Changeset 445 for branches/stable/cgi-bin/admin.cgi

Timestamp:

07/26/10 17:00:00 (14 years ago)

Author:

Kris Deugau

Message:

/branches/stable

Bring /branches/stable up to date with /trunk. See #13.

Location:

branches/stable

Files:

• . (modified) (2 props)
• cgi-bin/admin.cgi (modified) (13 diffs)

branches/stable

@@ -1 +1 @@
 local.css
+*.tar.gz

@@ -1 +1 @@
 local.css
+*.tar.gz

branches/stable/cgi-bin/admin.cgi

@@ -10 +10 @@
 # Last update by $Author$
 ###
-# Copyright (C) 2004-2006 - Kris Deugau
+# Copyright (C) 2004-2010 - Kris Deugau
 
 use strict;
@@ -17 +17 @@
 use DBI;
 use CommonWeb qw(:ALL);
-use MyIPDB;
 use CustIDCK;
 #use POSIX qw(ceil);
@@ -24 +23 @@
 use Sys::Syslog;
 
-openlog "IPDB-admin","pid","local2";
+# don't remove!  required for GNU/FHS-ish install from tarball
+##uselib##
+
+use MyIPDB;
+
+openlog "IPDB-admin","pid","$IPDB::syslog_facility";
 
 # Collect the username from HTTP auth.  If undefined, we're in a test environment.
@@ -53 +57 @@
         qq(\t<link rel="stylesheet" type="text/css" href="/ip/local.css">\n).
         "</head>\n<body>\n".
-        qq(Access to this tool is restricted.  Contact <a href="mailto:kdeugau\@vianet.ca">Kris</a> \n).
+        qq(Access to this tool is restricted.  Contact the <a href="mailto:ipdbadmin\@example.com">IPDB administrator</a> \n).
         "for more information.\n</body>\n</html>\n";
   exit;
@@ -89 +93 @@
   print qq(WARNING:  There are FAR fewer controls on what you can do here.  Use the
 main interface if at all possible.
-<hr>
-<a href="admin.cgi?action=newalloc">Add allocation</a>
 <hr>
 <form action="admin.cgi" method="POST">
@@ -107 +109 @@
 Bump "last updated" timestamp on this master: <select name=whichmaster>$masterlist</select>
 <input type=submit value="Update timestamp"> (Sets timestamp to "now")</form>
-<a href="admin.cgi?action=listcust">Edit customer data for rWHOIS</a>
+<a href="admin.cgi?action=listcust">Edit customer data for rWHOIS</a> - data used for
+blocks with the SWIP box checkmarked.  Links to edit/add data are on this page.
 
