Changeset 242 for branches

Timestamp:

04/19/05 15:42:43 (20 years ago)

Author:

Kris Deugau

Message:

/branches/stable

Merge ACL support from /branches/acl up to r241

Location:

branches/stable

Files:

• addmaster.html (copied) (copied from branches/acl/addmaster.html )
• addmaster.shtml (deleted)
• cgi-bin/CommonWeb.pm (modified) (1 diff)
• cgi-bin/IPDB.pm (modified) (5 diffs)
• cgi-bin/admin.cgi (modified) (4 diffs)
• cgi-bin/ipdb.psql (modified) (1 diff)
• cgi-bin/main.cgi (modified) (28 diffs)
• editDisplay.html (modified) (1 diff)
• header.inc (modified) (4 diffs)
• index.shtml (modified) (1 diff)

branches/stable/cgi-bin/CommonWeb.pm

@@ -53 +53 @@
 }
 
-sub printHeader($) #(cgiurl)
-{
-        my $cgiURL = $_[0];
-        print "Content-type: text/html\n\n";
-        open(FILE, "../header.inc") || die $!;
-        while (<FILE>) 
-        {
-                $_ =~ s/\$\$CGIURL\$\$/$cgiURL/g;
-                print $_;
-        }
-        close(FILE);
+
+sub printHeader {
+  my $title = shift;
+  print "Content-type: text/html\n\n";
+# This doesn't work well.  Must investigate.
+#  my $realm = shift;
+#  print qq(WWW-Authenticate: Basic realm="$realm"\n) if $realm;
+  open FILE, "../header.inc"
+        or carp $!;
+  my $html = join('',<FILE>);
+  close FILE;
+
+  $html =~ s/\$\$TITLE\$\$/$title/;
+# Necessary for mangling arbitrary bits of the header
+  my $i=0;
+  while (defined(my $param = shift)) {
+    $html =~ s/\$\$EXTRA$i\$\$/$param/g;
+    $i++;
+  }
+  print $html;
 }
 

branches/stable/cgi-bin/IPDB.pm

@@ -23 +23 @@
 @EXPORT_OK    = qw(
         %disp_alloctypes %list_alloctypes %def_custids @citylist @poplist @masterblocks
-        %allocated %free %routed %bigfree
+        %allocated %free %routed %bigfree %IPDBacl
         &initIPDBGlobals &connectDB &finish &checkDBSanity &allocateBlock &deleteBlock
         &mailNotify
@@ -31 +31 @@
 %EXPORT_TAGS    = ( ALL => [qw(
                 %disp_alloctypes %list_alloctypes %def_custids @citylist @poplist
-                @masterblocks %allocated %free %routed %bigfree
+                @masterblocks %allocated %free %routed %bigfree %IPDBacl
                 &initIPDBGlobals &connectDB &finish &checkDBSanity &allocateBlock
                 &deleteBlock &mailNotify
@@ -50 +50 @@
 our %routed;
 our %bigfree;
+our %IPDBacl;
 
 # Let's initialize the globals.
@@ -83 +84 @@
   $sth = $dbh->prepare("select cidr from masterblocks order by cidr");
   $sth->execute;
+  return (undef,$sth->errstr) if $sth->err;
   for (my $i=0; my @data = $sth->fetchrow_array(); $i++) {
     $masterblocks[$i] = new NetAddr::IP $data[0];
@@ -91 +93 @@
     $routed{"$masterblocks[$i]"} = 0;
   }
+
+  # Load ACL data.  Specific username checks are done at a different level.
+  $sth = $dbh->prepare("select username,acl from users");
+  $sth->execute;
   return (undef,$sth->errstr) if $sth->err;
+  while (my @data = $sth->fetchrow_array) {
+    $IPDBacl{$data[0]} = $data[1];
+  }
 
   return (1,"OK");

branches/stable/cgi-bin/admin.cgi

@@ -34 +34 @@
 }
 
-if ($authuser !~ /^(kdeugau|jodyh|jipp)$/) {
-  print "Content-Type: text/html\n\n".
-        "<html><head><title>Access denied</title></head><body>\n".
-        'Access to this tool is restricted.  Contact <a href="mailto:kdeugau@vianet.ca">Kris</a> '.
-        "for more information.</body></html>\n";
-  exit;
-}
-
 syslog "debug", "$authuser active";
 
