one world, one error-reporting mechanism

[invirt/packages/invirt-web.git] / code / main.py

diff --git a/code/main.py b/code/main.py
index e208a13..646f7d0 100755 (executable)
--- a/code/main.py
+++ b/code/main.py
@@ -6,7 +6,6 @@ import cPickle
 import cgi
 import datetime
 import hmac
 import cgi
 import datetime
 import hmac

-import os

 import sha
 import simplejson
 import sys
 import sha
 import simplejson
 import sys

@@ -18,7 +17,7 @@ def revertStandardError():
     """Move stderr to stdout, and return the contents of the old stderr."""
     errio = sys.stderr
     if not isinstance(errio, StringIO):
     """Move stderr to stdout, and return the contents of the old stderr."""
     errio = sys.stderr
     if not isinstance(errio, StringIO):

-        return None
+        return ''

     sys.stderr = sys.stdout
     errio.seek(0)
     return errio.read()
     sys.stderr = sys.stdout
     errio.seek(0)
     return errio.read()

@@ -31,7 +30,6 @@ def printError():
 if __name__ == '__main__':
     import atexit
     atexit.register(printError)
 if __name__ == '__main__':
     import atexit
     atexit.register(printError)

-    sys.stderr = StringIO()

 
 sys.path.append('/home/ecprice/.local/lib/python2.5/site-packages')
 
 
 sys.path.append('/home/ecprice/.local/lib/python2.5/site-packages')
 

@@ -41,7 +39,7 @@ import sipb_xen_database
 from sipb_xen_database import Machine, CDROM, ctx, connect, MachineAccess, Type, Autoinstall
 import validation
 import cache_acls
 from sipb_xen_database import Machine, CDROM, ctx, connect, MachineAccess, Type, Autoinstall
 import validation
 import cache_acls

-from webcommon import InvalidInput, CodeError, g
+from webcommon import InvalidInput, CodeError, State

 import controls
 
 class Checkpoint:
 import controls
 
 class Checkpoint:

@@ -119,15 +117,19 @@ class Defaults:
 
 DEFAULT_HEADERS = {'Content-Type': 'text/html'}
 
 
 DEFAULT_HEADERS = {'Content-Type': 'text/html'}
 

-def error(op, user, fields, err, emsg):
-    """Print an error page when a CodeError occurs"""
-    d = dict(op=op, user=user, errorMessage=str(err),
-             stderr=emsg)
+def error(op, username, fields, err, emsg, traceback):
+    """Print an error page when an exception occurs"""
+    d = dict(op=op, user=username, fields=fields,
+             errorMessage=str(err), stderr=emsg, traceback=traceback)
+    details = templates.error_raw(searchList=[d])
+    send_error_mail('xvm error on %s for %s: %s' % (op, username, err),
+                    details)
+    d['details'] = details

     return templates.error(searchList=[d])
 
     return templates.error(searchList=[d])
 

-def invalidInput(op, user, fields, err, emsg):
+def invalidInput(op, username, fields, err, emsg):

     """Print an error page when an InvalidInput exception occurs"""
     """Print an error page when an InvalidInput exception occurs"""

-    d = dict(op=op, user=user, err_field=err.err_field,
+    d = dict(op=op, user=username, err_field=err.err_field,

              err_value=str(err.err_value), stderr=emsg,
              errorMessage=str(err))
     return templates.invalid(searchList=[d])
              err_value=str(err.err_value), stderr=emsg,
              errorMessage=str(err))
     return templates.invalid(searchList=[d])

@@ -142,49 +144,25 @@ def hasVnc(status):
             return 'location' in d
     return False
 
             return 'location' in d
     return False
 

-def parseCreate(user, fields):
-    name = fields.getfirst('name')
-    if not validation.validMachineName(name):
-        raise InvalidInput('name', name, 'You must provide a machine name.  Max 22 chars, alnum plus \'-\' and \'_\'.')
-    name = name.lower()
-
-    if Machine.get_by(name=name):
-        raise InvalidInput('name', name,
-                           "Name already exists.")
-
-    owner = validation.testOwner(user, fields.getfirst('owner'))
-
-    memory = fields.getfirst('memory')
-    memory = validation.validMemory(owner, memory, on=True)
-
-    disk_size = fields.getfirst('disk')
-    disk_size = validation.validDisk(owner, disk_size)
+def parseCreate(username, state, fields):
+    kws = dict([(kw, fields.getfirst(kw)) for kw in 'name owner memory disksize vmtype cdrom clone_from'.split()])
+    validate = validation.Validate(username, state, strict=True, **kws)
+    return dict(contact=username, name=validate.name, memory=validate.memory,
+                disksize=validate.disksize, owner=validate.owner, machine_type=validate.vmtype,
+                cdrom=getattr(validate, 'cdrom', None),
+                clone_from=getattr(validate, 'clone_from', None))

 
 

-    vm_type = fields.getfirst('vmtype')
-    vm_type = validation.validVmType(vm_type)
-
-    cdrom = fields.getfirst('cdrom')
-    if cdrom is not None and not CDROM.get(cdrom):
-        raise CodeError("Invalid cdrom type '%s'" % cdrom)
-
-    clone_from = fields.getfirst('clone_from')
-    if clone_from and clone_from != 'ice3':
-        raise CodeError("Invalid clone image '%s'" % clone_from)
-
-    return dict(contact=user, name=name, memory=memory, disk_size=disk_size,
-                owner=owner, machine_type=vm_type, cdrom=cdrom, clone_from=clone_from)
-
-def create(user, fields):
+def create(username, state, fields):

     """Handler for create requests."""
     try:
     """Handler for create requests."""
     try:

-        parsed_fields = parseCreate(user, fields)
-        machine = controls.createVm(**parsed_fields)
+        parsed_fields = parseCreate(username, state, fields)
+        machine = controls.createVm(username, state, **parsed_fields)

     except InvalidInput, err:
         pass
     else:
         err = None
     except InvalidInput, err:
         pass
     else:
         err = None

-    g.clear() #Changed global state
-    d = getListDict(user)
+    state.clear() #Changed global state
+    d = getListDict(username, state)

     d['err'] = err
     if err:
         for field in fields.keys():
     d['err'] = err
     if err:
         for field in fields.keys():

@@ -194,15 +172,16 @@ def create(user, fields):
     return templates.list(searchList=[d])
 
 
     return templates.list(searchList=[d])
 
 

-def getListDict(user):
+def getListDict(username, state):

     """Gets the list of local variables used by list.tmpl."""
     checkpoint.checkpoint('Starting')
     """Gets the list of local variables used by list.tmpl."""
     checkpoint.checkpoint('Starting')

-    machines = g.machines
+    machines = state.machines

     checkpoint.checkpoint('Got my machines')
     on = {}
     has_vnc = {}
     checkpoint.checkpoint('Got my machines')
     on = {}
     has_vnc = {}

-    xmlist = g.xmlist
+    xmlist = state.xmlist

     checkpoint.checkpoint('Got uptimes')
     checkpoint.checkpoint('Got uptimes')

+    can_clone = 'ice3' not in state.xmlist_raw

     for m in machines:
         if m not in xmlist:
             has_vnc[m] = 'Off'
     for m in machines:
         if m not in xmlist:
             has_vnc[m] = 'Off'

@@ -214,35 +193,36 @@ def getListDict(user):
             elif m.type.hvm:
                 has_vnc[m] = "WTF?"
             else:
             elif m.type.hvm:
                 has_vnc[m] = "WTF?"
             else:

-                has_vnc[m] = "ParaVM"+helppopup("paravm_console")
-    max_memory = validation.maxMemory(user)
-    max_disk = validation.maxDisk(user)
+                has_vnc[m] = "ParaVM"+helppopup("ParaVM Console")
+    max_memory = validation.maxMemory(username, state)
+    max_disk = validation.maxDisk(username)

     checkpoint.checkpoint('Got max mem/disk')
     defaults = Defaults(max_memory=max_memory,
                         max_disk=max_disk,
     checkpoint.checkpoint('Got max mem/disk')
     defaults = Defaults(max_memory=max_memory,
                         max_disk=max_disk,

-                        owner=user,
+                        owner=username,

                         cdrom='gutsy-i386')
     checkpoint.checkpoint('Got defaults')
     def sortkey(machine):
                         cdrom='gutsy-i386')
     checkpoint.checkpoint('Got defaults')
     def sortkey(machine):

-        return (machine.owner != user, machine.owner, machine.name)
+        return (machine.owner != username, machine.owner, machine.name)

     machines = sorted(machines, key=sortkey)
     machines = sorted(machines, key=sortkey)

-    d = dict(user=user,
-             cant_add_vm=validation.cantAddVm(user),
+    d = dict(user=username,
+             cant_add_vm=validation.cantAddVm(username, state),

              max_memory=max_memory,
              max_disk=max_disk,
              defaults=defaults,
              machines=machines,
              max_memory=max_memory,
              max_disk=max_disk,
              defaults=defaults,
              machines=machines,

-             has_vnc=has_vnc)
+             has_vnc=has_vnc,
+             can_clone=can_clone)

     return d
 
     return d
 

-def listVms(user, fields):
+def listVms(username, state, fields):

     """Handler for list requests."""
     checkpoint.checkpoint('Getting list dict')
     """Handler for list requests."""
     checkpoint.checkpoint('Getting list dict')

-    d = getListDict(user)
+    d = getListDict(username, state)

     checkpoint.checkpoint('Got list dict')
     return templates.list(searchList=[d])
 
     checkpoint.checkpoint('Got list dict')
     return templates.list(searchList=[d])
 

-def vnc(user, fields):
+def vnc(username, state, fields):

     """VNC applet page.
 
     Note that due to same-domain restrictions, the applet connects to
     """VNC applet page.
 
     Note that due to same-domain restrictions, the applet connects to

@@ -262,12 +242,12 @@ def vnc(user, fields):
     Remember to enable iptables!
     echo 1 > /proc/sys/net/ipv4/ip_forward
     """
     Remember to enable iptables!
     echo 1 > /proc/sys/net/ipv4/ip_forward
     """

-    machine = validation.testMachineId(user, fields.getfirst('machine_id'))
+    machine = validation.Validate(username, state, machine_id=fields.getfirst('machine_id')).machine

 
     TOKEN_KEY = "0M6W0U1IXexThi5idy8mnkqPKEq1LtEnlK/pZSn0cDrN"
 
     data = {}
 
     TOKEN_KEY = "0M6W0U1IXexThi5idy8mnkqPKEq1LtEnlK/pZSn0cDrN"
 
     data = {}

-    data["user"] = user
+    data["user"] = username

     data["machine"] = machine.name
     data["expires"] = time.time()+(5*60)
     pickled_data = cPickle.dumps(data)
     data["machine"] = machine.name
     data["expires"] = time.time()+(5*60)
     pickled_data = cPickle.dumps(data)

@@ -280,11 +260,11 @@ def vnc(user, fields):
     status = controls.statusInfo(machine)
     has_vnc = hasVnc(status)
 
     status = controls.statusInfo(machine)
     has_vnc = hasVnc(status)
 

-    d = dict(user=user,
+    d = dict(user=username,

              on=status,
              has_vnc=has_vnc,
              machine=machine,
              on=status,
              has_vnc=has_vnc,
              machine=machine,

-             hostname=os.environ.get('SERVER_NAME', 'localhost'),
+             hostname=state.environ.get('SERVER_NAME', 'localhost'),

              authtoken=token)
     return templates.vnc(searchList=[d])
 
              authtoken=token)
     return templates.vnc(searchList=[d])
 

@@ -339,36 +319,36 @@ def getDiskInfo(data_dict, machine):
         data_dict['%s_size' % name] = "%0.1f GiB" % (disk.size / 1024.)
     return disk_fields
 
         data_dict['%s_size' % name] = "%0.1f GiB" % (disk.size / 1024.)
     return disk_fields
 

-def command(user, fields):
+def command(username, state, fields):

     """Handler for running commands like boot and delete on a VM."""
     back = fields.getfirst('back')
     try:
     """Handler for running commands like boot and delete on a VM."""
     back = fields.getfirst('back')
     try:

-        d = controls.commandResult(user, fields)
+        d = controls.commandResult(username, state, fields)

         if d['command'] == 'Delete VM':
             back = 'list'
     except InvalidInput, err:
         if not back:
             raise
         if d['command'] == 'Delete VM':
             back = 'list'
     except InvalidInput, err:
         if not back:
             raise

-        #print >> sys.stderr, err
+        print >> sys.stderr, err

         result = err
     else:
         result = 'Success!'
         if not back:
             return templates.command(searchList=[d])
     if back == 'list':
         result = err
     else:
         result = 'Success!'
         if not back:
             return templates.command(searchList=[d])
     if back == 'list':

-        g.clear() #Changed global state
-        d = getListDict(user)
+        state.clear() #Changed global state
+        d = getListDict(username, state)

         d['result'] = result
         return templates.list(searchList=[d])
     elif back == 'info':
         d['result'] = result
         return templates.list(searchList=[d])
     elif back == 'info':

-        machine = validation.testMachineId(user, fields.getfirst('machine_id'))
-        return ({'Status': '302',
+        machine = validation.Validate(username, state, machine_id=fields.getfirst('machine_id')).machine
+        return ({'Status': '303 See Other',

                  'Location': '/info?machine_id=%d' % machine.machine_id},
                 "You shouldn't see this message.")
     else:
         raise InvalidInput('back', back, 'Not a known back page.')
 
                  'Location': '/info?machine_id=%d' % machine.machine_id},
                 "You shouldn't see this message.")
     else:
         raise InvalidInput('back', back, 'Not a known back page.')
 

-def modifyDict(user, fields):
+def modifyDict(username, state, fields):

     """Modify a machine as specified by CGI arguments.
 
     Return a list of local variables for modify.tmpl.
     """Modify a machine as specified by CGI arguments.
 
     Return a list of local variables for modify.tmpl.

@@ -376,28 +356,19 @@ def modifyDict(user, fields):
     olddisk = {}
     transaction = ctx.current.create_transaction()
     try:
     olddisk = {}
     transaction = ctx.current.create_transaction()
     try:

-        machine = validation.testMachineId(user, fields.getfirst('machine_id'))
-        owner = validation.testOwner(user, fields.getfirst('owner'), machine)
-        admin = validation.testAdmin(user, fields.getfirst('administrator'),
-                                     machine)
-        contact = validation.testContact(user, fields.getfirst('contact'),
-                                         machine)
-        name = validation.testName(user, fields.getfirst('name'), machine)
+        kws = dict([(kw, fields.getfirst(kw)) for kw in 'machine_id owner admin contact name memory vmtype disksize'.split()])
+        validate = validation.Validate(username, state, **kws)
+        machine = validate.machine

         oldname = machine.name
         oldname = machine.name

-        command = "modify"

 
 

-        memory = fields.getfirst('memory')
-        if memory is not None:
-            memory = validation.validMemory(user, memory, machine, on=False)
-            machine.memory = memory
+        if hasattr(validate, 'memory'):
+            machine.memory = validate.memory

 
 

-        vm_type = validation.validVmType(fields.getfirst('vmtype'))
-        if vm_type is not None:
-            machine.type = vm_type
+        if hasattr(validate, 'vmtype'):
+            machine.type = validate.vmtype

 
 

-        disksize = validation.testDisk(user, fields.getfirst('disk'))
-        if disksize is not None:
-            disksize = validation.validDisk(user, disksize, machine)
+        if hasattr(validate, 'disksize'):
+            disksize = validate.disksize

             disk = machine.disks[0]
             if disk.size != disksize:
                 olddisk[disk.guest_device_name] = disksize
             disk = machine.disks[0]
             if disk.size != disksize:
                 olddisk[disk.guest_device_name] = disksize

@@ -405,19 +376,20 @@ def modifyDict(user, fields):
                 ctx.current.save(disk)
 
         update_acl = False
                 ctx.current.save(disk)
 
         update_acl = False

-        if owner is not None and owner != machine.owner:
-            machine.owner = owner
+        if hasattr(validate, 'owner') and validate.owner != machine.owner:
+            machine.owner = validate.owner

             update_acl = True
             update_acl = True

-        if name is not None:
-            machine.name = name
-        if admin is not None and admin != machine.administrator:
-            machine.administrator = admin
+        if hasattr(validate, 'name'):
+            machine.name = validate.name
+        if hasattr(validate, 'admin') and validate.admin != machine.administrator:
+            machine.administrator = validate.admin

             update_acl = True
             update_acl = True

-        if contact is not None:
-            machine.contact = contact
+        if hasattr(validate, 'contact'):
+            machine.contact = validate.contact

 
         ctx.current.save(machine)
         if update_acl:
 
         ctx.current.save(machine)
         if update_acl:

+            print >> sys.stderr, machine, machine.administrator

             cache_acls.refreshMachine(machine)
         transaction.commit()
     except:
             cache_acls.refreshMachine(machine)
         transaction.commit()
     except:

@@ -425,24 +397,24 @@ def modifyDict(user, fields):
         raise
     for diskname in olddisk:
         controls.resizeDisk(oldname, diskname, str(olddisk[diskname]))
         raise
     for diskname in olddisk:
         controls.resizeDisk(oldname, diskname, str(olddisk[diskname]))

-    if name is not None:
-        controls.renameMachine(machine, oldname, name)
-    return dict(user=user,
-                command=command,
+    if hasattr(validate, 'name'):
+        controls.renameMachine(machine, oldname, validate.name)
+    return dict(user=username,
+                command="modify",

                 machine=machine)
 
                 machine=machine)
 

-def modify(user, fields):
+def modify(username, state, fields):

     """Handler for modifying attributes of a machine."""
     try:
     """Handler for modifying attributes of a machine."""
     try:

-        modify_dict = modifyDict(user, fields)
+        modify_dict = modifyDict(username, state, fields)

     except InvalidInput, err:
         result = None
     except InvalidInput, err:
         result = None

-        machine = validation.testMachineId(user, fields.getfirst('machine_id'))
+        machine = validation.Validate(username, state, machine_id=fields.getfirst('machine_id')).machine

     else:
         machine = modify_dict['machine']
         result = 'Success!'
         err = None
     else:
         machine = modify_dict['machine']
         result = 'Success!'
         err = None

-    info_dict = infoDict(user, machine)
+    info_dict = infoDict(username, state, machine)

     info_dict['err'] = err
     if err:
         for field in fields.keys():
     info_dict['err'] = err
     if err:
         for field in fields.keys():

@@ -451,50 +423,50 @@ def modify(user, fields):
     return templates.info(searchList=[info_dict])
 
 
     return templates.info(searchList=[info_dict])
 
 

-def helpHandler(user, fields):
+def helpHandler(username, state, fields):

     """Handler for help messages."""
     simple = fields.getfirst('simple')
     subjects = fields.getlist('subject')
 
     """Handler for help messages."""
     simple = fields.getfirst('simple')
     subjects = fields.getlist('subject')
 

-    help_mapping = dict(paravm_console="""
+    help_mapping = {'ParaVM Console': """

 ParaVM machines do not support local console access over VNC.  To
 access the serial console of these machines, you can SSH with Kerberos
 ParaVM machines do not support local console access over VNC.  To
 access the serial console of these machines, you can SSH with Kerberos

-to sipb-xen-console.mit.edu, using the name of the machine as your
+to console.xvm.mit.edu, using the name of the machine as your

 username.""",
 username.""",

-                        hvm_paravm="""
+                    'HVM/ParaVM': """

 HVM machines use the virtualization features of the processor, while
 ParaVM machines use Xen's emulation of virtualization features.  You
 want an HVM virtualized machine.""",
 HVM machines use the virtualization features of the processor, while
 ParaVM machines use Xen's emulation of virtualization features.  You
 want an HVM virtualized machine.""",

-                        cpu_weight="""
+                    'CPU Weight': """

 Don't ask us!  We're as mystified as you are.""",
 Don't ask us!  We're as mystified as you are.""",

-                        owner="""
+                    'Owner': """

 The owner field is used to determine <a
 The owner field is used to determine <a

-href="help?subject=quotas">quotas</a>.  It must be the name of a
+href="help?subject=Quotas">quotas</a>.  It must be the name of a

 locker that you are an AFS administrator of.  In particular, you or an
 AFS group you are a member of must have AFS rlidwka bits on the
 locker.  You can check who administers the LOCKER locker using the
 commands 'attach LOCKER; fs la /mit/LOCKER' on Athena.)  See also <a
 locker that you are an AFS administrator of.  In particular, you or an
 AFS group you are a member of must have AFS rlidwka bits on the
 locker.  You can check who administers the LOCKER locker using the
 commands 'attach LOCKER; fs la /mit/LOCKER' on Athena.)  See also <a

-href="help?subject=administrator">administrator</a>.""",
-                        administrator="""
+href="help?subject=Administrator">administrator</a>.""",
+                    'Administrator': """

 The administrator field determines who can access the console and
 power on and off the machine.  This can be either a user or a moira
 group.""",
 The administrator field determines who can access the console and
 power on and off the machine.  This can be either a user or a moira
 group.""",

-                        quotas="""
+                    'Quotas': """

 Quotas are determined on a per-locker basis.  Each locker may have a
 maximum of 512 megabytes of active ram, 50 gigabytes of disk, and 4
 active machines.""",
 Quotas are determined on a per-locker basis.  Each locker may have a
 maximum of 512 megabytes of active ram, 50 gigabytes of disk, and 4
 active machines.""",

-                        console="""
+                    'Console': """

 <strong>Framebuffer:</strong> At a Linux boot prompt in your VM, try
 setting <tt>fb=false</tt> to disable the framebuffer.  If you don't,
 your machine will run just fine, but the applet's display of the
 console will suffer artifacts.
 """
 <strong>Framebuffer:</strong> At a Linux boot prompt in your VM, try
 setting <tt>fb=false</tt> to disable the framebuffer.  If you don't,
 your machine will run just fine, but the applet's display of the
 console will suffer artifacts.
 """

-                   )
+                    }

 
     if not subjects:
         subjects = sorted(help_mapping.keys())
 
 
     if not subjects:
         subjects = sorted(help_mapping.keys())
 

-    d = dict(user=user,
+    d = dict(user=username,

              simple=simple,
              subjects=subjects,
              mapping=help_mapping)
              simple=simple,
              subjects=subjects,
              mapping=help_mapping)

@@ -502,11 +474,11 @@ console will suffer artifacts.
     return templates.help(searchList=[d])
 
 
     return templates.help(searchList=[d])
 
 

-def badOperation(u, e):
+def badOperation(u, s, e):

     """Function called when accessing an unknown URI."""
     raise CodeError("Unknown operation")
 
     """Function called when accessing an unknown URI."""
     raise CodeError("Unknown operation")
 

-def infoDict(user, machine):
+def infoDict(username, state, machine):

     """Get the variables used by info.tmpl."""
     status = controls.statusInfo(machine)
     checkpoint.checkpoint('Getting status info')
     """Get the variables used by info.tmpl."""
     status = controls.statusInfo(machine)
     checkpoint.checkpoint('Getting status info')

@@ -536,7 +508,7 @@ def infoDict(user, machine):
                       ('memory', 'RAM'),
                       'DISK_INFO',
                       ('state', 'state (xen format)'),
                       ('memory', 'RAM'),
                       'DISK_INFO',
                       ('state', 'state (xen format)'),

-                      ('cpu_weight', 'CPU weight'+helppopup('cpu_weight')),
+                      ('cpu_weight', 'CPU weight'+helppopup('CPU Weight')),

                       ('on_reboot', 'Action on VM reboot'),
                       ('on_poweroff', 'Action on VM poweroff'),
                       ('on_crash', 'Action on VM crash'),
                       ('on_reboot', 'Action on VM reboot'),
                       ('on_poweroff', 'Action on VM poweroff'),
                       ('on_crash', 'Action on VM crash'),

@@ -577,16 +549,16 @@ def infoDict(user, machine):
     checkpoint.checkpoint('Got fields')
 
 
     checkpoint.checkpoint('Got fields')
 
 

-    max_mem = validation.maxMemory(user, machine, False)
+    max_mem = validation.maxMemory(machine.owner, state, machine, False)

     checkpoint.checkpoint('Got mem')
     checkpoint.checkpoint('Got mem')

-    max_disk = validation.maxDisk(user, machine)
+    max_disk = validation.maxDisk(machine.owner, machine)

     defaults = Defaults()
     for name in 'machine_id name administrator owner memory contact'.split():
         setattr(defaults, name, getattr(machine, name))
     defaults.type = machine.type.type_id
     defaults.disk = "%0.2f" % (machine.disks[0].size/1024.)
     checkpoint.checkpoint('Got defaults')
     defaults = Defaults()
     for name in 'machine_id name administrator owner memory contact'.split():
         setattr(defaults, name, getattr(machine, name))
     defaults.type = machine.type.type_id
     defaults.disk = "%0.2f" % (machine.disks[0].size/1024.)
     checkpoint.checkpoint('Got defaults')

-    d = dict(user=user,
+    d = dict(user=username,

              on=status is not None,
              machine=machine,
              defaults=defaults,
              on=status is not None,
              machine=machine,
              defaults=defaults,

@@ -595,21 +567,25 @@ def infoDict(user, machine):
              ram=machine.memory,
              max_mem=max_mem,
              max_disk=max_disk,
              ram=machine.memory,
              max_mem=max_mem,
              max_disk=max_disk,

-             owner_help=helppopup("owner"),
+             owner_help=helppopup("Owner"),

              fields = fields)
     return d
 
              fields = fields)
     return d
 

-def info(user, fields):
+def info(username, state, fields):

     """Handler for info on a single VM."""
     """Handler for info on a single VM."""

-    machine = validation.testMachineId(user, fields.getfirst('machine_id'))
-    d = infoDict(user, machine)
+    machine = validation.Validate(username, state, machine_id=fields.getfirst('machine_id')).machine
+    d = infoDict(username, state, machine)

     checkpoint.checkpoint('Got infodict')
     return templates.info(searchList=[d])
 
     checkpoint.checkpoint('Got infodict')
     return templates.info(searchList=[d])
 

-def unauthFront(_, fields):
+def unauthFront(_, _2, fields):

     """Information for unauth'd users."""
     return templates.unauth(searchList=[{'simple' : True}])
 
     """Information for unauth'd users."""
     return templates.unauth(searchList=[{'simple' : True}])
 

+def throwError(_, __, ___):
+    """Throw an error, to test the error-tracing mechanisms."""
+    raise RuntimeError("test of the emergency broadcast system")
+

 mapping = dict(list=listVms,
                vnc=vnc,
                command=command,
 mapping = dict(list=listVms,
                vnc=vnc,
                command=command,

@@ -617,7 +593,8 @@ mapping = dict(list=listVms,
                info=info,
                create=create,
                help=helpHandler,
                info=info,
                create=create,
                help=helpHandler,

-               unauth=unauthFront)
+               unauth=unauthFront,
+               errortest=throwError)

 
 def printHeaders(headers):
     """Print a dictionary as HTTP headers."""
 
 def printHeaders(headers):
     """Print a dictionary as HTTP headers."""

@@ -625,86 +602,108 @@ def printHeaders(headers):
         print '%s: %s' % (key, value)
     print
 
         print '%s: %s' % (key, value)
     print
 

+def send_error_mail(subject, body):
+    import subprocess
+
+    to = 'xvm@mit.edu'
+    mail = """To: %s
+From: root@xvm.mit.edu
+Subject: %s
+
+%s
+""" % (to, subject, body)
+    p = subprocess.Popen(['/usr/sbin/sendmail', to], stdin=subprocess.PIPE)
+    p.stdin.write(mail)
+    p.stdin.close()
+    p.wait()

 
 

-def getUser():
+def getUser(environ):

     """Return the current user based on the SSL environment variables"""
     """Return the current user based on the SSL environment variables"""

-    email = os.environ.get('SSL_CLIENT_S_DN_Email', None)
+    email = environ.get('SSL_CLIENT_S_DN_Email', None)

     if email is None:
         return None
     if email is None:
         return None

-    return email.split("@")[0]
+    if not email.endswith('@MIT.EDU'):
+        return None
+    return email[:-8]
+
+class App:
+    def __init__(self, environ, start_response):
+        self.environ = environ
+        self.start = start_response
+
+        self.username = getUser(environ)
+        self.state = State(self.username)
+        self.state.environ = environ
+
+    def __iter__(self):
+        sys.stderr = StringIO()
+        fields = cgi.FieldStorage(fp=self.environ['wsgi.input'], environ=self.environ)
+        operation = self.environ.get('PATH_INFO', '')
+        if not operation:
+            self.start("301 Moved Permanently", [('Location',
+                                                  self.environ['SCRIPT_NAME']+'/')])
+            return
+        if self.username is None:
+            operation = 'unauth'
+        if operation.startswith('/'):
+            operation = operation[1:]
+        if not operation:
+            operation = 'list'
+        print 'Starting', operation
+
+        start_time = time.time()
+        fun = mapping.get(operation, badOperation)
+        try:
+            checkpoint.checkpoint('Before')
+            output = fun(self.username, self.state, fields)
+            checkpoint.checkpoint('After')
+
+            headers = dict(DEFAULT_HEADERS)
+            if isinstance(output, tuple):
+                new_headers, output = output
+                headers.update(new_headers)
+            print 'MOO2'
+            e = revertStandardError()
+            if e:
+                if isinstance(output, basestring):
+                    sys.stderr = StringIO()
+                    x = str(output)
+                    print >> sys.stderr, x
+                    print >> sys.stderr, 'XXX'
+                    print >> sys.stderr, e
+                    raise Exception()
+                output.addError(e)
+            output_string =  str(output)
+            checkpoint.checkpoint('output as a string')
+        except Exception, err:
+            if not fields.has_key('js'):
+                if isinstance(err, InvalidInput):
+                    self.start('200 OK', [('Content-Type', 'text/html')])
+                    e = revertStandardError()
+                    yield str(invalidInput(operation, self.username, fields, err, e))
+                    return
+            import traceback
+            self.start('500 Internal Server Error',
+                       [('Content-Type', 'text/html')])
+            e = revertStandardError()
+            s = error(operation, self.username, fields,
+                           err, e, traceback.format_exc())
+            yield str(s)
+            return
+        status = headers.setdefault('Status', '200 OK')
+        del headers['Status']
+        self.start(status, headers.items())
+        yield output_string
+        if fields.has_key('timedebug'):
+            yield '<pre>%s</pre>' % cgi.escape(str(checkpoint))

 
 

-def main(operation, user, fields):
-    start_time = time.time()
-    fun = mapping.get(operation, badOperation)
+def constructor():
+    connect('postgres://sipb-xen@sipb-xen-dev.mit.edu/sipb_xen')
+    return App

 
 

-    if fun not in (helpHandler, ):
-        connect('postgres://sipb-xen@sipb-xen-dev.mit.edu/sipb_xen')
-    try:
-        checkpoint.checkpoint('Before')
-        output = fun(u, fields)
-        checkpoint.checkpoint('After')
-
-        headers = dict(DEFAULT_HEADERS)
-        if isinstance(output, tuple):
-            new_headers, output = output
-            headers.update(new_headers)
-        e = revertStandardError()
-        if e:
-            output.addError(e)
-        printHeaders(headers)
-        output_string =  str(output)
-        checkpoint.checkpoint('output as a string')
-        print output_string
-        if fields.has_key('timedebug'):
-            print '<pre>%s</pre>' % checkpoint
-    except Exception, err:
-        if not fields.has_key('js'):
-            if isinstance(err, CodeError):
-                print 'Content-Type: text/html\n'
-                e = revertStandardError()
-                print error(operation, u, fields, err, e)
-                sys.exit(1)
-            if isinstance(err, InvalidInput):
-                print 'Content-Type: text/html\n'
-                e = revertStandardError()
-                print invalidInput(operation, u, fields, err, e)
-                sys.exit(1)
-        print 'Content-Type: text/plain\n'
-        print 'Uh-oh!  We experienced an error.'
-        print 'Please email sipb-xen@mit.edu with the contents of this page.'
-        print '----'
-        e = revertStandardError()
-        print e
-        print '----'
-        raise
+def main():
+    from flup.server.fcgi_fork import WSGIServer
+    WSGIServer(constructor()).run()

 
 if __name__ == '__main__':
 
 if __name__ == '__main__':

-    fields = cgi.FieldStorage()
-
-    if fields.has_key('sqldebug'):
-        import logging
-        logging.basicConfig()
-        logging.getLogger('sqlalchemy.engine').setLevel(logging.INFO)
-        logging.getLogger('sqlalchemy.orm.unitofwork').setLevel(logging.INFO)
-
-    u = getUser()
-    g.user = u
-    operation = os.environ.get('PATH_INFO', '')
-    if not operation:
-        print "Status: 301 Moved Permanently"
-        print 'Location: ' + os.environ['SCRIPT_NAME']+'/\n'
-        sys.exit(0)
-
-    if u is None:
-        operation = 'unauth'
-
-    if operation.startswith('/'):
-        operation = operation[1:]
-    if not operation:
-        operation = 'list'
-
-    if os.getenv("SIPB_XEN_PROFILE"):
-        import profile
-        profile.run('main(operation, u, fields)', 'log-'+operation)
-    else:
-        main(operation, u, fields)
+    main()