summaryrefslogblamecommitdiffstats
path: root/modules-available/dozmod/api.inc.php
blob: c2dc1cfa75eac53e4274caec64c5658278797f74 (plain) (tree)
1
2
3
4
5
6
7
8
9
10
     
                                                              




                                                                            
                                             

   
 

                                        
                                        
 
 
 

                                                            
                                                                                                     
 

                                                                    

                         
                                    

 

                                    
                                               

 

                                

                                                

 

                        

                                                
 


                                           

                                                                    



                             

 

                        

                                                


                                 

                                 






                                                                
 
 

                                                                     
 




                                                                

 
   






                                                      


                                                  
 

                                       


                                                                                                 

                      

 






































                                                                                                                                              
                                                        
                                                
 


                                                                                  

                                                                                     
                                           

                                                                                                                              


                                                                                


                                                                                        
                                    




                                                          










                                                                




                                                                       
                                                           







                                          



                                                  
                                                        



                                                  
                                                       
 
 
                                                        
 
                                             


                                           
                                                        

                                       
                         

 

                                                 
 






                                                                                
                                               
                              





                                                                                                                     

                                         
                                                              

                                     



                                                   


                                        
                     

 

                                 
                                               
                                            
 
 
                                       
 




                                                            
                                                              








                                                                               

 
 













                                                                 
                                                                                  
                               
                                                      
 
                          
                                                                         
 

                                                 

                                           
 
 

                                      
                             


 
                           
                                               
                                                              
 
                           


                                                   





                                          



                                                   

 

                                                  
<?php
/* small API server that acts as a proxy to the dozmod server.
* To reduce the number of requests and connections to dozmod-server, results
* gets cached into a file cache.
*
* Required Configuration:
* CONFIG_DOZMOD_EXPIRE: Expiration time in seconds for the cache
* CONFIG_DOZMOD_URL: URL to the dozmod server
*
**/


if (!Module::isAvailable('locations')) {
	die('require locations module');
}


define('LIST_URL', CONFIG_DOZMOD_URL . '/vmchooser/list');
define('VMX_URL', CONFIG_DOZMOD_URL . '/vmchooser/lecture');
$availableRessources = ['list', 'vmx', 'netrules', 'runscript', 'metadata', 'netshares','imagemeta'];

/* BEGIN: A simple caching mechanism ---------------------------- */

function cache_hash($obj)
{
	return md5(serialize($obj));
}

function cache_key_to_filename($key)
{
	return "/tmp/bwlp-slxadmin-cache-$key";
}

function cache_put($key, $value)
{
	$filename = cache_key_to_filename($key);
	file_put_contents($filename, $value);
}

function cache_has($key)
{
	$filename = cache_key_to_filename($key);
	$mtime = @filemtime($filename);

	if ($mtime === false) {
		return false; // cache miss
	}
	$now = time();
	if ($now < $mtime || $now - $mtime > CONFIG_DOZMOD_EXPIRE) {
		return false;
	} else {
		return true;
	}
}

function cache_get($key)
{
	$filename = cache_key_to_filename($key);
	return file_get_contents($filename);
}

/* good for large binary files */
function cache_get_passthru($key)
{
	$filename = cache_key_to_filename($key);
	$fp = fopen($filename, "r");
	if ($fp) {
		fpassthru($fp);
		exit;
	}
	error_log('Cannot passthrough cache file ' . $filename);
}

/* END: Cache ---------------------------------------------------- */


/* this script requires 2 (3 with implicit client ip) parameters
*
* resource     = vmx,...
* lecture_uuid = client can choose
**/


/**
 * Takes raw lecture list xml, returns array of uuids.
 *
 * @param string $responseXML XML from dozmod server
 * @return array list of UUIDs, false on error
 */
function xmlToLectureIds($responseXML)
{
	$xml = new SimpleXMLElement($responseXML);
	if (!isset($xml->eintrag))
		return [];

	$uuids = [];
	foreach ($xml->eintrag as $e) {
		if (isset($e->uuid) && isset($e->uuid['param']) && isset($e->uuid['param'][0])) {
			$uuids[] = strval($e->uuid['param'][0]);
		}
	}
	return $uuids;
}

function sendExamModeMismatch()
{
	Header('Content-Type: text/xml; charset=utf-8');
	echo
	<<<BLA
	<settings>
		<eintrag>
			<image_name param="null"/>
			<priority param="100"/>
			<creator param="Ernie Esslingen"/>
			<short_description param="Klausurmodus geändert, bitte PC neustarten"/>
			<long_description param="Der Klausurmodus wurde ein- oder ausgeschaltet, bitte starten Sie den PC neu"/>
			<uuid param="exam-mode-warning"/>
			<virtualmachine param="exam-mode-warning"/>
			<os param="debian8"/>
			<virtualizer_name param="null"/>
			<os_name param="null"/>
			<for_location param="0"/>
			<is_template param="0"/>
		</eintrag>
		<eintrag>
			<image_name param="null"/>
			<priority param="200"/>
			<creator param="Ernie Esslingen"/>
			<short_description param="Exam mode changed, please reboot PC"/>
			<long_description param="Exam mode has been activated or deactivated since this PC was booted; please reboot the PC"/>
			<uuid param="exam-mode-warning"/>
			<virtualmachine param="exam-mode-warning"/>
			<os param="debian8"/>
			<virtualizer_name param="null"/>
			<os_name param="null"/>
			<for_location param="0"/>
			<is_template param="0"/>
		</eintrag>
	</settings>
BLA;
	exit(0);
}