@@ -55 +47 @@
 initIPDBGlobals($ip_dbh);
 
+if ($IPDBacl{$authuser} !~ /A/) {
+  print "Content-Type: text/html\n\n".
+        "<html><head><title>Access denied</title></head><body>\n".
+        'Access to this tool is restricted.  Contact <a href="mailto:kdeugau@vianet.ca">Kris</a> '.
+        "for more information.</body></html>\n";
+  exit;
+}
+
 my %webvar = parse_post();
 cleanInput(\%webvar);
 
 print "Content-type: text/html\n\n".
-        "<html>\n<head>\n\t<title>TEST [IPDB admin tools] TEST</title>\n".
+        "<html>\n<head>\n\t<title>[IPDB admin tools]</title>\n".
         qq(\t<link rel="stylesheet" type="text/css" href="/ip/ipdb.css">\n).
         "</head>\n<body>\n".
@@ -91 +91 @@
 </form>
 <hr><a href="admin.cgi?action=showpools">List IP Pools</a> for manual tweaking and updates
+<hr><a href="admin.cgi?action=showACL">Change ACLs</a> (change internal access controls -
+note that this does NOT include IP-based limits)
 );
 } else {
@@ -283 +285 @@
     syslog "notice", "$authuser updated pool IP $webvar{ip}";
   }
-#  showPool("$data[0]");
-#} else {
-#  print "webvar{action} check failed: $webvar{action}";
+} elsif ($webvar{action} eq 'showACL') {
+  print "Notes:<br>\n".
+        "<li>Users must be added to .htpasswd from the shell, for the time being.\n".
+        "<li>New accounts will be added to the ACL here every time this page is loaded.\n".
+        "<li>Old accounts will NOT be automatically deleted;  they must be removed via shell.\n".
+        "<li>Admin users automatically get all other priviledges.\n";
+# open .htpasswd, and snag the userlist.
+  $sth = $ip_dbh->prepare("select count (*) from users where username=?");
+  open HTPASS, "<../../.htpasswd" or carp "BOO! No .htpasswd file!";
+  while (<HTPASS>) {
+    chomp;
+    my ($username,$encpwd) = split /:/;
+    $sth->execute($username);
+    my @data = $sth->fetchrow_array;
+    if ($data[0] eq '0') {
+      my $sth2 = $ip_dbh->prepare("insert into users (username,password) values ('$username','$encpwd')");
+      $sth2->execute;
+      print "$username added with read-only privs to ACL<br>\n";
+    }
+  }
+
+  print "<hr>Users with access:\n<table border=1>\n";
+  print "<tr><td>Username</td><td>Add new</td><td>Change</td>".
+        "<td>Delete</td><td>Admin user</td></tr>\n".
+        "<form action=admin.cgi method=POST>\n";
+  $sth = $ip_dbh->prepare("select username,acl from users order by username");
+  $sth->execute;
+  while (my @data = $sth->fetchrow_array) {
+    print "<form action=admin.cgi method=POST><input type=hidden name=action value=updacl>".
+        qq(<tr><td>$data[0]<input type=hidden name=username value="$data[0]"></td><td>).
+    # Now for the fun bit.  We have to pull apart the ACL field and
+    # output a bunch of checkboxes.
+        "<input type=checkbox name=add".($data[1] =~ /a/ ? ' checked=y' : '').
+        "></td><td><input type=checkbox name=change".($data[1] =~ /c/ ? ' checked=y' : '').
+        "></td><td><input type=checkbox name=del".($data[1] =~ /d/ ? ' checked=y' : '').
+        "></td><td><input type=checkbox name=admin".($data[1] =~ /A/ ? ' checked=y' : '').
+        qq(></td><td><input type=submit value="Update"></td></tr></form>\n);
+
+  }
+  print "</table>\n";
+} elsif ($webvar{action} eq 'updacl') {
+  print "Updating ACL for $webvar{username}:<br>\n";
+  my $acl = 'b';
+  if ($webvar{admin} eq 'on') {
+    $acl .= "acdA";
+  } else {
+    $acl .= ($webvar{add} eq 'on' ? 'a' : '').
+        ($webvar{change} eq 'on' ? 'c' : '').
+        ($webvar{del} eq 'on' ? 'd' : '');
+  }
+  print "New ACL: $acl<br>\n";
+
+  $sth = $ip_dbh->prepare("update users set acl='$acl' where username='$webvar{username}'");
+  $sth->execute;
+  print "OK\n" if !$sth->err;
+
+  print qq(<hr><a href="admin.cgi?action=showACL">Back</a> to ACL listing\n);
+
+} elsif ($webvar{action} ne '<NULL>') {
+  print "webvar{action} check failed: Don't know how to $webvar{action}";
 }
 

