totalQueries, $ERRORS, $queryTimes, $actions; @@ -138,7 +131,7 @@ function initGlobals() { # the user table corresponding to the user you want # logged in - # start auth check + # start auth check $authed = 0; if(array_key_exists("VCLAUTH", $_COOKIE)) { $userid = readAuthCookie(); @@ -216,20 +209,11 @@ function initGlobals() { abort(1); } } - if($user['adminlevel'] == 'developer' && - array_key_exists('VCLTESTUSER', $_COOKIE)) { - $userid = $_COOKIE['VCLTESTUSER']; - if($userid != "{$user['unityid']...@{$user['affiliation']}") { - if($testuser = getUserInfo($userid, 1)) - $user = $testuser; - } - } if(! empty($contuserid) && $user['id'] != $contuserid) abort(51); $_SESSION['user'] = $user; } - $viewmode = getViewMode($user); $affil = $user['affiliation']; @@ -324,7 +308,7 @@ function initGlobals() { /// //////////////////////////////////////////////////////////////////////////////// function checkAccess() { - global $mode, $user, $viewmode, $actionFunction, $authMechs; + global $mode, $user, $actionFunction, $authMechs; global $itecsauthkey, $ENABLE_ITECSAUTH, $actions, $noHTMLwrappers; global $inContinuation, $docreaders, $userlookupUsers; if($mode == 'xmlrpccall') { @@ -504,8 +488,8 @@ function checkAccess() { } break; case 'userLookup': - if($viewmode != ADMIN_DEVELOPER && - ! in_array($user['id'], $userlookupUsers)) { + if(! checkUserHasPerm('User Lookup (global)') && + ! checkUserHasPerm('User Lookup (affiliation only)')) { $mode = ""; $actionFunction = "main"; return; @@ -738,40 +722,6 @@ function stopSession() { //////////////////////////////////////////////////////////////////////////////// /// -/// \fn getViewMode($user) -/// -/// \param $user - an array as returned from getUserInfo -/// -/// \return user's viewmode level -/// -/// \brief determines viewmode based on $_COOKIE["VCLVIEWMODE"] and user's -/// adminlevel -/// -//////////////////////////////////////////////////////////////////////////////// -function getViewMode($user) { - if($user["adminlevelid"] == 1) { - return 1; - } - if(empty($_COOKIE["VCLVIEWMODE"])) { - return $user["adminlevelid"]; - } - $tmpviewmode = $_COOKIE["VCLVIEWMODE"]; - if($user["adminlevel"] == "developer") { - return $tmpviewmode; - } - elseif($user["adminlevel"] == "full") { - if($tmpviewmode <= ADMIN_FULL) { - return $tmpviewmode; - } - else { - return ADMIN_FULL; - } - } - return 1; -} - -//////////////////////////////////////////////////////////////////////////////// -/// /// \fn main() /// /// \brief prints a welcome screen @@ -829,7 +779,7 @@ function abort($errcode, $query="") { global $ENABLE_ITECSAUTH, $requestInfo; if($mode == 'xmlrpccall') xmlRPCabort($errcode, $query); - if(ONLINEDEBUG && $user["adminlevel"] == "developer") { + if(ONLINEDEBUG && checkUserHasPerm('View Debug Information')) { if($errcode >= 100 && $errcode < 400) { print "<font color=red>" . mysql_error($mysql_link_vcl) . "</font><br>\n"; if($ENABLE_ITECSAUTH) @@ -1484,7 +1434,7 @@ function removeNoCheckout($images) { //////////////////////////////////////////////////////////////////////////////// function getUserResources($userprivs, $resourceprivs=array("available"), $onlygroups=0, $includedeleted=0, $userid=0) { - global $user, $viewmode; + global $user; $key = getKey(array($userprivs, $resourceprivs, $onlygroups, $includedeleted, $userid)); if(array_key_exists($key, $_SESSION['userresources'])) return $_SESSION['userresources'][$key]; @@ -2212,6 +2162,9 @@ function getChildNodes($parent=DEFAULT_P //////////////////////////////////////////////////////////////////////////////// function getUserGroups($groupType=0, $affiliationid=0) { global $user; + $key = getKey(array($groupType, $affiliationid, $user['showallgroups'])); + if(array_key_exists($key, $_SESSION['usersessiondata'])) + return $_SESSION['usersessiondata'][$key]; $return = array(); $query = "SELECT ug.id, " . "ug.name, " @@ -2252,6 +2205,7 @@ function getUserGroups($groupType=0, $af $row['name'] = "{$row['name']...