/** Caching wrapper around _getLecturesForLocations() */
function getListForLocations($locationIds, $raw)
{
	/* if in any of the locations there is an exam active, consider the client
		 to be in "exam-mode" and only offer him exams (no lectures) */
	$key = 'lectures_' . cache_hash($locationIds);
	$examMode = Request::get('exams', 'normal-mode', 'string') !== 'normal-mode';
	$clientServerMismatch = false;
	if (Module::isAvailable('exams')) {
		// If we have the exam mode module, we can enforce a server side check and make sure it agrees with the client
		$serverExamMode = Exams::isInExamMode($locationIds);
		if ($raw) {
			$clientServerMismatch = ($serverExamMode !== $examMode);
		}
		$examMode = $serverExamMode;
	}
	// Only enforce exam mode validity check if the client requests the raw xml data
	if ($clientServerMismatch) {
		sendExamModeMismatch(); // does not return
	}
	// Proceed normally from here on
	if ($examMode) {
		$key .= '_exams';
	}
	$rawKey = $key . '_raw';
	if ($raw) {
		Header('Content-Type: text/xml; charset=utf-8');
		if (cache_has($rawKey)) {
			cache_get_passthru($rawKey);
		}
	} elseif (cache_has($key)) {
		return unserialize(cache_get($key));
	}
	// Not in cache
	$url = LIST_URL . "?locations=" . implode('%20', $locationIds);
	if ($examMode) {
		$url .= '&exams';
	}
	$value = Download::asString($url, 60, $code);
	if ($value === false || $code < 200 || $code > 299)
		return false;
	cache_put($rawKey, $value);
	$list = xmlToLectureIds($value);
	cache_put($key, serialize($list));
	if ($raw) {
		die($value);
	}
	return $list;
}

function getLectureUuidsForLocations($locationIds)
{
	return getListForLocations($locationIds, false);
}

function outputLectureXmlForLocation($locationIds)
{
	return getListForLocations($locationIds, true);
}

function _getVmData($lecture_uuid, $subResource = false)
{
	$url = VMX_URL . '/' . $lecture_uuid;
	if ($subResource !== false) {
		$url .= '/' . $subResource;
	}
	$response = Download::asString($url, 60, $code);
	if ($code < 200 || $code > 299)
		return (int)$code;
	return $response;
}

/** Caching wrapper around _getVmData() **/
function outputResource($lecture_uuid, $resource)
{
	if ($resource === 'metadata') {
		// HACK: config.tgz is compressed, don't use gzip output handler
		@ob_end_clean();
		Header('Content-Type: application/gzip');
	} else {
		Header('Content-Type: text/plain; charset=utf-8');
	}
	$key = $resource . '_' . $lecture_uuid;
	if (cache_has($key)) {
		if ($resource === 'metadata' || $resource === 'vmx') {
			// HACK HACK HACK: Update launch counter as it was cached,
			// otherwise dmsd would take care of increasing it...
			Database::exec("UPDATE sat.lecture SET usecount = usecount + 1 WHERE lectureid = :lectureid",
				['lectureid' => $lecture_uuid], true);
		}
		cache_get_passthru($key);
	} else {
		$value = _getVmData($lecture_uuid, $resource);
		if ($value === false)
			return false;
		if (is_int($value)) {
			http_response_code($value);
			exit;
		}
		cache_put($key, $value);
		die($value);
	}
	return false;
}

function fatalDozmodUnreachable()
{
	Header('HTTP/1.1 504 Gateway Timeout');
	die('DMSD currently not available');
}

function readLectureParam($locationIds)
{
	$lecture = Request::get('lecture', false, 'string');
	if ($lecture === false) {
		Header('HTTP/1.1 400 Bad Request');
		die('Missing lecture UUID');
	}
	$lectures = getLectureUuidsForLocations($locationIds);
	if ($lectures === false) {
		fatalDozmodUnreachable();
	}
	/* check that the user requests a lecture that he is allowed to have */
	if (!in_array($lecture, $lectures)) {
		Header('HTTP/1.1 403 Forbidden');
		die("You don't have permission to access this lecture");
	}
	return $lecture;
}


// in this context the lecture param is an image id (container), 
// just read and check if valid.
// TODO do we need to check if this is allowed?
function readImageParam()
{
	$image = Request::get('lecture', false, 'string');
		
	if ($image === false) {
		Header('HTTP/1.1 400 Bad Request');
		die('Missing IMAGE UUID');
	}
	return $image;
}

// -----------------------------------------------------------------------------//
/* request data, don't trust */
$resource = Request::get('resource', false, 'string');

if ($resource === false) {
	Util::traceError("you have to specify the 'resource' parameter");
}

if (!in_array($resource, $availableRessources)) {
	Header('HTTP/1.1 400 Bad Request');
	die("unknown resource: $resource");
}

$ip = $_SERVER['REMOTE_ADDR'];
if (substr($ip, 0, 7) === '::ffff:') {
	$ip = substr($ip, 7);
}


/* lookup location id(s) */
$location_ids = Location::getFromIp($ip, true);
$location_ids = Location::getLocationRootChain($location_ids);

if ($resource === 'list') {
	outputLectureXmlForLocation($location_ids);
	// Won't return on success...
	fatalDozmodUnreachable();

} elseif ($resource === 'imagemeta') {
	$image = readImageParam();
	outputResource($image, $resource);
	fatalDozmodUnreachable();

} else {
	$lecture = readLectureParam($location_ids);
	outputResource($lecture, $resource);
	fatalDozmodUnreachable();
}

Header('HTTP/1.1 400 Bad Request');
die("I don't know how to give you that resource");