 <hr><a href="admin.cgi?action=showpools">List IP Pools</a> for manual tweaking and updates
+
 <hr><a href="admin.cgi?action=showusers">Manage users</a> (add/remove users;  change
-internal access controls - note that this does NOT include IP-based limits)
+internal access controls - note that this does NOT include IP-based limits)<br>
+<a href="admin.cgi?action=emailnotice">Manage email notice options</a> (pick which events
+and allocation types cause notifications;  configure recipient lists for notices)
+
 <hr>Consistency check tools<br>
 <a href="consistency-check.pl">General</a>:  Check general netblock consistency.<br>
 <a href="freespace.pl">Free space</a>:  List total and aggregate free space.  Does not 
 include private networks (192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8)
-<hr>(r)WHOIS<br>
-<a href="list-cust.php">List customer data for WHOIS</a> - data used for blocks with the SWIP box checkmarked.
-Links to edit/add data are on this page.
 );
 } else {
@@ -149 +153 @@
       if (!$status) {
         printError("Customer ID not valid.  Make sure the Customer ID ".
-          "is correct.<br>\nUse STAFF for staff static IPs, and 6750400 for any other ".
+          "is correct.<br>\nUse STAFF for staff static IPs, and $IPDB::defcustid for any other ".
           "non-customer assignments.");
         return;
@@ -250 +254 @@
         syslog "notice", "$authuser allocated '$webvar{cidr}' to '$webvar{custid}' as ".
                 "'$webvar{alloctype}'";
-        # Notify tech@example.com
-        mailNotify('tech@example.com',"$disp_alloctypes{$webvar{alloctype}} allocation",
+        mailNotify($ip_dbh, "a$webvar{alloctype}",
           "$disp_alloctypes{$webvar{alloctype}} $webvar{cidr} allocated to customer".
           " $webvar{custid}\n".
@@ -306 +309 @@
 <form action=admin.cgi method=POST>
 <table border=1><tr>
-<input type=hidden name=action value=newcust>
+<input type=hidden name=action value=edcust>
+<input type=hidden name=newcust value=1>
 <td>CustID:</td><td><input name=custid></td>
-<td>Name:</td><td><input name=name></td></tr>
-<tr><td>Street:</td><td><input name=street></td></tr>
-<!-- <td>Street2:</td><td><input name=street2></td> -->
-<tr><td>City:</td><td><input name=city></td>
-<td>Province: (2-letter code)</td><td><input name=province value=ON length=2 size=2></td></tr>
-<tr><td>Country: (2-letter code)</td><td><input name=country value=CA length=2 size=2></td>
-<td>Postal/ZIP Code:</td><td><input name=pocode></td></tr>
-<tr><td>Phone:</td><td><input name=phone></td>
-<!-- <td>Default rDNS:</td><td><input name=def_rdns></td></tr>
-<td>Description:</td><td><input name=description></td> -->
-<td>ARIN Handles:</td><td>
- Tech: <input name=tech_handle value="VH25-ORG-ARIN"><br>
- Abuse: <input name=abuse_handle><br>
- Admin: <input name=admin_handle><br>
-Note:  Only tech is required at the moment.
-</td></tr>
-<tr><td colspan=4 align=center><input type=submit value="Add"></td></tr>
+<td align=center><input type=submit value="Go to edit page for this custid"></td></tr>
 </form></table>
 );
@@ -336 +324 @@
   }
   print "</table>\n";
-} elsif ($webvar{action} eq 'newcust') {
-  if ($webvar{custid} eq '') {
-    print 'No CustID entered.  PTHBT!  (Hit "Back" and fix the problem.)';
-  } else {
-    $sth = $ip_dbh->prepare("insert into customers ".
-        "(custid, name, street, city, province, country, pocode, ".
-        "phone, tech_handle, abuse_handle, admin_handle) values ".
-        "('$webvar{custid}', '$webvar{name}', '$webvar{street}', ".
-        "'$webvar{city}', '$webvar{province}', '$webvar{country}', ".
-        "'$webvar{pocode}', '$webvar{phone}', '$webvar{techhandle}', ".
-        "'$webvar{abusehandle}', '$webvar{adminhandle}')");
-    $sth->execute;
-    if ($sth->err) {
-      print "INSERT failed:  ".$sth->errstr."\n";
-    } else {
-      print "Success!  Added customer contact data:\n".
-        qq(<table border=1><tr>
