approveuser_form.php3 7.74 KB
Newer Older
1
<?php
Leigh B. Stoller's avatar
Leigh B. Stoller committed
2
#
3
# Copyright (c) 2000-2012 University of Utah and the Flux Group.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
23
#
24 25 26 27 28
include("defs.php3");

#
# Only known and logged in users can be verified.
#
29 30 31 32
$this_user   = CheckLoginOrDie();
$auth_usr    = $this_user->uid();
$auth_usridx = $this_user->uid_idx();

33 34 35 36 37
#
# The reason for this call is to make sure that globals are set properly.
#
$reqargs = RequiredPageArguments();

38 39 40 41 42 43 44 45 46 47
#
# Find all of the groups that this person has project/group root in, and 
# then in all of those groups, all of the people who are awaiting to be
# approved (status = none).
#
$approvelist = $this_user->ApprovalList(1);

if (count($approvelist) == 0) {
    USERERROR("You have no new project members who need approval.", 1);
}
48

49 50 51 52 53
#
# Standard Testbed Header
#
PAGEHEADER("New User Approval");

54
echo "
Leigh B. Stoller's avatar
Leigh B. Stoller committed
55
      <h2>Approve new users in your Project or Group</h2>
Chad Barb's avatar
 
Chad Barb committed
56
      <p>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
57 58
      Use this page to approve new members of your Project or Group.  Once
      approved, they will be able to log into machines in your Project's 
59
      experiments. Be sure to toggle the menu options appropriately for
60
      each pending user.
Chad Barb's avatar
 
Chad Barb committed
61
      </p>
62

Chad Barb's avatar
 
Chad Barb committed
63 64
      <center>
      <h4>You have the following choices for <b>Action</b>:</h4>
65 66
      <table cellspacing=2 border=0>
        <tr>
Chad Barb's avatar
 
Chad Barb committed
67
            <td><b>Postpone</b></td>
Jay Lepreau's avatar
nit  
Jay Lepreau committed
68
            <td>Do nothing; application remains, pending a decision.</td>
69 70
        </tr>
        <tr>
Chad Barb's avatar
 
Chad Barb committed
71
            <td><b>Deny</b></td>
Jay Lepreau's avatar
Jay Lepreau committed
72
            <td>Deny user application and so notify the user.</td>
73 74
        </tr>
        <tr>
Chad Barb's avatar
 
Chad Barb committed
75
            <td><b>Nuke</b></td>
Jay Lepreau's avatar
Jay Lepreau committed
76 77
            <td>Nuke user application.  Kills user account, without
		notice to user.  Useful for
78 79 80
                bogus project applications.</td>
        </tr>
        <tr>
Chad Barb's avatar
 
Chad Barb committed
81
            <td><b>Approve</b></td>
82 83 84
            <td>Approve the user</td>
        </tr>
      </table>
Chad Barb's avatar
 
Chad Barb committed
85 86 87
      <br />
      <h4>You have the following choices for <b>Trust</b>:</h4>
      <table cellspacing=2 cellpadding=4 border=0>
88
        <tr>
Chad Barb's avatar
 
Chad Barb committed
89
            <td><b>User</b></td>
90 91 92
            <td>User may log into machines in your experiments</td>
        </tr>
        <tr>
Chad Barb's avatar
 
Chad Barb committed
93
            <td><b>Local Root</b></td>
94
            <td>User may create/destroy experiments in your project and
Jay Lepreau's avatar
Jay Lepreau committed
95
                has root privileges on machines in your experiments</td>
96
        </tr>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
97
        <tr>
Chad Barb's avatar
 
Chad Barb committed
98
            <td><b>Group Root</b></td>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
99 100 101 102 103 104
            <td>In addition to Local Root privileges, user may also
                approve new group members and 
                modify user info for other users within the group. This
                level of trust is typically given only to TAs and the
                like.</td>
        </tr>
105
      </table>
Chad Barb's avatar
 
Chad Barb committed
106
      <br />
107
      <b>Important group
108
       <a href='$WIKIDOCURL/Groups#SECURITY'>
109
       security issues</a> are discussed in the
110
       <a href='$WIKIDOCURL/Groups'>Groups Tutorial</a>.
111
      </b>
Chad Barb's avatar
 
Chad Barb committed
112
      </center><br />
113

114
      \n";
115 116 117 118 119 120

#
# Now build a table with a bunch of selections. The thing to note about the
# form inside this table is that the selection fields are constructed with
# name= on the fly, from the uid of the user to be approved. In other words:
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
121 122 123
#             uid     menu     project/group
#	name=stoller$$approval-testbed/testbed value=approved,denied,postpone
#	name=stoller$$trust-testbed/testbed value=user,local_root
124 125
#
# so that we can go through the entire list of post variables, looking
126
# for these. The alternative is to work backwards, and I do not like that.
127
# 
128 129
echo "<table width=\"100%\" border=2 cellpadding=2 cellspacing=2
       align=\"center\">\n";
130 131

echo "<tr>
132 133 134 135 136 137 138 139 140 141 142
          <th rowspan=2>User</th>
          <th rowspan=2>Project</th>
          <th rowspan=2>Group</th>
          <th rowspan=2>Date<br>Applied</th>
          <th rowspan=2>Action</th>
          <th rowspan=2>Trust</th>
          <th>Name</th>
          <th>Title</th>
          <th>Affil</th>
          <th>E-mail</th>
          <th>Phone</th>
143 144
      </tr>
      <tr>
Chad Barb's avatar
 
