approveuser_form.php3 6.95 KB
Newer Older
1
<?php
Leigh B. Stoller's avatar
Leigh B. Stoller committed
2
3
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2003, 2006, 2007 University of Utah and the Flux Group.
Leigh B. Stoller's avatar
Leigh B. Stoller committed
5
6
# All rights reserved.
#
7
8
include("defs.php3");

9
10
11
#
# Standard Testbed Header
#
12
PAGEHEADER("New User Approval");
13

14
15
16
#
# Only known and logged in users can be verified.
#
17
18
19
20
$this_user   = CheckLoginOrDie();
$auth_usr    = $this_user->uid();
$auth_usridx = $this_user->uid_idx();

21
22
23
24
25
#
# The reason for this call is to make sure that globals are set properly.
#
$reqargs = RequiredPageArguments();

26
27
28
29
30
31
32
33
34
35
#
# Find all of the groups that this person has project/group root in, and 
# then in all of those groups, all of the people who are awaiting to be
# approved (status = none).
#
$approvelist = $this_user->ApprovalList(1);

if (count($approvelist) == 0) {
    USERERROR("You have no new project members who need approval.", 1);
}
36
37

echo "
Leigh B. Stoller's avatar
Leigh B. Stoller committed
38
      <h2>Approve new users in your Project or Group</h2>
Chad Barb's avatar
   
Chad Barb committed
39
      <p>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
40
41
      Use this page to approve new members of your Project or Group.  Once
      approved, they will be able to log into machines in your Project's 
42
      experiments. Be sure to toggle the menu options appropriately for
43
      each pending user.
Chad Barb's avatar
   
Chad Barb committed
44
      </p>
45

Chad Barb's avatar
   
Chad Barb committed
46
47
      <center>
      <h4>You have the following choices for <b>Action</b>:</h4>
48
49
      <table cellspacing=2 border=0>
        <tr>
Chad Barb's avatar
   
Chad Barb committed
50
            <td><b>Postpone</b></td>
Jay Lepreau's avatar
nit    
Jay Lepreau committed
51
            <td>Do nothing; application remains, pending a decision.</td>
52
53
        </tr>
        <tr>
Chad Barb's avatar
   
Chad Barb committed
54
            <td><b>Deny</b></td>
Jay Lepreau's avatar
Jay Lepreau committed
55
            <td>Deny user application and so notify the user.</td>
56
57
        </tr>
        <tr>
Chad Barb's avatar
   
Chad Barb committed
58
            <td><b>Nuke</b></td>
Jay Lepreau's avatar
Jay Lepreau committed
59
60
            <td>Nuke user application.  Kills user account, without
		notice to user.  Useful for
61
62
63
                bogus project applications.</td>
        </tr>
        <tr>
Chad Barb's avatar
   
Chad Barb committed
64
            <td><b>Approve</b></td>
65
66
67
            <td>Approve the user</td>
        </tr>
      </table>
Chad Barb's avatar
   
Chad Barb committed
68
69
70
      <br />
      <h4>You have the following choices for <b>Trust</b>:</h4>
      <table cellspacing=2 cellpadding=4 border=0>
71
        <tr>
Chad Barb's avatar
   
Chad Barb committed
72
            <td><b>User</b></td>
73
74
75
            <td>User may log into machines in your experiments</td>
        </tr>
        <tr>
Chad Barb's avatar
   
Chad Barb committed
76
            <td><b>Local Root</b></td>
77
            <td>User may create/destroy experiments in your project and
Jay Lepreau's avatar
Jay Lepreau committed
78
                has root privileges on machines in your experiments</td>
79
        </tr>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
80
        <tr>
Chad Barb's avatar
   
Chad Barb committed
81
            <td><b>Group Root</b></td>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
82
83
84
85
86
87
            <td>In addition to Local Root privileges, user may also
                approve new group members and 
                modify user info for other users within the group. This
                level of trust is typically given only to TAs and the
                like.</td>
        </tr>
88
      </table>
Chad Barb's avatar
   
Chad Barb committed
89
      <br />
90
91
92
      <b>Important group
       <a href='docwrapper.php3?docname=groups.html#SECURITY'>
       security issues</a> are discussed in the
Chad Barb's avatar
   
Chad Barb committed
93
       <a href='docwrapper.php3?docname=groups.html'>Groups Tutorial</a>.
94
      </b>
Chad Barb's avatar
   
Chad Barb committed
95
      </center><br />
96

97
      \n";
98
99
100
101
102
103

#
# Now build a table with a bunch of selections. The thing to note about the
# form inside this table is that the selection fields are constructed with
# name= on the fly, from the uid of the user to be approved. In other words:
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
104
105
106
#             uid     menu     project/group
#	name=stoller$$approval-testbed/testbed value=approved,denied,postpone
#	name=stoller$$trust-testbed/testbed value=user,local_root
107
108
#
# so that we can go through the entire list of post variables, looking
109
# for these. The alternative is to work backwards, and I do not like that.
110
# 
111
112
echo "<table width=\"100%\" border=2 cellpadding=2 cellspacing=2
       align=\"center\">\n";
113
114

echo "<tr>
115
116
117
118
119
120
121
122
123
124
125
          <th rowspan=2>User</th>
          <th rowspan=2>Project</th>
          <th rowspan=2>Group</th>
          <th rowspan=2>Date<br>Applied</th>
          <th rowspan=2>Action</th>
          <th rowspan=2>Trust</th>
          <th>Name</th>
          <th>Title</th>
          <th>Affil</th>
          <th>E-mail</th>
          <th>Phone</th>
126
127
      </tr>
      <tr>
Chad Barb's avatar
   
Chad Barb committed
128
          <th colspan=5>Address</th>
129
130
      </tr>\n";

131
echo "<form action='approveuser.php3' method='post'>\n";
132

133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
while (list ($uid_idx, $grouplist) = each ($approvelist)) {
  if (! ($user = User::Lookup($uid_idx))) {
    TBERROR("Could not lookup user $uid_idx", 1);
  }

  # Iterate over groups for this user.
  for ($i = 0; $i < count($grouplist); $i++) {
    $group        = $grouplist[$i];
    
    $newuid       = $user->uid();
    $gid          = $group->gid();
    $gid_idx      = $group->gid_idx();
    $pid          = $group->pid();
    $pid_idx      = $group->pid_idx();

    $group->MemberShipInfo($user, $trust, $date_applied, $date_approved);
149
150
151
152
153
154
155

    #
    # Cause this field was added late and might be null.
    # 
    if (! $date_applied) {
	$date_applied = "--";
    }
156

157
158
159
160
161
162
163
164
165
166
167
    $name	= $user->name();
    $email	= $user->email();
    $title	= $user->title();
    $affil	= $user->affil();
    $addr	= $user->addr();
    $addr2	= $user->addr2();
    $city	= $user->city();
    $state	= $user->state();
    $zip	= $user->zip();
    $country	= $user->country();
    $phone	= $user->phone();
168

Chad Barb's avatar
   
Chad Barb committed
169
     echo "<tr>
170
171
              <td rowspan=2>$newuid</td>
              <td rowspan=2>$pid</td>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
172
              <td rowspan=2>$gid</td>
173
              <td rowspan=2>$date_applied</td>
174
              <td rowspan=2>
175
                  <select name=\"U${uid_idx}\$\$approval-$pid/$gid\">
176
177
178
179
                          <option value='postpone'>Postpone </option>
                          <option value='approve'>Approve </option>
                          <option value='deny'>Deny </option>
                          <option value='nuke'>Nuke </option>
180
181
182
                  </select>
              </td>
              <td rowspan=2>
183
                  <select name=\"U${uid_idx}\$\$trust-$pid/$gid\">\n";
184
185
     
    if ($group->CheckTrustConsistency($user, TBDB_TRUSTSTRING_USER, 0)) {
Chad Barb's avatar
   
Chad Barb committed
186
	echo  "<option value='user'>User </option>\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
187
    }
188
    if ($group->CheckTrustConsistency($user, TBDB_TRUSTSTRING_LOCALROOT, 0)) {
Chad Barb's avatar
   
Chad Barb committed
189
190
	# local_root means any root is valid.
        echo  "<option value='local_root'>Local Root </option>\n";
191
192
193

	# Allowed to set to group root?
	if ($group->AccessCheck($this_user, $TB_PROJECT_BESTOWGROUPROOT)) {
Chad Barb's avatar
   
Chad Barb committed
194
195
	    echo  "<option value='group_root'>Group Root </option>\n";
	}
Chad Barb's avatar
   
Chad Barb committed
196
    }	
Leigh B. Stoller's avatar
Leigh B. Stoller committed
197
    echo "        </select>
198
199
200
201
202
203
204
205
206
              </td>\n";

    echo "    <td>&nbsp;$name&nbsp;</td>
              <td>&nbsp;$title&nbsp;</td>
              <td>&nbsp;$affil&nbsp;</td>
              <td>&nbsp;$email&nbsp;</td>
              <td>&nbsp;$phone&nbsp;</td>
          </tr>\n";
    echo "<tr>
Chad Barb's avatar
   
Chad Barb committed
207
208
209
210
211
              <td colspan=5>&nbsp;$addr&nbsp;";
    if (strcmp($addr2,"")) { 
	echo "&nbsp;$addr2&nbsp;"; 
    }
    echo "                  &nbsp;$city&nbsp;
212
                            &nbsp;$state&nbsp;
Chad Barb's avatar
   
Chad Barb committed
213
214
                            &nbsp;$zip&nbsp;
                            &nbsp;$country&nbsp;</td>
215
          </tr>\n";
216
  }
217
218
}
echo "<tr>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
219
          <td align=center colspan=11>
220
221
222
              <b><input type='submit' value='Submit' name='OK'></td>
      </tr>
      </form>
223
224
225
226
227
228
      </table>\n";

#
# Standard Testbed Footer
# 
PAGEFOOTER();
229
?>