[Cluster-devel] conga/luci cluster/form-macros cluster/validat ...
rmccabe at sourceware.org
rmccabe at sourceware.org
Fri Feb 9 18:30:46 UTC 2007
CVSROOT: /cvs/cluster
Module name: conga
Changes by: rmccabe at sourceware.org 2007-02-09 18:30:44
Modified files:
luci/cluster : form-macros validate_fence.js
luci/homebase : form-macros homebase_common.js
validate_cluster_add.js
luci/site/luci/Extensions: homebase_adapters.py
Log message:
don't let passwords get into the server's html output
Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/cluster/form-macros.diff?cvsroot=cluster&r1=1.184&r2=1.185
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/cluster/validate_fence.js.diff?cvsroot=cluster&r1=1.3&r2=1.4
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/homebase/form-macros.diff?cvsroot=cluster&r1=1.55&r2=1.56
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/homebase/homebase_common.js.diff?cvsroot=cluster&r1=1.16&r2=1.17
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/homebase/validate_cluster_add.js.diff?cvsroot=cluster&r1=1.7&r2=1.8
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/homebase_adapters.py.diff?cvsroot=cluster&r1=1.48&r2=1.49
--- conga/luci/cluster/form-macros 2007/02/08 16:00:36 1.184
+++ conga/luci/cluster/form-macros 2007/02/09 18:30:43 1.185
@@ -275,7 +275,8 @@
<ul class="vanilla">
<li class="vanilla">
<input name="check_certs" type="checkbox"
- tal:attributes="checked python: (add_cluster and add_cluster['check_certs']) and 'checked'" />
+ id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)" />
View system certificates before sending any passwords.
</li>
<li class="vanilla">
@@ -404,7 +405,7 @@
onChange="pwd0Change(this.form)"
autocomplete="off"
tal:attributes="
- value sys/passwd | nothing;
+ value nothing;
class python: 'hbInputPass' + ('errors' in sys and ' error' or '');
id python: '__SYSTEM%d:Passwd' % cur_sysnum;
name python: '__SYSTEM%d:Passwd' % cur_sysnum" />
@@ -1485,7 +1486,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -1543,7 +1544,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -1592,7 +1593,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -1642,7 +1643,7 @@
<td>Password</td>
<td>
<input name="passwd" type="password" autocomplete="off"
- tal:attributes="value cur_fencedev/passwd | nothing" />
+ tal:attributes="value nothing" />
</td>
</tr>
</table>
@@ -1691,7 +1692,7 @@
<td>Password</td>
<td>
<input name="passwd" type="password" autocomplete="off"
- tal:attributes="value cur_fencedev/passwd | nothing" />
+ tal:attributes="value nothing" />
</td>
</table>
@@ -1739,7 +1740,7 @@
<td>Password</td>
<td>
<input name="passwd" type="password" autocomplete="off"
- tal:attributes="value cur_fencedev/passwd | nothing" />
+ tal:attributes="value nothing" />
</td>
</tr>
</table>
@@ -1796,7 +1797,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -1854,7 +1855,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -1903,7 +1904,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -2042,7 +2043,7 @@
<td>Password</td>
<td>
<input name="passwd" type="password" autocomplete="off"
- tal:attributes="value cur_fencedev/passwd | nothing" />
+ tal:attributes="value nothing" />
</td>
</tr>
</table>
@@ -2100,7 +2101,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -2254,7 +2255,7 @@
<td>Password</td>
<td>
<input name="passwd" type="password" autocomplete="off"
- tal:attributes="value cur_fencedev/passwd | nothing" />
+ tal:attributes="value nothing" />
</td>
</tr>
<tr>
@@ -3567,7 +3568,8 @@
<ul class="vanilla">
<li class="vanilla">
<input name="check_certs" type="checkbox"
- tal:attributes="checked python: (add_cluster and add_cluster['check_certs']) and 'checked'" />
+ id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)" />
View system certificates before sending any passwords.
