From: Marcin Haba Date: Sun, 27 Dec 2015 12:09:14 +0000 (+0100) Subject: baculum: Rework access by restricted consoles X-Git-Tag: Release-7.4.0~84 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=13b0f043946c1647301112b26d74cb7eb4894e28;p=bacula%2Fbacula baculum: Rework access by restricted consoles --- diff --git a/gui/baculum/protected/Class/API.php b/gui/baculum/protected/Class/API.php index d4071a07d2..9d109fbb4d 100644 --- a/gui/baculum/protected/Class/API.php +++ b/gui/baculum/protected/Class/API.php @@ -44,8 +44,14 @@ class API extends TModule { return $ch; } - private function getAPIHeader() { - return 'X-Baculum-API: ' . self::API_VERSION; + private function getAPIHeaders() { + $headers = array( + 'X-Baculum-API: ' . self::API_VERSION, + 'X-Baculum-User: ' . $this->Application->User->getName(), + 'X-Baculum-Pwd: ' . $this->Application->User->getPwd(), + 'Accept: application/json' + ); + return $headers; } public function init($config) { @@ -64,13 +70,6 @@ class API extends TModule { private function setParamsToUrl(&$url) { $url .= (preg_match('/\?/', $url) === 1 ? '&' : '?' ) . 'director=' . ((array_key_exists('director', $_SESSION)) ? $_SESSION['director'] : ''); - /** - * If user is not equal admin user then it is added to URL, - * then will be used custom console for this user. - */ - if($this->User->getIsAdmin() === false) { - $url .= '&user=' . $this->User->getName(); - } $this->Application->getModule('logging')->log(__FUNCTION__, PHP_EOL . PHP_EOL . 'EXECUTE URL ==> ' . $url . ' <==' . PHP_EOL . PHP_EOL, Logging::CATEGORY_APPLICATION, __FILE__, __LINE__); } @@ -91,7 +90,7 @@ class API extends TModule { $this->setParamsToUrl($url); $ch = $this->getConnection(); curl_setopt($ch, CURLOPT_URL, $url); - curl_setopt($ch, CURLOPT_HTTPHEADER, array($this->getAPIHeader(), 'Accept: application/json')); + curl_setopt($ch, CURLOPT_HTTPHEADER, $this->getAPIHeaders()); $result = curl_exec($ch); curl_close($ch); $ret = $this->preParseOutput($result); @@ -109,7 +108,7 @@ class API extends TModule { $ch = $this->getConnection(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT'); - curl_setopt($ch, CURLOPT_HTTPHEADER, array($this->getAPIHeader(), 'Accept: application/json', 'X-HTTP-Method-Override: PUT', 'Content-Length: ' . strlen($data), 'Expect:')); + curl_setopt($ch, CURLOPT_HTTPHEADER, array_merge($this->getAPIHeaders(), array('X-HTTP-Method-Override: PUT', 'Content-Length: ' . strlen($data), 'Expect:'))); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); $result = curl_exec($ch); @@ -123,7 +122,7 @@ class API extends TModule { $data = http_build_query(array('create' => $options)); $ch = $this->getConnection(); curl_setopt($ch, CURLOPT_URL, $url); - curl_setopt($ch, CURLOPT_HTTPHEADER, array($this->getAPIHeader(), 'Accept: application/json', 'Expect:')); + curl_setopt($ch, CURLOPT_HTTPHEADER, array_merge($this->getAPIHeaders(), array('Expect:'))); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); $result = curl_exec($ch); @@ -137,7 +136,7 @@ class API extends TModule { $ch = $this->getConnection(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'DELETE'); - curl_setopt($ch, CURLOPT_HTTPHEADER, array($this->getAPIHeader(), 'Accept: application/json', 'X-HTTP-Method-Override: DELETE')); + curl_setopt($ch, CURLOPT_HTTPHEADER, array_merge($this->getAPIHeaders(), array('X-HTTP-Method-Override: DELETE'))); $result = curl_exec($ch); curl_close($ch); return $this->preParseOutput($result); diff --git a/gui/baculum/protected/Class/BaculumAPI.php b/gui/baculum/protected/Class/BaculumAPI.php index 94236f6689..50d4526cfd 100644 --- a/gui/baculum/protected/Class/BaculumAPI.php +++ b/gui/baculum/protected/Class/BaculumAPI.php @@ -49,15 +49,22 @@ abstract class BaculumAPI extends TPage $db = new ActiveRecord(); $db->getDbConnection(); $this->director = isset($this->Request['director']) ? $this->Request['director'] : null; - $this->user = isset($this->Request['user']) ? $this->Request['user'] : null; - if(is_null($this->user) && $this->Application->getModule('configuration')->isApplicationConfig() === true) { - $appConfig = ConfigurationManager::getApplicationConfig(); - // @TOFIX: Baculum API layer should not use $_SERVER variables. - if (isset($_SERVER['PHP_AUTH_USER'])) { - // NOTE: With php-fpm $_SERVER['PHP_AUTH_USER'] value is empty string here - $user = trim($_SERVER['PHP_AUTH_USER']); - $this->user = (!empty($user) && $user != $appConfig['baculum']['login']) ? $user : null; + + $user = isset($_SERVER['HTTP_X_BACULUM_USER']) ? $_SERVER['HTTP_X_BACULUM_USER']: null; + $pwd = isset($_SERVER['HTTP_X_BACULUM_PWD']) ? $_SERVER['HTTP_X_BACULUM_PWD']: null; + if(!is_null($user) && !is_null($pwd)) { + $logged = $this->Application->getModule('auth')->login($user, $pwd); + if ($logged === true) { + $this->user = ($this->User->getIsAdmin() === false) ? $user : null; + } else { + $this->output = AuthorizationError::MSG_ERROR_AUTHORIZATION_TO_WEBGUI_PROBLEM; + $this->error = AuthorizationError::ERROR_AUTHORIZATION_TO_WEBGUI_PROBLEM; + return; } + } else { + $this->output = AuthorizationError::MSG_ERROR_AUTHORIZATION_TO_WEBGUI_PROBLEM; + $this->error = AuthorizationError::ERROR_AUTHORIZATION_TO_WEBGUI_PROBLEM; + return; } switch($_SERVER['REQUEST_METHOD']) { diff --git a/gui/baculum/protected/Class/BaculumUser.php b/gui/baculum/protected/Class/BaculumUser.php index 9fe2ce5780..4cf3a8eaa9 100644 --- a/gui/baculum/protected/Class/BaculumUser.php +++ b/gui/baculum/protected/Class/BaculumUser.php @@ -25,6 +25,7 @@ Prado::using('System.Security.TUser'); class BaculumUser extends TUser { private $_id; + private $_pwd; public function getID() { return $this->_id; @@ -34,8 +35,16 @@ class BaculumUser extends TUser { $this->_id = $id; } + public function getPwd() { + return $this->_pwd; + } + + public function setPwd($pwd) { + $this->_pwd = $pwd; + } + public function getIsAdmin() { return $this->isInRole('admin'); } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Class/BaculumUsersManager.php b/gui/baculum/protected/Class/BaculumUsersManager.php index 154aaaeaef..f47e0b57e5 100644 --- a/gui/baculum/protected/Class/BaculumUsersManager.php +++ b/gui/baculum/protected/Class/BaculumUsersManager.php @@ -26,9 +26,13 @@ Prado::using('Application.Class.BaculumUser'); class BaculumUsersManager extends TModule implements IUserManager { private $config; + private $configMod; + private $users; public function init($config) { - $this->config = $this->Application->getModule('configuration')->isApplicationConfig() ? $this->Application->getModule('configuration')->getApplicationConfig() : null; + $this->configMod = $this->Application->getModule('configuration'); + $this->config = $this->configMod->isApplicationConfig() ? $this->configMod->getApplicationConfig() : null; + $this->users = $this->configMod->getAllUsers(); } public function getGuestName() { @@ -36,16 +40,24 @@ class BaculumUsersManager extends TModule implements IUserManager { } public function validateUser($username, $password) { - return !empty($username); + $valid = false; + if(!empty($username) && !empty($password)) { + $users = $this->configMod->getAllUsers(); + $valid = (array_key_exists($username, $users) && $password === $users[$username]); + } + return $valid; } public function getUser($username = null) { $user = new BaculumUser($this); $id = sha1(time()); $user->setID($id); - $user->setName($_SERVER['PHP_AUTH_USER']); + $user->setName($username); $user->setIsGuest(false); - if($this->config['baculum']['login'] == $_SERVER['PHP_AUTH_USER'] || is_null($this->config)) { + if ($username != null) { + $user->setPwd($this->users[$username]); + } + if(is_null($this->config) || $this->config['baculum']['login'] === $username) { $user->setRoles('admin'); } else { $user->setRoles('user'); @@ -60,5 +72,10 @@ class BaculumUsersManager extends TModule implements IUserManager { public function saveUserToCookie($cookie) { return; } + + public function loginUser() { + $enc_pwd = $this->Application->getModule('configuration')->getCryptedPassword($_SERVER['PHP_AUTH_PW']); + $logged = $this->Application->getModule('auth')->login($_SERVER['PHP_AUTH_USER'], $enc_pwd); + } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Class/Bconsole.php b/gui/baculum/protected/Class/Bconsole.php index 9dc27690df..d16191e577 100644 --- a/gui/baculum/protected/Class/Bconsole.php +++ b/gui/baculum/protected/Class/Bconsole.php @@ -77,7 +77,7 @@ class Bconsole extends TModule { } } $output = count($output) > 1 ? array_values($output) : array_shift($output); - return (object)array('output' => $output, 'exitcode' => $exitcode); + return (object)array('output' => $output, 'exitcode' => (integer)$exitcode); } public function bconsoleCommand($director, array $command, $user = null) { diff --git a/gui/baculum/protected/Class/ConfigurationManager.php b/gui/baculum/protected/Class/ConfigurationManager.php index 8580daa875..7a711e98e0 100644 --- a/gui/baculum/protected/Class/ConfigurationManager.php +++ b/gui/baculum/protected/Class/ConfigurationManager.php @@ -143,6 +143,11 @@ class ConfigurationManager extends TModule return file_exists(Prado::getPathOfNamespace(self::CONFIG_FILE, '.conf')); } + public function getCryptedPassword($password) { + $enc_pwd = crypt($password, base64_encode($password)); + return $enc_pwd; + } + /** * Saving user to users configuration file. * @@ -161,37 +166,37 @@ class ConfigurationManager extends TModule * @return boolean true if user saved successfully, otherwise false */ public function setUsersConfig($user, $password, $firstUsage = false, $oldUser = null) { + $allUsers = $this->getAllUsers(); $usersFile = Prado::getPathOfNamespace(self::USERS_FILE, '.users'); - $password = crypt($password, base64_encode($password)); + $password = $this->getCryptedPassword($password); + if($firstUsage === true) { $this->clearUsersConfig(); } - $users = $this->isUsersConfig() === true ? file($usersFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES) : array(); - $userExists = false; + $userExists = array_key_exists($user, $allUsers); - for($i = 0; $i < count($users); $i++) { - // checking if user already exist in configuration file and if exist then update password - if(preg_match("/^{$user}\:/", $users[$i]) === 1) { - $users[$i] = "{$user}:{$password}"; - $userExists = true; - break; - } + + if ($userExists === true) { + // update user password; + $allUsers[$user] = $password; } if(!is_null($oldUser) && $oldUser !== $user) { // delete old username with password from configuration file - for($j = 0; $j < count($users); $j++) { - if(preg_match("/^{$oldUser}\:/", $users[$j]) === 1) { - unset($users[$j]); - break; - } + if(array_key_exists($oldUser, $allUsers)) { + unset($allUsers[$oldUser]); } } // add new user if does not exist if($userExists === false) { - array_push($users, "{$user}:{$password}"); + $allUsers[$user] = $password; + } + + $users = array(); + foreach ($allUsers as $user => $pwd) { + $users[] = "$user:$pwd"; } $usersToFile = implode("\n", $users); @@ -202,6 +207,21 @@ class ConfigurationManager extends TModule return $result; } + public function getAllUsers() { + $allUsers = array(); + if ($this->isUsersConfig() === true) { + $usersFile = Prado::getPathOfNamespace(self::USERS_FILE, '.users'); + $users = file($usersFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); + + for($i = 0; $i < count($users); $i++) { + if(preg_match("/^(?P\S+)\:(?P\S+)$/", $users[$i], $match) === 1) { + $allUsers[$match['user']] = $match['hash']; + } + } + } + return $allUsers; + } + /** * Checking if users configuration file exists. * diff --git a/gui/baculum/protected/Class/JobManager.php b/gui/baculum/protected/Class/JobManager.php index cf53733d6b..c2670edcfd 100644 --- a/gui/baculum/protected/Class/JobManager.php +++ b/gui/baculum/protected/Class/JobManager.php @@ -22,7 +22,7 @@ class JobManager extends TModule { - public function getJobs($limit) { + public function getJobs($limit, $allowedJobs = array()) { $criteria = new TActiveRecordCriteria; $order = 'JobId'; $cfg = $this->Application->getModule('configuration'); @@ -34,6 +34,19 @@ class JobManager extends TModule { if(is_int($limit) && $limit > 0) { $criteria->Limit = $limit; } + + if (count($allowedJobs) > 0) { + $where = array(); + $names = array(); + for ($i = 0; $i < count($allowedJobs); $i++) { + $where[] = "name = :name$i"; + $names[":name$i"] = $allowedJobs[$i]; + } + $criteria->Condition = implode(' OR ', $where); + foreach($names as $name => $jobname) { + $criteria->Parameters[$name] = $jobname; + } + } return JobRecord::finder()->findAll($criteria); } @@ -72,11 +85,17 @@ class JobManager extends TModule { return $jobids; } - public function getJobTotals() { + public function getJobTotals($allowedJobs = array()) { $jobtotals = array('bytes' => 0, 'files' => 0); $connection = JobRecord::finder()->getDbConnection(); $connection->setActive(true); - $sql = "SELECT sum(JobFiles) AS files, sum(JobBytes) AS bytes FROM Job"; + + $where = ''; + if (count($allowedJobs) > 0) { + $where = " WHERE name='" . implode("' OR name='", $allowedJobs) . "'"; + } + + $sql = "SELECT sum(JobFiles) AS files, sum(JobBytes) AS bytes FROM Job $where"; $pdo = $connection->getPdoInstance(); $result = $pdo->query($sql); $ret = $result->fetch(); diff --git a/gui/baculum/protected/Init.php b/gui/baculum/protected/Init.php index 01744022ea..d3627030a2 100644 --- a/gui/baculum/protected/Init.php +++ b/gui/baculum/protected/Init.php @@ -32,7 +32,7 @@ if (!ini_get('date.timezone')) { } // Support for web servers which do not provide direct info about HTTP Basic auth to PHP superglobal $_SERVER array. -if(!isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['PHP_AUTH_PW'])) { +if(!isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['PHP_AUTH_PW']) && isset($_SERVER['HTTP_AUTHORIZATION'])) { list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); } diff --git a/gui/baculum/protected/Pages/API/Client.php b/gui/baculum/protected/Pages/API/Client.php index cb689f1c03..a2b17398e9 100644 --- a/gui/baculum/protected/Pages/API/Client.php +++ b/gui/baculum/protected/Pages/API/Client.php @@ -25,13 +25,18 @@ class Client extends BaculumAPI { public function get() { $clientid = intval($this->Request['id']); $client = $this->getModule('client')->getClientById($clientid); - $allowedClients = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.client'), $this->user)->output; - if(!is_null($client) && in_array($client->name, $allowedClients)) { - $this->output = $client; - $this->error = ClientError::ERROR_NO_ERRORS; + $allowedClients = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.client'), $this->user); + if ($allowedClients->exitcode === 0) { + if(!is_null($client) && in_array($client->name, $allowedClients->output)) { + $this->output = $client; + $this->error = ClientError::ERROR_NO_ERRORS; + } else { + $this->output = ClientError::MSG_ERROR_CLIENT_DOES_NOT_EXISTS; + $this->error =ClientError::ERROR_CLIENT_DOES_NOT_EXISTS; + } } else { - $this->output = ClientError::MSG_ERROR_CLIENT_DOES_NOT_EXISTS; - $this->error =ClientError::ERROR_CLIENT_DOES_NOT_EXISTS; + $this->output = $allowedClients->output; + $this->error = $allowedClients->exitcode; } } @@ -47,4 +52,4 @@ class Client extends BaculumAPI { } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Pages/API/Clients.php b/gui/baculum/protected/Pages/API/Clients.php index 459a3d36b6..ee8ff0aea8 100644 --- a/gui/baculum/protected/Pages/API/Clients.php +++ b/gui/baculum/protected/Pages/API/Clients.php @@ -53,16 +53,22 @@ class Clients extends BaculumAPI { public function get() { $limit = intval($this->Request['limit']); $clients = $this->getModule('client')->getClients($limit); - $allowedClients = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.client'), $this->user)->output; - $clientsOutput = array(); - foreach($clients as $client) { - if(in_array($client->name, $allowedClients)) { - $clientsOutput[] = $client; + $allowedClients = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.client'), $this->user); + if ($allowedClients->exitcode === 0) { + $clientsOutput = array(); + foreach($clients as $client) { + if(in_array($client->name, $allowedClients->output)) { + $clientsOutput[] = $client; + } } + $this->output = $clientsOutput; + $this->error = ClientError::ERROR_NO_ERRORS; + } else { + + $this->output = $allowedClients->output; + $this->error = $allowedClients->exitcode; } - $this->output = $clientsOutput; - $this->error = ClientError::ERROR_NO_ERRORS; } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Pages/API/Directors.php b/gui/baculum/protected/Pages/API/Directors.php index 472c5abd27..c3ff0580e7 100644 --- a/gui/baculum/protected/Pages/API/Directors.php +++ b/gui/baculum/protected/Pages/API/Directors.php @@ -27,9 +27,9 @@ class Directors extends BaculumAPI { $this->output = $directors->output; $this->error = BconsoleError::ERROR_NO_ERRORS; } else { - $this->output = BconsoleError::MSG_ERROR_BCONSOLE_CONNECTION_PROBLEM; - $this->error = BconsoleError::ERROR_BCONSOLE_CONNECTION_PROBLEM; + $this->output = $directors->output; + $this->error = $directors->exitcode; } } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Pages/API/FileSet.php b/gui/baculum/protected/Pages/API/FileSet.php index bccfc81fce..5e45738159 100644 --- a/gui/baculum/protected/Pages/API/FileSet.php +++ b/gui/baculum/protected/Pages/API/FileSet.php @@ -24,15 +24,20 @@ class FileSet extends BaculumAPI { public function get() { $filesetid = intval($this->Request['id']); $fileset = $this->getModule('fileset')->getFileSetById($filesetid); - $allowedFileSets = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.fileset'), $this->user)->output; - if(!is_null($fileset) && in_array($fileset->fileset, $allowedFileSets)) { - $this->output = $fileset; - $this->error = FileSetError::ERROR_NO_ERRORS; + $allowedFileSets = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.fileset'), $this->user); + if ($allowedFileSets->exitcode === 0) { + if(!is_null($fileset) && in_array($fileset->fileset, $allowedFileSets->output)) { + $this->output = $fileset; + $this->error = FileSetError::ERROR_NO_ERRORS; + } else { + $this->output = FileSetError::MSG_ERROR_FILESET_DOES_NOT_EXISTS; + $this->error = FileSetError::ERROR_FILESET_DOES_NOT_EXISTS; + } } else { - $this->output = FileSetError::MSG_ERROR_FILESET_DOES_NOT_EXISTS; - $this->error = FileSetError::ERROR_FILESET_DOES_NOT_EXISTS; + $this->output = $allowedFileSets->output; + $this->error = $allowedFileSets->exitcode; } } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Pages/API/FileSets.php b/gui/baculum/protected/Pages/API/FileSets.php index b5275c140d..7027181794 100644 --- a/gui/baculum/protected/Pages/API/FileSets.php +++ b/gui/baculum/protected/Pages/API/FileSets.php @@ -25,21 +25,34 @@ class FileSets extends BaculumAPI { $directors = $this->getModule('bconsole')->getDirectors(); if($directors->exitcode === 0) { $filesets = array(); + $error = false; + $error_obj = null; for($i = 0; $i < count($directors->output); $i++) { - $filesetsshow = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('show', 'fileset'), $this->user)->output; + $filesetsshow = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('show', 'fileset'), $this->user); + if ($filesetsshow->exitcode != 0) { + $error_obj = $filesetsshow; + $error = true; + break; + } $filesets[$directors->output[$i]] = array(); - for($j = 0; $j < count($filesetsshow); $j++) { - if(preg_match('/^FileSet:\ name=(.*)$/', $filesetsshow[$j], $match) === 1) { + for($j = 0; $j < count($filesetsshow->output); $j++) { + if(preg_match('/^FileSet:\ name=(.*)$/', $filesetsshow->output[$j], $match) === 1) { $filesets[$directors->output[$i]][] = $match[1]; } } } - $this->output = $filesets; - $this->error = BconsoleError::ERROR_NO_ERRORS; + + if ($error === true) { + $this->output = $error_obj->output; + $this->error = $error_obj->exitcode; + } else { + $this->output = $filesets; + $this->error = BconsoleError::ERROR_NO_ERRORS; + } } else { - $this->output = BconsoleError::MSG_ERROR_BCONSOLE_CONNECTION_PROBLEM; - $this->error = BconsoleError::ERROR_BCONSOLE_CONNECTION_PROBLEM; + $this->output = $directors->output; + $this->error = $directors->exitcode; } } } diff --git a/gui/baculum/protected/Pages/API/Job.php b/gui/baculum/protected/Pages/API/Job.php index 0913200d42..40d4f08ad0 100644 --- a/gui/baculum/protected/Pages/API/Job.php +++ b/gui/baculum/protected/Pages/API/Job.php @@ -24,13 +24,18 @@ class Job extends BaculumAPI { public function get() { $jobid = intval($this->Request['id']); $job = $this->getModule('job')->getJobById($jobid); - $allowedJobs = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.jobs'), $this->user)->output; - if(!is_null($job) && in_array($job->name, $allowedJobs)) { - $this->output = $job; - $this->error = JobError::ERROR_NO_ERRORS; + $allowedJobs = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.jobs'), $this->user); + if ($allowedJobs->exitcode === 0) { + if(!is_null($job) && in_array($job->name, $allowedJobs->output)) { + $this->output = $job; + $this->error = JobError::ERROR_NO_ERRORS; + } else { + $this->output = JobError::MSG_ERROR_JOB_DOES_NOT_EXISTS; + $this->error = JobError::ERROR_JOB_DOES_NOT_EXISTS; + } } else { - $this->output = JobError::MSG_ERROR_JOB_DOES_NOT_EXISTS; - $this->error = JobError::ERROR_JOB_DOES_NOT_EXISTS; + $this->output = $allowedJobs->output; + $this->error = $allowedJobs->exitcode; } } @@ -48,4 +53,4 @@ class Job extends BaculumAPI { } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Pages/API/JobShow.php b/gui/baculum/protected/Pages/API/JobShow.php index b378386f8b..0e73f99222 100644 --- a/gui/baculum/protected/Pages/API/JobShow.php +++ b/gui/baculum/protected/Pages/API/JobShow.php @@ -23,23 +23,35 @@ class JobShow extends BaculumAPI { public function get() { $jobname = null; + $error = false; + $error_obj = null; if (isset($this->Request['id'])) { $jobid = intval($this->Request['id']); $job = $this->getModule('job')->getJobById($jobid); $jobname = property_exists($job, 'name') ? $job->name : null; } elseif (isset($this->Request['name'])) { - $allowedJobs = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.jobs'), $this->user)->output; - $jobname = in_array($this->Request['name'], $allowedJobs) ? $this->Request['name'] : null; + $allowedJobs = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.jobs'), $this->user); + if ($allowedJobs->exitcode === 0) { + $jobname = in_array($this->Request['name'], $allowedJobs->output) ? $this->Request['name'] : null; + } else { + $error_obj = $allowedJobs; + $error = true; + } } - if(!is_null($jobname)) { - $jobShow = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'job="' . $jobname . '"'), $this->user); - $this->output = $jobShow->output; - $this->error = (integer)$jobShow->exitcode; + if ($error === false) { + if(!is_null($jobname)) { + $jobShow = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'job="' . $jobname . '"'), $this->user); + $this->output = $jobShow->output; + $this->error = (integer)$jobShow->exitcode; + } else { + $this->output = JobError::MSG_ERROR_JOB_DOES_NOT_EXISTS; + $this->error = JobError::ERROR_JOB_DOES_NOT_EXISTS; + } } else { - $this->output = JobError::MSG_ERROR_JOB_DOES_NOT_EXISTS; - $this->error = JobError::ERROR_JOB_DOES_NOT_EXISTS; + $this->output = $error_obj->output; + $this->error = $error_obj->exitcode; } } } diff --git a/gui/baculum/protected/Pages/API/JobTasks.php b/gui/baculum/protected/Pages/API/JobTasks.php index 689a1d508a..75bbe02ee1 100644 --- a/gui/baculum/protected/Pages/API/JobTasks.php +++ b/gui/baculum/protected/Pages/API/JobTasks.php @@ -26,19 +26,31 @@ class JobTasks extends BaculumAPI { $directors = $this->getModule('bconsole')->getDirectors(); if($directors->exitcode === 0) { $jobs = array(); + $error = false; + $error_obj = null; for($i = 0; $i < count($directors->output); $i++) { - $jobsList = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('.jobs'), $this->user)->output; - $jobsshow = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('show', 'jobs'), $this->user)->output; + $jobsList = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('.jobs'), $this->user); + if ($jobsList->exitcode != 0) { + $error_obj = $jobsList; + $error = true; + break; + } + $jobsshow = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('show', 'jobs'), $this->user); + if ($jobsshow->exitcode != 0) { + $error_obj = $jobsshow; + $error = true; + break; + } $jobs[$directors->output[$i]] = array(); - for($j = 0; $j < count($jobsList); $j++) { + for($j = 0; $j < count($jobsList->output); $j++) { /** * Checking by "show job" command is ugly way to be sure that is reading jobname but not some * random output (eg. "You have messages." or debugging). * For now I did not find nothing better for be sure that output contains job. */ - for($k = 0; $k < count($jobsshow); $k++) { - if(preg_match('/^Job: name=' . $jobsList[$j] . '.*/', $jobsshow[$k]) === 1) { - $jobs[$directors->output[$i]][] = $jobsList[$j]; + for($k = 0; $k < count($jobsshow->output); $k++) { + if(preg_match('/^Job: name=' . $jobsList->output[$j] . '.*/', $jobsshow->output[$k]) === 1) { + $jobs[$directors->output[$i]][] = $jobsList->output[$j]; break; } } @@ -48,13 +60,18 @@ class JobTasks extends BaculumAPI { } } } - $this->output = $jobs; - $this->error = BconsoleError::ERROR_NO_ERRORS; + if ($error === true) { + $this->output = $error_obj->output; + $this->error = $error_obj->exitcode; + } else { + $this->output = $jobs; + $this->error = BconsoleError::ERROR_NO_ERRORS; + } } else { - $this->output = BconsoleError::MSG_ERROR_BCONSOLE_CONNECTION_PROBLEM; - $this->error = BconsoleError::ERROR_BCONSOLE_CONNECTION_PROBLEM; + $this->output = $directors->output; + $this->error = $directors->exitcode; } } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Pages/API/JobTotals.php b/gui/baculum/protected/Pages/API/JobTotals.php index 18e04cac9e..c7481fc337 100644 --- a/gui/baculum/protected/Pages/API/JobTotals.php +++ b/gui/baculum/protected/Pages/API/JobTotals.php @@ -22,9 +22,25 @@ class JobTotals extends BaculumAPI { public function get() { - $jobtotals = $this->getModule('job')->getJobTotals(); - $this->output = $jobtotals; - $this->error = JobError::ERROR_NO_ERRORS; + $error = false; + $allowed = array(); + if (!is_null($this->user)) { + $allowedJobs = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.jobs'), $this->user); + if ($allowedJobs->exitcode === 0) { + array_shift($allowedJobs->output); + $allowed = $allowedJobs->output; + } else { + $error = true; + $this->output = $allowedJobs->output; + $this->error = $allowedJobs->error; + } + } + + if ($error === false) { + $jobtotals = $this->getModule('job')->getJobTotals($allowed); + $this->output = $jobtotals; + $this->error = JobError::ERROR_NO_ERRORS; + } } } ?