cleanup novnc console code

And implement novnc console for openvz and shell (needs vncterm update).

cleanup novnc console code
And implement novnc console for openvz and shell (needs vncterm update).
240ae6fa · Dietmar Maurer · ab70e2ab · 240ae6fa · 240ae6fa · 240ae6fa
Commit 240ae6fa authored Jun 24, 2014 by Dietmar Maurer
6 changed files
--- a/PVE/API2/Nodes.pm
+++ b/PVE/API2/Nodes.pm
@@ -682,6 +682,11 @@ __PACKAGE__->register_method ({
 		optional => 1,
 		default => 0,
 	    },
+	    websocket => {
+		optional => 1,
+		type => 'boolean',
+		description => "use websocket instead of standard vnc.",
+	    },
 	},
    },
    returns => { 
@@ -745,7 +750,14 @@ __PACKAGE__->register_method ({

 	my $cmd = ['/usr/bin/vncterm', '-rfbport', $port,
 		   '-timeout', $timeout, '-authpath', $authpath, 
-		   '-perm', 'Sys.Console', '-c', @$remcmd, @$shcmd];
+		   '-perm', 'Sys.Console'];
+
+	if ($param->{websocket}) {
+	    $ENV{PVE_VNC_TICKET} = $ticket; # pass ticket to vncterm 
+	    push @$cmd, '-notls', '-listen', 'localhost';
+	}
+
+	push @$cmd, '-c', @$remcmd, @$shcmd;

 	my $realcmd = sub {
 	    my $upid = shift;
@@ -757,6 +769,7 @@ __PACKAGE__->register_method ({

 	    eval { 
 		foreach my $k (keys %ENV) {
+		    next if $k eq 'PVE_VNC_TICKET';
 		    next if $k eq 'PATH' || $k eq 'TERM' || $k eq 'USER' || $k eq 'HOME';
 		    delete $ENV{$k};
 		}
@@ -784,6 +797,56 @@ __PACKAGE__->register_method ({
 	};
    }});

+__PACKAGE__->register_method({
+    name => 'vncwebsocket',
+    path => 'vncwebsocket',
+    method => 'GET',
+    permissions => { 
+	description => "Restricted to users on realm 'pam'. You also need to pass a valid ticket (vncticket).",
+	check => ['perm', '/nodes/{node}', [ 'Sys.Console' ]],
+    },
+    description => "Opens a weksocket for VNC traffic.",
+    parameters => {
+    	additionalProperties => 0,
+	properties => {
+	    node => get_standard_option('pve-node'),
+	    vncticket => {
+		description => "Ticket from previous call to vncproxy.",
+		type => 'string',
+		maxLength => 512,
+	    },
+	    port => {
+		description => "Port number returned by previous vncproxy call.",
+		type => 'integer',
+		minimum => 5900,
+		maximum => 5999,
+	    },
+	},
+    },
+    returns => {
+	type => "object",
+	properties => {
+	    port => { type => 'string' },
+	},
+    },
+    code => sub {
+	my ($param) = @_;
+
+	my $rpcenv = PVE::RPCEnvironment::get();
+
+	my ($user, undef, $realm) = PVE::AccessControl::verify_username($rpcenv->get_user());
+
+	raise_perm_exc("realm != pam") if $realm ne 'pam'; 
+
+	my $authpath = "/nodes/$param->{node}";
+
+	PVE::AccessControl::verify_vnc_ticket($param->{vncticket}, $user, $authpath);
+
+	my $port = $param->{port};
+	
+	return { port => $port };
+    }});
+
 __PACKAGE__->register_method ({
    name => 'spiceshell', 
    path => 'spiceshell',  

