diff --git a/proxstar/__init__.py b/proxstar/__init__.py index 8f2795a..a851cd2 100644 --- a/proxstar/__init__.py +++ b/proxstar/__init__.py @@ -412,6 +412,9 @@ def vm_renew(vmid): @app.route('/vm//disk/create/', methods=['POST']) @auth.oidc_auth def create_disk(vmid, size): + ## are they trying to disk with zero size + if size <= 0: + return '', 400 user = User(session['userinfo']['preferred_username']) connect_proxmox() if user.rtp or int(vmid) in user.allowed_vms: @@ -563,80 +566,93 @@ def set_boot_order(vmid): return '', 403 -@app.route('/vm/create', methods=['GET', 'POST']) +@app.route('/vm/create', methods=['GET']) @auth.oidc_auth -def create(): +def get_create(): user = User(session['userinfo']['preferred_username']) proxmox = connect_proxmox() if user.active or user.rtp: - if request.method == 'GET': - stored_isos = get_isos(proxmox, app.config['PROXMOX_ISO_STORAGE']) - pools = get_pools(proxmox, db) - for pool in get_shared_pools(db, user.name, True): - pools.append(pool.name) - templates = get_templates(db) - return render_template( - 'create_vm.html', - user=user, - usage=user.usage, - limits=user.limits, - percents=user.usage_percent, - isos=stored_isos, - pools=pools, - templates=templates, - ) - elif request.method == 'POST': - name = request.form['name'].lower() - cores = request.form['cores'] - memory = request.form['mem'] - template = request.form['template'] - disk = request.form['disk'] - iso = request.form['iso'] - ssh_key = request.form['ssh_key'] - if iso != 'none': - iso = '{}:iso/{}'.format(app.config['PROXMOX_ISO_STORAGE'], iso) - if not user.rtp: - if template == 'none': - usage_check = user.check_usage(0, 0, disk) - else: - usage_check = user.check_usage(cores, memory, disk) - username = user.name - else: - usage_check = None - username = request.form['user'] - if usage_check: - return usage_check - else: - valid, available = ( - check_hostname(starrs, name) if app.config['USE_STARRS'] else (True, True) - ) + stored_isos = get_isos(proxmox, app.config['PROXMOX_ISO_STORAGE']) + pools = get_pools(proxmox, db) + for pool in get_shared_pools(db, user.name, True): + pools.append(pool.name) + templates = get_templates(db) + return render_template( + 'create_vm.html', + user=user, + usage=user.usage, + limits=user.limits, + percents=user.usage_percent, + isos=stored_isos, + pools=pools, + templates=templates, + ) + else: + return '', 403 - if valid and available: - if template == 'none': - q.enqueue( - create_vm_task, - username, - name, - cores, - memory, - disk, - iso, - job_timeout=300, - ) - else: - q.enqueue( - setup_template_task, - template, - name, - username, - ssh_key, - cores, - memory, - job_timeout=600, - ) - return '', 200 - return '', 200 - return None + +@app.route('/vm/create', methods=['POST']) +@auth.oidc_auth +def create(): + user = User(session['userinfo']['preferred_username']) + if user.active or user.rtp: + name = request.form['name'].lower() + cores = request.form['cores'] + memory = request.form['mem'] + disk = request.form['disk'] + username = request.form['user'] + ## CHECK STUFF DEAR GOD + if int(cores) <= 0 or int(memory) <= 0 or int(disk) <= 0 or user == '': + return ( + 'VM creation with cores and/or mem and/or disk values that are less than 0', + 400, + ) + + template = request.form['template'] + iso = request.form['iso'] + ssh_key = request.form['ssh_key'] + if iso != 'none': + iso = '{}:iso/{}'.format(app.config['PROXMOX_ISO_STORAGE'], iso) + if not user.rtp: + if template == 'none': + usage_check = user.check_usage(0, 0, disk) + else: + usage_check = user.check_usage(cores, memory, disk) + username = user.name + else: + usage_check = None + if usage_check: + return usage_check + else: + valid, available = ( + check_hostname(starrs, name) if app.config['USE_STARRS'] else (True, True) + ) + + if valid and available: + if template == 'none': + q.enqueue( + create_vm_task, + username, + name, + cores, + memory, + disk, + iso, + job_timeout=300, + ) + else: + q.enqueue( + setup_template_task, + template, + name, + username, + ssh_key, + cores, + memory, + job_timeout=600, + ) + return '', 200 + return '', 200 else: return '', 403 diff --git a/proxstar/static/js/script.js b/proxstar/static/js/script.js index a92cb76..f1392eb 100644 --- a/proxstar/static/js/script.js +++ b/proxstar/static/js/script.js @@ -238,12 +238,21 @@ $("#create-vm").click(function(){ if (name && disk) { if (template != 'none' && !ssh_regex.test(ssh_key)) { swal("Uh oh...", "Invalid SSH key!", "error"); + // MAXIMUM BOUNDS CHECK } else if (disk > max_disk) { swal("Uh oh...", `You do not have enough disk resources available! Please lower the VM disk size to ${max_disk}GB or lower.`, "error"); } else if (template != 'none' && cores > max_cpu) { swal("Uh oh...", `You do not have enough CPU resources available! Please lower the VM cores to ${max_cpu} or lower.`, "error"); } else if (template != 'none' && mem/1024 > max_mem) { swal("Uh oh...", `You do not have enough memory resources available! Please lower the VM memory to ${max_mem}GB or lower.`, "error"); + // MINIMUM BOUNDS CHECK + else if(0 <= disk){ + swal("Uh oh...", `Selected disk size is less than 0.`,"error"); + }else if(0 <= cores){ + swal("Uh oh...", `Selected cores amount is less than 0.`,"error"); + }else if(0 <= mem){ + swal("Uh oh...", `Selected memory size is less than 0.`,"error"); + } } else { fetch(`/hostname/${name}`, { credentials: 'same-origin',