Update policies

albatross.ml

@@ -10,6 +10,16 @@ struct
     mutable policies : Vmm_core.Policy.t Vmm_trie.t;
   }
 
+  let empty_policy =
+    Vmm_core.Policy.
+      {
+        vms = 0;
+        cpuids = Vmm_core.IS.of_list [];
+        memory = 0;
+        block = Some 0;
+        bridges = Vmm_core.String_set.of_list [];
+      }
+
   let policy ?domain t =
     let ( let* ) = Result.bind in
     let* path =
@@ -38,6 +48,35 @@ struct
     in
     Ok (Vmm_trie.fold path t.policies (fun name p acc -> (name, p) :: acc) [])
 
+  let policy_resource_used () t =
+    let root_policy =
+      match policy t with
+      | Ok p -> ( match p with Some p -> p | None -> empty_policy)
+      | Error _ -> empty_policy
+    in
+    let policies = match policies t with Ok p -> p | Error _err -> [] in
+    let vms_used, memory_used, storage_used =
+      List.fold_left
+        (fun (total_vms, total_memory, total_block) (name, policy) ->
+          if name <> Vmm_core.Name.root then
+            ( total_vms + policy.Vmm_core.Policy.vms,
+              total_memory + policy.memory,
+              total_block + match policy.block with Some b -> b | None -> 0 )
+          else (total_vms, total_memory, total_block))
+        (0, 0, 0) policies
+    in
+    Vmm_core.Policy.
+      {
+        vms = root_policy.vms - vms_used;
+        cpuids = root_policy.cpuids;
+        memory = root_policy.memory - memory_used;
+        block =
+          (match root_policy.block with
+          | Some b -> if b > 0 then Some (b - storage_used) else None
+          | None -> None);
+        bridges = root_policy.bridges;
+      }
+
   let key_ids exts pub issuer =
     let open X509 in
     let auth = (Some (Public_key.id issuer), General_name.empty, None) in

assets/main.js

@@ -250,3 +250,75 @@ async function toggleUserActiveStatus(uuid) {
 async function toggleUserAdminStatus(uuid) {
 	await toggleUserStatus(uuid, "/api/admin/user/admin/toggle");
 }
+
+
+function multiselect(selected, options) {
+	return {
+		isOpen: false,
+		selected: selected,
+		options: options,
+		toggleDropdown() {
+			this.isOpen = !this.isOpen;
+		},
+		updateSelection(event, option) {
+			if (event.target.checked) {
+				this.selected.push(option);
+			} else {
+				this.selected = this.selected.filter(item => item !== option);
+			}
+		},
+		removeItem(index) {
+			this.selected.splice(index, 1);
+		}
+	};
+}
+
+async function updatePolicy() {
+	const vm_count = document.getElementById("f_allowed_vms").innerText;
+	const mem_size = document.getElementById("f_allowed_memory").innerText;
+	const storage_size = document.getElementById("f_allowed_storage").innerText;
+	const cpuids = document.getElementById("selectedCPUs").value;
+	const bridges = document.getElementById("selectedBridges").value;
+	const formAlert = document.getElementById("form-alert");
+	const user_id = document.getElementById("user_id").innerText;
+	const policyButton = document.getElementById("set-policy-btn");
+	try {
+		buttonLoading(policyButton, true, "Processing...")
+		const response = await fetch("/api/admin/u/policy/update", {
+			method: 'POST',
+			headers: {
+				"Content-Type": "application/json",
+			},
+			body: JSON.stringify(
+				{
+					"vms": Number(vm_count),
+					"memory": Number(mem_size),
+					"block": Number(storage_size),
+					"cpuids": cpuids,
+					"bridges": bridges,
+					"user_uuid": user_id
+				})
+		})
+		const data = await response.json();
+		if (data.status === 200) {
+			formAlert.classList.remove("hidden", "text-secondary-500");
+			formAlert.classList.add("text-primary-500");
+			formAlert.textContent = "Succesfully updated";
+			postAlert("bg-primary-300", data.data);
+			setTimeout(function () {
+				window.history.back();
+			}, 2000);
+			buttonLoading(policyButton, false, "Set Policy")
+		} else {
+			formAlert.classList.remove("hidden", "text-primary-500");
+			formAlert.classList.add("text-secondary-500");
+			formAlert.textContent = data.data
+			buttonLoading(policyButton, false, "Set Policy")
+		}
+	} catch (error) {
+		formAlert.classList.remove("hidden", "text-primary-500");
+		formAlert.classList.add("text-secondary-500");
+		formAlert.textContent = error
+		buttonLoading(policyButton, false, "Set Policy")
+	}
+}

header_layout.ml

@@ -22,4 +22,12 @@ let header ?(page_title = "Mollymawk") ~icon () =
           ~href:"https://unpkg.com/[email protected]/dist/aos.css" ();
         script ~a:[ a_src "https://unpkg.com/[email protected]/dist/aos.js" ] (txt "");
         link ~rel:[ `Icon ] ~href:icon ();
+        script
+          ~a:
+            [
+              a_defer ();
+              a_src
+                "https://cdn.jsdelivr.net/npm/[email protected]/dist/cdn.min.js";
+            ]
+          (txt "");
       ])

unikernel.ml

@@ -779,6 +779,127 @@ struct
                 ~icon:"/images/robur.png" ())
              `Not_found)
 
+  let edit_policy albatross store uuid reqd (user : User_model.user) =
+    let users = User_model.create_user_uuid_map (snd store).Storage.users in
+    match User_model.find_user_by_key uuid users with
+    | Some u ->
+        let user_policy =
+          match Albatross.policy albatross ~domain:u.name with
+          | Ok p -> (
+              match p with Some p -> p | None -> Albatross.empty_policy)
+          | Error _ -> Albatross.empty_policy
+        in
+        let policy_avalaible = Albatross.policy_resource_used () albatross in
+        Lwt.return
+          (reply reqd ~content_type:"text/html"
+             (Dashboard.dashboard_layout user
+                ~page_title:(String.capitalize_ascii u.name ^ " | Mollymawk")
+                ~content:
+                  (Update_policy.update_policy_layout u ~user_policy
+                     ~root_policy:policy_avalaible)
+                ~icon:"/images/robur.png" ())
+             `OK)
+    | None ->
+        let status =
+          {
+            Utils.Status.code = 404;
+            title = "Error";
+            data = "Couldn't find account with uuid: " ^ uuid;
+            success = false;
+          }
+        in
+        Lwt.return
+          (reply reqd ~content_type:"text/html"
+             (Guest_layout.guest_layout ~page_title:"404 | Mollymawk"
+                ~content:(Error_page.error_layout status)
+                ~icon:"/images/robur.png" ())
+             `Not_found)
+
+  let update_policy store albatross reqd _user =
+    decode_request_body reqd >>= fun data ->
+    let json =
+      try Ok (Yojson.Basic.from_string data)
+      with Yojson.Json_error s -> Error (`Msg s)
+    in
+    match json with
+    | Error (`Msg err) ->
+        Logs.warn (fun m -> m "Failed to parse JSON: %s" err);
+        http_response reqd ~title:"Error" ~data:(String.escaped err)
+          `Bad_request
+    | Ok json -> (
+        match json with
+        | `Assoc xs -> (
+            match
+              Utils.Json.
+                ( get "vms" xs,
+                  get "memory" xs,
+                  get "block" xs,
+                  get "cpuids" xs,
+                  get "bridges" xs,
+                  get "user_uuid" xs )
+            with
+            | ( Some (`Int vms),
+                Some (`Int memory),
+                Some (`Int block),
+                Some (`String cpuids),
+                Some (`String bridges),
+                Some (`String user_uuid) ) -> (
+                let users =
+                  User_model.create_user_uuid_map (snd store).Storage.users
+                in
+                match User_model.find_user_by_key user_uuid users with
+                | Some u ->
+                    let policy_data =
+                      {
+                        Vmm_core.Policy.vms;
+                        memory;
+                        block = Some block;
+                        cpuids =
+                          (if cpuids = "" then Vmm_core.IS.empty
+                           else
+                             Vmm_core.IS.of_list
+                               (List.map int_of_string
+                                  (String.split_on_char ',' cpuids)));
+                        bridges =
+                          (if bridges = "" then Vmm_core.String_set.empty
+                           else
+                             Vmm_core.String_set.of_list
+                               (String.split_on_char ',' bridges));
+                      }
+                    in
+                    (Albatross.query albatross ~domain:u.name
+                       (`Policy_cmd (`Policy_add policy_data))
+                     >|= function
+                     | Error msg ->
+                         Logs.err (fun m ->
+                             m "error while communicating with albatross: %s"
+                               msg);
+                         []
+                     | Ok (_hdr, `Success (`Policies policies)) -> policies
+                     | Ok reply ->
+                         Logs.err (fun m ->
+                             m "expected a policy info reply, received %a"
+                               (Vmm_commands.pp_wire ~verbose:false)
+                               reply);
+                         [])
+                    >>= fun _policies ->
+                    http_response reqd ~title:"Success"
+                      ~data:"Policy updated succesfully" `OK
+                | None ->
+                    Logs.warn (fun m ->
+                        m "Failed to find user with uuid: %s" user_uuid);
+                    http_response reqd ~title:"Error" ~data:"User not found"
+                      `Not_found)
+            | _ ->
+                http_response reqd ~title:"Error"
+                  ~data:
+                    (Fmt.str "policy: unexpected types, got %s"
+                       (Yojson.Basic.to_string (`Assoc xs)))
+                  `Bad_request)
+        | _ ->
+            http_response reqd ~title:"Error" ~data:"Expected a dictionary"
+              `Bad_request)
+
   let request_handler stack albatross js_file css_file imgs store
       (_ipaddr, _port) reqd =
     Lwt.async (fun () ->
@@ -855,6 +976,14 @@ struct
                 let uuid = String.sub path 12 (String.length path - 12) in
                 authenticate ~check_admin:true !store reqd
                   (view_user !albatross !store uuid reqd))
+        | path
+          when String.(
+                 length path >= 21 && sub path 0 21 = "/admin/u/policy/edit/")
+          ->
+            check_meth `GET (fun () ->
+                let uuid = String.sub path 21 (String.length path - 21) in
+                authenticate ~check_admin:true !store reqd
+                  (edit_policy !albatross !store uuid reqd))
         | "/admin/settings" ->
             check_meth `GET (fun () ->
                 authenticate ~check_admin:true !store reqd
@@ -863,6 +992,10 @@ struct
             check_meth `POST (fun () ->
                 authenticate ~check_admin:true ~api_meth:true !store reqd
                   (update_settings stack store albatross reqd))
+        | "/api/admin/u/policy/update" ->
+            check_meth `POST (fun () ->
+                authenticate ~check_admin:true ~api_meth:true !store reqd
+                  (update_policy !store !albatross reqd))
         | "/api/admin/user/activate/toggle" ->
             check_meth `POST (fun () ->
                 authenticate ~check_admin:true ~api_meth:true !store reqd