branches/stable/cgi-bin/ipdb.psql

@@ -182 +182 @@
 pr      Dynamic-route DSL netblock      Dynamic-route DSL       203     
 \.
+
+
+--
+-- User data table - required for proper ACLs
+--
+
+CREATE TABLE "users" (
+        "username" varchar(16) NOT NULL PRIMARY KEY,
+        "password" varchar(16) DEFAULT '',
+        "acl" varchar(16) DEFAULT 'b'
+);

branches/stable/cgi-bin/main.cgi

@@ -23 +23 @@
 openlog "IPDB","pid","local2";
 
-# Collect the username from HTTP auth.  If undefined, we're in a test environment.
+# Collect the username from HTTP auth.  If undefined, we're in
+# a test environment, or called without a username.
 my $authuser;
 if (!defined($ENV{'REMOTE_USER'})) {
@@ -40 +41 @@
 ($ip_dbh,$errstr) = connectDB_My;
 if (!$ip_dbh) {
-  printAndExit("Database error: $errstr\n");
+  exitError("Database error: $errstr\n");
 }
 initIPDBGlobals($ip_dbh);
+
+# Headerize!  Make sure we replace the $$EXTRA0$$ bit as needed.
+printHeader('', ($IPDBacl{$authuser} =~ /a/ ?
+        '<a href="/ip/cgi-bin/main.cgi?action=assign">Add new assignment</a>' : ''
+        ));
+
 
 #prototypes
@@ -65 +72 @@
 if($webvar{action} eq 'index') {
   showSummary();
+} elsif ($webvar{action} eq 'addmaster') {
+  if ($IPDBacl{$authuser} !~ /a/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+  } else {
+    open HTML, "<../addmaster.html";
+    print while <HTML>;
+  }
 } elsif ($webvar{action} eq 'newmaster') {
-  printHeader('');
-
-  my $cidr = new NetAddr::IP $webvar{cidr};
-
-  print "<div type=heading align=center>Adding $cidr as master block....</div>\n";
-
-  # Allow transactions, and raise an exception on errors so we can catch it later.
-  # Use local to make sure these get "reset" properly on exiting this block
-  local $ip_dbh->{AutoCommit} = 0;
-  local $ip_dbh->{RaiseError} = 1;
-
-  # Wrap the SQL in a transaction
-  eval {
-    $sth = $ip_dbh->prepare("insert into masterblocks values ('$webvar{cidr}')");
-    $sth->execute;
+
+  if ($IPDBacl{$authuser} !~ /a/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+  } else {
+
+    my $cidr = new NetAddr::IP $webvar{cidr};
+
+    print "<div type=heading align=center>Adding $cidr as master block....</div>\n";
+
+    # Allow transactions, and raise an exception on errors so we can catch it later.
+    # Use local to make sure these get "reset" properly on exiting this block
+    local $ip_dbh->{AutoCommit} = 0;
+    local $ip_dbh->{RaiseError} = 1;
+
+    # Wrap the SQL in a transaction
+    eval {
+      $sth = $ip_dbh->prepare("insert into masterblocks values ('$webvar{cidr}')");
+      $sth->execute;
 