@{$row['groupaffiliation']}"; $return[$row["id"]] = $row; } + $_SESSION['usersessiondata'][$key] = $return; return $return; } @@ -2299,6 +2253,67 @@ function getUserEditGroups($id) { //////////////////////////////////////////////////////////////////////////////// /// +/// \fn getUserGroupPrivs($groupid='') +/// +/// \param $groupid (optional, default='') - if specified, only get permissions +/// granted to this user group; if not specified, get information about +/// all groups +/// +/// \return array of data about user group permissions where each element is an +/// array with these keys:\n +/// \b usergroup - name of user group\n +/// \b usergroupid - id of user group\n +/// \b permission - permission granted to user group\n +/// \b permid - id of permission granted to user group +/// +/// \brief builds an array of data about permissions granted to user groups +/// +//////////////////////////////////////////////////////////////////////////////// +function getUserGroupPrivs($groupid='') { + $data = array(); + $query = "SELECT ug.name AS usergroup, " + . "ugp.usergroupid, " + . "ugpt.name AS permission, " + . "ugp.userprivtypeid AS permid " + . "FROM usergroup ug, " + . "usergrouppriv ugp, " + . "usergroupprivtype ugpt " + . "WHERE ugp.usergroupid = ug.id AND " + . "ugp.userprivtypeid = ugpt.id "; + if(! empty($groupid)) + $query .= "AND ugp.usergroupid = $groupid "; + $query .= "ORDER BY ug.name, " + . "ugpt.name"; + $qh = doQuery($query, 101); + while($row = mysql_fetch_assoc($qh)) + $data[] = $row; + return $data; +} + +//////////////////////////////////////////////////////////////////////////////// +/// +/// \fn getUserGroupPrivTypes() +/// +/// \return array of information about user group permissions where each index +/// is the id of the permission and each element has these keys:\n +/// \b id - id of permission\n +/// \b name - name of permission\n +/// \b help - additional information about permission +/// +/// \brief builds an array of information about the user group permissions +/// +//////////////////////////////////////////////////////////////////////////////// +function getUserGroupPrivTypes() { + $data = array(); + $query = "SELECT id, name, help FROM usergroupprivtype ORDER BY name"; + $qh = doQuery($query, 101); + while($row = mysql_fetch_assoc($qh)) + $data[$row['id']] = $row; + return $data; +} + +//////////////////////////////////////////////////////////////////////////////// +/// /// \fn getResourceGroups($type) /// /// \param $type - (optional) a name from the resourcetype table, defaults to @@ -2987,8 +3002,6 @@ function processInputData($data, $type, /// \b IMtype - user's preferred IM protocol\n /// \b IMid - user's IM id\n /// \b id - user's id from database\n -/// \b adminlevel - user's admin level (= 'none' if no admin access)\n -/// \b adminlevelid - id for user's adminlevel\n /// \b width - pixel width for rdp files\n /// \b height - pixel height for rdp files\n /// \b bpp - color depth for rdp files\n @@ -3029,8 +3042,6 @@ function getUserInfo($id, $noupdate=0, $ . "i.name AS IMtype, " . "u.IMid AS IMid, " . "u.id AS id, " - . "a.name AS adminlevel, " - . "a.id AS adminlevelid, " . "u.width AS width, " . "u.height AS height, " . "u.bpp AS bpp, " @@ -3043,10 +3054,8 @@ function getUserInfo($id, $noupdate=0, $ . "af.shibonly " . "FROM user u, " . "IMtype i, " - . "affiliation af, " - . "adminlevel a " + . "affiliation af " . "WHERE u.IMtypeid = i.id AND " - . "u.adminlevelid = a.id AND " . "u.affiliationid = af.id AND "; if($numeric) $query .