approveuser_form.php3 7.86 KB
Newer Older
1 2 3
<?php
include("defs.php3");

4 5 6 7 8
#
# Standard Testbed Header
#
PAGEHEADER("New Users Approval Form");

9 10 11
#
# Only known and logged in users can be verified.
#
12
$auth_usr = GETLOGIN();
13 14 15
LOGGEDINORDIE($auth_usr);

echo "
Leigh B. Stoller's avatar
Leigh B. Stoller committed
16 17 18
      <h2>Approve new users in your Project or Group</h2>
      Use this page to approve new members of your Project or Group.  Once
      approved, they will be able to log into machines in your Project's 
19
      experiments. Be sure to toggle the menu options appropriately for
20
      each pending user.
21 22 23 24 25 26 27 28 29 30 31

      <p>
      <table cellspacing=2 border=0>
        <tr>
            <td colspan=4>
                <h4>You have the following choices for <b>Action</b>:</td>
        <tr>
        <tr>
            <td>&nbsp</td>
            <td>Postpone</td>
            <td>-</td>
Jay Lepreau's avatar
nit  
Jay Lepreau committed
32
            <td>Do nothing; application remains, pending a decision.</td>
33 34 35 36 37
        </tr>
        <tr>
            <td>&nbsp</td>
            <td>Deny</td>
            <td>-</td>
Jay Lepreau's avatar
Jay Lepreau committed
38
            <td>Deny user application and so notify the user.</td>
39 40 41 42 43
        </tr>
        <tr>
            <td>&nbsp</td>
            <td>Nuke</td>
            <td>-</td>
Jay Lepreau's avatar
Jay Lepreau committed
44 45
            <td>Nuke user application.  Kills user account, without
		notice to user.  Useful for
46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69
                bogus project applications.</td>
        </tr>
        <tr>
            <td>&nbsp</td>
            <td>Approve</td>
            <td>-</td>
            <td>Approve the user</td>
        </tr>
      </table>
      </center>
      <p>
      <table cellspacing=2 border=0>
        <tr>
            <td colspan=4>
                <h4>You have the following choices for <b>Trust</b>:</td>
        <tr>
        <tr>
            <td>&nbsp</td>
            <td>User</td>
            <td>-</td>
            <td>User may log into machines in your experiments</td>
        </tr>
        <tr>
            <td>&nbsp</td>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
70
            <td>Local Root</td>
71 72
            <td>-</td>
            <td>User may create/destroy experiments in your project and
Jay Lepreau's avatar
Jay Lepreau committed
73
                has root privileges on machines in your experiments</td>
74
        </tr>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
75 76 77 78 79 80 81 82 83 84
        <tr>
            <td>&nbsp</td>
            <td>Group Root</td>
            <td>-</td>
            <td>In addition to Local Root privileges, user may also
                approve new group members and 
                modify user info for other users within the group. This
                level of trust is typically given only to TAs and the
                like.</td>
        </tr>
85
      </table>
86 87 88 89 90 91 92 93 94

      <center>
      <b>Important group
       <a href='docwrapper.php3?docname=groups.html#SECURITY'>
       security issues</a> are discussed in the
       <a href='docwrapper.php3?docname=groups.html'>Groups Tutorial</a>
      </b>
      </center><br>

95
      \n";
96 97

#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
98 99 100
# Find all of the groups that this person has project/group root in, and 
# then in all of those groups, all of the people who are awaiting to be
# approved (status = none).
101
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
102
# First off, just determine if this person has group/project root anywhere.
103
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
104 105 106
$query_result =
    DBQueryFatal("SELECT pid FROM group_membership WHERE uid='$auth_usr' ".
		 "and (trust='group_root' or trust='project_root')");
107
if (mysql_num_rows($query_result) == 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
108
    USERERROR("You do not have Root permissions in any Project or Group.", 1);
109 110 111 112
}

#
# Okay, so this operation sucks out the right people by joining the
Leigh B. Stoller's avatar
Leigh B. Stoller committed
113
# group_membership table with itself. Kinda obtuse if you are not a natural
114 115
# DB guy. Sorry. Well, obtuse to me.
# 
Leigh B. Stoller's avatar
Leigh B. Stoller committed
116 117 118 119 120
$query_result =
    DBQueryFatal("SELECT g.* FROM group_membership as g ".
		 "LEFT JOIN group_membership as authed ".
		 "ON g.pid=authed.pid and g.gid=authed.gid and ".
		 "   g.uid!='$auth_usr' and g.trust='none' ".
121
		 "left join users as u on u.uid=g.uid ".
122 123
		 "WHERE u.status!='" . TBDB_USERSTATUS_UNVERIFIED . "' and ".
		 "u.status!='" . TBDB_USERSTATUS_NEWUSER . "' and ".
124
		 "      authed.uid='$auth_usr' and ".
Leigh B. Stoller's avatar
Leigh B. Stoller committed
125
		 "      (authed.trust='group_root' or ".
126 127
		 "       authed.trust='project_root') ".
		 "ORDER BY g.uid,g.pid,g.gid");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
128