 # Unrouted blocks aren't associated with a city (yet).  We don't rely on this
@@ -86 +103 @@
 # Thus the "routed" flag.
 
-    $sth = $ip_dbh->prepare("insert into freeblocks (cidr,maskbits,city,routed)".
+      $sth = $ip_dbh->prepare("insert into freeblocks (cidr,maskbits,city,routed)".
         " values ('$webvar{cidr}',".$cidr->masklen.",'<NULL>','n')");
-    $sth->execute;
-
-    # If we get here, everything is happy.  Commit changes.
-    $ip_dbh->commit;
-  }; # end eval
-
-  if ($@) {
-    carp "Transaction aborted because $@";
-    eval { $ip_dbh->rollback; };
-    syslog "err", "Could not add master block '$webvar{cidr}' to database: '$@'";
-    printError("Could not add master block $webvar{cidr} to database: $@");
-  } else {
-    print "<div type=heading align=center>Success!</div>\n";
-    syslog "info", "$authuser added master block $webvar{cidr}";
-  }
+      $sth->execute;
+
+      # If we get here, everything is happy.  Commit changes.
+      $ip_dbh->commit;
+    }; # end eval
+
+    if ($@) {
+      carp "Transaction aborted because $@";
+      eval { $ip_dbh->rollback; };
+      syslog "err", "Could not add master block '$webvar{cidr}' to database: '$@'";
+      printError("Could not add master block $webvar{cidr} to database: $@");
+    } else {
+      print "<div type=heading align=center>Success!</div>\n";
+      syslog "info", "$authuser added master block $webvar{cidr}";
+    }
+
+  } # ACL check
 
 } # end add new master
@@ -116 +135 @@
 }
 elsif($webvar{action} eq 'search') {
-  printHeader('');
   if (!$webvar{input}) {
     # No search term.  Display everything.
@@ -154 +172 @@
 # which is not in any way guaranteed to provide anything useful.
 else {
-  printHeader('');
   my $rnd = rand 500;
   my $boing = sprintf("%.2f", rand 500);
@@ -172 +189 @@
 print qq(<div align=right style="position: absolute; right: 30px;">).
         qq(<a href="/ip/cgi-bin/admin.cgi">Admin tools</a></div><br>\n)
-        if $authuser =~ /kdeugau|jodyh|jipp/;
+        if $IPDBacl{$authuser} =~ /A/;
 
 # We print the footer here, so we don't have to do it elsewhere.
@@ -393 +410 @@
 # Initial display:  Show master blocks with total allocated subnets, total free subnets
 sub showSummary {
-  # this is horrible-ugly-bad and will Go Away real soon now(TM)
-  print "Content-type: text/html\n\n";
 
   startTable('Master netblock', 'Routed netblocks', 'Allocated netblocks',
@@ -451 +466 @@
   }
   print "</table>\n";
-  print qq(<a href="/ip/addmaster.shtml">Add new master block</a><br><br>\n);
+  if ($IPDBacl{$authuser} =~ /a/) {
+    print qq(<a href="/ip/cgi-bin/main.cgi?action=addmaster">Add new master block</a><br><br>\n);
+  }
   print "Note:  Free blocks noted here include both routed and unrouted blocks.\n";
 
@@ -463 +480 @@
 # else should follow.  YMMV.)
 sub showMaster {
-  printHeader('');
 
   print qq(<center><div class="heading">Summarizing routed blocks for ).
@@ -539 +555 @@
     print qq(<hr width="60%"><center><div class="heading">No allocations in ).
         qq($master.</div>\n).
-        qq(<form action="/ip/cgi-bin/main.cgi" method=POST>\n).
-        qq(<input type=hidden name=action value="delete">\n).
-        qq(<input type=hidden name=block value="$master">\n).
-        qq(<input type=hidden name=alloctype value="mm">\n).
-        qq(<input type=submit value=" Remove this master ">\n).
-        qq(</form></center>\n);
+        ($IPDBacl{$authuser} =~ /d/ ?
+                qq(<form action="/ip/cgi-bin/main.cgi" method=POST>\n).
+                qq(<input type=hidden name=action value="delete">\n).
+                qq(<input type=hidden name=block value="$master">\n).
+                qq(<input type=hidden name=alloctype value="mm">\n).
+                qq(<input type=submit value=" Remove this master ">\n).
+                qq(</form></center>\n) :
+                '');
 
   } # end check for existence of routed blocks in master
@@ -578 +596 @@
 # not have anything useful to spew.
 sub showRBlock {
-  printHeader('');
 
   my $master = new NetAddr::IP $webvar{block};
@@ -626 +643 @@
     print qq(<hr width="60%"><center><div class="heading">No allocations in ).
         qq($master.</div></center>\n).
-        qq(<form action="/ip/cgi-bin/main.cgi" method=POST>\n).
-        qq(<input type=hidden name=action value="delete">\n).
-        qq(<input type=hidden name=block value="$master">\n).
-        qq(<input type=hidden name=alloctype value="rm">\n).
-        qq(<input type=submit value=" Remove this block ">\n).
-        qq(</form>\n);
+        ($IPDBacl{$authuser} =~ /d/ ?
+                qq(<form action="/ip/cgi-bin/main.cgi" method=POST>\n).
+                qq(<input type=hidden name=action value="delete">\n).
+                qq(<input type=hidden name=block value="$master">\n).
+                qq(<input type=hidden name=alloctype value="rm">\n).
+                qq(<input type=submit value=" Remove this block ">\n).
+                qq(</form>\n) :
+                '');
   }
 
@@ -650 +669 @@
     # Include some HairyPerl(TM) to prefix subblocks with "Sub "
     my @row = ((($data[1] ne 'y' && $data[1] ne 'n') ? 'Sub ' : '').
-        qq(<a href="/ip/cgi-bin/main.cgi?action=assign&block=$cidr&fbtype=$data[1]">$cidr</a>),
+        ($IPDBacl{$authuser} =~ /a/ ? qq(<a href="/ip/cgi-bin/main.cgi?action=assign&block=$cidr&fbtype=$data[1]">$cidr</a>) : $cidr),
         $cidr->range);
     printRow(\@row, 'color1') if ($count%2 == 0);
@@ -663 +682 @@
 # List the IPs used in a pool
 sub listPool {
-  printHeader('');
 
   my $cidr = new NetAddr::IP $webvar{pool};
@@ -709 +727 @@
     my @row = ( qq(<a href="/ip/cgi-bin/main.cgi?action=edit&block=$data[0]">$data[0]</a>),
         $data[1],$data[2],$data[3],
-        ( ($data[2] eq 'n') ?
+        ( (($data[2] eq 'n') && ($IPDBacl{$authuser} =~ /d/)) ?
           ("<a href=\"/ip/cgi-bin/main.cgi?action=delete&block=$data[0]&".
            "alloctype=$data[4]\">Unassign this IP</a>") :
@@ -726 +744 @@
 # be one of two templates, and the lists come from the database.
 sub assignBlock {
-  printHeader('');
+
+  if ($IPDBacl{$authuser} !~ /a/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+    return;
+  }
 
   my $html;
@@ -804 +826 @@
 # Take info on requested IP assignment and see what we can provide.
 sub confirmAssign {
-  printHeader('');
+  if ($IPDBacl{$authuser} !~ /a/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+    return;
+  }
 
   my $cidr;
@@ -963 +988 @@
 # Do the work of actually inserting a block in the database.
 sub insertAssign {
+  if ($IPDBacl{$authuser} !~ /a/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+    return;
+  }
   # Some things are done more than once.
-  printHeader('');
   return if !validateInput();
 
@@ -1078 +1106 @@
 # action=edit
 sub edit {
-  printHeader('');
 
   my $sql;
@@ -1098 +1125 @@
   $data[2] =~ s/\s//;
 
-##fixme LEGACY CODE
-  # Postfix "i" on pool IP types
-  if ($data[2] =~ /^[cdsmw]$/) {
-    $data[2] .= "i";
-  }
-
   open (HTML, "../editDisplay.html")
         or croak "Could not open editDisplay.html :$!";
@@ -1114 +1135 @@
 # Needs thinking.  Have to allow changes to city to correct errors, no?
   $html =~ s/\$\$BLOCK\$\$/$webvar{block}/g;
-  $html =~ s/\$\$CITY\$\$/$data[3]/g;
+
+  if ($IPDBacl{$authuser} =~ /c/) {
+    $html =~ s/\$\$CUSTID\$\$/<input type=text name=custid value="$data[1]" maxlength=15 class="regular">/;
 
 # Screw it.  Changing allocation types gets very ugly VERY quickly- especially
@@ -1123 +1146 @@
 
 ##fixme The check here should be built from the database
-  if ($data[2] =~ /^.[ne]$/) {
-    # Block that can be changed
-    my $blockoptions = "<select name=alloctype><option".
+    if ($data[2] =~ /^.[ne]$/) {
+      # Block that can be changed
+      my $blockoptions = "<select name=alloctype><option".
         (($data[2] eq 'me') ? ' selected' : '') ." value='me'>Dialup netblock</option>\n<option".
         (($data[2] eq 'de') ? ' selected' : '') ." value='de'>Dynamic DSL netblock</option>\n<option".
@@ -1134 +1157 @@
         (($data[2] eq 'in') ? ' selected' : '') ." value='in'>Internal netblock</option>\n".
         "</select>\n";
-    $html =~ s/\$\$TYPESELECT\$\$/$blockoptions/g;
+      $html =~ s/\$\$TYPESELECT\$\$/$blockoptions/g;
+    } else {
+      $html =~ s/\$\$TYPESELECT\$\$/$disp_alloctypes{$data[2]}<input type=hidden name=alloctype value="$data[2]">/g;
+    }
+    $html =~ s/\$\$CITY\$\$/<input type=text name=city value="$data[3]">/g;
+    $html =~ s/\$\$CIRCID\$\$/<input type="text" name="circid" value="$data[4]" maxlength=64 size=64 class="regular">/g;
+    $html =~ s/\$\$DESC\$\$/<input type="text" name="desc" value="$data[5]" maxlength=64 size=64 class="regular">/g;
+    $html =~ s|\$\$NOTES\$\$|<textarea rows="8" cols="64" name="notes" class="regular">$data[6]</textarea>|g;
   } else {
-    $html =~ s/\$\$TYPESELECT\$\$/$disp_alloctypes{$data[2]}<input type=hidden name=alloctype value="$data[2]">/g;
-  }
-
-  # These can be modified, although CustID changes may get ignored.
-  $html =~ s/\$\$CUSTID\$\$/$data[1]/g;
-  $html =~ s/\$\$TYPE\$\$/$data[2]/g;
-  $html =~ s/\$\$CIRCID\$\$/$data[4]/g;
-  $html =~ s/\$\$DESC\$\$/$data[5]/g;
-  $html =~ s/\$\$NOTES\$\$/$data[6]/g;
+    $html =~ s/\$\$CUSTID\$\$/$data[1]/g;
+    $html =~ s/\$\$TYPESELECT\$\$/$disp_alloctypes{$data[2]}/g;
+    $html =~ s/\$\$CITY\$\$/$data[3]/g;
+    $html =~ s/\$\$CIRCID\$\$/$data[4]/g;
+    $html =~ s/\$\$DESC\$\$/$data[5]/g;
+    $html =~ s/\$\$NOTES\$\$/$data[6]/g;
+  }
+
+  # More ACL trickery - we can live with forms that don't submit,
+  # but we can't leave the extra table rows there, and we *really*
+  # can't leave the submit buttons there.
+  my $updok = '';
+  my $i=2;
+  if ($IPDBacl{$authuser} =~ /c/) {
+    $updok = qq(<tr class="color$i"><td colspan=2 class=regular><div class="center">).
+        qq(<input type="submit" value=" Update this block " class="regular">).
+        "</div></td></tr></form>\n";
+    $i--;
+  }
+  $html =~ s/\$\$UPDOK\$\$/$updok/g;
+
+  my $delok = '';
+  if ($IPDBacl{$authuser} =~ /d/) {
+    $delok = qq(<form method="POST" action="main.cgi">
+        <tr class="color$i"><td colspan=2 class="regular"><div class=center>
+        <input type="hidden" name="action" value="delete">
+        <input type="hidden" name="block" value="$webvar{block}">
+        <input type="hidden" name="alloctype" value="$data[2]">
+        <input type=submit value=" Delete this block ">
+        </div></td></tr>);
+  }
+  $html =~ s/\$\$DELOK\$\$/$delok/;
 
   print $html;
@@ -1154 +1207 @@
 # action=update
 sub update {
-  printHeader('');
 
   # Make sure incoming data is in correct format - custID among other things.
@@ -1213 +1265 @@
 # Delete an allocation.
 sub remove {
-  printHeader('');
+  if ($IPDBacl{$authuser} !~ /d/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+    return;
+  }
+
   #show confirm screen.
   open HTML, "../confirmRemove.html"
@@ -1303 +1359 @@
 # Remove IPs from pool listing if necessary
 sub finalDelete {
-  printHeader('');
+  if ($IPDBacl{$authuser} !~ /d/) {
+    printError("You shouldn't have been able to get here.  Access denied.");
+    return;
+  }
 
   my ($code,$msg) = deleteBlock($ip_dbh, $webvar{block}, $webvar{alloctype});
@@ -1326 +1385 @@
 
