The outpost of Swisscom in the Silicon Valley works on different IT pioneer projects and maintains contact with local tech-companies. Beni Eugster, our project manager, is responsible for the Swisscom stacks and its servers here in the valley. He prepares them for the different requirements. The information of all stacks is centrally saved in racktables . When somebody claimed a stack, Beni noted the use case and the occupied time in an excel-sheet.
After the requirements had been taken together, it was important to know what Beni expected and which excel-sheet was to replace by the new web-tool. For creating this web-tool JavaScript, MySQL, CSS, HTML and PHP are used. The tech environment was a LDAP user directory and data from the racktables software. A first visual non-functional prototype was created. Not only but also a big picture had to be created so that everyone could discuss the same idea. Different data must be saved on the maintenance server. This database saves stacks, attributes, associations and logs. The requirements had to be broken down into little steps. Every morning, our team held meetings to set the coming day's work. Each team member could work at their own pace. From time to time we ensured alignment with customer needs and goals.
LDAP user management with a high security standard is required for this web-tool. Different methods meet this purpose and had to be evaluated first. Finally we came to the conclusion to transmit the password as a base64-encoded hash-value. Through binding the LDAP server as admin, all user-credentials can be compared in the PHP-File. Fortunately, LDAP provides password in sha1.
The role, given name and authentication status are saved in the session. The session expires after five minutes if no actions are taken. Every page refresh checks that the user session is still valid and shows the appropriate content.
Depending on which role each user has, he or she gets all the accessible files and a status-message through a JSON Object from the PHP-File. Through this, it is not even possible to execute non-allowed functions in the console. Meaning that the admin gets an additional user menu for stack- and attribute settings, certain main.js -functions are not loaded and the html-Page is built different for general users. There are two additional methods in the login.php-File to this safety barrier; ‘isAdmin()’ and ‘isAuthentificated()’, which are implemented in all other php-methods. Therefore, every request can only be executed when the session has the right values and has not expired.
One of the challenges about reading out data from racktables is that the software needs an authentication first. To read directly out of the MySQL database from racktables is not necessary, because the software has already built the tables. The only thing to adapt is the design of these tables. The web-tool reads out these table with the information about the stacks. This authentication problem could be solved through sending the credentials as http request to get the desired data. This worked only with PHP since same-origin policy if JavaScript would start the request.
The goals from our project manager were reached, and all the basic functions worked as expected. To supplement these goals, we decided to add more security, customer leading messages, ping tests and some constraints in claiming foreign stacks. To reduce the lines of code, some basic functions have been kept separate so they are reusable for further extensions. The frontend index.php File loads only the Login-Page and the Cascading Sheets. All the remaining html-code is built by JavaScript.