-<td>CustID:</td>$webvar{custid}</td><td>Name:</td>$webvar{name}</td></tr>
-<tr><td>Street:</td><td>$webvar{street}</td></tr>
-<tr><td>City:</td><td>$webvar{city}</td><td>Province:</td><td>$webvar{province}</td></tr>
-<tr><td>Country:</td><td>$webvar{country}</td>
-<td>Postal/ZIP Code:</td><td>$webvar{pocode}</td></tr>
-<tr><td>Phone:</td><td>$webvar{phone}</td>
-<!-- <td>Default rDNS:</td><td><input name=def_rdns></td></tr>
-<tr><td>Description:</td><td><input name=description></td> -->
-<td>ARIN Handles:</td><td>
- Tech: $webvar{tech_handle}<br>
- Abuse: $webvar{abuse_handle}<br>
- Admin: $webvar{admin_handle}<br>
-</td></tr></table>
-);
-    } # $sth err check
-  } # bad custid
 } elsif ($webvar{action} eq 'edcust') {
+  if ($webvar{newcust}) {
+    print "got here?\n";
+    $sth = $ip_dbh->prepare("INSERT INTO customers (custid) VALUES (?)");
+    $sth->execute($webvar{custid});
+  }
   $sth = $ip_dbh->prepare("select custid,name,street,city,province,".
-        "country,pocode,phone,tech_handle,abuse_handle,admin_handle ".
+        "country,pocode,phone,tech_handle,abuse_handle,admin_handle,special ".
         "from customers where custid='$webvar{custid}'");
   $sth->execute;
-  my ($custid, $name, $street, $city, $prov, $country, $pocode, $phone, $tech, $abuse, $admin) =
+  my ($custid, $name, $street, $city, $prov, $country, $pocode, $phone, $tech, $abuse, $admin, $special) =
         $sth->fetchrow_array;
   print qq(<form action=admin.cgi method=POST>
@@ -381 +341 @@
 <td>CustID:</td><td>$custid<input type=hidden name=custid value=$custid></td>
 <td>Name:</td><td><input name=name value="$name"></td></tr>
-<tr><td>Street:</td><td><input name=street value="$street"></td></tr>
+<tr><td>Street:</td><td><input name=street value="$street"></td>
 <!-- <td>Street2:</td><td><input name=street2></td> -->
-<tr><td>City:</td><td><input name=city value="$city"></td>
-<td>Province: (2-letter code)</td><td><input name=province value="$prov" length=2 size=2></td></tr>
-<tr><td>Country: (2-letter code)</td><td><input name=country value="$country" length=2 size=2></td>
-<td>Postal/ZIP Code:</td><td><input name=pocode value="$pocode"></td></tr>
-<tr><td>Phone:</td><td><input name=phone value="$pocode"></td>
+<td>City:</td><td><input name=city value="$city"></td></tr>
+<tr><td>Province/State: (2-letter code)</td><td><input name=province value="$prov" length=2 size=2></td>
+<td>Country: (2-letter code)</td><td><input name=country value="$country" length=2 size=2></td></tr>
+<tr><td>Postal/ZIP Code:</td><td><input name=pocode value="$pocode"></td>
+<td>Phone:</td><td><input name=phone value="$pocode"></td></tr>
 <!-- <td>Default rDNS:</td><td><input name=def_rdns></td></tr>
 <td>Description:</td><td><input name=description></td> -->
-<td>ARIN Handles:</td><td>
+<tr><td>Contacts/ARIN Handles:</td><td>
  Tech: <input name=tech_handle value="$tech"><br>
  Abuse: <input name=abuse_handle value="$abuse"><br>
  Admin: <input name=admin_handle value="$admin"><br>
 Note:  Only tech is required at the moment.
-</td></tr>
+</td>
+<td>"Special":</td><td><textarea name=special rows=4 cols=50>$special</textarea></td>
+</tr>
 <tr><td colspan=4 align=center><input type=submit value="Update"></td></tr>
 </form></table>
+<div style="margin-left:5px">
+<h3>Explanation for "Special" field:</h3>
+This is a temporary place to define the WHOIS "net name" for a block.
+It may be removed later, more likely migrated elsewhere.
+<p>It's formatted like this, one line for each custom net name:
+<pre>NetName[CIDR block]: NET-NAME</pre>
+Example:
+<pre>NetName192.168.236.0/24: MEGAWIDGET-1</pre>
+Note:
+<ul style="margin-top: 0px;">
+<li>Spacing is important - there should only be ONE space, in between the colon and the net name.
+<li>The CIDR block name nust include all four octets - no short forms are accepted.
+<li>Net names must be all uppercase, and consist only of A-Z, 0-9, and - (same as for SWIPed net names).
+</ul>
+</div>
 );
 