= "u.id = $id"; @@ -3062,6 +3071,7 @@ function getUserInfo($id, $noupdate=0, $ $noupdate) { # get user's groups $user["groups"] = getUsersGroups($user["id"], 1); + $user["groupperms"] = getUsersGroupPerms(array_keys($user['groups'])); checkExpiredDemoUser($user['id'], $user['groups']); @@ -3147,6 +3157,62 @@ function getUsersGroups($userid, $includ //////////////////////////////////////////////////////////////////////////////// /// +/// \fn getUsersGroupPerms($usergroupids) +/// +/// \param $usergroupids - array of user group ids +/// +/// \return array of permissions where each index is the permission id and each +/// element is the name of the permission +/// +/// \brief builds an array of all permissions granted to a user via that user's +/// user groups +/// +//////////////////////////////////////////////////////////////////////////////// +function getUsersGroupPerms($usergroupids) { + $inlist = implode(',', $usergroupids); + $query = "SELECT DISTINCT t.id, " + . "t.name " + . "FROM usergroupprivtype t, " + . "usergrouppriv u " + . "WHERE u.usergroupid IN ($inlist) AND " + . "u.userprivtypeid = t.id " + . "ORDER BY t.name"; + $perms = array(); + $qh = doQuery($query, 101); + while($row = mysql_fetch_assoc($qh)) + $perms[$row['id']] = $row['name']; + return $perms; +} + +//////////////////////////////////////////////////////////////////////////////// +/// +/// \fn checkUserHasPerm($perm, $userid=0) +/// +/// \param $perm - name of a user group permission +/// \param $userid (optional, default=0) - if specified, check for $userid +/// having $perm; otherwise, check logged in user +/// +/// \return 1 if user has $perm, 0 otherwise +/// +/// \brief checks to see if a user has been granted a permission through that +/// user's group memberships +/// +//////////////////////////////////////////////////////////////////////////////// +function checkUserHasPerm($perm, $userid=0) { + global $user; + if($userid == 0) + $perms = $user['groupperms']; + else { + $usersgroups = getUsersGroups($userid, 1); + $perms = getUsersGroupPerms(array_keys($usersgroups)); + } + if(in_array($perm, $perms)) + return 1; + return 0; +} + +//////////////////////////////////////////////////////////////////////////////// +/// /// \fn updateUserData($id, $type, $affilid) /// /// \param $id - user's unity id or id from user table @@ -3165,7 +3231,6 @@ function getUsersGroups($userid, $includ /// \b email - user's preferred email address\n /// \b IMtype - user's preferred IM protocol\n /// \b IMid - user's IM id\n -/// \b adminlevel - user's admin level (= 'none' if no admin access)\n /// \b lastupdated - datetime the information was last updated /// /// \brief looks up the logged in user's info in ldap and updates it in the db @@ -5214,7 +5279,6 @@ function getPredictiveModules() { /// //////////////////////////////////////////////////////////////////////////////// function getTimeSlots($compids, $end=0, $start=0) { - global $viewmode; if(empty($compids)) return array(); $requestid = processInputVar("requestid", ARG_NUMERIC, 0); @@ -5416,7 +5480,7 @@ function getTimeSlots($compids, $end=0, continue; } # shouldn't get here; print debug info if we do - if($viewmode == ADMIN_DEVELOPER) { + if(checkUserHasPerm('View Debug Information')) { print "******************************************************<br>\n"; print "current - " . unixToDatetime($current) . "<br>\n"; print "endtime - " . unixToDatetime($endtime) . "<br>\n"; @@ -5510,7 +5574,7 @@ function pickTimeTable() { /// //////////////////////////////////////////////////////////////////////////////// function showTimeTable($links) { - global $mode, $viewmode, $user; + global $mode, $user; $imaging = getContinuationVar('imaging', 0); if($links == 1) { $imageid = getContinuationVar('imageid'); @@ -5667,7 +5731,7 @@ function showTimeTable($links) { $tmpArr = array_keys($computers); $first = $computers[$tmpArr[0]]; print " <table id=ttlayout summary=\"\">\n"; - if(! $links || $viewmode >= ADMIN_DEVELOPER) { + if(! $links || checkUserHasPerm('View Debug Information')) { print " <TR>\n"; print " <TH align=right>Computer ID:</TH>\n"; print $computeridrow; @@ -7979,7 +8043,7 @@ function addContinuationsEntry($nextmode /// //////////////////////////////////////////////////////////////////////////////// function getContinuationsData($data) { - global $user, $continuationid; + global $user, $continuationid, $noHTMLwrappers; if(array_key_exists('continuation', $_POST)) $edata = urldecode($data); else @@ -8022,7 +8086,12 @@ function getContinuationsData($data) { . "WHERE id = '{$row['deletefromid']}' AND " . "userid = {$items[2]}"; doQuery($query, 101, 'vcl', 1); - return array('error' => 'expired'); + $rt = array('error' => 'expired'); + if(in_array($row['tomode'], $noHTMLwrappers)) + $rt['noHTMLwrappers'] = 1; + else + $rt['noHTMLwrappers'] = 0; + return $rt; } # remove if multicall is 0 @@ -8047,11 +8116,14 @@ function getContinuationsData($data) { //////////////////////////////////////////////////////////////////////////////// function continuationsError() { global $contdata, $printedHTMLheader, $HTMLheader; - if(empty($HTMLheader)) - printHTMLHeader(); - if(! $printedHTMLheader) { - $printedHTMLheader = 1; - print $HTMLheader; + if(! array_key_exists('noHTMLwrappers', $contdata) || + $contdata['noHTMLwrappers'] == 0) { + if(empty($HTMLheader)) + printHTMLHeader(); + if(! $printedHTMLheader) { + $printedHTMLheader = 1; + print $HTMLheader; + } } if(array_key_exists('error', $contdata)) { switch($contdata['error']) { @@ -8078,7 +8150,9 @@ function continuationsError() { print "steps you took that led up to this problem in your email message."; } } - printHTMLFooter(); + if(! array_key_exists('noHTMLwrappers', $contdata) || + $contdata['noHTMLwrappers'] == 0) + printHTMLFooter(); dbDisconnect(); exit; } @@ -8249,7 +8323,7 @@ function xmlRPChandler($function, $args, function xmlRPCabort($errcode, $query='') { global $mysql_link_vcl, $mysql_link_acct, $ERRORS, $user, $mode; global $XMLRPCERRORS; - if(ONLINEDEBUG && $user["adminlevel"] == "developer") { + if(ONLINEDEBUG && checkUserHasPerm('View Debug Information')) { $msg = ''; if($errcode >= 100 && $errcode < 400) { $msg .= mysql_error($mysql_link_vcl) . " $query "; @@ -8545,9 +8619,8 @@ function menulistLI($page) { /// //////////////////////////////////////////////////////////////////////////////// function sendHeaders() { - global $mode, $user, $authed, $oldmode, $viewmode, $actionFunction, $skin; + global $mode, $user, $authed, $oldmode, $actionFunction, $skin; global $shibauthed; - $setwrapreferer = processInputVar('am', ARG_NUMERIC, 0); if(! $authed && $mode == "auth") { header("Location: " . BASEURL . SCRIPT . "?mode=selectauth"); dbDisconnect(); @@ -8629,16 +8702,6 @@ function sendHeaders() { dbDisconnect(); exit; } - if($mode == "submitviewmode") { - $expire = time() + 31536000; //expire in 1 year - $newviewmode = processInputVar("viewmode", ARG_NUMERIC); - if(! empty($newviewmode) && $newviewmode <= $user['adminlevelid']) - setcookie("VCLVIEWMODE", $newviewmode, $expire, "/", COOKIEDOMAIN); - stopSession(); - header("Location: " . BASEURL . SCRIPT); - dbDisconnect(); - exit; - } if($mode == "statgraphday" || $mode == "statgraphdayconcuruser" || $mode == "statgraphdayconcurblade" || @@ -8684,7 +8747,7 @@ function sendHeaders() { /// //////////////////////////////////////////////////////////////////////////////// function printHTMLHeader() { - global $mode, $user, $authed, $oldmode, $viewmode, $HTMLheader; + global $mode, $user, $authed, $oldmode, $HTMLheader, $contdata; global $printedHTMLheader, $docreaders, $skin, $noHTMLwrappers, $actions; if($printedHTMLheader) return; @@ -8708,7 +8771,9 @@ function printHTMLHeader() { if($mode != 'selectauth' && $mode != 'submitLogin') $HTMLheader .