approveuser_form.php3 7.97 KB
Newer Older
1
<?php
Leigh B. Stoller's avatar
Leigh B. Stoller committed
2 3 4 5 6
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# All rights reserved.
#
7 8
include("defs.php3");

9 10 11 12 13
#
# Standard Testbed Header
#
PAGEHEADER("New Users Approval Form");

14 15 16
#
# Only known and logged in users can be verified.
#
17
$auth_usr = GETLOGIN();
18 19 20
LOGGEDINORDIE($auth_usr);

echo "
Leigh B. Stoller's avatar
Leigh B. Stoller committed
21 22 23
      <h2>Approve new users in your Project or Group</h2>
      Use this page to approve new members of your Project or Group.  Once
      approved, they will be able to log into machines in your Project's 
24
      experiments. Be sure to toggle the menu options appropriately for
25
      each pending user.
26 27 28 29 30 31 32 33 34 35 36

      <p>
      <table cellspacing=2 border=0>
        <tr>
            <td colspan=4>
                <h4>You have the following choices for <b>Action</b>:</td>
        <tr>
        <tr>
            <td>&nbsp</td>
            <td>Postpone</td>
            <td>-</td>
Jay Lepreau's avatar
nit  
Jay Lepreau committed
37
            <td>Do nothing; application remains, pending a decision.</td>
38 39 40 41 42
        </tr>
        <tr>
            <td>&nbsp</td>
            <td>Deny</td>
            <td>-</td>
Jay Lepreau's avatar
Jay Lepreau committed
43
            <td>Deny user application and so notify the user.</td>
44 45 46 47 48
        </tr>
        <tr>
            <td>&nbsp</td>
            <td>Nuke</td>
            <td>-</td>
Jay Lepreau's avatar
Jay Lepreau committed
49 50
            <td>Nuke user application.  Kills user account, without
		notice to user.  Useful for
51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74
                bogus project applications.</td>
        </tr>
        <tr>
            <td>&nbsp</td>
            <td>Approve</td>
            <td>-</td>
            <td>Approve the user</td>
        </tr>
      </table>
      </center>
      <p>
      <table cellspacing=2 border=0>
        <tr>
            <td colspan=4>
                <h4>You have the following choices for <b>Trust</b>:</td>
        <tr>
        <tr>
            <td>&nbsp</td>
            <td>User</td>
            <td>-</td>
            <td>User may log into machines in your experiments</td>
        </tr>
        <tr>
            <td>&nbsp</td>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
75
            <td>Local Root</td>
76 77
            <td>-</td>
            <td>User may create/destroy experiments in your project and
Jay Lepreau's avatar
Jay Lepreau committed
78
                has root privileges on machines in your experiments</td>
79
        </tr>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
80 81 82 83 84 85 86 87 88 89
        <tr>
            <td>&nbsp</td>
            <td>Group Root</td>
            <td>-</td>
            <td>In addition to Local Root privileges, user may also
                approve new group members and 
                modify user info for other users within the group. This
                level of trust is typically given only to TAs and the
                like.</td>
        </tr>
90
      </table>
91 92 93 94 95 96 97 98 99

      <center>
      <b>Important group
       <a href='docwrapper.php3?docname=groups.html#SECURITY'>
       security issues</a> are discussed in the
       <a href='docwrapper.php3?docname=groups.html'>Groups Tutorial</a>
      </b>
      </center><br>

100
      \n";
101 102

#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
103 104 105
# Find all of the groups that this person has project/group root in, and 
# then in all of those groups, all of the people who are awaiting to be
# approved (status = none).
106
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
107
# First off, just determine if this person has group/project root anywhere.
108
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
109 110 111
$query_result =
    DBQueryFatal("SELECT pid FROM group_membership WHERE uid='$auth_usr' ".
		 "and (trust='group_root' or trust='project_root')");
112
if (mysql_num_rows($query_result) == 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
113
    USERERROR("You do not have Root permissions in any Project or Group.", 1);
114 115 116 117
}

#
# Okay, so this operation sucks out the right people by joining the
Leigh B. Stoller's avatar
Leigh B. Stoller committed
118
# group_membership table with itself. Kinda obtuse if you are not a natural
119 120
# DB guy. Sorry. Well, obtuse to me.
# 
Leigh B. Stoller's avatar
Leigh B. Stoller committed
121 122 123 124 125
$query_result =
    DBQueryFatal("SELECT g.* FROM group_membership as g ".
		 "LEFT JOIN group_membership as authed ".
		 "ON g.pid=authed.pid and g.gid=authed.gid and ".
		 "   g.uid!='$auth_usr' and g.trust='none' ".
126
		 "left join users as u on u.uid=g.uid ".
127 128
		 "WHERE u.status!='" . TBDB_USERSTATUS_UNVERIFIED . "' and ".
		 "u.status!='" . TBDB_USERSTATUS_NEWUSER . "' and ".
129
		 "      authed.uid='$auth_usr' and ".
Leigh B. Stoller's avatar
Leigh B. Stoller committed
130
		 "      (authed.trust='group_root' or ".
131 132
		 "       authed.trust='project_root') ".
		 "ORDER BY g.uid,g.pid,g.gid");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
133

134 135 136 137 138 139 140 141 142
if (mysql_num_rows($query_result) == 0) {
    USERERROR("You have no new project members who need approval.", 1);
}

#
# Now build a table with a bunch of selections. The thing to note about the
# form inside this table is that the selection fields are constructed with
# name= on the fly, from the uid of the user to be approved. In other words:
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
143 144 145
#             uid     menu     project/group
#	name=stoller$$approval-testbed/testbed value=approved,denied,postpone
#	name=stoller$$trust-testbed/testbed value=user,local_root
146 147
#
# so that we can go through the entire list of post variables, looking
148
# for these. The alternative is to work backwards, and I do not like that.
149
# 
150 151
echo "<table width=\"100%\" border=2 cellpadding=2 cellspacing=2
       align=\"center\">\n";
152 153 154 155

echo "<tr>
          <td rowspan=2>User</td>
          <td rowspan=2>Project</td>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
156
          <td rowspan=2>Group</td>
157
          <td rowspan=2>Date<br>Applied</td>
158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173
          <td rowspan=2>Action</td>
          <td rowspan=2>Trust</td>
          <td>Name</td>
          <td>Title</td>
          <td>Affil</td>
          <td>E-mail</td>
          <td>Phone</td>
      </tr>
      <tr>
          <td>Addr</td>
          <td>Addr2</td>
          <td>City</td>
          <td>State</td>
          <td>Zip</td>
      </tr>\n";

174
echo "<form action='approveuser.php3' method='post'>\n";
175 176

while ($usersrow = mysql_fetch_array($query_result)) {
177 178
    $newuid        = $usersrow[uid];
    $pid           = $usersrow[pid];
Leigh B. Stoller's avatar
Leigh B. Stoller committed
179
    $gid           = $usersrow[gid];
180 181 182 183 184 185 186 187
    $date_applied  = $usersrow[date_applied];

    #
    # Cause this field was added late and might be null.
    # 
    if (! $date_applied) {
	$date_applied = "--";
    }
188

Leigh B. Stoller's avatar
Leigh B. Stoller committed
189 190 191 192 193 194 195 196 197 198 199 200 201
    #
    # Only project leaders get to add someone as group root.
    # 
    TBProjLeader($pid, $projleader);
    if (strcmp($auth_usr, $projleader) == 0) {
	    $isleader = 1;
    }
    else {
	    $isleader = 0;
    }

    $userinfo_result =
	DBQueryFatal("SELECT * from users where uid='$newuid'");
202 203 204 205 206 207 208 209 210 211 212 213 214 215

    $row	= mysql_fetch_array($userinfo_result);
    $name	= $row[usr_name];
    $email	= $row[usr_email];
    $title	= $row[usr_title];
    $affil	= $row[usr_affil];
    $addr	= $row[usr_addr];
    $addr2	= $row[usr_addr2];
    $city	= $row[usr_city];
    $state	= $row[usr_state];
    $zip	= $row[usr_zip];
    $phone	= $row[usr_phone];

    echo "<tr>
216
              <td colspan=10> </td>
217 218 219 220
          </tr>
          <tr>
              <td rowspan=2>$newuid</td>
              <td rowspan=2>$pid</td>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
221
              <td rowspan=2>$gid</td>
222
              <td rowspan=2>$date_applied</td>
223
              <td rowspan=2>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
224
                  <select name=\"$newuid\$\$approval-$pid/$gid\">
225 226 227 228
                          <option value='postpone'>Postpone </option>
                          <option value='approve'>Approve </option>
                          <option value='deny'>Deny </option>
                          <option value='nuke'>Nuke </option>
229 230 231
                  </select>
              </td>
              <td rowspan=2>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
232
                  <select name=\"$newuid\$\$trust-$pid/$gid\">
233 234
                          <option value='user'>User </option>
                          <option value='local_root'>Local Root </option>\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
235
    if ($isleader) {
236
	    echo "        <option value='group_root'>Group Root </option>\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
237 238
    }
    echo "        </select>
239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255
              </td>\n";

    echo "    <td>&nbsp;$name&nbsp;</td>
              <td>&nbsp;$title&nbsp;</td>
              <td>&nbsp;$affil&nbsp;</td>
              <td>&nbsp;$email&nbsp;</td>
              <td>&nbsp;$phone&nbsp;</td>
          </tr>\n";
    echo "<tr>
              <td>&nbsp;$addr&nbsp;</td>
              <td>&nbsp;$addr2&nbsp;</td>
              <td>&nbsp;$city&nbsp;</td>
              <td>&nbsp;$state&nbsp;</td>
              <td>&nbsp;$zip&nbsp;</td>
          </tr>\n";
}
echo "<tr>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
256
          <td align=center colspan=11>
257 258 259
              <b><input type='submit' value='Submit' name='OK'></td>
      </tr>
      </form>
260 261 262 263 264 265
      </table>\n";

#
# Standard Testbed Footer
# 
PAGEFOOTER();
266
?>