initial user managemet
This commit is contained in:
parent
3048e4e9a2
commit
4e3bde8249
2
nlvmi
2
nlvmi
|
|
@ -76,7 +76,7 @@ function createdb {
|
|||
sqlite3 $SQLITEFILE "CREATE TABLE users (
|
||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||
username VARCHAR(50) NOT NULL,
|
||||
password VARCHAR(50),
|
||||
password VARCHAR(255),
|
||||
admin INTEGER
|
||||
);"
|
||||
chown -R nobody $SQLITEFILE
|
||||
|
|
|
|||
|
|
@ -0,0 +1,28 @@
|
|||
/*! ========================================================================
|
||||
* Bootstrap Toggle: bootstrap-toggle.css v2.2.0
|
||||
* http://www.bootstraptoggle.com
|
||||
* ========================================================================
|
||||
* Copyright 2014 Min Hur, The New York Times Company
|
||||
* Licensed under MIT
|
||||
* ======================================================================== */
|
||||
.checkbox label .toggle,.checkbox-inline .toggle{margin-left:-20px;margin-right:5px}
|
||||
.toggle{position:relative;overflow:hidden}
|
||||
.toggle input[type=checkbox]{display:none}
|
||||
.toggle-group{position:absolute;width:200%;top:0;bottom:0;left:0;transition:left .35s;-webkit-transition:left .35s;-moz-user-select:none;-webkit-user-select:none}
|
||||
.toggle.off .toggle-group{left:-100%}
|
||||
.toggle-on{position:absolute;top:0;bottom:0;left:0;right:50%;margin:0;border:0;border-radius:0}
|
||||
.toggle-off{position:absolute;top:0;bottom:0;left:50%;right:0;margin:0;border:0;border-radius:0}
|
||||
.toggle-handle{position:relative;margin:0 auto;padding-top:0;padding-bottom:0;height:100%;width:0;border-width:0 1px}
|
||||
.toggle.btn{min-width:59px;min-height:34px}
|
||||
.toggle-on.btn{padding-right:24px}
|
||||
.toggle-off.btn{padding-left:24px}
|
||||
.toggle.btn-lg{min-width:79px;min-height:45px}
|
||||
.toggle-on.btn-lg{padding-right:31px}
|
||||
.toggle-off.btn-lg{padding-left:31px}
|
||||
.toggle-handle.btn-lg{width:40px}
|
||||
.toggle.btn-sm{min-width:50px;min-height:30px}
|
||||
.toggle-on.btn-sm{padding-right:20px}
|
||||
.toggle-off.btn-sm{padding-left:20px}
|
||||
.toggle.btn-xs{min-width:35px;min-height:22px}
|
||||
.toggle-on.btn-xs{padding-right:12px}
|
||||
.toggle-off.btn-xs{padding-left:12px}
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
/*! ========================================================================
|
||||
* Bootstrap Toggle: bootstrap-toggle.js v2.2.0
|
||||
* http://www.bootstraptoggle.com
|
||||
* ========================================================================
|
||||
* Copyright 2014 Min Hur, The New York Times Company
|
||||
* Licensed under MIT
|
||||
* ======================================================================== */
|
||||
+function(a){"use strict";function b(b){return this.each(function(){var d=a(this),e=d.data("bs.toggle"),f="object"==typeof b&&b;e||d.data("bs.toggle",e=new c(this,f)),"string"==typeof b&&e[b]&&e[b]()})}var c=function(b,c){this.$element=a(b),this.options=a.extend({},this.defaults(),c),this.render()};c.VERSION="2.2.0",c.DEFAULTS={on:"On",off:"Off",onstyle:"primary",offstyle:"default",size:"normal",style:"",width:null,height:null},c.prototype.defaults=function(){return{on:this.$element.attr("data-on")||c.DEFAULTS.on,off:this.$element.attr("data-off")||c.DEFAULTS.off,onstyle:this.$element.attr("data-onstyle")||c.DEFAULTS.onstyle,offstyle:this.