= getHeader($refresh); - if(! in_array($mode, $noHTMLwrappers)) { + if(! in_array($mode, $noHTMLwrappers) && + (! array_key_exists('noHTMLwrappers', $contdata) || + $contdata['noHTMLwrappers'] == 0)) { print $HTMLheader; if($mode != 'inmaintenance') print maintenanceNotice(); @@ -8731,7 +8796,7 @@ function printHTMLHeader() { /// //////////////////////////////////////////////////////////////////////////////// function getNavMenu($inclogout, $inchome, $homeurl=HOMEURL) { - global $user, $viewmode, $docreaders, $authed, $userlookupUsers, $skin; + global $user, $docreaders, $authed, $userlookupUsers, $skin; global $mode; if($authed && $mode != 'expiredemouser') $computermetadata = getUserComputerMetaData(); @@ -8796,8 +8861,8 @@ function getNavMenu($inclogout, $inchome $rt .= "<a href=\"" . BASEURL . SCRIPT . "?mode=viewNodes\">"; $rt .= "Privileges</a></li>\n"; } - if($viewmode == ADMIN_DEVELOPER || - in_array($user['id'], $userlookupUsers)) { + if(checkUserHasPerm('User Lookup (global)') || + checkUserHasPerm('User Lookup (affiliation only)')) { $rt .= menulistLI('userLookup'); $rt .= "<a href=\"" . BASEURL . SCRIPT . "?mode=userLookup\">"; $rt .= "User Lookup</a></li>\n"; @@ -8807,7 +8872,7 @@ function getNavMenu($inclogout, $inchome $rt .= "<a href=\"" . BASEURL . SCRIPT . "?mode=editVMInfo\">"; $rt .= "Virtual Hosts</a></li>\n"; } - if($viewmode == ADMIN_DEVELOPER) { + if(checkUserHasPerm('Schedule Site Maintenance')) { $rt .= menulistLI('sitemaintenance'); $rt .= "<a href=\"" . BASEURL . SCRIPT . "?mode=siteMaintenance\">"; $rt .= "Site Maintenance</a></li>\n"; @@ -8815,7 +8880,8 @@ function getNavMenu($inclogout, $inchome $rt .= menulistLI('statistics'); $rt .= "<a href=\"" . BASEURL . SCRIPT . "?mode=selectstats\">"; $rt .= "Statistics</a></li>\n"; - if($viewmode == ADMIN_DEVELOPER) { + if(checkUserHasPerm('View Dashboard (global)') || + checkUserHasPerm('View Dashboard (affiliation only)')) { $rt .= menulistLI('dashboard'); $rt .= "<a href=\"" . BASEURL . SCRIPT . "?mode=dashboard\">"; $rt .= "Dashboard</a></li>\n"; @@ -8885,6 +8951,8 @@ function getDojoHTML($refresh) { 'dijit.form.TextBox', 'dijit.Tooltip', 'dijit.Dialog', + 'dijit.layout.ContentPane', + 'dijit.layout.TabContainer', 'dojo.parser'); break; case 'newRequest':
Modified: incubator/vcl/trunk/web/.ht-inc/vcldocs.php URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/vcldocs.php?rev=1049551&r1=1049550&r2=1049551&view=diff ============================================================================== --- incubator/vcl/trunk/web/.ht-inc/vcldocs.php (original) +++ incubator/vcl/trunk/web/.ht-inc/vcldocs.php Wed Dec 15 13:43:31 2010 @@ -31,7 +31,7 @@ $actions['mode']['viewdocs'] = "viewDocs /// //////////////////////////////////////////////////////////////////////////////// function viewDocs() { - global $user, $docreaders, $viewmode; + global $user, $docreaders; if(! (in_array("userGrant", $user["privileges"]) || in_array("resourceGrant", $user["privileges"]) || in_array("nodeAdmin", $user["privileges"]) || @@ -59,7 +59,7 @@ function viewDocs() { while($row = mysql_fetch_assoc($qh)) $docs[$row['name']] = $row['title']; - if($viewmode == ADMIN_DEVELOPER || in_array($user['id'], $doceditors)) { + if(in_array($user['id'], $doceditors)) { $cdata = array('submode' => 'newpage'); $cont = addContinuationsEntry('editdoc', $cdata); print "[ <a href=\"" . BASEURL . SCRIPT . "?continuation=$cont\">"; @@ -127,7 +127,7 @@ function showXmlrpcExample() { /// //////////////////////////////////////////////////////////////////////////////// function showDatabaseDoc($item) { - global $viewmode, $user; + global $user; $query = "SELECT title, data FROM documentation WHERE name = '$item'"; $qh = doQuery($query, 101); if(! ($row = mysql_fetch_assoc($qh))) { @@ -135,7 +135,7 @@ function showDatabaseDoc($item) { print "Failed to retrieve documentation for \"$item\".