 } elsif ($webvar{action} eq 'updcust') {
-  print "Updated $webvar{custid}\n";
+  $sth = $ip_dbh->prepare("UPDATE customers SET".
+        " name=?, street=?, city=?, province=?, country=?, pocode=?,".
+        " phone=?, tech_handle=?, abuse_handle=?, admin_handle=?, special=?".
+        " WHERE custid=?");
+  $sth->execute($webvar{name}, $webvar{street}, $webvar{city}, $webvar{province}, 
+        $webvar{country}, $webvar{pocode}, $webvar{phone}, $webvar{tech_handle}, 
+        $webvar{abuse_handle}, $webvar{admin_handle}, $webvar{special}, $webvar{custid});
+  print "Updated $webvar{custid}<br>\n".
+        qq(<table border=1>
+<tr><td>CustID:</td><td>$webvar{custid}</td></tr>
+<tr><td>Name:</td><td>$webvar{name}</td></tr>
+<tr><td>Street:</td><td>$webvar{street}</td></tr>
+<tr><td>City:</td><td>$webvar{city}</td></tr>
+<tr><td>Province/State:</td><td>$webvar{province}</td></tr>
+<tr><td>Country:</td><td>$webvar{country}</td></tr>
+<tr><td>Postal/ZIP Code:</td><td>$webvar{pocode}</td></tr>
+<tr><td>Phone:</td><td>$webvar{phone}</td></tr>
+<!-- <td>Default rDNS:</td><td>$webvar{def_rdns}</td></tr> -->
+<tr><td>Contacts/ARIN Handles:</td><td>
+ Tech: $webvar{tech_handle}<br>
+ Abuse: $webvar{abuse_handle}<br>
+ Admin: $webvar{admin_handle}<br>
+</td></tr>
+<tr><td>"Special":</td><td><pre>$webvar{special}</pre></td></tr>
+</table>
+<a href="admin.cgi?action=listcust">Back</a> to rWHOIS customer list<br>\n);
+
 } elsif ($webvar{action} eq 'showpools') {
   print "IP Pools currently allocated:\n".
@@ -516 +519 @@
   print qq(<hr><a href="admin.cgi?action=showusers">Back</a> to user listing\n);
 
