From e067b8abcca6d61775ba804d526419192792bb84 Mon Sep 17 00:00:00 2001 From: Naga Kiran Date: Wed, 10 Dec 2014 15:17:28 +0530 Subject: [PATCH] Changes to support both "contrial-admin-ui" and "vcenter-ui" in parallel based on URL given contrail-admin-ui accessed via "/login" vcenter-ui accessed via "/vcenter/login" 1. In case of only vcenter mode, when user tries to access "/login", set orchestration as none 2. For ajax calls issued from UI, X-OrchestrationMode header is passed with the orchestration fetched during login from webServer. And on webserver,will compare the orchestration mode recieved from request with one stored in session and if doesn't match,logout the session and take to login page 3. Switching between contrail-admin-ui and vcenter-ui modes from same browser a. If a request other than login comes for contrail-admin-ui and if session has vmware_soap_session,implies that current session is authenticated with vCenter, so logout the session and take to login page b. If a request other than login comes for vcenter-ui and if session doesn't has vmware_soap_session,implies that current session is authenticated with none orchestration,so logout the session and take to login page Change-Id: I1fefecff9ae19328bf76da3bad232ab4cb1882ee --- .../orchestration/orchestration.api.js | 8 +++- .../orchestration/plugins/plugins.api.js | 3 +- src/serverroot/utils/common.utils.js | 14 +++++- src/serverroot/web/core/longPolling.api.js | 2 +- src/serverroot/web/routes/handler.js | 47 ++++++++++++++----- webroot/js/contrail-layout.js | 2 + 6 files changed, 57 insertions(+), 19 deletions(-) diff --git a/src/serverroot/orchestration/orchestration.api.js b/src/serverroot/orchestration/orchestration.api.js index 0672cbb2e..07570b660 100644 --- a/src/serverroot/orchestration/orchestration.api.js +++ b/src/serverroot/orchestration/orchestration.api.js @@ -33,13 +33,17 @@ function getOrchestrationModelsByReqURL (reqURL) logutils.logger.error("Specify the orchestration model in config file"); assert(0); } + //If only one orchestration is configured if (1 == orchModels.length) { + //If vCenter is the only orchestration mode and user accesses via '/login',set orchestration as 'none' + if(orchModels[0] == 'vcenter' && reqURL.indexOf('/vcenter') == -1) + return 'none'; return orchModels[0]; } var associatedOrchModelsCnt = associatedOrchModels.length; - if (-1 != reqURL.indexOf('vcenter')) { + if (-1 != reqURL.indexOf('/vcenter')) { return 'vcenter'; - } + } return model; } diff --git a/src/serverroot/orchestration/plugins/plugins.api.js b/src/serverroot/orchestration/plugins/plugins.api.js index dbc589f5d..f671f72a0 100644 --- a/src/serverroot/orchestration/plugins/plugins.api.js +++ b/src/serverroot/orchestration/plugins/plugins.api.js @@ -24,6 +24,7 @@ function getApiServerRequestedByData (appData,reqBy) { assert(appData); var defproject = null; + //Set loggedInOrchestrionMode var loggedInOrchestrationMode = 'openstack'; if ((null != appData) && (null != appData['authObj']) && (null != appData['authObj']['req']) && @@ -43,7 +44,7 @@ function getApiServerRequestedByData (appData,reqBy) function getApiServerRequestedByApp (loggedInOrchestrationMode, appData, reqBy) { - console.log("reqBy a:S", reqBy, loggedInOrchestrationMode); + // console.log("reqBy a:S", reqBy, loggedInOrchestrationMode); switch (reqBy) { case global.label.API_SERVER: return getApiServerRequestedByApiServer(loggedInOrchestrationMode, diff --git a/src/serverroot/utils/common.utils.js b/src/serverroot/utils/common.utils.js index 7cdd40ecf..c5a69e361 100644 --- a/src/serverroot/utils/common.utils.js +++ b/src/serverroot/utils/common.utils.js @@ -1213,7 +1213,13 @@ function getApiPostData (url, postData) function redirectToLogout (req, res, callback) { - if(req.session.loggedInOrchestrationMode == 'vcenter' || req['originalUrl'].indexOf('/vcenter') > -1) { + //If URL has '/vcenter',then redirect to /vcenter/logout + //x-orchestrationmode is set only for ajax requests,so if user changes browser URL then we need to check for loggedInOrchestrationMode + if(req.headers['x-orchestrationmode'] != null && req.headers['x-orchestrationmode'] == 'vcenter') { + redURL = '/vcenter/logout'; + } else if(req.headers['x-orchestrationmode'] != null && req.headers['x-orchestrationmode'] == 'none') { + redURL = '/logout'; + } else if(req['originalUrl'].indexOf('/vcenter') > -1) { redURL = '/vcenter/logout'; } else { redURL = '/logout'; @@ -1226,7 +1232,11 @@ function redirectToLogout (req, res, callback) function redirectToLogin (req, res) { - if(req.session.loggedInOrchestrationMode == 'vcenter') { + if(req.headers['x-orchestrationmode'] != null && req.headers['x-orchestrationmode'] == 'vcenter') { + redURL = '/vcenter/login'; + } else if(req.headers['x-orchestrationmode'] != null && req.headers['x-orchestrationmode'] == 'none') { + redURL = '/login'; + } else