<br>\n"; return; } - if($viewmode == ADMIN_DEVELOPER || in_array($user['id'], $doceditors)) { + if(in_array($user['id'], $doceditors)) { $cdata = array('item' => $item, 'submode' => 'newpage'); $cont = addContinuationsEntry('editdoc', $cdata); @@ -166,9 +166,9 @@ function showDatabaseDoc($item) { /// //////////////////////////////////////////////////////////////////////////////// function editDoc() { - global $viewmode, $user; + global $user; $item = getContinuationVar('item'); - if($viewmode != ADMIN_DEVELOPER && ! in_array($user['id'], $doceditors)) { + if(! in_array($user['id'], $doceditors)) { showDatabaseDoc($item); return; } @@ -223,10 +223,10 @@ function editDoc() { /// //////////////////////////////////////////////////////////////////////////////// function confirmEditDoc() { - global $viewmode, $mysql_link_vcl, $contdata; + global $mysql_link_vcl, $contdata; $item = getContinuationVar('item'); $newedit = getContinuationVar('newedit'); - if($viewmode != ADMIN_DEVELOPER && ! in_array($user['id'], $doceditors)) { + if(! in_array($user['id'], $doceditors)) { showDatabaseDoc($item); return; } @@ -271,10 +271,10 @@ function confirmEditDoc() { /// //////////////////////////////////////////////////////////////////////////////// function submitEditDoc() { - global $viewmode, $mysql_link_vcl; + global $mysql_link_vcl; $item = getContinuationVar('item'); $newedit = getContinuationVar('newedit'); - if($viewmode != ADMIN_DEVELOPER && ! in_array($user['id'], $doceditors)) { + if(! in_array($user['id'], $doceditors)) { showDatabaseDoc($item); return; } @@ -331,9 +331,8 @@ function submitEditDoc() { /// //////////////////////////////////////////////////////////////////////////////// function confirmDeleteDoc() { - global $viewmode; $item = getContinuationVar('item'); - if($viewmode != ADMIN_DEVELOPER && ! in_array($user['id'], $doceditors)) { + if(! in_array($user['id'], $doceditors)) { showDatabaseDoc($item); return; } @@ -376,9 +375,8 @@ function confirmDeleteDoc() { /// //////////////////////////////////////////////////////////////////////////////// function submitDeleteDoc() { - global $viewmode; $item = getContinuationVar('item'); - if($viewmode != ADMIN_DEVELOPER && ! in_array($user['id'], $doceditors)) { + if(! in_array($user['id'], $doceditors)) { showDatabaseDoc($item); return; } Modified: incubator/vcl/trunk/web/.ht-inc/vm.php URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/vm.php?rev=1049551&r1=1049550&r2=1049551&view=diff ============================================================================== --- incubator/vcl/trunk/web/.ht-inc/vm.php (original) +++ incubator/vcl/trunk/web/.ht-inc/vm.php Wed Dec 15 13:43:31 2010 @@ -28,15 +28,14 @@ /// //////////////////////////////////////////////////////////////////////////////// function editVMInfo() { - global $viewmode; print "<h2>Manage Virtual Hosts</h2>\n"; $profiles = getVMProfiles(); - if($viewmode == ADMIN_DEVELOPER) { - print "<div id=\"mainTabContainer\" dojoType=\"dijit.layout.TabContainer\"\n"; - print " style=\"width:650px;height:600px\">\n"; + if(checkUserHasPerm('Manage VM Profiles')) { + print "<div id=\"mainTabContainer\" dojoType=\"dijit.layout.TabContainer\"\n"; + print " style=\"width:650px;height:600px\">\n"; - print "<div id=\"vmhosts\" dojoType=\"dijit.layout.ContentPane\" title=\"VM Hosts\">\n"; + print "<div id=\"vmhosts\" dojoType=\"dijit.layout.ContentPane\" title=\"VM Hosts\">\n"; } print "<div dojoType=\"dijit.Dialog\"\n"; @@ -61,7 +60,7 @@ function editVMInfo() { } print $newmsg; print "Select a Virtual Host:<br>\n"; - printSelectInput("vmhostid", $vmhosts, -1, 0, 0, 'vmhostid'); + printSelectInput("vmhostid", $vmhosts, -1, 0, 0, 'vmhostid', 'onChange="dojo.byId(\'vmhostdata\').className = \'hidden\';"'); $cont = addContinuationsEntry('vmhostdata'); print "<button dojoType=\"dijit.form.Button\" id=\"fetchCompGrpsButton\">\n"; print " Configure Host\n"; @@ -165,11 +164,11 @@ function editVMInfo() { print "</div>\n";*/ print "</div>\n"; - if($viewmode != ADMIN_DEVELOPER) + if(! checkUserHasPerm('Manage VM Profiles')) return; print "<div id=\"vmprofiles\" dojoType=\"dijit.layout.ContentPane\" title=\"VM Host Profiles\">\n"; print "<br>Select a profile to configure:<br>\n"; - print "<select name=\"profileid\" id=\"profileid\">\n"; + print "<select