Changeset 782 for trunk/cgi-bin/main.cgi

Timestamp:

10/08/15 17:09:51 (9 years ago)

Author:

Kris Deugau

Message:

/trunk

Add device-backup fields to pool IP assignment. See #52.

• allocateBlock() in IPDB.pm
• new assignment page

Refine CSS hiding space-gobbling fields so it can be used multiple places

File:

• trunk/cgi-bin/main.cgi (modified) (5 diffs)

trunk/cgi-bin/main.cgi

@@ -434 +434 @@
 ## end node hack
 
-  $page->param(privdata => $IPDBacl{$authuser} =~ /s/);
+  $page->param(nocling => $IPDBacl{$authuser} =~ /s/);
 
 } # assignBlock
@@ -657 +657 @@
 
   # Check to see if user is allowed to do anything with sensitive data
-  my $privdata = '';
-  $page->param(privdata => $q->escapeHTML($webvar{privdata},'y'))
-        if $IPDBacl{$authuser} =~ /s/;
+ if ($IPDBacl{$authuser} =~ /s/) {
+    $page->param(nocling => 1);
+    $page->param(privdata => $q->escapeHTML($webvar{privdata},'y'));
+
+    $page->param(backupfields => $webvar{backupfields});
+    $page->param(bkbrand => $webvar{bkbrand});
+    $page->param(bkmodel => $webvar{bkmodel});
+    $page->param(bktype  => $webvar{bktype});
+    $page->param(bksrc   => $webvar{bksrc});
+    $page->param(bkuser  => $webvar{bkuser});
+    # these two could use virtually any character
+    $page->param(bkvpass => $q->escapeHTML($webvar{bkvpass}));
+    $page->param(bkepass => $q->escapeHTML($webvar{bkepass}));
+    $page->param(bkport  => $webvar{bkport});
+  }
 
   # Yay!  This now has it's very own little home.
@@ -682 +694 @@
   return if !validateInput();
 
+##fixme: permission check
   if (!defined($webvar{privdata})) {
     $webvar{privdata} = '';
@@ -717 +730 @@
         );
 
+##fixme: permission check
+  # fill in backup data, if present/allowed
+  if ($webvar{backupfields}) {
+    $insert_args{backup} = 1;
+    $insert_args{bkbrand} = $webvar{bkbrand};
+    $insert_args{bkmodel} = $webvar{bkmodel};
+    for my $bkfield (qw(type src user vpass epass port)) {
+      $insert_args{"bk$bkfield"} = ($webvar{"bk$bkfield"} ? $webvar{"bk$bkfield"} : '');
+    }
+  }
+
   my $pinfo = getBlockData($ip_dbh, $webvar{parent});
 
@@ -874 +898 @@
         return;
       }
+    }
+  }
+
+  # Backup fields.  Minimal sanity checks.
+  for my $bkfield (qw(brand model)) {
+    if ($webvar{"bk$bkfield"} && $webvar{"bk$bkfield"} !~ /^[a-zA-Z0-9\s_.-]+$/) {
+      $page->param(err => "Invalid characters in backup $bkfield");
+      return;
+    }
+  }
+  for my $bkfield (qw(type src user)) {  # no spaces in these!
+    if ($webvar{"bk$bkfield"} && $webvar{"bk$bkfield"} !~ /^[a-zA-Z0-9_.-]+$/) {
+      $page->param(err => "Invalid characters in backup $bkfield");
+      return;
+    }
+  }
+  if ($webvar{bkport}) {
+    $webvar{bkport} =~ s/^\s+//g;
+    $webvar{bkport} =~ s/\s+$//g;
+    if ($webvar{bkport} !~ /^\d+$/) {
+      $page->param(err => "Backup port must be numeric");
+      return;
     }
   }