$element.attr("data-offstyle")||c.DEFAULTS.offstyle,size:this.$element.attr("data-size")||c.DEFAULTS.size,style:this.$element.attr("data-style")||c.DEFAULTS.style,width:this.$element.attr("data-width")||c.DEFAULTS.width,height:this.$element.attr("data-height")||c.DEFAULTS.height}},c.prototype.render=function(){this._onstyle="btn-"+this.options.onstyle,this._offstyle="btn-"+this.options.offstyle;var b="large"===this.options.size?"btn-lg":"small"===this.options.size?"btn-sm":"mini"===this.options.size?"btn-xs":"",c=a('<label class="btn">').html(this.options.on).addClass(this._onstyle+" "+b),d=a('<label class="btn">').html(this.options.off).addClass(this._offstyle+" "+b+" active"),e=a('<span class="toggle-handle btn btn-default">').addClass(b),f=a('<div class="toggle-group">').append(c,d,e),g=a('<div class="toggle btn" data-toggle="toggle">').addClass(this.$element.prop("checked")?this._onstyle:this._offstyle+" off").addClass(b).addClass(this.options.style);this.$element.wrap(g),a.extend(this,{$toggle:this.$element.parent(),$toggleOn:c,$toggleOff:d,$toggleGroup:f}),this.$toggle.append(f);var h=this.options.width||Math.max(c.outerWidth(),d.outerWidth())+e.outerWidth()/2,i=this.options.height||Math.max(c.outerHeight(),d.outerHeight());c.addClass("toggle-on"),d.addClass("toggle-off"),this.$toggle.css({width:h,height:i}),this.options.height&&(c.css("line-height",c.height()+"px"),d.css("line-height",d.height()+"px")),this.update(!0),this.trigger(!0)},c.prototype.toggle=function(){this.$element.prop("checked")?this.off():this.on()},c.prototype.on=function(a){return this.$element.prop("disabled")?!1:(this.$toggle.removeClass(this._offstyle+" off").addClass(this._onstyle),this.$element.prop("checked",!0),void(a||this.trigger()))},c.prototype.off=function(a){return this.$element.prop("disabled")?!1:(this.$toggle.removeClass(this._onstyle).addClass(this._offstyle+" off"),this.$element.prop("checked",!1),void(a||this.trigger()))},c.prototype.enable=function(){this.$toggle.removeAttr("disabled"),this.$element.prop("disabled",!1)},c.prototype.disable=function(){this.$toggle.attr("disabled","disabled"),this.$element.prop("disabled",!0)},c.prototype.update=function(a){this.$element.prop("disabled")?this.disable():this.enable(),this.$element.prop("checked")?this.on(a):this.off(a)},c.prototype.trigger=function(b){this.$element.off("change.bs.toggle"),b||this.$element.change(),this.$element.on("change.bs.toggle",a.proxy(function(){this.update()},this))},c.prototype.destroy=function(){this.$element.off("change.bs.toggle"),this.$toggleGroup.remove(),this.$element.removeData("bs.toggle"),this.$element.unwrap()};var d=a.fn.bootstrapToggle;a.fn.bootstrapToggle=b,a.fn.bootstrapToggle.Constructor=c,a.fn.toggle.noConflict=function(){return a.fn.bootstrapToggle=d,this},a(function(){a("input[type=checkbox][data-toggle^=toggle]").bootstrapToggle()}),a(document).on("click.bs.toggle","div[data-toggle^=toggle]",function(b){var c=a(this).find("input[type=checkbox]");c.bootstrapToggle("toggle"),b.preventDefault()})}(jQuery);
|
||||
//# sourceMappingURL=bootstrap-toggle.min.js.map
|
||||
|
|
@ -3,10 +3,11 @@
|
|||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no">
|
||||
<link rel="stylesheet" href="bootstrap.min.css" integrity="sha384-9gVQ4dYFwwWSjIDZnLEWnxCjeSWFphJiwGPXr1jddIhOegiu1FwO5qRGvFXOdJZ4" crossorigin="anonymous">
|
||||
