You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@vcl.apache.org by jf...@apache.org on 2014/12/18 20:43:15 UTC
svn commit: r1646518 - in /vcl/trunk/web: .ht-inc/computer.php
.ht-inc/managementnode.php .ht-inc/utils.php js/resources/computer.js
js/resources/managementnode.js
Author: jfthomps
Date: Thu Dec 18 19:43:14 2014
New Revision: 1646518
URL: http://svn.apache.org/r1646518
Log:
VCL-174 - NAT - support for sites that have small IP address ranges
added NAT host section to add/edit management node
utils.php: modified getManagementNodes: added nathostenabled, natpublicIPaddress, and natinternalIPaddress to returned data
managementnode.php:
-modified addEditDialogHTML: added form fields for nathostenabled, natpublicipaddress, and natinternalipaddress
-modified AJsaveResource: removed previous code that modified nathost table; added new code to handle entries from form fields for nathost table
-modified validateResourceData: added nathostenabled, natpublicIPaddress, and natinternalIPaddress to validated and returned fields
-modified addResource: removed previous code that modified nathost table; added new code to handle entries from form fields for nathost table
computer.php: modified validateResourceData: added conditional for nathostenabled being 1 in order to validate natpublicIPaddress and natinternalIPaddress; removed resource table from query that checks for reservations for computers using this computer as a nat host
managementnode.js:
-modified addNewResource: added initialization for nathostenabled, natpublicipaddress, and natinternalipaddress
-added toggleNAThost
-modified inlineEditResourceCB: added code to handle nathostenabled, natpublicipaddress, and natinternalipaddress
-modified resetEditResource: added natpublicipaddress natinternalipaddress to list of fields
-modified saveResource: added natpublicipaddress natinternalipaddress to list of fields; added nathostenabled to data submitted
computer.js: modified addNewResource: initialize nathostenabled to false
Modified:
vcl/trunk/web/.ht-inc/computer.php
vcl/trunk/web/.ht-inc/managementnode.php
vcl/trunk/web/.ht-inc/utils.php
vcl/trunk/web/js/resources/computer.js
vcl/trunk/web/js/resources/managementnode.js
Modified: vcl/trunk/web/.ht-inc/computer.php
URL: http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/computer.php?rev=1646518&r1=1646517&r2=1646518&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/computer.php (original)
+++ vcl/trunk/web/.ht-inc/computer.php Thu Dec 18 19:43:14 2014
@@ -2024,7 +2024,8 @@ class Computer extends Resource {
$nathosterror = 1;
}
# natpublicIPaddress
- if($return['mode'] == 'edit' || $addmode == 'single') {
+ if($return['nathostenabled'] &&
+ ($return['mode'] == 'edit' || $addmode == 'single')) {
if(! validateIPv4addr($return['natpublicIPaddress'])) {
$return['error'] = 1;
$errormsg[] = "Invalid NAT Public IP address. Must be w.x.y.z with each of "
@@ -2048,8 +2049,7 @@ class Computer extends Resource {
. "FROM request rq, "
. "reservation rs, "
. "nathostcomputermap nhcm, "
- . "nathost nh, "
- . "resource r "
+ . "nathost nh "
. "WHERE rs.requestid = rq.id AND "
. "rs.computerid = nhcm.computerid AND "
. "nhcm.nathostid = nh.id AND "
Modified: vcl/trunk/web/.ht-inc/managementnode.php
URL: http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/managementnode.php?rev=1646518&r1=1646517&r2=1646518&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/managementnode.php (original)
+++ vcl/trunk/web/.ht-inc/managementnode.php Thu Dec 18 19:43:14 2014
@@ -408,6 +408,21 @@ class ManagementNode extends Resource {
$h .= labeledFormItem('federatedauth', 'Affiliations using Federated Authentication for Linux Images',
'textarea', '', 1, '', '', '', '', '', helpIcon('federatedauthhelp'));
+ # NAT Host
+ $h .= "<div id=\"nathost\" class=\"boxedoptions\">\n";
+ # use as NAT host
+ $extra = array('onChange' => "toggleNAThost();");
+ $h .= labeledFormItem('nathostenabled', 'Use as NAT Host', 'check', '', '', '1', '', '', $extra);
+ # public IP
+ $errmsg = "Invalid NAT Public IP address specified - must be a valid IPV4 address";
+ $h .= labeledFormItem('natpublicipaddress', 'NAT Public IP Address', 'text', $ipreg1, 1, '', $errmsg,
+ '', '', '', helpIcon('natpubliciphelp'));
+ # internal IP
+ $errmsg = "Invalid NAT Internal IP address specified - must be a valid IPV4 address";
+ $h .= labeledFormItem('natinternalipaddress', 'NAT Internal IP Address', 'text', $ipreg1, 1, '', $errmsg,
+ '', '', '', helpIcon('natinternaliphelp'));
+ $h .= "</div>\n"; # NAT Host
+
$h .= "</div>\n"; # mgmtnodedlgcontent
$h .= "</div>\n"; # addeditdlgcontent
@@ -460,6 +475,8 @@ class ManagementNode extends Resource {
$h .= helpTooltip('dnsserverhelp', _("comma delimited list of IP addresses of DNS servers for public network"));
$h .= helpTooltip('availnetshelp', _("This is a list of IP networks, one per line, available to nodes deployed by this management node. Networks should be specified in x.x.x.x/yy form. It is for deploying servers having a fixed IP address to ensure a node is selected that can actually be on the specified network."));
$h .= helpTooltip('federatedauthhelp', _("Comma delimited list of affiliations for which user passwords are not set for Linux image reservations under this management node. Each Linux image is then required to have federated authentication set up so that users' passwords are passed along to the federated authentication system when a user attempts to log in. (for clarity, not set setting user passwords does not mean users have an empty password, but that a federated system must authenticate the users)"));
+ $h .= helpTooltip('natpubliciphelp', _("message"));
+ $h .= helpTooltip('natinternaliphelp', _("message 2"));
$h .= "</div>\n"; # tooltips
return $h;
}
@@ -572,30 +589,38 @@ class ManagementNode extends Resource {
else
setVariable("timesource|{$data['name']}", $data['timeservers'], 'none');
}
- # update nathost (TODO change in release after 2.4 when section added to manage nat hosts)
- if($data['ipaddress'] != $olddata['IPaddress']) {
- $query = "SELECT id "
- . "FROM resource "
- . "WHERE resourcetypeid = 16 AND "
- . "subid = {$data['rscid']}";
- $qh = doQuery($query);
- if($row = mysql_fetch_assoc($qh)) {
- $resourceid = $row['id'];
- $query = "UPDATE nathost "
- . "SET publicIPaddress = '{$data['ipaddress']}' "
- . "WHERE resourceid = $resourceid";
+
+ # NAT host
+ if($data['nathostenabled'] != $olddata['nathostenabled']) {
+ if($data['nathostenabled']) {
+ $query = "INSERT INTO nathost "
+ . "(resourceid, "
+ . "publicIPaddress, "
+ . "internalIPaddress) "
+ . "VALUES "
+ . "({$olddata['resourceid']}, "
+ . "'{$data['natpublicIPaddress']}', "
+ . "'{$data['natinternalIPaddress']}') "
+ . "ON DUPLICATE KEY UPDATE "
+ . "publicIPaddress = '{$data['natpublicIPaddress']}', "
+ . "internalIPaddress = '{$data['natinternalIPaddress']}'";
+ doQuery($query);
+ }
+ else {
+ $query = "DELETE FROM nathost "
+ . "WHERE resourceid = {$olddata['resourceid']}";
doQuery($query);
- if(! mysql_affected_rows($GLOBALS['mysql_link_vcl'])) {
- $query = "INSERT INTO nathost "
- . "(resourceid, "
- . "publicIPaddress) "
- . "VALUES "
- . "($resourceid, "
- . "'{$data['ipaddress']}')";
- doQuery($query);
- }
}
}
+ elseif($data['nathostenabled'] &&
+ ($olddata['natpublicIPaddress'] != $data['natpublicIPaddress'] ||
+ $olddata['natinternalIPaddress'] != $data['natinternalIPaddress'])) {
+ $query = "UPDATE nathost "
+ . "SET publicIPaddress = '{$data['natpublicIPaddress']}', "
+ . "internalIPaddress = '{$data['natinternalIPaddress']}' "
+ . "WHERE resourceid = {$olddata['resourceid']}";
+ doQuery($query);
+ }
}
# clear user resource cache for this type
@@ -692,6 +717,9 @@ class ManagementNode extends Resource {
$return['checkininterval'] = processInputVar('checkininterval', ARG_NUMERIC);
$return['availablenetworks'] = processInputVar('availablenetworks', ARG_STRING);
$return['federatedauth'] = processInputVar('federatedauth', ARG_STRING);
+ $return['nathostenabled'] = processInputVar('nathostenabled', ARG_NUMERIC);
+ $return['natpublicIPaddress'] = processInputVar('natpublicipaddress', ARG_STRING);
+ $return['natinternalIPaddress'] = processInputVar('natinternalipaddress', ARG_STRING);
if(get_magic_quotes_gpc()) {
$return['sysadminemail'] = stripslashes($return['sysadminemail']);
@@ -904,6 +932,60 @@ class ManagementNode extends Resource {
}
}
+
+
+
+
+ $nathosterror = 0;
+ # nathostenabled
+ if($return['nathostenabled'] != 0 && $return['nathostenabled'] != 1) {
+ $return['error'] = 1;
+ $errormsg[] = "Invalid value for Use as NAT Host";
+ $nathosterror = 1;
+ }
+ # natpublicIPaddress
+ if($return['nathostenabled']) {
+ if(! validateIPv4addr($return['natpublicIPaddress'])) {
+ $return['error'] = 1;
+ $errormsg[] = "Invalid NAT Public IP address. Must be w.x.y.z with each of "
+ . "w, x, y, and z being between 1 and 255 (inclusive)";
+ $nathosterror = 1;
+ }
+ # natinternalIPaddress
+ if(! validateIPv4addr($return['natinternalIPaddress'])) {
+ $return['error'] = 1;
+ $errormsg[] = "Invalid NAT Internal IP address. Must be w.x.y.z with each of "
+ . "w, x, y, and z being between 1 and 255 (inclusive)";
+ $nathosterror = 1;
+ }
+ }
+ # nat host change - check for active reservations
+ if(! $nathosterror && $return['mode'] == 'edit') {
+ if($olddata['nathostenabled'] != $return['nathostenabled'] ||
+ $olddata['natpublicIPaddress'] != $return['natpublicIPaddress'] ||
+ $olddata['natinternalIPaddress'] != $return['natinternalIPaddress']) {
+ $vclreloadid = getUserlistID('vclreload@Local');
+ $query = "SELECT rq.id "
+ . "FROM request rq, "
+ . "reservation rs, "
+ . "nathostcomputermap nhcm, "
+ . "nathost nh "
+ . "WHERE rs.requestid = rq.id AND "
+ . "rs.computerid = nhcm.computerid AND "
+ . "nhcm.nathostid = nh.id AND "
+ . "nh.resourceid = {$olddata['resourceid']} AND "
+ . "rq.start <= NOW() AND "
+ . "rq.end > NOW() AND "
+ . "rq.stateid NOT IN (1,5,11,12) AND "
+ . "rq.userid != $vclreloadid";
+ $qh = doQuery($query);
+ if(mysql_num_rows($qh)) {
+ $return['error'] = 1;
+ $errormsg[] = "This management node is the NAT host for computers that have active reservations. NAT host<br>settings cannot be changed while providing NAT for active reservations.";
+ }
+ }
+ }
+
if($return['error'])
$return['errormsg'] = implode('<br>', $errormsg);
@@ -981,13 +1063,18 @@ class ManagementNode extends Resource {
$resourceid = dbLastInsertID();
- // add entry to nathost table (TODO change in release after 2.4 when section added to manage nat hosts)
- $query = "INSERT INTO nathost "
- . "(resourceid, "
- . "publicIPaddress) "
- . "VALUES ($resourceid, "
- . "'{$data['ipaddress']}')";
- doQuery($query);
+ # NAT host
+ if($data['nathostenabled']) {
+ $query = "INSERT INTO nathost "
+ . "(resourceid, "
+ . "publicIPaddress, "
+ . "internalIPaddress) "
+ . "VALUES "
+ . "($resourceid, "
+ . "'{$data['natpublicIPaddress']}', "
+ . "'{$data['natinternalIPaddress']}')";
+ doQuery($query);
+ }
# time server
$globalval = getVariable('timesource|global');
Modified: vcl/trunk/web/.ht-inc/utils.php
URL: http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/utils.php?rev=1646518&r1=1646517&r2=1646518&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/utils.php (original)
+++ vcl/trunk/web/.ht-inc/utils.php Thu Dec 18 19:43:14 2014
@@ -6795,19 +6795,19 @@ function getManagementNodes($alive="neit
. "m.sharedMailBox AS sharedmailbox, "
. "r.id as resourceid, "
. "m.availablenetworks, "
- . "m.NOT_STANDALONE AS federatedauth "
+ . "m.NOT_STANDALONE AS federatedauth, "
+ . "nh.publicIPaddress AS natpublicIPaddress, "
+ . "COALESCE(nh.internalIPaddress, '') AS natinternalIPaddress "
. "FROM user u, "
. "state s, "
- . "resource r, "
- . "resourcetype rt, "
. "affiliation a, "
. "managementnode m "
. "LEFT JOIN resourcegroup rg ON (m.imagelibgroupid = rg.id) "
+ . "LEFT JOIN resourcetype rt ON (rt.name = 'managementnode') "
+ . "LEFT JOIN resource r ON (r.resourcetypeid = rt.id AND r.subid = m.id) "
+ . "LEFT JOIN nathost nh ON (r.id = nh.resourceid) "
. "WHERE m.ownerid = u.id AND "
. "m.stateid = s.id AND "
- . "m.id = r.subid AND "
- . "r.resourcetypeid = rt.id AND "
- . "rt.name = 'managementnode' AND "
. "u.affiliationid = a.id";
if($id != 0)
$query .= " AND m.id = $id";
@@ -6820,6 +6820,12 @@ function getManagementNodes($alive="neit
$qh = doQuery($query, 101);
$return = array();
while($row = mysql_fetch_assoc($qh)) {
+ if(is_null($row['natpublicIPaddress'])) {
+ $row['nathostenabled'] = 0;
+ $row['natpublicIPaddress'] = '';
+ }
+ else
+ $row['nathostenabled'] = 1;
$return[$row["id"]] = $row;
$return[$row['id']]['availablenetworks'] = explode(',', $row['availablenetworks']);
if($row['state'] == 'deleted')
Modified: vcl/trunk/web/js/resources/computer.js
URL: http://svn.apache.org/viewvc/vcl/trunk/web/js/resources/computer.js?rev=1646518&r1=1646517&r2=1646518&view=diff
==============================================================================
--- vcl/trunk/web/js/resources/computer.js (original)
+++ vcl/trunk/web/js/resources/computer.js Thu Dec 18 19:43:14 2014
@@ -518,6 +518,7 @@ function addNewResource(title) {
dojo.addClass('curimgspan', 'hidden');
dojo.addClass('compidspan', 'hidden');
dijit.byId('nathostid').set('disabled', true);
+ dijit.byId('nathostenabled').set('checked', false);
dijit.byId('natpublicipaddress').set('disabled', true);
dijit.byId('natinternalipaddress').set('disabled', true);
dijit.byId('addeditdlg').show();
Modified: vcl/trunk/web/js/resources/managementnode.js
URL: http://svn.apache.org/viewvc/vcl/trunk/web/js/resources/managementnode.js?rev=1646518&r1=1646517&r2=1646518&view=diff
==============================================================================
--- vcl/trunk/web/js/resources/managementnode.js (original)
+++ vcl/trunk/web/js/resources/managementnode.js Thu Dec 18 19:43:14 2014
@@ -88,9 +88,23 @@ function addNewResource(title) {
dijit.byId('addeditbtn').set('label', title);
dojo.byId('editresid').value = 0;
resetEditResource();
+ dijit.byId('nathostenabled').set('checked', false);
+ dijit.byId('natpublicipaddress').set('disabled', true);
+ dijit.byId('natinternalipaddress').set('disabled', true);
dijit.byId('addeditdlg').show();
}
+function toggleNAThost() {
+ if(dijit.byId('nathostenabled').checked) {
+ dijit.byId('natpublicipaddress').set('disabled', false);
+ dijit.byId('natinternalipaddress').set('disabled', false);
+ }
+ else {
+ dijit.byId('natpublicipaddress').set('disabled', true);
+ dijit.byId('natinternalipaddress').set('disabled', true);
+ }
+}
+
function inlineEditResourceCB(data, ioArgs) {
if(data.items.status == 'success') {
dojo.byId('saveresourcecont').value = data.items.cont;
@@ -121,6 +135,20 @@ function inlineEditResourceCB(data, ioAr
dijit.byId('publicdnsserver').set('value', data.items.data.publicdnsserver);
dijit.byId('availablenetworks').set('value', data.items.data.availablenetworks.join(','));
dijit.byId('federatedauth').set('value', data.items.data.federatedauth);
+ if(data.items.data.nathostenabled == 1) {
+ dijit.byId('nathostenabled').set('checked', true);
+ dijit.byId('natpublicipaddress').set('disabled', false);
+ dijit.byId('natinternalipaddress').set('disabled', false);
+ dijit.byId('natpublicipaddress').set('value', data.items.data.natpublicIPaddress);
+ dijit.byId('natinternalipaddress').set('value', data.items.data.natinternalIPaddress);
+ }
+ else {
+ dijit.byId('nathostenabled').set('checked', false);
+ dijit.byId('natpublicipaddress').set('disabled', true);
+ dijit.byId('natinternalipaddress').set('disabled', true);
+ dijit.byId('natpublicipaddress').set('value', '');
+ dijit.byId('natinternalipaddress').set('value', '');
+ }
dojo.byId('addeditdlgerrmsg').innerHTML = '';
dijit.byId('addeditdlg').show();
}
@@ -130,7 +158,7 @@ function inlineEditResourceCB(data, ioAr
}
function resetEditResource() {
- var fields = ['name', 'owner', 'ipaddress', 'stateid', 'sysadminemail', 'sharedmailbox', 'checkininterval', 'installpath', 'timeservers', 'keys', 'sshport', 'imagelibenable', 'imagelibgroupid', 'imagelibuser', 'imagelibkey', 'publicIPconfig', 'publicnetmask', 'publicgateway', 'publicdnsserver', 'availablenetworks', 'federatedauth'];
+ var fields = ['name', 'owner', 'ipaddress', 'stateid', 'sysadminemail', 'sharedmailbox', 'checkininterval', 'installpath', 'timeservers', 'keys', 'sshport', 'imagelibenable', 'imagelibgroupid', 'imagelibuser', 'imagelibkey', 'publicIPconfig', 'publicnetmask', 'publicgateway', 'publicdnsserver', 'availablenetworks', 'federatedauth', 'natpublicipaddress', 'natinternalipaddress'];
for(var i = 0; i < fields.length; i++) {
dijit.byId(fields[i]).reset();
}
@@ -139,7 +167,7 @@ function resetEditResource() {
function saveResource() {
var errobj = dojo.byId('addeditdlgerrmsg');
- var fields = ['name', 'owner', 'ipaddress', 'sysadminemail', 'sharedmailbox', 'installpath', 'timeservers', 'keys', 'imagelibuser', 'imagelibkey', 'publicnetmask', 'publicgateway', 'publicdnsserver'];
+ var fields = ['name', 'owner', 'ipaddress', 'sysadminemail', 'sharedmailbox', 'installpath', 'timeservers', 'keys', 'imagelibuser', 'imagelibkey', 'publicnetmask', 'publicgateway', 'publicdnsserver', 'natpublicipaddress', 'natinternalipaddress'];
for(var i = 0; i < fields.length; i++) {
if(! checkValidatedObj(fields[i], errobj))
return;
@@ -200,6 +228,9 @@ function saveResource() {
data['imagelibgroupid'] = dijit.byId('imagelibgroupid').get('value');
data['availablenetworks'] = dijit.byId('availablenetworks').get('value');
data['federatedauth'] = dijit.byId('federatedauth').get('value');
+ data['nathostenabled'] = dijit.byId('nathostenabled').get('value');
+ if(data['nathostenabled'] != 1)
+ data['nathostenabled'] = 0;
dijit.byId('addeditbtn').set('disabled', true);
RPCwrapper(data, saveResourceCB, 1);