Chad Barb committed
145
          <th colspan=5>Address</th>
146 147
      </tr>\n";

148
echo "<form action='approveuser.php3' method='post'>\n";
149

150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165
while (list ($uid_idx, $grouplist) = each ($approvelist)) {
  if (! ($user = User::Lookup($uid_idx))) {
    TBERROR("Could not lookup user $uid_idx", 1);
  }

  # Iterate over groups for this user.
  for ($i = 0; $i < count($grouplist); $i++) {
    $group        = $grouplist[$i];
    
    $newuid       = $user->uid();
    $gid          = $group->gid();
    $gid_idx      = $group->gid_idx();
    $pid          = $group->pid();
    $pid_idx      = $group->pid_idx();

    $group->MemberShipInfo($user, $trust, $date_applied, $date_approved);
166 167 168 169 170 171 172

    #
    # Cause this field was added late and might be null.
    # 
    if (! $date_applied) {
	$date_applied = "--";
    }
173

174 175 176 177 178 179 180 181 182 183 184
    $name	= CleanString($user->name());
    $email	= CleanString($user->email());
    $title	= CleanString($user->title());
    $affil	= CleanString($user->affil());
    $addr	= CleanString($user->addr());
    $addr2	= CleanString($user->addr2());
    $city	= CleanString($user->city());
    $state	= CleanString($user->state());
    $zip	= CleanString($user->zip());
    $country	= CleanString($user->country());
    $phone	= CleanString($user->phone());
185

Chad Barb's avatar
 
Chad Barb committed
186
     echo "<tr>
187 188
              <td rowspan=2>$newuid</td>
              <td rowspan=2>$pid</td>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
189
              <td rowspan=2>$gid</td>
190
              <td rowspan=2>$date_applied</td>
191
              <td rowspan=2>
192
                  <select name=\"U${uid_idx}\$\$approval-$pid/$gid\">
193 194 195 196
                          <option value='postpone'>Postpone </option>
                          <option value='approve'>Approve </option>
                          <option value='deny'>Deny </option>
                          <option value='nuke'>Nuke </option>
197 198 199
                  </select>
              </td>
              <td rowspan=2>
200
                  <select name=\"U${uid_idx}\$\$trust-$pid/$gid\">\n";
201 202
     
    if ($group->CheckTrustConsistency($user, TBDB_TRUSTSTRING_USER, 0)) {
Chad Barb's avatar
 
Chad Barb committed
203
	echo  "<option value='user'>User </option>\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
204
    }
205
    if ($group->CheckTrustConsistency($user, TBDB_TRUSTSTRING_LOCALROOT, 0)) {
Chad Barb's avatar
 
Chad Barb committed
206 207
	# local_root means any root is valid.
        echo  "<option value='local_root'>Local Root </option>\n";
208 209 210

	# Allowed to set to group root?
	if ($group->AccessCheck($this_user, $TB_PROJECT_BESTOWGROUPROOT)) {
Chad Barb's avatar
 
Chad Barb committed
211 212
	    echo  "<option value='group_root'>Group Root </option>\n";
	}
Chad Barb's avatar
 
Chad Barb committed
213
    }	
Leigh B. Stoller's avatar
Leigh B. Stoller committed
214
    echo "        </select>
215 216 217 218 219 220 221 222 223
              </td>\n";

    echo "    <td>&nbsp;$name&nbsp;</td>
              <td>&nbsp;$title&nbsp;</td>
              <td>&nbsp;$affil&nbsp;</td>
              <td>&nbsp;$email&nbsp;</td>
              <td>&nbsp;$phone&nbsp;</td>
          </tr>\n";
    echo "<tr>
Chad Barb's avatar
 
Chad Barb committed
224 225 226 227 228
              <td colspan=5>&nbsp;$addr&nbsp;";
    if (strcmp($addr2,"")) { 
	echo "&nbsp;$addr2&nbsp;"; 
    }
    echo "                  &nbsp;$city&nbsp;
229
                            &nbsp;$state&nbsp;
Chad Barb's avatar
 
Chad Barb committed
230 231
                            &nbsp;$zip&nbsp;
                            &nbsp;$country&nbsp;</td>
232
          </tr>\n";
233
  }
234 235
}
echo "<tr>
Leigh B. Stoller's avatar
Leigh B. Stoller committed
236
          <td align=center colspan=11>
237 238 239
              <b><input type='submit' value='Submit' name='OK'></td>
      </tr>
      </form>
240 241 242 243 244 245
      </table>\n";

#
# Standard Testbed Footer
# 
PAGEFOOTER();
246
?>