> diff --git a/gui/baculum/protected/Pages/API/Jobs.php b/gui/baculum/protected/Pages/API/Jobs.php index bc8b45ea09..d9a45f5898 100644 --- a/gui/baculum/protected/Pages/API/Jobs.php +++ b/gui/baculum/protected/Pages/API/Jobs.php @@ -23,9 +23,25 @@ class Jobs extends BaculumAPI { public function get() { $limit = intval($this->Request['limit']); - $jobs = $this->getModule('job')->getJobs($limit); - $this->output = $jobs; - $this->error = JobError::ERROR_NO_ERRORS; + $allowed = array(); + $error = false; + if (!is_null($this->user)) { + $allowedJobs = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.jobs'), $this->user); + if ($allowedJobs->exitcode === 0) { + array_shift($allowedJobs->output); + $allowed = $allowedJobs->output; + } else { + $error = true; + $this->output = $allowedJobs->output; + $this->error = $allowedJobs->error; + } + } + + if ($error === false) { + $jobs = $this->getModule('job')->getJobs($limit, $allowed); + $this->output = $jobs; + $this->error = JobError::ERROR_NO_ERRORS; + } } } ?> diff --git a/gui/baculum/protected/Pages/API/Pool.php b/gui/baculum/protected/Pages/API/Pool.php index 9e796e035e..4d9ba0adea 100644 --- a/gui/baculum/protected/Pages/API/Pool.php +++ b/gui/baculum/protected/Pages/API/Pool.php @@ -24,13 +24,18 @@ class Pool extends BaculumAPI { public function get() { $poolid = intval($this->Request['id']); $pool = $this->getModule('pool')->getPoolById($poolid); - $allowedPools = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.pool'), $this->user)->output; - if(!is_null($pool) && in_array($pool->name, $allowedPools)) { - $this->output = $pool; - $this->error = PoolError::ERROR_NO_ERRORS; + $allowedPools = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.pool'), $this->user); + if ($allowedPools->exitcode === 0) { + if(!is_null($pool) && in_array($pool->name, $allowedPools->output)) { + $this->output = $pool; + $this->error = PoolError::ERROR_NO_ERRORS; + } else { + $this->output = PoolError::MSG_ERROR_POOL_DOES_NOT_EXISTS; + $this->error = PoolError::ERROR_POOL_DOES_NOT_EXISTS; + } } else { - $this->output = PoolError::MSG_ERROR_POOL_DOES_NOT_EXISTS; - $this->error = PoolError::ERROR_POOL_DOES_NOT_EXISTS; + $this->output = $allowedPools->output; + $this->error = $allowedPools->exitcode; } } @@ -46,4 +51,4 @@ class Pool extends BaculumAPI { } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Pages/API/Pools.php b/gui/baculum/protected/Pages/API/Pools.php index 7fecf7c494..21414f240d 100644 --- a/gui/baculum/protected/Pages/API/Pools.php +++ b/gui/baculum/protected/Pages/API/Pools.php @@ -24,15 +24,20 @@ class Pools extends BaculumAPI { public function get() { $limit = intval($this->Request['limit']); $pools = $this->getModule('pool')->getPools($limit); - $allowedPools = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.pool'), $this->user)->output; - $poolsOutput = array(); - foreach($pools as $pool) { - if(in_array($pool->name, $allowedPools)) { - $poolsOutput[] = $pool; + $allowedPools = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.pool'), $this->user); + if ($allowedPools->exitcode === 0) { + $poolsOutput = array(); + foreach($pools as $pool) { + if(in_array($pool->name, $allowedPools->output)) { + $poolsOutput[] = $pool; + } } + $this->output = $poolsOutput; + $this->error = PoolError::ERROR_NO_ERRORS; + } else { + $this->output = $allowedPools->output; + $this->error = $allowedPools->exitcode; } - $this->output = $poolsOutput; - $this->error = PoolError::ERROR_NO_ERRORS; } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Pages/API/Storage.php b/gui/baculum/protected/Pages/API/Storage.php index f9b81bf7db..bdd6c6e5f2 100644 --- a/gui/baculum/protected/Pages/API/Storage.php +++ b/gui/baculum/protected/Pages/API/Storage.php @@ -24,15 +24,20 @@ class Storage extends BaculumAPI { public function get() { $storageid = intval($this->Request['id']); $storage = $this->getModule('storage')->getStorageById($storageid); - $allowedStorages = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.storage'), $this->user)->output; - if(!is_null($storage) && in_array($storage->name, $allowedStorages)) { - $this->output = $storage; - $this->error = StorageError::ERROR_NO_ERRORS; + $allowedStorages = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.storage'), $this->user); + if ($allowedStorages->exitcode === 0) { + if(!is_null($storage) && in_array($storage->name, $allowedStorages->output)) { + $this->output = $storage; + $this->error = StorageError::ERROR_NO_ERRORS; + } else { + $this->output = StorageError::MSG_ERROR_STORAGE_DOES_NOT_EXISTS; + $this->error = StorageError::ERROR_STORAGE_DOES_NOT_EXISTS; + } } else { - $this->output = StorageError::MSG_ERROR_STORAGE_DOES_NOT_EXISTS; - $this->error = StorageError::ERROR_STORAGE_DOES_NOT_EXISTS; + $this->output = $allowedStorages->output; + $this->error = $allowedStorages->exitcode; } } } -?