To receive notifications about scheduled maintenance, please subscribe to the mailing-list gitlab-operations@sympa.ethz.ch. You can subscribe to the mailing-list at https://sympa.ethz.ch

Commit 4078d5b5 authored by Reto Da Forno's avatar Reto Da Forno

is_admin field in renamed to 'role' (valid roles are 'user', 'admin' and 'internal')

parent 4a78a5d8
...@@ -155,7 +155,7 @@ CREATE TABLE `tbl_serv_observer` ( ...@@ -155,7 +155,7 @@ CREATE TABLE `tbl_serv_observer` (
`serv_observer_key` int(10) unsigned NOT NULL AUTO_INCREMENT, `serv_observer_key` int(10) unsigned NOT NULL AUTO_INCREMENT,
`ethernet_address` varchar(60) COLLATE utf8_bin NOT NULL, `ethernet_address` varchar(60) COLLATE utf8_bin NOT NULL,
`observer_id` int(11) NOT NULL, `observer_id` int(11) NOT NULL,
`status` enum('online','offline','disabled','develop') COLLATE utf8_bin NOT NULL DEFAULT 'disabled', `status` enum('online','offline','disabled','develop', 'internal') COLLATE utf8_bin NOT NULL DEFAULT 'disabled',
`slot_1_tg_adapt_list_fk` int(10) unsigned DEFAULT NULL, `slot_1_tg_adapt_list_fk` int(10) unsigned DEFAULT NULL,
`slot_2_tg_adapt_list_fk` int(10) unsigned DEFAULT NULL, `slot_2_tg_adapt_list_fk` int(10) unsigned DEFAULT NULL,
`slot_3_tg_adapt_list_fk` int(10) unsigned DEFAULT NULL, `slot_3_tg_adapt_list_fk` int(10) unsigned DEFAULT NULL,
...@@ -435,12 +435,12 @@ CREATE TABLE `tbl_serv_users` ( ...@@ -435,12 +435,12 @@ CREATE TABLE `tbl_serv_users` (
`country` varchar(45) COLLATE utf8_unicode_ci NOT NULL, `country` varchar(45) COLLATE utf8_unicode_ci NOT NULL,
`password` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `password` varchar(40) COLLATE utf8_unicode_ci NOT NULL,
`email` varchar(45) COLLATE utf8_unicode_ci NOT NULL, `email` varchar(45) COLLATE utf8_unicode_ci NOT NULL,
`institution_type` varchar(20) COLLATE utf8_unicode_ci NOT NULL COMMENT 'One of university, research institute, other', `institution_type` ENUM('university', 'researchinstitute', 'company', 'other') NOT NULL DEFAULT 'other',
`institution` varchar(500) COLLATE utf8_unicode_ci NOT NULL, `institution` varchar(500) COLLATE utf8_unicode_ci NOT NULL,
`quota_runtime` int(11) NOT NULL DEFAULT '60' COMMENT 'Runtime per test in minutes', `quota_runtime` int(11) NOT NULL DEFAULT '60' COMMENT 'Runtime per test in minutes',
`quota_tests` int(11) NOT NULL DEFAULT '3' COMMENT 'Max no. of tests to be scheduled', `quota_tests` int(11) NOT NULL DEFAULT '3' COMMENT 'Max no. of tests to be scheduled',
`retention_time` int(11) NOT NULL DEFAULT '60' COMMENT 'Retention time for testresults in days. After this time, all testresults are deleted. A value of -1 means that tests should be kept infinitely.', `retention_time` int(11) NOT NULL DEFAULT '60' COMMENT 'Retention time for testresults in days. After this time, all testresults are deleted. A value of -1 means that tests should be kept infinitely.',
`is_admin` tinyint(4) NOT NULL DEFAULT '0', `role` ENUM('user', 'admin', 'internal') NOT NULL DEFAULT 'user',
`is_active` tinyint(4) NOT NULL DEFAULT '1', `is_active` tinyint(4) NOT NULL DEFAULT '1',
`create_time` datetime NOT NULL, `create_time` datetime NOT NULL,
`last_login` datetime DEFAULT NULL, `last_login` datetime DEFAULT NULL,
......