if(req['originalUrl'].indexOf('/vcenter') > -1) { redURL = '/vcenter/login'; } else { redURL = '/login'; diff --git a/src/serverroot/web/core/longPolling.api.js b/src/serverroot/web/core/longPolling.api.js index 242d50979..abf59cccb 100644 --- a/src/serverroot/web/core/longPolling.api.js +++ b/src/serverroot/web/core/longPolling.api.js @@ -322,4 +322,4 @@ exports.insertResToReadyQ = insertResToReadyQ; exports.routeAll = routeAll; exports.processPendingReq = processPendingReq; exports.insertDataToSendAllClients = insertDataToSendAllClients; - +exports.checkLoginReq = checkLoginReq; diff --git a/src/serverroot/web/routes/handler.js b/src/serverroot/web/routes/handler.js index c2ea7ddb7..b861bbb91 100644 --- a/src/serverroot/web/routes/handler.js +++ b/src/serverroot/web/routes/handler.js @@ -39,27 +39,19 @@ exports.admin = function (req, res) { function login (req, res) { - //If vCenter is only orchestration model,redirect to '/vcenter/login' - var orch = config.orchestration.Manager; - var models = orch.split(','); - if(models.indexOf('vcenter') > -1 && models.length == 1) - commonUtils.redirectToURL(req,res,'/vcenter/login'); - else - res.sendfile('webroot/html/login.html'); + res.sendfile('webroot/html/login.html'); } function vcenter_login (req, res, appData) { //Move setting loggedInOrchestrationMode to longPolling?? - //req.session.loggedInOrchestrationMode = 'vcenter'; var orch = config.orchestration.Manager; var models = orch.split(','); //If vcenter orchestration is not set and user tries to launch "/vcenter/login",redirect to "/login" if (-1 == models.indexOf('vcenter')) { commonUtils.redirectToURL(req, res, '/login'); } else { - // return login(req, res); - return res.sendfile('webroot/html/login.html'); + return login(req, res); } } @@ -70,7 +62,9 @@ function vcenter_logout (req, res, appData) if (req.session.loggedInOrchestrationMode != 'vcenter') { commonUtils.redirectToURL(req, res, '/logout'); } else { - vCenterApi.logout(appData); + //Issue logout on vCenter only if vmware session exists + if(req.session.vmware_soap_session != null) + vCenterApi.logout(appData); return logout(req, res); } } @@ -145,6 +139,32 @@ exports.checkURLInAllowedList = function(req) { This function returns the isAuthenticated flag for a user session */ exports.isSessionAuthenticated = function(req) { + //If url contains "/vcenter" and not loginReq and session doesn't contain vmware_soap_session + console.info('isSessionAuthenticated',req.url); + //If loggedInOrchestrationMode doesn't match on client and server + if(!longPoll.checkLoginReq(req) && req.session.loggedInOrchestrationMode != null && req.headers['x-orchestrationmode'] != null) { + if(req.headers['x-orchestrationmode'] != req.session.loggedInOrchestrationMode) { + // console.log(commonUtils.FgGreen,'not authenticated',req.headers['x-orchestrationmode'],req.session.loggedInOrchestrationMode); + req.session.isAuthenticated = false; + return false; + } + } + //If not login request and not /api request + if(!longPoll.checkLoginReq(req) && req.url.indexOf('/api') != 0) { + if(req.url.indexOf('/vcenter') > -1 && req.session.vmware_soap_session == null) { + //Moving none to vcenter orchestration mode + req.session.isAuthenticated = false; + // console.log(commonUtils.FgGreen,'vcenter not authenticated',req.url,req.session.vmware_soap_session); + return false; + } + if(req.url.indexOf('/vcenter') == -1 && req.session.vmware_soap_session != null) { + //Moving from vCenter orchestration mode to none + // console.log(commonUtils.FgGreen,'none not authenticated',req.url,req.session.vmware_soap_session); + delete req.session.vmware_soap_session; + req.session.isAuthenticated = false; + return false; + } + } return ((req.session) ? req.session.isAuthenticated : false); } @@ -224,10 +244,11 @@ function logout (req, res) 'no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0'); commonUtils.redirectToLogin(req, res); //Need to destroy the session after redirectToLogin as login page depends on orchestrationModel - if (req.session.userid) { + //Info: Need to check why we are destroying session only if userid is set + // if (req.session.userid) { req.session.isAuthenticated = false; req.session.destroy(); - } + // } }; function putData(id, callback) { diff --git a/webroot/js/contrail-layout.js b/webroot/js/contrail-layout.js index 7eb39c202..c66e68055 100644 --- a/webroot/js/contrail-layout.js +++ b/webroot/js/contrail-layout.js @@ -681,6 +681,8 @@ $(document).ready(function () { //set the default timeout as 30 seconds timeout:30000, beforeSend:function (xhr, settings) { + if(globalObj['webServerInfo'] != null && globalObj['webServerInfo']['loggedInOrchestrationMode'] != null) + xhr.setRequestHeader("x-orchestrationmode",globalObj['webServerInfo']['loggedInOrchestrationMode']); xhr.setRequestHeader("X-Requested-With", "XMLHttpRequest"); }, error:function (xhr, e) {