summaryrefslogtreecommitdiffhomepage
path: root/modules/luci-base/luasrc
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2018-04-26 08:52:55 +0200
committerJo-Philipp Wich <jo@mein.io>2018-05-05 23:11:23 +0200
commit8deb9495515b97898514e8ffb8f002c8afe3bfa7 (patch)
tree65d4d7b831c273329c0a79a6b9e4a547e760481b /modules/luci-base/luasrc
parent7cca3139591a08e62b7900115fe0bfd4a3df8f8a (diff)
treewide: rework uci apply workflow
Switch to rpcd based uci apply/rollback workflow which helps to avoid soft- bricking devices by requiring an explicit confirmation call after config apply. When a user now clicks "Save & Apply", LuCI first issues a call to uci apply which commits and reloads configuration, then goes into a polling countdown mode where it repeatedly attempts to call uci confirm. If the committed configuration is sane, the confirm call will go through and cancel rpcd's pending rollback timer. If the configuration change leads to a loss of connectivity (e.g. due to bad firewall rules or similar), the rollback mechanism will kick in after the timeout and revert configuration files and pending changes to the pre-apply state. In order to cover such rare cases where a lost of connectivity is expected and desired, the user is offered an "unchecked" apply option after timing out, which allows committing and applying the changes anyway, without the extra safety checks. As a consequence of this change, the luci-reload mechanism is now completely unsused since rpcd uses ubus config reload signals to reload affected services, which means that only procd-enabled services will receive proper reload treatment with the new workflow. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'modules/luci-base/luasrc')
-rw-r--r--modules/luci-base/luasrc/cbi.lua14
-rw-r--r--modules/luci-base/luasrc/controller/admin/servicectl.lua49
-rw-r--r--modules/luci-base/luasrc/dispatcher.lua3
-rw-r--r--modules/luci-base/luasrc/model/uci.lua139
-rw-r--r--modules/luci-base/luasrc/model/uci.luadoc57
-rw-r--r--modules/luci-base/luasrc/view/cbi/apply_widget.htm181
-rw-r--r--modules/luci-base/luasrc/view/cbi/apply_xhr.htm43
-rw-r--r--modules/luci-base/luasrc/view/cbi/map.htm17
8 files changed, 332 insertions, 171 deletions
diff --git a/modules/luci-base/luasrc/cbi.lua b/modules/luci-base/luasrc/cbi.lua
index 2184395039..4728642118 100644
--- a/modules/luci-base/luasrc/cbi.lua
+++ b/modules/luci-base/luasrc/cbi.lua
@@ -388,21 +388,21 @@ function Map.parse(self, readinput, ...)
if self.save then
self:_run_hooks("on_save", "on_before_save")
+ local i, config
for i, config in ipairs(self.parsechain) do
self.uci:save(config)
end
self:_run_hooks("on_after_save")
if (not self.proceed and self.flow.autoapply) or luci.http.formvalue("cbi.apply") then
self:_run_hooks("on_before_commit")
- for i, config in ipairs(self.parsechain) do
- self.uci:commit(config)
-
- -- Refresh data because commit changes section names
- self.uci:load(config)
+ if self.apply_on_parse == false then
+ for i, config in ipairs(self.parsechain) do
+ self.uci:commit(config)
+ end
end
self:_run_hooks("on_commit", "on_after_commit", "on_before_apply")
- if self.apply_on_parse then
- self.uci:apply(self.parsechain)
+ if self.apply_on_parse == true or self.apply_on_parse == false then
+ self.uci:apply(self.apply_on_parse)
self:_run_hooks("on_apply", "on_after_apply")
else
-- This is evaluated by the dispatcher and delegated to the
diff --git a/modules/luci-base/luasrc/controller/admin/servicectl.lua b/modules/luci-base/luasrc/controller/admin/servicectl.lua
deleted file mode 100644
index 1d73eb4ecc..0000000000
--- a/modules/luci-base/luasrc/controller/admin/servicectl.lua
+++ /dev/null
@@ -1,49 +0,0 @@
--- Copyright 2010 Jo-Philipp Wich <jow@openwrt.org>
--- Licensed to the public under the Apache License 2.0.
-
-module("luci.controller.admin.servicectl", package.seeall)
-
-function index()
- entry({"servicectl"}, alias("servicectl", "status")).sysauth = "root"
- entry({"servicectl", "status"}, call("action_status")).leaf = true
- entry({"servicectl", "restart"}, post("action_restart")).leaf = true
-end
-
-function action_status()
- local data = nixio.fs.readfile("/var/run/luci-reload-status")
- if data then
- luci.http.write("/etc/config/")
- luci.http.write(data)
- else
- luci.http.write("finish")
- end
-end
-
-function action_restart(args)
- local uci = require "luci.model.uci".cursor()
- if args then
- local service
- local services = { }
-
- for service in args:gmatch("[%w_-]+") do
- services[#services+1] = service
- end
-
- local command = uci:apply(services, true)
- if nixio.fork() == 0 then
- local i = nixio.open("/dev/null", "r")
- local o = nixio.open("/dev/null", "w")
-
- nixio.dup(i, nixio.stdin)
- nixio.dup(o, nixio.stdout)
-
- i:close()
- o:close()
-
- nixio.exec("/bin/sh", unpack(command))
- else
- luci.http.write("OK")
- os.exit(0)
- end
- end
-end
diff --git a/modules/luci-base/luasrc/dispatcher.lua b/modules/luci-base/luasrc/dispatcher.lua
index 38d9194810..baaa95ad79 100644
--- a/modules/luci-base/luasrc/dispatcher.lua
+++ b/modules/luci-base/luasrc/dispatcher.lua
@@ -883,6 +883,8 @@ local function _cbi(self, ...)
local pageaction = true
local parsechain = { }
+ local is_rollback, time_remaining = uci:rollback_pending()
+
for i, res in ipairs(maps) do
if res.apply_needed and res.parsechain then
local c
@@ -910,6 +912,7 @@ local function _cbi(self, ...)
res:render({
firstmap = (i == 1),
applymap = applymap,
+ confirmmap = (is_rollback and time_remaining or nil),
redirect = redirect,
messages = messages,
pageaction = pageaction,
diff --git a/modules/luci-base/luasrc/model/uci.lua b/modules/luci-base/luasrc/model/uci.lua
index fc2a605b34..34323f08bd 100644
--- a/modules/luci-base/luasrc/model/uci.lua
+++ b/modules/luci-base/luasrc/model/uci.lua
@@ -3,6 +3,7 @@
local os = require "os"
local util = require "luci.util"
+local conf = require "luci.config"
local table = require "table"
@@ -143,22 +144,84 @@ function commit(self, config)
return (err == nil), ERRSTR[err]
end
---[[
-function apply(self, configs, command)
- local _, config
+function apply(self, rollback)
+ local _, err
+
+ if rollback then
+ local timeout = tonumber(conf.apply and conf.apply.rollback or "") or 0
- assert(not command, "Apply command not supported anymore")
+ _, err = call("apply", {
+ timeout = (timeout > 30) and timeout or 30,
+ rollback = true
+ })
- if type(configs) == "table" then
- for _, config in ipairs(configs) do
- call("service", "event", {
- type = "config.change",
- data = { package = config }
+ if not err then
+ util.ubus("session", "set", {
+ ubus_rpc_session = session_id,
+ values = { rollback = os.time() + timeout }
})
end
+ else
+ _, err = call("changes", {})
+
+ if not err then
+ if type(_) == "table" and type(_.changes) == "table" then
+ local k, v
+ for k, v in pairs(_.changes) do
+ _, err = call("commit", { config = k })
+ if err then
+ break
+ end
+ end
+ end
+ end
+
+ if not err then
+ _, err = call("apply", { rollback = false })
+ end
+ end
+
+ return (err == nil), ERRSTR[err]
+end
+
+function confirm(self)
+ local _, err = call("confirm", {})
+ if not err then
+ util.ubus("session", "set", {
+ ubus_rpc_session = session_id,
+ values = { rollback = 0 }
+ })
end
+ return (err == nil), ERRSTR[err]
+end
+
+function rollback(self)
+ local _, err = call("rollback", {})
+ if not err then
+ util.ubus("session", "set", {
+ ubus_rpc_session = session_id,
+ values = { rollback = 0 }
+ })
+ end
+ return (err == nil), ERRSTR[err]
+end
+
+function rollback_pending(self)
+ local deadline, err = util.ubus("session", "get", {
+ ubus_rpc_session = session_id,
+ keys = { "rollback" }
+ })
+
+ if type(deadline) == "table" and
+ type(deadline.values) == "table" and
+ type(deadline.values.rollback) == "number" and
+ deadline.values.rollback > os.time()
+ then
+ return true, deadline.values.rollback - os.time()
+ end
+
+ return false, ERRSTR[err]
end
-]]
function foreach(self, config, stype, callback)
@@ -425,59 +488,3 @@ function delete_all(self, config, stype, comparator)
return (err == nil), ERRSTR[err]
end
-
-
-function apply(self, configlist, command)
- configlist = self:_affected(configlist)
- if command then
- return { "/sbin/luci-reload", unpack(configlist) }
- else
- return os.execute("/sbin/luci-reload %s >/dev/null 2>&1"
- % util.shellquote(table.concat(configlist, " ")))
- end
-end
-
--- Return a list of initscripts affected by configuration changes.
-function _affected(self, configlist)
- configlist = type(configlist) == "table" and configlist or { configlist }
-
- -- Resolve dependencies
- local reloadlist = { }
-
- local function _resolve_deps(name)
- local reload = { name }
- local deps = { }
-
- self:foreach("ucitrack", name,
- function(section)
- if section.affects then
- for i, aff in ipairs(section.affects) do
- deps[#deps+1] = aff
- end
- end
- end)
-
- local i, dep
- for i, dep in ipairs(deps) do
- local j, add
- for j, add in ipairs(_resolve_deps(dep)) do
- reload[#reload+1] = add
- end
- end
-
- return reload
- end
-
- -- Collect initscripts
- local j, config
- for j, config in ipairs(configlist) do
- local i, e
- for i, e in ipairs(_resolve_deps(config)) do
- if not util.contains(reloadlist, e) then
- reloadlist[#reloadlist+1] = e
- end
- end
- end
-
- return reloadlist
-end
diff --git a/modules/luci-base/luasrc/model/uci.luadoc b/modules/luci-base/luasrc/model/uci.luadoc
index ef89d09b9e..d798b00338 100644
--- a/modules/luci-base/luasrc/model/uci.luadoc
+++ b/modules/luci-base/luasrc/model/uci.luadoc
@@ -28,12 +28,63 @@ Create a new Cursor initialized to the state directory.
]]
---[[
-Applies UCI configuration changes
+Applies UCI configuration changes.
+
+If the rollback parameter is set to true, the apply function will invoke the
+rollback mechanism which causes the configuration to be automatically reverted
+if no confirm() call occurs within a certain timeout.
+
+The current default timeout is 30s and can be increased using the
+"luci.apply.timeout" uci configuration key.
@class function
@name Cursor.apply
-@param configlist List of UCI configurations
-@param command Don't apply only return the command
+@param rollback Enable rollback mechanism
+@return Boolean whether operation succeeded
+]]
+
+---[[
+Confirms UCI apply process.
+
+If a previous UCI apply with rollback has been invoked using apply(true),
+this function confirms the process and cancels the pending rollback timer.
+
+If no apply with rollback session is active, the function has no effect and
+returns with a "No data" error.
+
+@class function
+@name Cursor.confirm
+@return Boolean whether operation succeeded
+]]
+
+---[[
+Cancels UCI apply process.
+
+If a previous UCI apply with rollback has been invoked using apply(true),
+this function cancels the process and rolls back the configuration to the
+pre-apply state.
+
+If no apply with rollback session is active, the function has no effect and
+returns with a "No data" error.
+
+@class function
+@name Cursor.rollback
+@return Boolean whether operation succeeded
+]]
+
+---[[
+Checks whether a pending rollback is scheduled.
+
+If a previous UCI apply with rollback has been invoked using apply(true),
+and has not been confirmed or rolled back yet, this function returns true
+and the remaining time until rollback in seconds. If no rollback is pending,
+the function returns false. On error, the function returns false and an
+additional string describing the error.
+
+@class function
+@name Cursor.rollback_pending
+@return Boolean whether rollback is pending
+@return Remaining time in seconds
]]
---[[
diff --git a/modules/luci-base/luasrc/view/cbi/apply_widget.htm b/modules/luci-base/luasrc/view/cbi/apply_widget.htm
new file mode 100644
index 0000000000..543ef0b80b
--- /dev/null
+++ b/modules/luci-base/luasrc/view/cbi/apply_widget.htm
@@ -0,0 +1,181 @@
+<% export("cbi_apply_widget", function(redirect_ok) -%>
+<style type="text/css">
+ #cbi_apply_status {
+ display: flex;
+ flex-wrap: wrap;
+ min-height: 32px;
+ align-items: center;
+ margin: 1.5em 0 1.5em 0;
+ }
+
+ #cbi_apply_status > h4,
+ #cbi_apply_status > p,
+ #cbi_apply_status > div {
+ flex-basis: 100%;
+ }
+
+ #cbi_apply_status > img {
+ margin-right: 1em;
+ flex-basis: 32px;
+ }
+
+ #cbi_apply_status + script + .cbi-section {
+ margin-top: -1em;
+ }
+
+ .alert-message.notice {
+ background: linear-gradient(#fff 0%, #eee 100%);
+ }
+</style>
+
+<script type="text/javascript" src="<%=resource%>/cbi.js"></script>
+<script type="text/javascript">//<![CDATA[
+ var xhr = new XHR(),
+ stat, indicator,
+ uci_apply_auth = { sid: '<%=luci.dispatcher.context.authsession%>', token: '<%=token%>' },
+ uci_apply_rollback = <%=math.max(luci.config and luci.config.apply and luci.config.apply.rollback or 30, 30)%>,
+ uci_apply_holdoff = <%=math.max(luci.config and luci.config.apply and luci.config.apply.holdoff or 4, 1)%>,
+ uci_apply_timeout = <%=math.max(luci.config and luci.config.apply and luci.config.apply.timeout or 5, 1)%>,
+ uci_apply_display = <%=math.max(luci.config and luci.config.apply and luci.config.apply.display or 1.5, 1)%>;
+
+ function uci_rollback(checked) {
+ if (checked) {
+ stat.classList.remove('notice');
+ stat.classList.add('warning');
+ stat.innerHTML = '<img src="<%=resource%>/icons/loading.gif" alt="" style="vertical-align:middle" /> ' +
+ '<%:Failed to confirm apply within %ds, waiting for rollback…%>'.format(uci_apply_rollback);
+
+ var call = function(r) {
+ if (r.status === 204) {
+ stat.innerHTML = '<h4><%:Configuration has been rolled back!%></h4>' +
+ '<p><%:The device could not be reached within %d seconds after applying the pending changes, which caused the configuration to be rolled back for safety reasons. If you believe that the configuration changes are correct nonetheless, perform an unchecked configuration apply. Alternatively, you can dismiss this warning and edit changes before attempting to apply again, or revert all pending changes to keep the currently working configuration state.%></p>'.format(uci_apply_rollback) +
+ '<div class="right">' +
+ '<input type="button" class="btn" onclick="this.parentNode.parentNode.style.display=\'none\'" value="<%:Dismiss%>" /> ' +
+ '<input type="button" class="btn" onclick="uci_revert()" value="<%:Revert changes%>" /> ' +
+ '<input type="button" class="btn danger" onclick="uci_apply(false)" value="<%:Apply unchecked%>" />' +
+ '</div>';
+
+ return;
+ }
+