+} elsif ($webvar{action} eq 'emailnotice') {
+  print "<h4>Email notice management:</h4>\nClick the email addresses to edit that list.";
+  $sth = $ip_dbh->prepare("SELECT action,reciplist FROM notify");
+  $sth->execute;
+
+  print "<table border=1>\n";
+  while (my ($notice_code,$reciplist) = $sth->fetchrow_array() ) {
+##fixme: hairy mess, only a few things call mailNotify() anyway, so many possible notices won't work.
+    my $action_out = dispNoticeCode($notice_code);
+    print "<tr><td>$action_out</td>".
+        qq(<td><a href="admin.cgi?action=ednotice&code=$notice_code">$reciplist</a></td>).
+        qq(<td><a href="admin.cgi?action=delnotice&code=$notice_code">Delete</a></tr>\n);
+  }
+  print qq(<tr><td colspan=2>Known "special" codes:<br>
+<ul style="margin-top: 0px; margin-bottom: 0px;">
+        <li>swi: Notify if block being updated has SWIP flag set</li>
+</ul></td></tr>
+</table>
+);
+
+# add new entries from this tangle:
+  print "<h4>Add new notification:</h4>\n".
+        "Note:  Failure notices on most conditions are not yet supported.\n";
+
+  print qq(<table border=1><form action=admin.cgi method="POST">
+<input type=hidden name=action value=addnotice>
+<tr>
+<td>Recipients</td><td colspan=3><textarea name=reciplist cols=50 rows=5></textarea></td></tr>
+<tr><td>Action</td><td>
+        <table><tr>
+                <td><input type=radio name=msgaction value=a>Add &nbsp;
+                <input type=radio name=msgaction value=u>Update &nbsp;
+                <input type=radio name=msgaction value=d>Delete &nbsp;
+                <input type=radio name=msgaction value=n>New listitem</td>
+        </tr><tr>
+                <td>
+                <input type=radio name=msgaction value=s:>Special: <input name=special>(requires code changes)
+        </td></tr></table>
+</td>
+<td>Failure?</td><td><input type=checkbox name=onfail></td></tr>
+<tr><td>Event/Allocation type:</td><td colspan=3>
+        <table>
+        <tr>
+                <td><input type=radio name=alloctype value=a>All allocations</td>
+                <td><input type=radio name=alloctype value=.i>All static IPs</td>
+                <td><input type=radio name=alloctype value=ci>New city</td>
+                <td><input type=radio name=alloctype value=no>New node</td>
+        </tr>
+        <tr>
+);
+
+  $sth = $ip_dbh->prepare("SELECT type,dispname FROM alloctypes WHERE listorder < 500 ".
+        "ORDER BY listorder");
+  $sth->execute;
+  my $i=0;
+  while (my ($type,$disp) = $sth->fetchrow_array) {
+    print "             <td><input type=radio name=alloctype value=$type>$disp</td>";
+    $i++;
+    print "     </tr>\n\t<tr>"
+        if ($i % 4 == 0);
+  }
+
+  print qq(     </tr>
+        </table>
+</tr>
+<tr><td colspan=4 align=center><input type=submit value="Add notice"></td></tr>
+</table>
+</form>
+);
+  ## done spitting out add-new-spam-me-now table
+
+} elsif ($webvar{action} eq 'addnotice') {
+  $webvar{alloctype} = $webvar{special} if $webvar{msgaction} eq 's:';
+  if ($webvar{msgaction} && $webvar{alloctype} && $webvar{reciplist}) {
+    $webvar{reciplist} =~ s/[\r\n]+/,/g;
+    $webvar{msgaction} = "f:$webvar{msgaction}" if $webvar{onfail};
+    print "Adding notice to $webvar{reciplist} for ".dispNoticeCode($webvar{msgaction}.$webvar{alloctype}).":\n";
+    $sth = $ip_dbh->prepare("INSERT INTO notify (action, reciplist) VALUES (?,?)");
+##fixme:  automagically merge reciplists iff action already exists
+    $sth->execute($webvar{msgaction}.$webvar{alloctype}, $webvar{reciplist});
+    if ($sth->err) {
+      print "Failed:  DB error: ".$sth->errstr."\n";
+    } else {
+      print "OK!<br>\n"
+    }
+  } else {
+    print "Need to specify at least one recipient, an action, and an allocation type. ".
+        qq{("Special" content is considered an allocation type).  Hit the Back button and try again.<br>\n};
+  }
+  print qq(<a href="admin.cgi?action=emailnotice">Back to email notice list</a>\n);
+
+} elsif ($webvar{action} eq 'delnotice') {
+  print "Deleting notices on ".dispNoticeCode($webvar{code}.$webvar{alloctype}).":\n";
+  $sth = $ip_dbh->prepare("DELETE FROM notify WHERE action=?");
+  $sth->execute($webvar{code});
+  if ($sth->err) {
+    print "Failed:  DB error: ".$sth->errstr."\n";
+  } else {
+    print "OK!<br>\n"
+  }
+  print qq(<a href="admin.cgi?action=emailnotice">Back to email notice list</a>\n);
+
+} elsif ($webvar{action} eq 'ednotice') {
+  print "<h4>Editing recipient list for '".dispNoticeCode($webvar{code})."':</h4>\n";
+  $sth = $ip_dbh->prepare("SELECT reciplist FROM notify WHERE action=?");
+  $sth->execute($webvar{code});
+  my ($reciplist) = $sth->fetchrow_array;
+  $reciplist =~ s/,/\n/g;
+  print qq(<form action=admin.cgi method=POST><input type=hidden name=code value="$webvar{code}">\n).
+        qq(<input type=hidden name=action value="updnotice"><table border=1><tr><td>).
+        qq(<textarea cols="40" rows="5" name=reciplist>$reciplist</textarea></td><td><input type=submit value="Update">\n).
+        "</td></tr></table></form>\n";
+} elsif ($webvar{action} eq 'updnotice') {
+  print "<h4>Updating recipient list for '".dispNoticeCode($webvar{code})."':</h4>\n";
+  $sth = $ip_dbh->prepare("UPDATE notify SET reciplist=? WHERE action=?");
+  $webvar{reciplist} =~ s/[\r\n]+/,/g;
+  $sth->execute($webvar{reciplist}, $webvar{code});
+  if ($sth->err) {
+    print "Failed:  DB error: ".$sth->errstr."\n";
+  } else {
+    print "OK!<br>\n"
+  }
+  print qq(<a href="admin.cgi?action=emailnotice">Back to email notice list</a>\n);
 } elsif ($webvar{action} ne '<NULL>') {
   print "webvar{action} check failed: Don't know how to $webvar{action}";
@@ -668 +794 @@
   print "</form></table>\n";
 }
+
+
+# interpret the notify codes
+sub dispNoticeCode {
+  my $code = shift;
+  my $action_out = '';
+
+  if ($code =~ /^s:/) {
+    $code =~ s/^s:/Special: /;
+    return $code;
+  }
+  if ($code =~ /^f:(.+)$/) {
+    $code =~ s/^f://;
+    $action_out = "Failure on ";
+  }
+  if (my $target = $code =~ /^n(.+)/) {
+    $action_out .= "New ";
+    if ($1 eq 'ci') { $action_out .= "city"; }
+    elsif ($1 eq 'no') { $action_out .= "node"; }
+    else { $action_out .= '&lt;unknown&gt;'; }
+  } else {
+    my ($action,$target) = ($code =~ /^(.)(.+)$/);
+    if ($action eq 'a')      { $action_out .= 'Add '; }
+    elsif ($action eq 'u')   { $action_out .= 'Update '; }
+    elsif ($action eq 'd')   { $action_out .= 'Delete '; }
+##fixme:  what if we get something funky?
+# What about the eleventy-billion odd combinations possible?
+# this should give an idea of the structure tho
+    if ($target eq 'a') { $action_out .= "all"; }
+    elsif ($target eq '.i') {
+      $action_out .= "all static IPs";
+    }
+    else { $action_out .= $disp_alloctypes{$target}; }
+  }
+  return $action_out;
+}

@@ -1 +1 @@
 local.css
+*.tar.gz