--- a/PVE/API2/OpenVZ.pm
+++ b/PVE/API2/OpenVZ.pm
@@ -833,6 +833,11 @@ __PACKAGE__->register_method ({
 	properties => {
 	    node => get_standard_option('pve-node'),
 	    vmid => get_standard_option('pve-vmid'),
+	    websocket => {
+		optional => 1,
+		type => 'boolean',
+		description => "use websocket instead of standard VNC.",
+	    },
 	},
    },
    returns => { 
@@ -889,7 +894,14 @@ __PACKAGE__->register_method ({

 	    my $cmd = ['/usr/bin/vncterm', '-rfbport', $port,
 		       '-timeout', $timeout, '-authpath', $authpath, 
-		       '-perm', 'VM.Console', '-c', @$remcmd, @$shcmd];
+		       '-perm', 'VM.Console'];
+
+	    if ($param->{websocket}) {
+		$ENV{PVE_VNC_TICKET} = $ticket; # pass ticket to vncterm 
+		push @$cmd, '-notls', '-listen', 'localhost';
+	    }
+
+	    push @$cmd, '-c', @$remcmd, @$shcmd;

 	    run_command($cmd);

@@ -909,6 +921,55 @@ __PACKAGE__->register_method ({
 	};
    }});

+__PACKAGE__->register_method({
+    name => 'vncwebsocket',
+    path => '{vmid}/vncwebsocket',
+    method => 'GET',
+    permissions => { 
+	description => "You also need to pass a valid ticket (vncticket).",
+	check => ['perm', '/vms/{vmid}', [ 'VM.Console' ]],
+    },
+    description => "Opens a weksocket for VNC traffic.",
+    parameters => {
+    	additionalProperties => 0,
+	properties => {
+	    node => get_standard_option('pve-node'),
+	    vmid => get_standard_option('pve-vmid'),
+	    vncticket => {
+		description => "Ticket from previous call to vncproxy.",
+		type => 'string',
+		maxLength => 512,
+	    },
+	    port => {
+		description => "Port number returned by previous vncproxy call.",
+		type => 'integer',
+		minimum => 5900,
+		maximum => 5999,
+	    },
+	},
+    },
+    returns => {
+	type => "object",
+	properties => {
+	    port => { type => 'string' },
+	},
+    },
+    code => sub {
+	my ($param) = @_;
+
+	my $rpcenv = PVE::RPCEnvironment::get();
+
+	my $authuser = $rpcenv->get_user();
+
+	my $authpath = "/vms/$param->{vmid}";
+
+	PVE::AccessControl::verify_vnc_ticket($param->{vncticket}, $authuser, $authpath);
+
+	my $port = $param->{port};
+	
+	return { port => $port };
+    }});
+
 __PACKAGE__->register_method ({
    name => 'spiceproxy', 
    path => '{vmid}/spiceproxy', 

--- a/www/manager/Utils.js
+++ b/www/manager/Utils.js
@@ -1088,9 +1088,10 @@ Ext.define('PVE.Utils', { statics: {
 	}
    },
 
-    openConsoleWindow: function(vmtype, vmid, nodename, vmname) {
+    openConsoleWindow: function(vmtype, vmid, nodename, vmname, novnc) {
 	var url = Ext.urlEncode({
 	    console: vmtype, // kvm, openvz or shell
+	    novnc: novnc ? 1 : 0,
 	    vmid: vmid,
 	    vmname: vmname,
 	    node: nodename

--- a/www/manager/VNCConsole.js
+++ b/www/manager/VNCConsole.js
--- a/www/manager/Workspace.js
+++ b/www/manager/Workspace.js
@@ -116,6 +116,8 @@ Ext.define('PVE.ConsoleWorkspace', {
 	var param = Ext.Object.fromQueryString(window.location.search);
 	var consoleType = me.consoleType || param.console;