+ xhr.post('<%=url("admin/uci/confirm")%>', uci_apply_auth, call, uci_apply_timeout * 1000);
+ };
+
+ call({ status: 0 });
+ }
+ else {
+ stat.classList.remove('notice');
+ stat.classList.add('warning');
+ stat.innerHTML = '<h4><%:Device unreachable!%></h4>' +
+ '<p><%:Could not regain access to the device after applying the configuration changes. You might need to reconnect if you modified network related settings such as the IP address or wireless security credentials.%></p>';
+ }
+ }
+
+ function uci_confirm(checked, deadline) {
+ var tt;
+ var ts = Date.now();
+
+ stat = document.getElementById('cbi_apply_status');
+ stat.style.display = '';
+ stat.classList.remove('warning');
+ stat.classList.add('notice');
+
+ indicator = document.querySelector('.uci_change_indicator');
+
+ var call = function(r) {
+ if (Date.now() >= deadline) {
+ uci_rollback(checked);
+ return;
+ }
+ else if (r && (r.status === 200 || r.status === 204)) {
+ if (indicator)
+ indicator.style.display = 'none';
+
+ stat.innerHTML = '<%:Configuration has been applied.%>';
+
+ window.clearTimeout(tt);
+ window.setTimeout(function() {
+ stat.style.display = 'none';
+ <% if redirect_ok then %>location.href = decodeURIComponent('<%=luci.util.urlencode(redirect_ok)%>');<% end %>
+ }, uci_apply_display * 1000);
+
+ return;
+ }
+
+ xhr.post('<%=url("admin/uci/confirm")%>', uci_apply_auth, call, uci_apply_timeout * 1000);
+ };
+
+ var tick = function() {
+ var now = Date.now();
+
+ stat.innerHTML = '<img src="<%=resource%>/icons/loading.gif" alt="" style="vertical-align:middle" /> ' +
+ '<%:Waiting for configuration to get applied… %ds%>'.format(Math.max(Math.floor((deadline - Date.now()) / 1000), 0));
+
+ if (now >= deadline)
+ return;
+
+ tt = window.setTimeout(tick, 1000 - (now - ts));
+ ts = now;
+ };
+
+ tick();
+
+ /* wait a few seconds for the settings to become effective */
+ window.setTimeout(call, Math.max(uci_apply_holdoff * 1000 - ((ts + uci_apply_rollback * 1000) - deadline), 1));
+ }
+
+ function uci_apply(checked) {
+ stat = document.getElementById('cbi_apply_status');
+ stat.style.display = '';
+ stat.classList.remove('warning');
+ stat.classList.add('notice');
+ stat.innerHTML = '<img src="<%=resource%>/icons/loading.gif" alt="" style="vertical-align:middle" /> ' +
+ '<%:Starting configuration apply…%>';
+
+ xhr.post('<%=url("admin/uci")%>/' + (checked ? 'apply_rollback' : 'apply_unchecked'), uci_apply_auth, function(r) {
+ if (r.status === (checked ? 200 : 204)) {
+ uci_confirm(checked, Date.now() + uci_apply_rollback * 1000);
+ }
+ else if (checked && r.status === 204) {
+ stat.innerHTML = '<%:There are no changes to apply.%>';
+ window.setTimeout(function() {
+ stat.style.display = 'none';
+ <% if redirect_ok then %>location.href = decodeURIComponent('<%=luci.util.urlencode(redirect_ok)%>');<% end %>
+ }, uci_apply_display * 1000);
+ }
+ else {
+ stat.classList.add('warning');
+ stat.classList.remove('notice');
+ stat.innerHTML = '<%_Apply request failed with status <code>%h</code>%>'.format(r.responseText || r.statusText || r.status);
+ }
+ });
+ }
+
+ function uci_revert() {
+ stat = document.getElementById('cbi_apply_status');
+ stat.style.display = '';
+ stat.classList.remove('warning');
+ stat.classList.add('notice');
+ stat.innerHTML = '<img src="<%=resource%>/icons/loading.gif" alt="" style="vertical-align:middle" /> ' +
+ '<%:Reverting configuration…%>';
+
+ xhr.post('<%=url("admin/uci/revert")%>', uci_apply_auth, function(r) {
+ if (r.status === 200) {
+ stat.innerHTML = '<%:Changes have been reverted.%>';
+ window.setTimeout(function() {
+ <% if redirect_ok then -%>
+ location.href = decodeURIComponent('<%=luci.util.urlencode(redirect_ok)%>');
+ <%- else -%>
+ window.location = window.location.href.split('#')[0];
+ <%- end %>
+ }, uci_apply_display * 1000);
+ }
+ else {
+ stat.classList.add('warning');
+ stat.classList.remove('notice');
+ stat.innerHTML = '<%_Revert request failed with status <code>%h</code>%>'.format(r.statusText || r.status);
+ }
+ });
+ }
+//]]></script>
+<%- end) %>
diff --git a/modules/luci-base/luasrc/view/cbi/apply_xhr.htm b/modules/luci-base/luasrc/view/cbi/apply_xhr.htm
deleted file mode 100644
index daa57c1db7..0000000000
--- a/modules/luci-base/luasrc/view/cbi/apply_xhr.htm
+++ /dev/null
@@ -1,43 +0,0 @@
-<% export("cbi_apply_xhr", function(id, configs, redirect) -%>
-<fieldset class="cbi-section" id="cbi-apply-<%=id%>">
- <legend><%:Applying changes%></legend>
- <script type="text/javascript">//<![CDATA[
- var apply_xhr = new XHR();
-
- apply_xhr.post('<%=url('servicectl/restart', table.concat(configs, ","))%>', { token: '<%=token%>' },
- function() {
- var checkfinish = function() {
- apply_xhr.get('<%=url('servicectl/status')%>', null,
- function(x) {
- if( x.responseText == 'finish' )
- {
- var e = document.getElementById('cbi-apply-<%=id%>-status');
- if( e )
- {
- e.innerHTML = '<%:Configuration applied.%>';
- window.setTimeout(function() {
- e.parentNode.style.display = 'none';
- <% if redirect then %>location.href='<%=redirect%>';<% end %>
- }, 1000);
- }
- }
- else
- {
- var e = document.getElementById('cbi-apply-<%=id%>-status');
- if( e && x.responseText ) e.innerHTML = x.responseText;
-
- window.setTimeout(checkfinish, 1000);
- }
- }
- );
- }
-
- window.setTimeout(checkfinish, 1000);
- }
- );
- //]]></script>
-
- <img src="<%=resource%>/icons/loading.gif" alt="<%:Loading%>" style="vertical-align:middle" />
- <span id="cbi-apply-<%=id%>-status"><%:Waiting for changes to be applied...%></span>
-</fieldset>
-<%- end) %>
diff --git a/modules/luci-base/luasrc/view/cbi/map.htm b/modules/luci-base/luasrc/view/cbi/map.htm
index e3210add63..69ef3615a2 100644
--- a/modules/luci-base/luasrc/view/cbi/map.htm
+++ b/modules/luci-base/luasrc/view/cbi/map.htm
@@ -2,12 +2,23 @@
<div class="errorbox"><%=pcdata(msg)%></div>
<%- end end -%>
-<%-+cbi/apply_xhr-%>
-
<div class="cbi-map" id="cbi-<%=self.config%>">
<% if self.title and #self.title > 0 then %><h2 name="content"><%=self.title%></h2><% end %>
<% if self.description and #self.description > 0 then %><div class="cbi-map-descr"><%=self.description%></div><% end %>
- <%- if firstmap and applymap then cbi_apply_xhr(self.config, parsechain, redirect) end -%>
+ <%- if firstmap and (applymap or confirmmap) then -%>
+ <%+cbi/apply_widget%>
+ <% cbi_apply_widget(redirect) %>
+ <div class="alert-message" id="cbi_apply_status" style="display:none"></div>
+ <script type="text/javascript">
+ document.addEventListener("DOMContentLoaded", function() {
+ <% if confirmmap then -%>
+ uci_confirm(true, Date.now() + <%=confirmmap%> * 1000);
+ <%- else -%>
+ uci_apply(true);
+ <%- end %>
+ });
+ </script>
+ <%- end -%>
<% if self.tabbed then %>
<ul class="cbi-tabmenu map">