...@@ -897,7 +897,7 @@ def get_admin_emails(cursor=None, config=None): ...@@ -897,7 +897,7 @@ def get_admin_emails(cursor=None, config=None):
# Get the addresses from the database: # Get the addresses from the database:
try: try:
cursor.execute("SELECT `email` FROM `tbl_serv_users` WHERE `is_admin` = 1") cursor.execute("SELECT `email` FROM `tbl_serv_users` WHERE `role` = 'admin'")
rs = cursor.fetchall() rs = cursor.fetchall()
for mail in rs: for mail in rs:
email_list.append(mail[0]) email_list.append(mail[0])
......
...@@ -177,10 +177,10 @@ def is_admin(cursor=None, userid=0): ...@@ -177,10 +177,10 @@ def is_admin(cursor=None, userid=0):
# Get the addresses from the database: # Get the addresses from the database:
try: try:
cursor.execute("SELECT `is_admin` FROM `tbl_serv_users` WHERE `serv_users_key` = %d" %userid) cursor.execute("SELECT `role` FROM `tbl_serv_users` WHERE `serv_users_key` = %d" %userid)
rs = cursor.fetchone() rs = cursor.fetchone()
ret = False ret = False
if ((rs != None) and (rs[0] == 1)): if ((rs != None) and (rs[0] == 'admin')):
ret = True ret = True
except: except:
# There was an error in the database connection: # There was an error in the database connection:
...@@ -191,6 +191,40 @@ def is_admin(cursor=None, userid=0): ...@@ -191,6 +191,40 @@ def is_admin(cursor=None, userid=0):
### END is_admin() ### END is_admin()
##############################################################################
#
# get_role - Check if an ID belongs to an internal user.
#
##############################################################################
def is_internal(cursor=None, userid=0):
"""Arguments:
cursor: cursor of the database connection to be used for the query
userid: user ID to test
Return value:
On success, True or False
1 if there is an error in the arguments passed to the function
2 if there was an error in processing the request
"""
# Check the arguments:
if ((type(cursor) != MySQLdb.cursors.Cursor) or (type(userid) != int) or (userid <= 0)):
return(1)
# Get the addresses from the database:
try:
cursor.execute("SELECT `role` FROM `tbl_serv_users` WHERE `serv_users_key` = %d" %userid)
rs = cursor.fetchone()
ret = False
if ((rs != None) and (rs[0] == 'internal')):
ret = True
except:
# There was an error in the database connection:
syslog(LOG_WARNING, "FlockLab is_internal() error: %s: %s" %(str(sys.exc_info()[0]), str(sys.exc_info()[1])))
return(2)
return ret
### END is_internal()
############################################################################## ##############################################################################
# #
# get_testowner_email - Get the email address of the owner of a particular # get_testowner_email - Get the email address of the owner of a particular
......
...@@ -133,6 +133,7 @@ def main(argv): ...@@ -133,6 +133,7 @@ def main(argv):
schemapath = None schemapath = None
testid = None testid = None
isadmin = False isadmin = False
isinternal = False
# Open the log and create logger: # Open the log and create logger:
try: try:
...@@ -232,6 +233,12 @@ def main(argv): ...@@ -232,6 +233,12 @@ def main(argv):
logger.warn("Could not determine if user is admin or not. Error %d occurred. Exiting..." %isadmin) logger.warn("Could not determine if user is admin or not. Error %d occurred. Exiting..." %isadmin)
sys.exit(errno.EAGAIN) sys.exit(errno.EAGAIN)
# Check if the user is internal:
isinternal = flocklab.is_internal(cursor, userid)
if isinternal not in (True, False):
logger.warn("Could not determine if user is internal or not. Error %d occurred. Exiting..." %isinternal)
sys.exit(errno.EAGAIN)
# Initialize error counter and set timezone to UTC: # Initialize error counter and set timezone to UTC:
errcnt = 0; errcnt = 0;
os.environ['TZ'] = 'UTC' os.environ['TZ'] = 'UTC'
...@@ -289,7 +296,6 @@ def main(argv): ...@@ -289,7 +296,6 @@ def main(argv):
# * If specified, end time has to be after start time # * If specified, end time has to be after start time
f = open(xmlpath, 'r') f = open(xmlpath, 'r')
parser = etree.XMLParser(remove_comments=True) parser = etree.XMLParser(remove_comments=True)
#tree = etree.fromstring(f.read(), parser)
tree = etree.parse(f, parser) tree = etree.parse(f, parser)
f.close() f.close()
ns = {'d': config.get('xml', 'namespace')} ns = {'d': config.get('xml', 'namespace')}
...@@ -510,6 +516,8 @@ def main(argv): ...@@ -510,6 +516,8 @@ def main(argv):
stati = "'online'" stati = "'online'"
if isadmin: if isadmin:
stati += ", 'develop'" stati += ", 'develop'"
if isinternal:
stati += ", 'internal'"
cursor.execute(sql_adap %(obsid, stati)) cursor.execute(sql_adap %(obsid, stati))
adaptTypesFk = cursor.fetchone() adaptTypesFk = cursor.fetchone()
# If no results are returned, it most probably means that the observer is not active at the moment: # If no results are returned, it most probably means that the observer is not active at the moment:
......
...@@ -77,7 +77,7 @@ ...@@ -77,7 +77,7 @@
echo '<h1>Admin User Management</h1>'; echo '<h1>Admin User Management</h1>';
/* Get all users from the database and display them in the table. */ /* Get all users from the database and display them in the table. */
$db = db_connect(); $db = db_connect();
$sql = "SELECT serv_users_key, lastname, firstname, username, email, is_active, use_daq, quota_runtime, quota_tests, is_admin, UNIX_TIMESTAMP(create_time) as create_time_ts, DATE_FORMAT(create_time,'%d.%m.%Y') as create_date, last_login from tbl_serv_users"; $sql = "SELECT serv_users_key, lastname, firstname, username, email, is_active, use_daq, quota_runtime, quota_tests, role, UNIX_TIMESTAMP(create_time) as create_time_ts, DATE_FORMAT(create_time,'%d.%m.%Y') as create_date, last_login from tbl_serv_users";
$rs = mysql_query($sql) or flocklab_die('Cannot get users from database because: ' . mysql_error()); $rs = mysql_query($sql) or flocklab_die('Cannot get users from database because: ' . mysql_error());
$nrows = mysql_num_rows($rs); $nrows = mysql_num_rows($rs);
mysql_close($db); mysql_close($db);
...@@ -113,7 +113,7 @@ echo '<h1>Admin User Management</h1>'; ...@@ -113,7 +113,7 @@ echo '<h1>Admin User Management</h1>';
echo "<td>" . htmlentities($row['email']) . "</td>"; echo "<td>" . htmlentities($row['email']) . "</td>";
echo '<td><span style="display:none">'.$row['create_time_ts'].'</span>' . htmlentities($row['create_date']) . "</td>"; echo '<td><span style="display:none">'.$row['create_time_ts'].'</span>' . htmlentities($row['create_date']) . "</td>";
echo "<td>" . (string)$row['quota_tests'] . " / " . (string)$row['quota_runtime'] . "min</td>"; echo "<td>" . (string)$row['quota_tests'] . " / " . (string)$row['quota_runtime'] . "min</td>";
echo "<td>" . (string)$row['is_admin'] . "</td>"; echo "<td>" . htmlentities($row['role']) . "</td>";
echo '<td><span style="display:none">'.$row['is_active'].'</span><form action="admin_user_management.php" method="post"><input name="is_active" type="checkbox" onclick="if(this.checked) { if(!confirm(\'Active this user? An email will be sent.\')) { return false; } }" ' . ($row['is_active']==1?' checked="true"':'') . '><input type="hidden" name="user_id" value ="'.$row['serv_users_key'].'"></form></td>'; echo '<td><span style="display:none">'.$row['is_active'].'</span><form action="admin_user_management.php" method="post"><input name="is_active" type="checkbox" onclick="if(this.checked) { if(!confirm(\'Active this user? An email will be sent.\')) { return false; } }" ' . ($row['is_active']==1?' checked="true"':'') . '><input type="hidden" name="user_id" value ="'.$row['serv_users_key'].'"></form></td>';
echo '<td><span style="display:none">'.$row['use_daq'].'</span><form action="admin_user_management.php" method="post"><input name="use_daq" type="checkbox" ' . ($row['use_daq']==1?' checked="true"':'') . '><input type="hidden" name="user_id" value ="'.$row['serv_users_key'].'"></form></td>'; echo '<td><span style="display:none">'.$row['use_daq'].'</span><form action="admin_user_management.php" method="post"><input name="use_daq" type="checkbox" ' . ($row['use_daq']==1?' checked="true"':'') . '><input type="hidden" name="user_id" value ="'.$row['serv_users_key'].'"></form></td>';
echo "</tr>"; echo "</tr>";
......
...@@ -90,13 +90,13 @@ function do_login($username, $password) { ...@@ -90,13 +90,13 @@ function do_login($username, $password) {
// Check username and password: // Check username and password:
if (strlen($username)>0 && strlen($password) > 0) { if (strlen($username)>0 && strlen($password) > 0) {
$db = db_connect(); $db = db_connect();
$sql = "SELECT serv_users_key, username, firstname, lastname, email, is_admin $sql = "SELECT serv_users_key, username, firstname, lastname, email, role
FROM tbl_serv_users FROM tbl_serv_users
WHERE username = '" . mysql_real_escape_string($username) . "' AND password = '" . mysql_real_escape_string(sha1($password)) . "' AND is_active=1"; WHERE username = '" . mysql_real_escape_string($username) . "' AND password = '" . mysql_real_escape_string(sha1($password)) . "' AND is_active=1";
$rs = mysql_query($sql) or flocklab_die('Cannot authenticate because: ' . mysql_error()); $rs = mysql_query($sql) or flocklab_die('Cannot authenticate because: ' . mysql_error());
$rows = mysql_fetch_array($rs); $rows = mysql_fetch_array($rs);
if ($rows) { if ($rows) {
if ($rows['is_admin'] != '1') { if ($rows['role'] != 'admin') {
// check for global UI lock // check for global UI lock
$sql = "SELECT message, time_start, time_end $sql = "SELECT message, time_start, time_end
FROM tbl_serv_web_status FROM tbl_serv_web_status
...@@ -120,7 +120,7 @@ function do_login($username, $password) { ...@@ -120,7 +120,7 @@ function do_login($username, $password) {
$_SESSION['firstname'] = $rows['firstname']; $_SESSION['firstname'] = $rows['firstname'];
$_SESSION['lastname'] = $rows['lastname']; $_SESSION['lastname'] = $rows['lastname'];
$_SESSION['email'] = $rows['email']; $_SESSION['email'] = $rows['email'];
$_SESSION['is_admin'] = ($rows['is_admin'] == '1') ? true : false; $_SESSION['is_admin'] = ($rows['role'] == 'admin') ? true : false;
$_SESSION['expires'] = $_SERVER['REQUEST_TIME'] + $CONFIG['session']['expiretime']; $_SESSION['expires'] = $_SERVER['REQUEST_TIME'] + $CONFIG['session']['expiretime'];
return true; return true;
} }
...@@ -208,9 +208,9 @@ function check_imageid($imageid, $userid) { ...@@ -208,9 +208,9 @@ function check_imageid($imageid, $userid) {
*/ */
function get_admin_emails() { function get_admin_emails() {
$db = db_connect(); $db = db_connect();
$sql = "SELECT `email` $sql = "SELECT `email`
FROM tbl_serv_users FROM tbl_serv_users
WHERE `is_admin` = 1"; WHERE `role` = 'admin'";
$rs = mysql_query($sql) or flocklab_die('Cannot get admin emails from database because: ' . mysql_error()); $rs = mysql_query($sql) or flocklab_die('Cannot get admin emails from database because: ' . mysql_error());
$admins = Array(); $admins = Array();
while ($row=mysql_fetch_array($rs)) { while ($row=mysql_fetch_array($rs)) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment