Help, admin, links at the top.

svn path=/trunk/web/; revision=187

diff --git a/templates/help.tmpl b/templates/help.tmpl
index 9998922..804255a 100644 (file)
--- a/templates/help.tmpl
+++ b/templates/help.tmpl
@@ -2,15 +2,34 @@
 #extends skeleton
 
 #def title
 #extends skeleton
 
 #def title

+#if len($subjects) == 1
+Help on $subjects[0]
+#else

 Help
 Help

+#end if

 #end def
 
 
 #def body
 #if not $simple
 <h1>Help</h1>
 #end def
 
 
 #def body
 #if not $simple
 <h1>Help</h1>

+<p>Topics: 
+#for $key in sorted($mapping)
+<a href="help?subject=$key">$key</a>
+#end for
+</p>

 #end if
 #for $subject in $subjects
 #end if
 #for $subject in $subjects

+#if $subject in $mapping 
+#if not $simple
+<h2>$subject</h2>
+#end if

 <p>$mapping[$subject]</p>
 <p>$mapping[$subject]</p>

+#else
+<p>Unknown subject '$subject'.</p>
+#end if

 #end for
 #end for

+#if $simple
+<a href="javascript:window.close();">Close</a>
+#end if

 #end def
 #end def

diff --git a/templates/info.tmpl b/templates/info.tmpl
index f4a3d5c..6ac0227 100644 (file)
--- a/templates/info.tmpl
+++ b/templates/info.tmpl
@@ -63,6 +63,7 @@ Info on $machine.name
   <input type="hidden" name="machine_id" value="$machine.machine_id"/>
   <table>
     <tr><td>Owner${helppopup("owner")}:</td><td><input type="text" name="owner", value="$machine.owner"/></td></tr>
   <input type="hidden" name="machine_id" value="$machine.machine_id"/>
   <table>
     <tr><td>Owner${helppopup("owner")}:</td><td><input type="text" name="owner", value="$machine.owner"/></td></tr>

+    <tr><td>Administrator${helppopup("administrator")}:</td><td><input type="text" name="administrator", value="$machine.administrator"/></td></tr>

     <tr><td>Contact email:</td><td><input type="text" name="contact" value="$machine.contact"/></td></tr>
 #if $machine.nics
     <tr><td>Hostname:</td><td><input type="text" name="hostname" value="$machine.nics[0].hostname"/>.servers.csail.mit.edu</td></tr>
     <tr><td>Contact email:</td><td><input type="text" name="contact" value="$machine.contact"/></td></tr>
 #if $machine.nics
     <tr><td>Hostname:</td><td><input type="text" name="hostname" value="$machine.nics[0].hostname"/>.servers.csail.mit.edu</td></tr>

diff --git a/templates/main.py b/templates/main.py
index ec1eca5..f7468c7 100755 (executable)
--- a/templates/main.py
+++ b/templates/main.py
@@ -15,7 +15,8 @@ import datetime
 import StringIO
 import getafsgroups
 
 import StringIO
 import getafsgroups
 

-sys.stderr = StringIO.StringIO()
+errio = StringIO.StringIO()
+sys.stderr = errio

 sys.path.append('/home/ecprice/.local/lib/python2.5/site-packages')
 
 from Cheetah.Template import Template
 sys.path.append('/home/ecprice/.local/lib/python2.5/site-packages')
 
 from Cheetah.Template import Template

@@ -83,8 +84,16 @@ MIN_DISK_SINGLE = 0.1
 MAX_VMS_TOTAL = 10
 MAX_VMS_ACTIVE = 4
 
 MAX_VMS_TOTAL = 10
 MAX_VMS_ACTIVE = 4
 

-def getMachinesByOwner(owner):
-    """Return the machines owned by a given owner."""
+def getMachinesByOwner(user, machine=None):
+    """Return the machines owned by the same as a machine.
+    
+    If the machine is None, return the machines owned by the same
+    user.
+    """
+    if machine:
+        owner = machine.owner
+    else:
+        owner = user.username

     return Machine.select_by(owner=owner)
 
 def maxMemory(user, machine=None, on=True):
     return Machine.select_by(owner=owner)
 
 def maxMemory(user, machine=None, on=True):

@@ -99,25 +108,35 @@ def maxMemory(user, machine=None, on=True):
     """
     if not on:
         return MAX_MEMORY_SINGLE
     """
     if not on:
         return MAX_MEMORY_SINGLE

-    machines = getMachinesByOwner(user.username)
+    machines = getMachinesByOwner(user, machine)

     active_machines = [x for x in machines if g.uptimes[x]]
     mem_usage = sum([x.memory for x in active_machines if x != machine])
     return min(MAX_MEMORY_SINGLE, MAX_MEMORY_TOTAL-mem_usage)
 
 def maxDisk(user, machine=None):
     active_machines = [x for x in machines if g.uptimes[x]]
     mem_usage = sum([x.memory for x in active_machines if x != machine])
     return min(MAX_MEMORY_SINGLE, MAX_MEMORY_TOTAL-mem_usage)
 
 def maxDisk(user, machine=None):

-    machines = getMachinesByOwner(user.username)
+    machines = getMachinesByOwner(user, machine)

     disk_usage = sum([sum([y.size for y in x.disks])
                       for x in machines if x != machine])
     return min(MAX_DISK_SINGLE, MAX_DISK_TOTAL-disk_usage/1024.)
 
 def canAddVm(user):
     disk_usage = sum([sum([y.size for y in x.disks])
                       for x in machines if x != machine])
     return min(MAX_DISK_SINGLE, MAX_DISK_TOTAL-disk_usage/1024.)
 
 def canAddVm(user):

-    machines = getMachinesByOwner(user.username)
+    machines = getMachinesByOwner(user)

     active_machines = [x for x in machines if g.uptimes[x]]
     return (len(machines) < MAX_VMS_TOTAL and
             len(active_machines) < MAX_VMS_ACTIVE)
 
 def haveAccess(user, machine):
     active_machines = [x for x in machines if g.uptimes[x]]
     return (len(machines) < MAX_VMS_TOTAL and
             len(active_machines) < MAX_VMS_ACTIVE)
 
 def haveAccess(user, machine):

-    """Return whether a user has access to a machine"""
+    """Return whether a user has adminstrative access to a machine"""
+    if user.username == 'moo':
+        return True
+    if user.username in (machine.administrator, machine.owner):
+        return True
+    if checkAfsGroup(user, machine.administrator, 'athena.mit.edu'): #XXX Cell?
+        return True
+    return owns(user, machine)
+
+def owns(user, machine):
+    """Return whether a user owns a machine"""

     if user.username == 'moo':
         return True
     return getafsgroups.checkLockerOwner(user.username, machine.owner)
     if user.username == 'moo':
         return True
     return getafsgroups.checkLockerOwner(user.username, machine.owner)

@@ -572,15 +591,32 @@ def command(user, fields):
              machine=machine)
     return Template(file="command.tmpl", searchList=[d, global_dict])
 
              machine=machine)
     return Template(file="command.tmpl", searchList=[d, global_dict])
 

-def testOwner(user, owner, machine=None):
-    if owner == machine.owner:   #XXX What do we do when you lose access to the locker?
-        return owner
+def testAdmin(user, admin, machine):
+    if admin in (None, machine.administrator):
+        return None
+    if admin == user.username:
+        return admin
+    if getafsgroups.checkAfsGroup(user, admin, 'athena.mit.edu'):
+        return admin
+    if getafsgroups.checkAfsGroup(user, 'system:'+admin, 'athena.mit.edu'):
+        return 'system:'+admin
+    raise InvalidInput('admin', admin, 
+                       'You must control the group you move it to')
+    
+def testOwner(user, owner, machine):
+    if owner in (None, machine.owner):
+        return None
+    #XXX should you be able to transfer ownership if you don't already own it?
+    #if not owns(user, machine):
+    #    raise InvalidInput('owner', owner, "You don't own this machine, so you can't  transfer ownership")

     value = getafsgroups.checkLockerOwner(user.username, owner, verbose=True)
     if value == True:
         return owner
     raise InvalidInput('owner', owner, value)
 
 def testContact(user, contact, machine=None):
     value = getafsgroups.checkLockerOwner(user.username, owner, verbose=True)
     if value == True:
         return owner
     raise InvalidInput('owner', owner, value)
 
 def testContact(user, contact, machine=None):

+    if contact in (None, machine.contact):
+        return None

     if not re.match("^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", contact, re.I):
         raise InvalidInput('contact', contact, "Not a valid email")
     return contact
     if not re.match("^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", contact, re.I):
         raise InvalidInput('contact', contact, "Not a valid email")
     return contact

@@ -589,12 +625,10 @@ def testDisk(user, disksize, machine=None):
     return disksize
 
 def testName(user, name, machine=None):
     return disksize
 
 def testName(user, name, machine=None):

-    if name is None:
+    if name in (None, machine.name):

         return None
     if not Machine.select_by(name=name):
         return name
         return None
     if not Machine.select_by(name=name):
         return name

-    if name == machine.name:
-        return name

     raise InvalidInput('name', name, "Already taken")
 
 def testHostname(user, hostname, machine):
     raise InvalidInput('name', name, "Already taken")
 
 def testHostname(user, hostname, machine):

@@ -617,9 +651,9 @@ def modify(user, fields):
     try:
         machine = testMachineId(user, fields.getfirst('machine_id'))
         owner = testOwner(user, fields.getfirst('owner'), machine)
     try:
         machine = testMachineId(user, fields.getfirst('machine_id'))
         owner = testOwner(user, fields.getfirst('owner'), machine)

-        contact = testContact(user, fields.getfirst('contact'))
-        hostname = testHostname(owner, fields.getfirst('hostname'),
-                                machine)
+        admin = testAdmin(user, fields.getfirst('administrator'), machine)
+        contact = testContact(user, fields.getfirst('contact'), machine)
+        hostname = testHostname(owner, fields.getfirst('hostname'), machine)

         name = testName(user, fields.getfirst('name'), machine)
         oldname = machine.name
         command="modify"
         name = testName(user, fields.getfirst('name'), machine)
         oldname = machine.name
         command="modify"

@@ -643,10 +677,14 @@ def modify(user, fields):
             nic.hostname = hostname
             ctx.current.save(nic)
 
             nic.hostname = hostname
             ctx.current.save(nic)
 

-        if owner is not None and owner != machine.owner:
+        if owner is not None:

             machine.owner = owner
             machine.owner = owner

-        if name is not None and name != machine.name:
+        if name is not None:

             machine.name = name
             machine.name = name

+        if admin is not None:
+            machine.administrator = admin
+        if contact is not None:
+            machine.contact = contact

             
         ctx.current.save(machine)
         transaction.commit()
             
         ctx.current.save(machine)
         transaction.commit()

@@ -655,10 +693,9 @@ def modify(user, fields):
         raise
     for diskname in olddisk:
         remctl("web", "lvresize", oldname, diskname, str(olddisk[diskname]))
         raise
     for diskname in olddisk:
         remctl("web", "lvresize", oldname, diskname, str(olddisk[diskname]))

-    if name is not None and name != oldname:
+    if name is not None:

         for disk in machine.disks:
         for disk in machine.disks:

-            if oldname != name:
-                remctl("web", "lvrename", oldname, disk.guest_device_name, name)
+            remctl("web", "lvrename", oldname, disk.guest_device_name, name)

         remctl("web", "moveregister", oldname, name)
     d = dict(user=user,
              command=command,
         remctl("web", "moveregister", oldname, name)
     d = dict(user=user,
              command=command,

@@ -680,12 +717,20 @@ HVM machines use the virtualization features of the processor, while
 ParaVM machines use Xen's emulation of virtualization features.  You
 want an HVM virtualized machine.""",
                    cpu_weight="""Don't ask us!  We're as mystified as you are.""",
 ParaVM machines use Xen's emulation of virtualization features.  You
 want an HVM virtualized machine.""",
                    cpu_weight="""Don't ask us!  We're as mystified as you are.""",

-                   owner="""The Owner must be the name of a locker that you are an AFS
-administrator of.  In particular, you or an AFS group you are a member
-of must have AFS rlidwka bits on the locker.  You can check see who
-administers the LOCKER locker using the command 'fs la /mit/LOCKER' on
-Athena.)""")
+                   owner="""The owner field is used to determine <a href="help?subject=quotas">quotas</a>.  It must be the name
+of a locker that you are an AFS administrator of.  In particular, you
+or an AFS group you are a member of must have AFS rlidwka bits on the
+locker.  You can check see who administers the LOCKER locker using the
+command 'fs la /mit/LOCKER' on Athena.)  See also <a href="help?subject=administrator">administrator</a>.""",
+                   administrator="""The administrator field determines who can access the console and power on and off the machine.  This can be either a user or a moira group.""",
+                   quotas="""Quotas are determined on a per-locker basis.  Each 
+quota may have a maximum of 512 megabytes of active ram, 50 gigabytes of disk, and 4 active machines."""
+
+                   )

     
     

+    if not subjects:
+        subjects = sorted(mapping.keys())
+        

     d = dict(user=user,
              simple=simple,
              subjects=subjects,
     d = dict(user=user,
              simple=simple,
              subjects=subjects,

@@ -714,6 +759,7 @@ def info(user, fields):
      on_poweroff on_crash on_xend_start on_xend_stop bootloader""".split()
     display_fields = [('name', 'Name'),
                       ('owner', 'Owner'),
      on_poweroff on_crash on_xend_start on_xend_stop bootloader""".split()
     display_fields = [('name', 'Name'),
                       ('owner', 'Owner'),

+                      ('administrator', 'Administrator'),

                       ('contact', 'Contact'),
                       ('type', 'Type'),
                       'NIC_INFO',
                       ('contact', 'Contact'),
                       ('type', 'Type'),
                       'NIC_INFO',

@@ -735,6 +781,7 @@ def info(user, fields):
     machine_info['name'] = machine.name
     machine_info['type'] = machine.type.hvm and 'HVM' or 'ParaVM'
     machine_info['owner'] = machine.owner
     machine_info['name'] = machine.name
     machine_info['type'] = machine.type.hvm and 'HVM' or 'ParaVM'
     machine_info['owner'] = machine.owner

+    machine_info['administrator'] = machine.administrator

     machine_info['contact'] = machine.contact
 
     nic_fields = getNicInfo(machine_info, machine)
     machine_info['contact'] = machine.contact
 
     nic_fields = getNicInfo(machine_info, machine)

@@ -816,30 +863,30 @@ if __name__ == '__main__':
     try:
         output = fun(u, fields)
         print 'Content-Type: text/html\n'
     try:
         output = fun(u, fields)
         print 'Content-Type: text/html\n'

-        sys.stderr.seek(0)
-        e = sys.stderr.read()

         sys.stderr=sys.stdout
         sys.stderr=sys.stdout

+        errio.seek(0)
+        e = errio.read()

         if e:
             output = str(output)
             output = output.replace('<body>', '<body><p>STDERR:</p><pre>'+e+'</pre>')
         print output
     except CodeError, err:
         print 'Content-Type: text/html\n'
         if e:
             output = str(output)
             output = output.replace('<body>', '<body><p>STDERR:</p><pre>'+e+'</pre>')
         print output
     except CodeError, err:
         print 'Content-Type: text/html\n'

-        sys.stderr.seek(0)
-        e = sys.stderr.read()

         sys.stderr=sys.stdout
         sys.stderr=sys.stdout

+        errio.seek(0)
+        e = errio.read()

         print error(operation, u, fields, err, e)
     except InvalidInput, err:
         print 'Content-Type: text/html\n'
         print error(operation, u, fields, err, e)
     except InvalidInput, err:
         print 'Content-Type: text/html\n'

-        sys.stderr.seek(0)
-        e = sys.stderr.read()

         sys.stderr=sys.stdout
         sys.stderr=sys.stdout

+        errio.seek(0)
+        e = errio.read()

         print invalidInput(operation, u, fields, err, e)
     except:
         print 'Content-Type: text/plain\n'
         print invalidInput(operation, u, fields, err, e)
     except:
         print 'Content-Type: text/plain\n'

-        sys.stderr.seek(0)
-        e = sys.stderr.read()
+        sys.stderr=sys.stdout
+        errio.seek(0)
+        e = errio.read()

         print e
         print '----'
         print e
         print '----'

-        sys.stderr = sys.stdout

         raise
         raise

diff --git a/templates/skeleton.py b/templates/skeleton.py
index fd30729..e3444ec 100644 (file)
--- a/templates/skeleton.py
+++ b/templates/skeleton.py
@@ -33,10 +33,10 @@ VFN=valueForName
 currentTime=time.time
 __CHEETAH_version__ = '2.0rc8'
 __CHEETAH_versionTuple__ = (2, 0, 0, 'candidate', 8)
 currentTime=time.time
 __CHEETAH_version__ = '2.0rc8'
 __CHEETAH_versionTuple__ = (2, 0, 0, 'candidate', 8)

-__CHEETAH_genTime__ = 1192025116.0694621
-__CHEETAH_genTimestamp__ = 'Wed Oct 10 10:05:16 2007'
+__CHEETAH_genTime__ = 1192082083.444865
+__CHEETAH_genTimestamp__ = 'Thu Oct 11 01:54:43 2007'

 __CHEETAH_src__ = 'skeleton.tmpl'
 __CHEETAH_src__ = 'skeleton.tmpl'

-__CHEETAH_srcLastModified__ = 'Wed Oct 10 10:04:55 2007'
+__CHEETAH_srcLastModified__ = 'Thu Oct 11 01:54:41 2007'

 __CHEETAH_docstring__ = 'Autogenerated by CHEETAH: The Python-Powered Template Engine'
 
 if __CHEETAH_versionTuple__ < RequiredCheetahVersionTuple:
 __CHEETAH_docstring__ = 'Autogenerated by CHEETAH: The Python-Powered Template Engine'
 
 if __CHEETAH_versionTuple__ < RequiredCheetahVersionTuple:

@@ -116,12 +116,25 @@ function helppopup(name){
             _v = VFFSL(SL,"user.username",True) # '$user.username' on line 26, col 26
             if _v is not None: write(_filter(_v, rawExpr='$user.username')) # from line 26, col 26.
             write('''.]</p>
             _v = VFFSL(SL,"user.username",True) # '$user.username' on line 26, col 26
             if _v is not None: write(_filter(_v, rawExpr='$user.username')) # from line 26, col 26.
             write('''.]</p>

+<p><a href="list">List</a> 

 ''')
 ''')

-        _v = VFFSL(SL,"body",True) # '$body' on line 28, col 1
-        if _v is not None: write(_filter(_v, rawExpr='$body')) # from line 28, col 1.
+            if VFFSL(SL,"varExists",False)('machine'): # generated from line 28, col 1
+                write('''<a href="info?machine_id=''')
+                _v = VFFSL(SL,"machine.machine_id",True) # '$machine.machine_id' on line 29, col 26
+                if _v is not None: write(_filter(_v, rawExpr='$machine.machine_id')) # from line 29, col 26.
+                write('''">Info</a>
+<a href="vnc?machine_id=''')
+                _v = VFFSL(SL,"machine.machine_id",True) # '$machine.machine_id' on line 30, col 25
+                if _v is not None: write(_filter(_v, rawExpr='$machine.machine_id')) # from line 30, col 25.
+                write('''">Console</a>
+''')
+            write('''<a href="help">Help</a></p>
+''')
+        _v = VFFSL(SL,"body",True) # '$body' on line 34, col 1
+        if _v is not None: write(_filter(_v, rawExpr='$body')) # from line 34, col 1.

         write('''
 ''')
         write('''
 ''')

-        if not VFFSL(SL,"varExists",False)('simple') or not VFFSL(SL,"simple",True): # generated from line 29, col 1
+        if not VFFSL(SL,"varExists",False)('simple') or not VFFSL(SL,"simple",True): # generated from line 35, col 1

             write('''<hr />
 Questions? Contact <a href="mailto:sipb-xen-dev@mit.edu">sipb-xen-dev@mit.edu</a>.
 ''')
             write('''<hr />
 Questions? Contact <a href="mailto:sipb-xen-dev@mit.edu">sipb-xen-dev@mit.edu</a>.
 ''')

diff --git a/templates/skeleton.tmpl b/templates/skeleton.tmpl
index bdd8cf2..1269786 100644 (file)
--- a/templates/skeleton.tmpl
+++ b/templates/skeleton.tmpl
@@ -24,6 +24,12 @@ function helppopup(name){
 <body>
 #if not $varExists('simple') or not $simple
 <p>[You are logged in as $user.username.]</p>
 <body>
 #if not $varExists('simple') or not $simple
 <p>[You are logged in as $user.username.]</p>

+<p><a href="list">List</a> 
+#if $varExists('machine')
+<a href="info?machine_id=$machine.machine_id">Info</a>
+<a href="vnc?machine_id=$machine.machine_id">Console</a>
+#end if
+<a href="help">Help</a></p>

 #end if
 $body
 #if not $varExists('simple') or not $simple
 #end if
 $body
 #if not $varExists('simple') or not $simple