Skip to content

Commit

Permalink
Fix/832 kiosk (UPC#834)
Browse files Browse the repository at this point in the history 
* fix(frontend): allow anonymous access

issue UPC#832

* fix(frontend): allow direct link to clone machine anonymous

issue UPC#832
  • Loading branch information
@frankiejol
frankiejol authored Jul 18, 2018
1 parent 616903f commit c15a0bb
Show file tree
Hide file tree
Showing 5 changed files with 73 additions and 58 deletions.
16 changes: 14 additions & 2 deletions public/js/ravada.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,8 +111,21 @@
$scope.list_machines_user = function() {
var seconds = 1000;
if ($scope.refresh <= 0) {
$http.get('/list_machines_user.json').then(function(response) {
var url = '/list_machines_user.json';
if ($scope.anonymous) {
url = '/list_bases_anonymous.json';
}
$http.get(url).then(function(response) {
$scope.machines = response.data;
$scope.public_bases = 0;
$scope.private_bases = 0;
for (var i = 0; i < $scope.machines.length; i++) {
if ( $scope.machines[i].is_public == 1) {
$scope.public_bases++;
} else {
$scope.private_bases++;
}
}
}, function error(response) {
console.log(response.status);
});
Expand Down Expand Up @@ -144,7 +157,6 @@
$scope.startIntro = startIntro;
$scope.host_action = 0;
$scope.refresh = 0;
$scope.list_machines_user();
};

function singleMachinePageC($scope, $http, $interval, request, $location) {
Expand Down
86 changes: 49 additions & 37 deletions rvd_front.pl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,21 +138,21 @@
,host => $host
);

return access_denied($c)
if $url =~ /(screenshot|\.json)/
&& !_logged_in($c);

if ($url =~ m{^/machine/display/} && !_logged_in($c)) {
$USER = _get_anonymous_user($c);
return if $USER->is_temporary;
}
return login($c)
if
$url !~ m{^/(anonymous|login|logout|requirements|robots.txt)}
&& $url !~ m{^/(css|font|img|js)}
return if _logged_in($c);
return if $url =~ m{^/(anonymous|login|logout|requirements|robots.txt)}
|| $url =~ m{^/(css|font|img|js)};

# anonymous URLs
if (($url =~ m{^/machine/(clone|display|info|view)/}
|| $url =~ m{^/(list_bases_anonymous|request/)}i
) && !_logged_in($c)) {
$USER = _anonymous_user($c);
return if $USER->is_temporary;
}
return access_denied($c)
if $url =~ /(screenshot|\.json)/
&& !_logged_in($c);

_logged_in($c) if $url =~ m{^/requirements};
return login($c) if !_logged_in($c);

if ($USER && $USER->is_admin && $CONFIG_FRONT->{monitoring}) {
if (!defined $c->session('monitoring')) {
Expand All @@ -167,7 +167,6 @@

any '/robots.txt' => sub {
my $c = shift;
warn "robots";
return $c->render(text => "User-agent: *\nDisallow: /\n", format => 'text');
};

Expand Down Expand Up @@ -384,10 +383,20 @@
return view_machine($c);
};

get '/machine/clone/(:id).(:type)' => sub {
any '/machine/clone/(:id).(:type)' => sub {
my $c = shift;
return access_denied($c) if !$USER->can_clone();
return clone_machine($c);

return clone_machine($c) if $USER && $USER->can_clone() && !$USER->is_temporary();

my $bases_anonymous = $RAVADA->list_bases_anonymous(_remote_ip($c));
for (@$bases_anonymous) {
if ($_->{id} == $c->stash('id') ) {
return clone_machine($c,1);
}
}

return login($c) if !$USER || $USER->is_temporary;
return access_denied($c);
};

get '/machine/shutdown/(:id).(:type)' => sub {
Expand Down Expand Up @@ -580,6 +589,9 @@
my $c = shift;
my $id = $c->stash('id');

if (!$USER) {
$USER = _get_anonymous_user($c) or access_denied($c);
}
if ($c->stash('type') eq 'json') {
my $request = Ravada::Request->open($id);
return $c->render(json => $request->info($USER));
Expand Down Expand Up @@ -980,6 +992,7 @@ sub quick_start {

sub render_machines_user {
my $c = shift;
my $anonymous = (shift or 0);

if ($CONFIG_FRONT->{guide_custom}) {
push @{$c->stash->{js}}, $CONFIG_FRONT->{guide_custom};
Expand All @@ -988,8 +1001,8 @@ sub render_machines_user {
}
return $c->render(
template => 'main/list_bases_ng'
,machines => $RAVADA->list_machines_user($USER)
,user => $USER
,_anonymous => $anonymous
);
}

Expand All @@ -999,15 +1012,14 @@ sub quick_start_domain {
return $c->redirect_to('/login') if !$USER;

confess "Missing id_base" if !defined $id_base;
$name = $c->session('login') if !$name;
$name = $USER->name if !$name;

my $base = $RAVADA->search_domain_by_id($id_base) or die "I can't find base $id_base";

my $domain_name = $base->name."-".$name;
$domain_name =~ tr/[\.]/[\-]/;

my $domain = $RAVADA->search_clone(id_base => $base->id, id_owner => $USER->id);
warn "clone found ".$domain->name if $domain;
$domain_name = $domain->name if $domain;

return run_request($c,provision_req($c, $id_base, $domain_name));
Expand Down Expand Up @@ -1323,7 +1335,6 @@ sub register {

if($username) {
my @list_users = Ravada::Auth::SQL::list_all_users();
warn join(", ", @list_users);

if (grep {$_ eq $username} @list_users) {
push @error,("Username already exists, please choose another one");
Expand Down Expand Up @@ -1499,9 +1510,8 @@ sub view_machine {
);
}

sub clone_machine {
my $c = shift;
return login($c) if !_logged_in($c);
sub clone_machine($c, $anonymous=0) {
return login($c) unless $anonymous || _logged_in($c);
_init_error($c);

my $base = _search_requested_machine($c);
Expand Down Expand Up @@ -1765,13 +1775,7 @@ sub list_bases_anonymous {

return access_denied($c) if !scalar @$bases_anonymous;

$c->render(template => 'main/list_bases2'
, _logged_in => undef
, _anonymous => 1
, machines => $bases_anonymous
, user => undef
, url => undef
);
return render_machines_user($c,1);
}

sub _remote_ip {
Expand Down Expand Up @@ -1812,8 +1816,14 @@ sub _anonymous_user {
}
my $user= Ravada::Auth::SQL->new( name => $name );

confess "user ".$user->name." has no id, may not be in table users"
if !$user->id;
if ( !$user->id ) {
$name = _new_anonymous_user($c);
$c->session(anonymous_user => $name);
$user= Ravada::Auth::SQL->new( name => $name );

confess "USER $name has no id after creation"
if !$user->id;
}

return $user;
}
Expand All @@ -1832,13 +1842,15 @@ sub _random_name {
sub _new_anonymous_user {
my $c = shift;

my $name_mojo = $c->signed_cookie('mojolicious');
$name_mojo = _random_name(32) if !$name_mojo;
my $name_mojo = reverse($c->signed_cookie('mojolicious'));

my $length = 32;
$name_mojo = _random_name($length) if !$name_mojo;

$name_mojo =~ tr/[^a-z][^A-Z][^0-9]/___/c;

my $name;
for my $n ( 4 .. 32 ) {
for my $n ( 4 .. $length ) {
$name = "anon".substr($name_mojo,0,$n);
my $user;
eval {
Expand Down
2 changes: 2 additions & 0 deletions t/vm/v10_volatile.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,8 @@ sub test_volatile {
is(rvd_front->domain_exists($name),0,"[$vm_name] Expecting domain removed after shutdown")
or exit;

my $user2 = Ravada::Auth::SQL->new(name => $user_name);
ok(!$user2->id,"Expecting user '$user_name' removed");
my $domain_b = rvd_back->search_domain($name);
ok(!$domain_b,"[$vm_name] Expecting domain removed after shutdown");

Expand Down
5 changes: 3 additions & 2 deletions templates/main/list_bases_ng.html.ep
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
$_anonymous=<%= ($_anonymous or 0) %>;
</script>

<div id="page-wrapper" ng-controller="bases">
<div id="page-wrapper" ng-controller="bases" ng-init="anonymous=<%= $_anonymous or 0 %>;list_machines_user();">
%= include 'main/list_bases_ng_head'
<!--MACHINES SELECTION-->
<div class="panel-body">
Expand Down Expand Up @@ -75,7 +75,8 @@
ng-click="host_action=0"
><span class="glyphicon glyphicon-arrow-left"></a>
</span>
% if ($user->can_change_settings || $user->can_change_settings_all){
% if ($user
% && ( $user->can_change_settings || $user->can_change_settings_all)){
<a ng-show="machine.id_clone && (host_action != machine.id && host_restore != machine.id_clone)"
align="right" href="/machine/manage/{{machine.id_clone}}.html"><i class="fa fa-fw fa-cog" title="<%=l 'Settings' %>"></a></i>
% }
Expand Down
22 changes: 5 additions & 17 deletions templates/main/list_bases_ng_head.html.ep
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,11 @@
% my $public_bases = 0;
% my $private_bases = 0;
% for my $machine(@$machines) {
% if ($machine->{is_public}) {
% $public_bases++;
% } else {
% $private_bases++;
% }
% }

<div class="panel panel-default">
<div class="panel-heading">
<h2><%=l 'Choose a Machine to Start' %></h2>
% if ( $guide and $public_bases ) {
<a class="btn btn-large btn-success" href="javascript:void(0);" ng-click="startIntro();"><%= l 'Step-by-step guide' %></a>
% if ( $guide ) {
<a ng-show="public_bases" class="btn btn-large btn-success" href="javascript:void(0);" ng-click="startIntro();"><%= l 'Step-by-step guide' %></a>
% }
% if ($user->is_admin && $public_bases && $private_bases) {
<div ng-cloak>
% if ($user && $user->is_admin) {
<div ng-cloak ng-show="public_bases && private_bases">
<a ng-click="toggle_only_public()" class="label label-primary"
align="right" ng-show="!only_public"><%=l 'Hide Private' %></a>
<a ng-click="toggle_only_public()" class="label label-primary"
Expand All @@ -24,8 +14,7 @@
% }

</div>
% if (! $public_bases ) {
<div class="panel-body">
<div class="panel-body" ng-show="public_bases==0">
<div class="panel panel-warning">
<div class="panel-heading">
% if ($user && $user->is_admin) {
Expand All @@ -37,5 +26,4 @@
</div>
</div>
</div>
% }
</div>

0 comments on commit c15a0bb

Please sign in to comment.