129 130 131 132 133 134 135 136 137
if (mysql_num_rows($query_result) == 0) {
    USERERROR("You have no new project members who need approval.", 1);
}

#
# Now build a table with a bunch of selections. The thing to note about the
# form inside this table is that the selection fields are constructed with
# name= on the fly, from the uid of the user to be approved. In other words:
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
138 139 140
#             uid     menu     project/group
#	name=stoller$$approval-testbed/testbed value=approved,denied,postpone
#	name=stoller$$trust-testbed/testbed value=user,local_root
141 142
#
# so that we can go through the entire list of post variables, looking
143
# for these. The alternative is to work backwards, and I do not like that.
144
# 
145 146
echo "<table width=\"100%\" border=2 cellpadding=2 cellspacing=2
       align=\"center\">\n";
147 148 149 150

echo "<tr>
          <td rowspan=2>User</td>
          <td rowspan=2>Project</td>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
151
          <td rowspan=2>Group</td>
152
          <td rowspan=2>Date<br>Applied</td>
153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168
          <td rowspan=2>Action</td>
          <td rowspan=2>Trust</td>
          <td>Name</td>
          <td>Title</td>
          <td>Affil</td>
          <td>E-mail</td>
          <td>Phone</td>
      </tr>
      <tr>
          <td>Addr</td>
          <td>Addr2</td>
          <td>City</td>
          <td>State</td>
          <td>Zip</td>
      </tr>\n";

169
echo "<form action='approveuser.php3' method='post'>\n";
170 171

while ($usersrow = mysql_fetch_array($query_result)) {
172 173
    $newuid        = $usersrow[uid];
    $pid           = $usersrow[pid];
Leigh B. Stoller's avatar
Leigh B. Stoller committed
174
    $gid           = $usersrow[gid];
175 176 177 178 179 180 181 182
    $date_applied  = $usersrow[date_applied];

    #
    # Cause this field was added late and might be null.
    # 
    if (! $date_applied) {
	$date_applied = "--";
    }
183

Leigh B. Stoller's avatar
Leigh B. Stoller committed
184 185 186 187 188 189 190 191 192 193 194 195 196
    #
    # Only project leaders get to add someone as group root.
    # 
    TBProjLeader($pid, $projleader);
    if (strcmp($auth_usr, $projleader) == 0) {
	    $isleader = 1;
    }
    else {
	    $isleader = 0;
    }

    $userinfo_result =
	DBQueryFatal("SELECT * from users where uid='$newuid'");
197 198 199 200 201 202 203 204 205 206 207 208 209 210

    $row	= mysql_fetch_array($userinfo_result);
    $name	= $row[usr_name];
    $email	= $row[usr_email];
    $title	= $row[usr_title];
    $affil	= $row[usr_affil];
    $addr	= $row[usr_addr];
    $addr2	= $row[usr_addr2];
    $city	= $row[usr_city];
    $state	= $row[usr_state];
    $zip	= $row[usr_zip];
    $phone	= $row[usr_phone];

    echo "<tr>
211
              <td colspan=10> </td>
212 213 214 215
          </tr>
          <tr>
              <td rowspan=2>$newuid</td>
              <td rowspan=2>$pid</td>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
216
              <td rowspan=2>$gid</td>
217
              <td rowspan=2>$date_applied</td>
218
              <td rowspan=2>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
219
                  <select name=\"$newuid\$\$approval-$pid/$gid\">
220 221 222 223
                          <option value='postpone'>Postpone </option>
                          <option value='approve'>Approve </option>
                          <option value='deny'>Deny </option>
                          <option value='nuke'>Nuke </option>
224 225 226
                  </select>
              </td>
              <td rowspan=2>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
227
                  <select name=\"$newuid\$\$trust-$pid/$gid\">
228 229
                          <option value='user'>User </option>
                          <option value='local_root'>Local Root </option>\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
230
    if ($isleader) {
231
	    echo "        <option value='group_root'>Group Root </option>\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
232 233
    }
    echo "        </select>
234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250
              </td>\n";

    echo "    <td>&nbsp;$name&nbsp;</td>
              <td>&nbsp;$title&nbsp;</td>
              <td>&nbsp;$affil&nbsp;</td>
              <td>&nbsp;$email&nbsp;</td>
              <td>&nbsp;$phone&nbsp;</td>
          </tr>\n";
    echo "<tr>
              <td>&nbsp;$addr&nbsp;</td>
              <td>&nbsp;$addr2&nbsp;</td>
              <td>&nbsp;$city&nbsp;</td>
              <td>&nbsp;$state&nbsp;</td>
              <td>&nbsp;$zip&nbsp;</td>
          </tr>\n";
}
echo "<tr>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
251
          <td align=center colspan=11>
252 253 254
              <b><input type='submit' value='Submit' name='OK'></td>
      </tr>
      </form>
255 256 257 258 259 260
      </table>\n";

#
# Standard Testbed Footer
# 
PAGEFOOTER();
261
?>