name=\"profileid\" id=\"profileid\" onChange=\"dojo.byId('vmprofiledata').className = 'hidden';\">\n"; foreach($profiles as $id => $item) print " <option value=\"$id\">{$item['profilename']}</option>\n"; print "</select>\n"; @@ -747,8 +746,7 @@ function AJcancelVMmove() { /// //////////////////////////////////////////////////////////////////////////////// function AJprofileData($profileid="") { - global $viewmode; - if($viewmode != ADMIN_DEVELOPER) { + if(! checkUserHasPerm('Manage VM Profiles')) { sendJSON(array('failed' => 'noaccess')); return; } @@ -792,8 +790,7 @@ function AJprofileData($profileid="") { /// //////////////////////////////////////////////////////////////////////////////// function AJupdateVMprofileItem() { - global $viewmode; - if($viewmode != ADMIN_DEVELOPER) { + if(! checkUserHasPerm('Manage VM Profiles')) { print "alert('You do not have access to manage this vm profile.');"; return; } @@ -874,8 +871,7 @@ function AJnewProfile() { /// //////////////////////////////////////////////////////////////////////////////// function AJdelProfile() { - global $viewmode; - if($viewmode != ADMIN_DEVELOPER) { + if(! checkUserHasPerm('Manage VM Profiles')) { sendJSON(array('failed' => 'noaccess')); return; } Modified: incubator/vcl/trunk/web/css/privileges.css URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/css/privileges.css?rev=1049551&r1=1049550&r2=1049551&view=diff ============================================================================== --- incubator/vcl/trunk/web/css/privileges.css (original) +++ incubator/vcl/trunk/web/css/privileges.css Wed Dec 15 13:43:31 2010 @@ -31,3 +31,19 @@ background-color: #678DB2; color: white; } +#groupprivhelpcell { + height: 100%; + width: 200px; +} +.hlperm { + background-color: #eeeeee; +} +.statusfailed { + color: red; +} +.statussuccess { + color: #008000; +} +.groupprivshidden { + visibility: hidden; +} Modified: incubator/vcl/trunk/web/index.php URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/index.php?rev=1049551&r1=1049550&r2=1049551&view=diff ============================================================================== --- incubator/vcl/trunk/web/index.php (original) +++ incubator/vcl/trunk/web/index.php Wed Dec 15 13:43:31 2010 @@ -32,7 +32,6 @@ $submitErr = ''; $submitErrMsg = ''; $remoteIP = ''; $authed = ''; -$viewmode = ''; $semid = ''; $semislocked = ''; unset($GLOBALS['php_errormsg']); @@ -74,7 +73,7 @@ sendHeaders(); printHTMLHeader(); -if($viewmode == ADMIN_DEVELOPER) { +if(checkUserHasPerm('View Debug Information')) { set_error_handler("errorHandler"); } Modified: incubator/vcl/trunk/web/js/dashboard.js URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/js/dashboard.js?rev=1049551&r1=1049550&r2=1049551&view=diff ============================================================================== --- incubator/vcl/trunk/web/js/dashboard.js (original) +++ incubator/vcl/trunk/web/js/dashboard.js Wed Dec 15 13:43:31 2010 @@ -43,8 +43,10 @@ function generalReqCB(data, ioArgs) { } function updateDashboard() { - var cont = dojo.byId('updatecont').value; - RPCwrapper({continuation: cont}, updateDashboardCB, 1); + var data = {continuation: dojo.byId('updatecont').value}; + if(dojo.byId('affilid')) + data['affilid'] = dojo.byId('affilid').value; + RPCwrapper(data, updateDashboardCB, 1); } function updateDashboardCB(data, ioArgs) { @@ -52,6 +54,7 @@ function updateDashboardCB(data, ioArgs) updateStatus(data.items.status); updateTopImages(data.items.topimages); updateTopLongImages(data.items.toplongimages); + updateTopPastImages(data.items.toppastimages); updateTopFailed(data.items.topfailed); updateTopFailedComputers(data.items.topfailedcomputers); updateResChart(data.items.reschart); @@ -127,6 +130,24 @@ function updateTopLongImages(data) { obj.innerHTML = txt; } +function updateTopPastImages(data) { + var obj = dojo.byId('toppastimages'); + if(data.length == 0) { + obj.innerHTML = 'No recent reservations'; + return; + } + var txt = '<table>'; + for(var i = 0; i < data.length; i++) { + txt += '<tr><th align="right">' + + data[i].prettyname + + '</th><td>' + + data[i].count + + '</td></tr>'; + } + txt += '</table>'; + obj.innerHTML = txt; +} + function updateTopFailed(data) { var obj = dojo.byId('topfailed'); if(data.length == 0) { Modified: incubator/vcl/trunk/web/js/privileges.js URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/js/privileges.js?rev=1049551&r1=1049550&r2=1049551&view=diff ============================================================================== --- incubator/vcl/trunk/web/js/privileges.js (original) +++ incubator/vcl/trunk/web/js/privileges.js Wed Dec 15 13:43:31 2010 @@ -514,3 +514,95 @@ function groupMembersCB(data, ioArgs) { if(currentOver == domid) tt.open(dojo.byId(domid)); } + +function selectUserGroup(cont) { + var data = {continuation: cont, + groupid: dojo.byId('editusergroupid').value}; + RPCwrapper(data, selectUserGroupCB, 1); +} + +function selectUserGroupCB(data, ioArgs) { + if(data.items.failed) { + alert('You are not authorized to manage this group'); + return; + } + dojo.removeClass('usergroupprivs', 'groupprivshidden'); + dijit.byId('usergroupcopyprivsbtn').setAttribute('disabled', false); + dijit.byId('usergroupsaveprivsbtn').setAttribute('disabled', false); + var items = dojo.query('#usergroupprivs input[type=checkbox]'); + for(var i = 0; i < items.length; i++) { + dijit.byId(items[i].id).setAttribute('checked', false); + } + for(var i = 0; i < data.items.perms.length; i++) { + obj = dijit.byId('grouptype' + data.items.perms[i]); + obj.setAttribute('checked', true); + } +} + +function showUserGroupPrivHelp(help, id) { + dojo.byId('groupprivhelp').innerHTML = help; + dojo.addClass('grouptypespan' + id, 'hlperm'); +} + +function clearUserGroupPrivHelp(id) { + dojo.byId('groupprivhelp').innerHTML = ''; + dojo.removeClass('grouptypespan' + id, 'hlperm'); +} + +function copyUserGroupPrivs(cont) { + var data = {continuation: cont, + groupid: dojo.byId('copyusergroupid').value}; + RPCwrapper(data, copyUserGroupPrivsCB, 1); +} + +function copyUserGroupPrivsCB(data, ioArgs) { + if(data.items.failed) { + alert('You are not authorized to manage this group'); + return; + } + var items = dojo.query('#usergroupprivs input[type=checkbox]'); + for(var i = 0; i < items.length; i++) { + dijit.byId(items[i].id).setAttribute('checked', false); + } + for(var i = 0; i < data.items.perms.length; i++) { + obj = dijit.byId('grouptype' + data.items.perms[i]); + obj.setAttribute('checked', true); + } +} + +function saveUserGroupPrivs(cont) { + var permids = new Array(); + var items = dojo.query('#usergroupprivs input[type=checkbox]:checked'); + for(var i = 0; i < items.length; i++) { + permids.push(items[i].name); + } + var permids2 = permids.join(','); + var data = {continuation: cont, + permids: permids2, + groupid: dojo.byId('editusergroupid').value}; + RPCwrapper(data, saveUserGroupPrivsCB, 1); +} + +function saveUserGroupPrivsCB(data, ioArgs) { + if(data.items.failed) { + dojo.byId('userpermsubmitstatus').innerHTML = "Failed to save permissions: " + data.items.failed; + dojo.addClass('userpermsubmitstatus', 'statusfailed'); + } + else if(data.items.success) { + dojo.byId('userpermsubmitstatus').innerHTML = "Permissions successfully saved"; + dojo.addClass('userpermsubmitstatus', 'statussuccess'); + } + setTimeout(clearUserPrivStatus, 10000); +} + +function clearUserPrivStatus() { + dojo.byId('userpermsubmitstatus').innerHTML = ""; + dojo.removeClass('userpermsubmitstatus', 'statussuccess'); + dojo.removeClass('userpermsubmitstatus', 'statusfailed'); +} + +function hideUserGroupPrivs() { + dojo.addClass('usergroupprivs', 'groupprivshidden'); + dijit.byId('usergroupcopyprivsbtn').setAttribute('disabled', true); + dijit.byId('usergroupsaveprivsbtn').setAttribute('disabled', true); +}