> \ No newline at end of file +?> diff --git a/gui/baculum/protected/Pages/API/Storages.php b/gui/baculum/protected/Pages/API/Storages.php index 12b4a682bf..4d1b3c2639 100644 --- a/gui/baculum/protected/Pages/API/Storages.php +++ b/gui/baculum/protected/Pages/API/Storages.php @@ -25,15 +25,20 @@ class Storages extends BaculumAPI { public function get() { $limit = intval($this->Request['limit']); $storages = $this->getModule('storage')->getStorages($limit); - $allowedStorages = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.storage'), $this->user)->output; - $storagesOutput = array(); - foreach($storages as $storage) { - if(in_array($storage->name, $allowedStorages)) { - $storagesOutput[] = $storage; + $allowedStorages = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.storage'), $this->user); + if ($allowedStorages->exitcode === 0) { + $storagesOutput = array(); + foreach($storages as $storage) { + if(in_array($storage->name, $allowedStorages->output)) { + $storagesOutput[] = $storage; + } } + $this->output = $storagesOutput; + $this->error = StorageError::ERROR_NO_ERRORS; + } else { + $this->output = $allowedStorages->output; + $this->error = $allowedStorages->exitcode; } - $this->output = $storagesOutput; - $this->error = StorageError::ERROR_NO_ERRORS; } } ?> diff --git a/gui/baculum/protected/Pages/Home.php b/gui/baculum/protected/Pages/Home.php index c78c00b0eb..8de3dbc4ff 100644 --- a/gui/baculum/protected/Pages/Home.php +++ b/gui/baculum/protected/Pages/Home.php @@ -44,6 +44,7 @@ class Home extends BaculumPage public function onInit($param) { parent::onInit($param); + $this->Application->getModule('users')->loginUser(); if (!$this->IsPostBack && !$this->IsCallBack) { $this->getModule('api')->initSessionCache(true); @@ -57,6 +58,7 @@ class Home extends BaculumPage $appConfig = $this->getModule('configuration')->getApplicationConfig(); $this->SettingsWizardBtn->Visible = $this->User->getIsAdmin(); + $this->PoolBtn->Visible = $this->User->getIsAdmin(); $this->VolumeBtn->Visible = $this->User->getIsAdmin(); $this->ClearBvfsCache->Visible = $this->User->getIsAdmin(); $this->Logging->Visible = $this->User->getIsAdmin(); diff --git a/gui/baculum/protected/Pages/Monitor.php b/gui/baculum/protected/Pages/Monitor.php index e96009f115..0fd4cf1b27 100644 --- a/gui/baculum/protected/Pages/Monitor.php +++ b/gui/baculum/protected/Pages/Monitor.php @@ -23,6 +23,8 @@ class Monitor extends BaculumPage { public function onInit($param) { parent::onInit($param); + $this->Application->getModule('users')->loginUser(); + $_SESSION['monitor_data'] = array( 'jobs' => array(), 'running_jobs' => array(), diff --git a/gui/baculum/protected/Pages/RestoreWizard.php b/gui/baculum/protected/Pages/RestoreWizard.php index cae5afce5f..df595889fe 100644 --- a/gui/baculum/protected/Pages/RestoreWizard.php +++ b/gui/baculum/protected/Pages/RestoreWizard.php @@ -47,6 +47,7 @@ class RestoreWizard extends BaculumPage public function onInit($param) { parent::onInit($param); + $this->Application->getModule('users')->loginUser(); if(!$this->IsPostBack && !$this->IsCallBack) { $this->setBrowserFiles(array()); $this->setFileVersions(array()); diff --git a/gui/baculum/protected/Portlets/JobConfiguration.php b/gui/baculum/protected/Portlets/JobConfiguration.php index 1c5ffcb087..2a852a61d3 100644 --- a/gui/baculum/protected/Portlets/JobConfiguration.php +++ b/gui/baculum/protected/Portlets/JobConfiguration.php @@ -183,9 +183,13 @@ class JobConfiguration extends Portlets { $params['fileset'] = $this->getResourceName('fileset', $jobshow); $params['clientid'] = $jobdata->clientid; $storage = $this->getResourceName('storage', $jobshow); - $params['storageid'] = $this->getStorageByName($storage)->storageid; + if (is_object($storage)) { + $params['storageid'] = $this->getStorageByName($storage)->storageid; + } $pool = $this->getResourceName('pool', $jobshow); - $params['poolid'] = $this->getPoolByName($pool)->poolid; + if (is_object($pool)) { + $params['poolid'] = $this->getPoolByName($pool)->poolid; + } } else { $params['id'] = $this->JobID->Text; $params['level'] = $this->Level->SelectedValue;