 
+sub exitError {
+  my $errStr = $_[0];
+  printHeader('','');
+  print qq(<center><p class="regular"> $errStr </p>
+<input type="button" value="Back" onclick="history.go(-1)">
+</center>
+);
+  printFooter();
+  exit;
+} # errorExit
+
+
 # Just in case we manage to get here.
 exit 0;

branches/stable/editDisplay.html

@@ -8 +8 @@
 <tr class="color1"><td class=heading>IP block:</td><td class="regular">$$BLOCK$$</td></tr>
 
-<tr class="color2"><td class=heading>City:</td><td class="regular">
-<input type=text name=city value="$$CITY$$"></td></tr>
+<tr class="color2"><td class=heading>City:</td><td class="regular">$$CITY$$</td></tr>
 
 <tr class="color1"><td class=heading>Type:</td><td class=regular>$$TYPESELECT$$</td></tr>
 
-<tr class="color2"><td class=heading>CustID:</td><td class="regular">
-<input type=text name=custid value="$$CUSTID$$" maxlength=15 class="regular"></td></tr>
+<tr class="color2"><td class=heading>CustID:</td><td class="regular">$$CUSTID$$</td></tr>
 
-<tr class="color1"><td class="heading">Circuit ID:</td><td class="regular">
-<input type="text" name="circid" value="$$CIRCID$$" maxlength=64 size=64 class="regular"></td></tr>
+<tr class="color1"><td class="heading">Circuit ID:</td><td class="regular">$$CIRCID$$</td></tr>
 
-<tr class="color2"><td class="heading">Description/Name:</td><td class="regular">
-<input type="text" name="desc" value="$$DESC$$" maxlength=64 size=64 class="regular"></td></tr>
+<tr class="color2"><td class="heading">Description/Name:</td><td class="regular">$$DESC$$</td></tr>
 
-<tr class="color1"><td class="heading" valign="top">Notes:</td><td class="regular">
-<textarea rows="8" cols="64" name="notes" class="regular">$$NOTES$$</textarea></td></tr>
+<tr class="color1"><td class="heading" valign="top">Notes:</td><td class="regular">$$NOTES$$</td></tr>
 
-<tr class="color2"><td colspan=2 class=regular><div class="center">
-<input type="submit" value=" Update this block " class="regular">
-</div></td></tr></form>
-<form method="POST" action="main.cgi">
-<tr class="color1"><td colspan=2 class="regular"><div class=center>
-<input type="hidden" name="action" value="delete">
-<input type="hidden" name="block" value="$$BLOCK$$">
-<input type="hidden" name="alloctype" value="$$TYPE$$">
-<input type=submit value=" Delete this block ">
-</div></td></tr>
+$$UPDOK$$
+$$DELOK$$
 </form>
 

branches/stable/header.inc

@@ -1 +1 @@
 <html>
 <head>
-        <title>[IP Database v2]</title>
+        <title>MERGE [IP Database v2] MERGE</title>
         <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> 
         <link rel="stylesheet" type="text/css" href="/ip/ipdb.css">
@@ -21 +21 @@
 
 </head>
-<body bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#ff0000" leftmargin="0" topmargin="0" marginwidth="0" style="font-family: helvetica">
+<body bgcolor="#9999ff" text="#000000" link="#000000" vlink="#000000" alink="#ff0000" leftmargin="0" topmargin="0" marginwidth="0" style="font-family: helvetica">
 
 <table width="98%" border="0" cellspacing="0" cellpadding="0" height="0">
@@ -29 +29 @@
       <div align="right"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2">
           <a href="/ip/index.shtml">
-          [IP Database v2 Home]</a></font></b></div>
+          MERGE [IP Database v2 Home] MERGE</a></font></b></div>
     </td>
   </tr>
@@ -51 +51 @@
 <input type="button" value=" Help? " onclick="openHelp()" class="regular">
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
-<a href="/ip/cgi-bin/main.cgi?action=assign">Add new assignment</a>
+$$EXTRA0$$
 </td>
 </form>

branches/stable/index.shtml

@@ -1 @@
-<!--#include file="header.inc"-->
 <!--#include virtual="/ip/cgi-bin/main.cgi?action=index" -->