<script src="jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
|
||||
<script src="jquery-3.3.1.min.js" integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=" crossorigin="anonymous"></script>
|
||||
<script src="popper.min.js" integrity="sha384-cs/chFZiN24E4KMATLdqdvsezGxaGsi4hLGOzlXwp5UZB1LY//20VyM2taTB4QvJ" crossorigin="anonymous"></script>
|
||||
<script src="bootstrap.min.js" integrity="sha384-uefMccjFJAIv6A+rW+L4AHf99KvxDjWSu1z9VI8SKNVmz4sk7buKt/6v9KI65qnm" crossorigin="anonymous"></script>
|
||||
|
||||
<link href="bootstrap-toggle.min.css" rel="stylesheet">
|
||||
<script src="bootstrap-toggle.min.js"></script>
|
||||
<title>nlvmi</title>
|
||||
</head>
|
||||
<body>
|
||||
|
|
@ -26,5 +27,5 @@
|
|||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<script src="nlvmi.js"></script>
|
||||
<div class=container-fluid><div class="row" style="background-color:lightgreen;"><div class="col"><h1><a href="?" style=color:white;>nlvmi</a><a href="?" style="color:black;font-size:10px;">@<?php echo gethostname();?></a></h1></div></div>
|
||||
<script src="nlvmi.js?2"></script>
|
||||
<div class=container-fluid><div class="row" style="background-color:lightgreen;"><div class="col-sm"><h1><a href="?" style=color:white;>nlvmi</a><a href="?" style="color:black;font-size:10px;">@<?php echo gethostname();?></a></h1></div><div class=col-sm style=text-align:right><a style=color:black href=# onclick="javascript:post('?', {'usermgmt': 'show'});">usermanagement</a></div></div>
|
||||
|
|
|
|||
139
web/index.php
139
web/index.php
|
|
@ -6,6 +6,14 @@ function clean($str) {
|
|||
$str = str_replace($search, $replace, $str);
|
||||
return $str;
|
||||
}
|
||||
if(isset($_REQUEST['logout'])){
|
||||
session_start();
|
||||
session_unset();
|
||||
session_destroy();
|
||||
} else {
|
||||
session_start();
|
||||
}
|
||||
$mode="";
|
||||
|
||||
function checkvm($vmname) {
|
||||
$shellout = shell_exec("/usr/bin/wrap-nlvmi checkvm $vmname bla");//){
|
||||
|
|
@ -45,6 +53,42 @@ if ($config['DATABASETYPE']=="sqlite"){
|
|||
}
|
||||
}
|
||||
|
||||
//check login
|
||||
$usersfound = "no";
|
||||
$sql="SELECT * FROM users LIMIT 1";
|
||||
$res = $db_handle->query($sql);
|
||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||
$usersfound="yes";
|
||||
if ($_SESSION['username']=="inituser"){
|
||||
session_unset();
|
||||
session_destroy();
|
||||
session_start();
|
||||
}
|
||||
}
|
||||
if ($usersfound=="no"){
|
||||
if (!isset($_POST['newusername'])){
|
||||
echo "<h1>You have no users in the datbase!</h1></br>";
|
||||
// echo "Aborting....";
|
||||
// exit;
|
||||
$_SESSION['username']="inituser";
|
||||
$_SESSION['isadmin']="1";
|
||||
$mode="usermgmt";
|
||||
}
|
||||
} elseif ((isset($_POST['login']))&&(isset($_POST['username']))&&(isset($_POST['password']))){
|
||||
$user = clean($_POST['username']);
|
||||
$pass = clean($_POST['password']);
|
||||
$sql="SELECT password,admin FROM users WHERE username='$user'";
|
||||
$res = $db_handle->query($sql);
|
||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||
if (password_verify($pass, $row['password'])){
|
||||
$_SESSION['username']=$user;
|
||||
$_SESSION['isadmin']=$row['admin'];
|
||||
} else {
|
||||
echo "Password not correct! $pass";
|
||||
}
|
||||
}
|
||||
}
|
||||
if (isset($_SESSION['username'])){
|
||||
if ((isset($_POST['deletevm']))&&(isset($_POST['deletename']))){
|
||||