+	param.novnc = (param.novnc === '1') ? true : false;
+
 	var content;
 	if (consoleType === 'kvm') {
 	    me.title = "VM " + param.vmid;
@@ -124,18 +126,7 @@ Ext.define('PVE.ConsoleWorkspace', {
 	    }
 	    content = {
 		xtype: 'pveKVMConsole',
-		vmid: param.vmid,
-		nodename: param.node,
-		vmname: param.vmname,
-		toplevel: true
-	    };
-	} else if (consoleType === 'novnc') {
-	    me.title = "VM " + param.vmid;
-	    if (param.vmname) {
-		me.title += " ('" + param.vmname + "')";
-	    }
-	    content = {
-		xtype: 'pvenovncConsole',
+		novnc: param.novnc,
 		vmid: param.vmid,
 		nodename: param.node,
 		vmname: param.vmname,
@@ -148,6 +139,7 @@ Ext.define('PVE.ConsoleWorkspace', {
 	    }
 	    content = {
 		xtype: 'pveOpenVZConsole',
+		novnc: param.novnc,
 		vmid: param.vmid,
 		nodename: param.node,
 		vmname: param.vmname,
@@ -157,6 +149,7 @@ Ext.define('PVE.ConsoleWorkspace', {
 	    me.title = "node '" + param.node + "'";
 	    content = {
 		xtype: 'pveShell',
+		novnc: param.novnc,
 		nodename: param.node,
 		toplevel: true
 	    };
@@ -164,6 +157,7 @@ Ext.define('PVE.ConsoleWorkspace', {
 	    me.title = Ext.String.format(gettext('System upgrade on node {0}'), "'" + param.node + "'");
 	    content = {
 		xtype: 'pveShell',
+		novnc: param.novnc,
 		nodename: param.node,
 		ugradeSystem: true,
 		toplevel: true

--- a/www/manager/button/ConsoleButton.js
+++ b/www/manager/button/ConsoleButton.js
@@ -71,21 +71,15 @@ Ext.define('PVE.button.ConsoleButton', {
 	    }
 	};

-	var create_novnc_console = function() {
+	var create_vnc_console = function(novnc) {
 	    if (me.consoleType === 'kvm') {
-		PVE.Utils.openConsoleWindow('novnc', me.vmid, me.nodename, me.consoleName);
-	    }
-	};
-
-	var create_vnc_console = function() {
-	    if (me.consoleType === 'kvm') {
-		PVE.Utils.openConsoleWindow('kvm', me.vmid, me.nodename, me.consoleName);
+		PVE.Utils.openConsoleWindow('kvm', me.vmid, me.nodename, me.consoleName, novnc);
 	    } else if (me.consoleType === 'openvz') {
-		PVE.Utils.openConsoleWindow('openvz', me.vmid, me.nodename, me.consoleName);
+		PVE.Utils.openConsoleWindow('openvz', me.vmid, me.nodename, me.consoleName, novnc);
 	    } else if (me.consoleType === 'shell') {
-		PVE.Utils.openConsoleWindow('shell', undefined, me.nodename);
+		PVE.Utils.openConsoleWindow('shell', undefined, me.nodename, undefined, novnc);
 	    } else if (me.consoleType === 'upgrade') {
-		var url = Ext.urlEncode({ console: 'upgrade', node: me.nodename });
+		var url = Ext.urlEncode({ console: 'upgrade', node: me.nodename, novnc: novnc });
 		var nw = window.open("?" + url, '_blank', "innerWidth=745,innerheight=427");
 		nw.focus();
 	    }
@@ -100,13 +94,13 @@ Ext.define('PVE.button.ConsoleButton', {
 	var vncMenu = Ext.create('Ext.menu.Item', {
 	    text: 'VNC',
 	    iconCls: 'pve-itype-icon-tigervnc',
-	    handler: create_vnc_console
+	    handler: function() { create_vnc_console(0); }
 	});

-	var novncMenu = Ext.create('Ext.menu.Item', {
+	var noVncMenu = Ext.create('Ext.menu.Item', {
 	    text: 'noVNC',
 	    iconCls: 'pve-itype-icon-novnc',
-	    handler: create_novnc_console
+	    handler: function() { create_vnc_console(1); }
 	});

 	Ext.applyIf(me, { text: gettext('Console') });
@@ -121,7 +115,7 @@ Ext.define('PVE.button.ConsoleButton', {
 		}
 	    },
 	    menu: new Ext.menu.Menu({
-		items: [ novncMenu, vncMenu, me.spiceMenu ]
+		items: [ noVncMenu, vncMenu, me.spiceMenu ]
 	    })
 	});