</li>
<li class="vanilla"
@@ -3608,7 +3610,7 @@
autocomplete="off"
onChange="pwd0Change(this.form)"
tal:attributes="
- value sys/passwd | nothing;
+ value nothing;
class python: 'hbInputPass' + ('errors' in sys and ' error' or '');
id python: '__SYSTEM%d:Passwd' % cur_sysnum;
name python: '__SYSTEM%d:Passwd' % cur_sysnum" />
--- conga/luci/cluster/validate_fence.js 2007/01/25 21:03:47 1.3
+++ conga/luci/cluster/validate_fence.js 2007/02/09 18:30:43 1.4
@@ -50,6 +50,14 @@
return (null);
}
+function validate_field_passwd(form_elem) {
+ if (form_elem.disabled) {
+ clr_form_err(form_elem);
+ return (null);
+ }
+ return validate_field_str(form_elem);
+}
+
/* Very loose checking for now -- just make sure it's not blank */
function validate_field_host(form_elem) {
return (validate_field_str(form_elem));
@@ -82,7 +90,7 @@
field_validator['ipaddr'] = validate_field_host;
field_validator['hostname'] = validate_field_host;
field_validator['login'] = validate_field_str;
-field_validator['passwd'] = validate_field_str;
+field_validator['passwd'] = validate_field_passwd;
field_validator['servers'] = validate_field_str;
field_validator['cserver'] = validate_field_str;
field_validator['device'] = validate_field_str;
--- conga/luci/homebase/form-macros 2007/01/29 20:43:29 1.55
+++ conga/luci/homebase/form-macros 2007/02/09 18:30:43 1.56
@@ -373,7 +373,7 @@
tal:attributes="
id python: '__SYSTEM%d:Passwd' % cur_sysnum;
name python: '__SYSTEM%d:Passwd' % cur_sysnum;
- value sys/passwd | nothing" />
+ value nothing" />
</td>
<td class="systemsTable">
<img
@@ -413,7 +413,10 @@
<tfoot class="systemsTable">
<tr class="systemsTable"><td colspan="2" class="systemsTable">
<ul class="vanilla">
- <li class="vanilla"><input name="check_certs" type="checkbox">View system certificates before sending any passwords.</li>
+ <li class="vanilla">
+ <input name="check_certs" id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)"
+ type="checkbox">View system certificates before sending any passwords.</li>
<li class="vanilla"
tal:attributes="id python: cur_sysnum < 2 and 'allSameDiv' or ''">
<input type="checkbox" name="allSameCheckBox"
@@ -666,7 +669,7 @@
tal:attributes="
id python: '__SYSTEM%d:Passwd' % cur_sysnum;
name python: '__SYSTEM%d:Passwd' % cur_sysnum;
- value sys/passwd | nothing" />
+ value nothing" />
</td>
<td class="systemsTable">
@@ -707,7 +710,10 @@
<tfoot class="systemsTable">
<tr class="systemsTable"><td colspan="2" class="systemsTable">
<ul class="vanilla">
- <li class="vanilla"><input name="check_certs" type="checkbox">View system certificates before sending any passwords.</li>
+ <li class="vanilla">
+ <input name="check_certs" id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)"
+ type="checkbox">View system certificates before sending any passwords.</li>
<li class="vanilla"
tal:attributes="id python: cur_sysnum < 2 and 'allSameDiv' or ''"><input type="checkbox" name="allSameCheckBox" id="allSameCheckBox" onClick="allPasswdsSame(this.form);"/>Check if storage system passwords are identical.</li>
</ul>
@@ -804,7 +810,8 @@
<ul class="vanilla">
<li class="vanilla">
<input name="check_certs" type="checkbox"
- tal:attributes="checked python: add_cluster['check_certs'] and 'checked'" />
+ id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)" />
View system certificates before sending any passwords.
</li>
<li class="vanilla" id="allSameDiv">
@@ -848,7 +855,7 @@
autocomplete="off"
onChange="pwd0Change(this.form)"
tal:attributes="
- value sys/passwd | nothing;
+ value nothing;
class python: 'hbInputPass' + ('errors' in sys and ' error' or '');
id python: '__SYSTEM%d:Passwd' % cur_sysnum;
name python: '__SYSTEM%d:Passwd' % cur_sysnum" />
@@ -956,8 +963,11 @@
tal:condition="cur_sys" />
<ul class="vanilla">
- <li class="vanilla"><input name="check_certs" type="checkbox">View system certificates before sending any passwords.</li>
- <li class="vanilla"><input type="checkbox" name="allSameCheckBox" id="allSameCheckBox" onClick="allPasswdsSame(this.form);"/>Authenticate to all cluster nodes using the password provided above.</li>
+ <li class="vanilla">
+ <input name="check_certs" id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)"
+ type="checkbox">View system certificates before sending any passwords.
+ </li>
</ul>
</td></tr>
</tfoot>
@@ -976,7 +986,7 @@
autocomplete="off"
id="__SYSTEM0:Passwd" name="__SYSTEM0:Passwd"
tal:attributes="
- value cur_sys/passwd | nothing" />
+ value nothing" />
</td>
<tal:block tal:condition="cur_sys">
<td class="systemsTable">
--- conga/luci/homebase/homebase_common.js 2007/01/25 21:03:47 1.16
+++ conga/luci/homebase/homebase_common.js 2007/02/09 18:30:44 1.17
@@ -132,6 +132,26 @@
return (null);
}
+function view_certs_only(form, state) {
+ var num_systems = form.numStorage.value;
+ if (!form.numStorage)
+ return (-1);
+
+ if (state) {
+ var cb = document.getElementById('allSameCheckBox');
+ if (cb && cb.checked)
+ cb.checked = false;
+ }
+
+ for (var i = 0 ; i < num_systems ; i++) {
+ var passwd = document.getElementById('__SYSTEM' + i + ':Passwd');
+ if (passwd) {
+ passwd.value = "";
+ passwd.disabled = state;
+ }
+ }
+}
+
function allPasswdsSame(form) {
var cb = document.getElementById('allSameCheckBox');
if (!cb)
@@ -252,6 +272,12 @@
var added_storage = new Array();
var num_systems = form.numStorage.value;
+ var view_certs = document.getElementById('view_certs');
+ if (view_certs)
+ view_certs = view_certs.checked;
+ else
+ view_certs = false;
+
for (var i = 0 ; i < num_systems ; i++) {
var element = document.getElementById('__SYSTEM' + i + ':Addr');
@@ -260,18 +286,31 @@
element.disabled = false;
var pwdElem = document.getElementById('__SYSTEM' + i + ':Passwd');
- if (!element.value) {
- if (pwdElem.value) {
+ if (!element.value || str_is_blank(element.value)) {
+ if (pwdElem && pwdElem.value && !str_is_blank(pwdElem.value)) {
set_form_err(element);
- if (!allSameCB.checked) {
+ if (!allSameCB || !allSameCB.checked) {
errors.push('You entered a password, but no hostname for system ' + (i + 1));
clr_form_err(pwdElem);
} else
pwdElem.value = '';
}
- clr_form_err(pwdElem);
+ if (pwdElem)
+ clr_form_err(pwdElem);
+ continue;
+ }
+
+ if (view_certs) {
+ if (pwdElem) {
+ pwdElem.value = ' ';
+ pwdElem.disabled = false;
+ }
+ added_storage.push(element.value);
+ clr_form_err(element);
continue;
- } else if (!pwdElem || !pwdElem.value) {
+ }
+
+ if (!pwdElem || !pwdElem.value) {
errors.push('No password was given for \"' + element.value + '\"');
set_form_err(pwdElem);
} else if (str_is_blank(pwdElem.value)) {
--- conga/luci/homebase/validate_cluster_add.js 2007/01/29 16:56:50 1.7
+++ conga/luci/homebase/validate_cluster_add.js 2007/02/09 18:30:44 1.8
@@ -34,13 +34,17 @@
if (error_dialog(errors))
return (-1);
- var confirm_str = '';
- if (form.addnode)
- confirm_str = 'Add ' + (added_storage.length > 1 ? 'these nodes' : 'this node') + ' to the \"' + clusterName + '\" cluster?';
- else
- confirm_str = 'Add the cluster \"' + clusterName + '\" to the Luci management interface?';
+ var view_certs = document.getElementById('view_certs');
+ if (!view_certs || !view_certs.checked) {
+ var confirm_str = '';
+ if (form.addnode)
+ confirm_str = 'Add ' + (added_storage.length > 1 ? 'these nodes' : 'this node') + ' to the \"' + clusterName + '\" cluster?';
+ else
+ confirm_str = 'Add the cluster \"' + clusterName + '\" to the Luci management interface?';
- if (confirm(confirm_str))
+ if (confirm(confirm_str))
+ form.submit();
+ } else
form.submit();
return (0);
--- conga/luci/site/luci/Extensions/homebase_adapters.py 2007/01/29 23:30:00 1.48
+++ conga/luci/site/luci/Extensions/homebase_adapters.py 2007/02/09 18:30:44 1.49
@@ -156,7 +156,7 @@
if len(sysData) < 2 or not sysData[1]:
raise Exception, 'no password'
cur_pass = sysData[1]
- cur_entry['passwd'] = cur_pass
+ cur_entry['passwd'] = ''
except:
luci_log.debug_verbose('vACI1: %s no password given')
request.SESSION.set('add_cluster_initial', cur_entry)
@@ -338,7 +338,7 @@
for i in node_list:
cur_node = { 'host': i }
if same_node_passwds:
- cur_node['passwd'] = cur_pass
+ cur_node['passwd'] = ''
add_cluster['nodes'][i] = cur_node
request.SESSION.set('add_cluster', add_cluster)
request.response.redirect('/luci/homebase/index_html?pagetype=%s' % HOMEBASE_ADD_CLUSTER)
@@ -382,7 +382,7 @@
cur_passwd = None
else:
cur_passwd = sysData[1]
- cur_system['passwd'] = cur_passwd
+ cur_system['passwd'] = ''
try:
cur_fp = request.form['__SYSTEM%dFingerprint' % i].strip()
More information about the Cluster-devel
mailing list