$vmname = clean($_POST['deletename']);
|
||||
$vmid = clean($_POST['deletevm']);
|
||||
|
|
@ -58,9 +102,93 @@ if ((isset($_POST['deletevm']))&&(isset($_POST['deletename']))){
|
|||
}
|
||||
}
|
||||
|
||||
//insert new user in db
|
||||
if(isset($_POST['newusername'])){
|
||||
$newusername = clean($_POST['newusername']);
|
||||
$newpassword = password_hash(clean($_POST['newpassword']), PASSWORD_DEFAULT);
|
||||
if ($_POST['isadmin']=="on"){
|
||||
$isadmin = "1";
|
||||
} else {
|
||||
$isadmin = "0";
|
||||
}
|
||||
$sqlu="SELECT id FROM users WHERE username='$newusername'";
|
||||
$res = $db_handle->query($sqlu);
|
||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||
echo "username already exist!";
|
||||
exit;
|
||||
}
|
||||
$sql="INSERT INTO users (username,password,admin) VALUES('$newusername', '$newpassword', '$isadmin')";
|
||||
$res=$db_handle->query($sql);
|
||||
$res=$db_handle->query($sqlu);
|
||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||
echo "success";
|
||||
exit;
|
||||
}
|
||||
echo "Failed to insert into DB!";
|
||||
exit;
|
||||
}
|
||||
//update user in db
|
||||
if(isset($_POST['changeusername'])){
|
||||
if($_SESSION['isadmin']!=1){
|
||||
echo "you are not allowed to change usernames!";
|
||||
} else {
|
||||
$username=clean($_POST['changeusername']);
|
||||
$pass=password_hash(clean($_POST['passwordchange']), PASSWORD_DEFAULT);
|
||||
if ($_POST['isadmin']=="on"){
|
||||
$isadmin = "1";
|
||||
} else {
|
||||
$isadmin = "0";
|
||||
}
|
||||
|
||||
$sql="UPDATE users SET username='$username', password='$pass', admin='$isadmin'";
|
||||
if($db_handle->query($sql)){
|
||||
echo "success";
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
include('header.php');
|
||||
$mode="";
|
||||
|
||||
|
||||
|
||||
//usermanagement
|
||||
if ((isset($_POST['usermgmt']))||($mode=="usermgmt")){
|
||||
$mode="usermgmt";
|
||||
if (($_SESSEION['username']=="inituser")||($_SESSION['isadmin']=="1")){
|
||||
$sql="SELECT * FROM users";
|
||||
$res = $db_handle->query($sql);
|
||||
echo "</br>";
|
||||
//echo "<div class=row><div class=col>Username</div><div class=col>Is Admin</div><div class=col>New Password</div></div>";
|
||||
echo "<h2>Existing users</h2>";
|
||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||
echo "<form id=uform$row[id] action=? method=post><div class=row><div class=col style=text-align:right><input class=form-control name=changeusername value=$row[username]></div>";
|
||||
if ($row['admin']=="1"){
|
||||
$checked="checked";
|
||||
} else {
|
||||
$checked="";
|
||||
}
|
||||
echo "<div class=col-ms><input data-onstyle=\"danger\" data-offstyle=success name=isadmin id=\"isadmin\" type=\"checkbox\" data-toggle=\"toggle\" data-on=\"user is Admin\" data-off=\"user is no Admin\" $checked></div>";
|
||||
echo "<input type=hidden name=userchange value=$row[id]>";
|
||||
echo "<div class=col><input class=form-control type=password name=passwordchange placeholder=newpassword></div><div class=col><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('uform$row[id]');\">save user</a></div></div></form>";
|
||||
}
|
||||
//newuserform
|
||||
echo "<h2>Create a new user</h2><form id=newuserform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newusername placeholder=Username></div>";
|
||||
if ($_SESSION['username']!="inituser"){
|
||||
echo "<div class=col-ms><input data-onstyle=\"danger\" data-offstyle=success name=isadmin id=\"isadmin\" type=\"checkbox\" data-toggle=\"toggle\" data-on=\"user is Admin\" data-off=\"user is no Admin\" checked></div>";
|
||||
} else {
|
||||
echo "<input type=hidden name=isadmin value=on>";
|
||||
}
|
||||
echo "<div class=col><input class=form-control type=password name=newpassword placeholder=newpassword></div><div class=col><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('newuserform');\">Create user</a></div></div></form>";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
if (isset($_REQUEST['start'])){
|
||||
$vmname = clean($_REQUEST['start']);
|
||||
$sql="SELECT * FROM vms WHERE vmname='$vmname'";
|
||||
|
|
@ -219,7 +347,7 @@ if(isset($_REQUEST['mode'])){
|
|||
}
|
||||
}
|
||||
|
||||
if(($mode!="newvm")&&($mode!="editvm")){
|
||||
if(($mode!="newvm")&&($mode!="editvm")&&($mode!='usermgmt')){
|
||||
echo "</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {newvm: 'newvm'});\">Create a new VM</a></br></br>";
|
||||
|
||||
//getting vms from DB
|
||||
|
|
@ -239,9 +367,14 @@ while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
|||
echo "<button class=\"btn btn-danger\" data-delete-text=\"Delete VM $row[vmname]!\" data-delete-vm=\"$row[id]\" data-delete-name=\"$row[vmname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete VM</button> ";
|
||||
$server = gethostname();
|
||||
if (preg_match('/stop/', $button)) {
|
||||
echo "<a target=_blank href=novnc/vnc.html?path&host=$server class=\"btn btn-success\">VNC</a></div>";
|
||||
echo "<a target=_blank href=novnc/vnc.html?port=$row[websocket]&path=&host=$server class=\"btn btn-success\">VNC</a></div>";
|
||||
}
|
||||
}
|
||||
}
|
||||
echo "</div></div></body></html>";
|
||||
} elseif (!isset($_SESSION['username'])){
|
||||
echo "<h1>Welcome to nlvmi!</h1><h2>You need to log in</h2></br>";
|
||||
echo "<form action=? method=post>Username: <input type=text name=username> Password: <input type=password name=password> <input name=login type=submit></form>";
|
||||
exit;
|
||||
}
|
||||
?>
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
29
web/nlvmi.js
29
web/nlvmi.js
|
|
@ -1,3 +1,13 @@
|
|||
function makeid() {
|
||||
var text = "";
|
||||
var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
|
||||
|
||||
for (var i = 0; i < 5; i++)
|
||||
text += possible.charAt(Math.floor(Math.random() * possible.length));
|
||||
|
||||
return text;
|
||||
}
|
||||
|
||||
function dropdown(i,e) {
|
||||
document.getElementById(i).innerHTML = e;
|
||||
document.getElementById(i +'h').value = e;
|
||||
|
|
@ -36,3 +46,22 @@ $('#confirm-delete').on('show.bs.modal', function(e) {
|
|||
document.getElementById('modaltext2').innerHTML = data.deleteText;
|
||||
$('.btn-ok', this).data({'deleteName': data.deleteName,'deleteVm': data.deleteVm});
|
||||
});
|
||||
|
||||
function submitbutton(formid){
|
||||
console.log(formid);
|
||||
data = $('#'+ formid).serialize();
|
||||
console.log(data);
|
||||
// data: 'who='+ who +'&what='+ what,
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: "?rand="+ makeid(),
|
||||
data: data,
|
||||
success: function(response) {
|
||||
if (response != "success"){
|
||||
window.alert('Failure!\n'+ response);
|
||||
} else {
|
||||
window.location.href = "";
|
||||
}
|
||||
},
|
||||
});
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue