Commit 08770694 authored by Leigh B. Stoller's avatar Leigh B. Stoller

* No longer put the project leader into every subgroup. If the project

  leader wants to be in the subgroup, he has to do it via the editgroup
  page. This required minor changes in editgroup pages, since I was special
  casing the project leader to not allow removal/addition.

* Allow mere users to be the head of a group. This was previously not
  allowed, and is totally wrong since the entire group trust mechanism
  is based on giving subgroup members *more* privs then they have in
  the default (project) group.

* Change permission check in the showgroup page to allow non group members
  to look at the group if they have group_root or better in the default
  group. I noticed that once I took myself out of a group, I could no longer
  look at the group even though I had group_root in the project.

  Also change so that the edit/del menu does not appear unless the user
  has permission to do those things.

* Change consistency check when adding a group member. New test is simpler
  and makes sure that the user does not have root privs in the project and
  user privs in the subgroup. The reverse is of course okay, and the expected
  manner in which groups should be used.

* newgroup page now spits out a redirect to showgroup page, rather then
  printing the group info itself. Avoids duplication and gets rid of the
  form post from the history. Ditto for editgroup page.
parent e37adad3
...@@ -280,13 +280,13 @@ function TBProjAccessCheck($uid, $pid, $gid, $access_type) ...@@ -280,13 +280,13 @@ function TBProjAccessCheck($uid, $pid, $gid, $access_type)
} }
elseif ($access_type == $TB_PROJECT_MAKEGROUP || elseif ($access_type == $TB_PROJECT_MAKEGROUP ||
$access_type == $TB_PROJECT_DELGROUP) { $access_type == $TB_PROJECT_DELGROUP) {
$mintrust = $TBDB_TRUST_PROJROOT; $mintrust = $TBDB_TRUST_GROUPROOT;
} }
elseif ($access_type == $TB_PROJECT_LEADGROUP) { elseif ($access_type == $TB_PROJECT_LEADGROUP) {
# #
# Must be at least local root to lead a group. # Allow mere user (in default group) to lead a subgroup.
# #
$mintrust = $TBDB_TRUST_LOCALROOT; $mintrust = $TBDB_TRUST_USER;
} }
elseif ($access_type == $TB_PROJECT_MAKEOSID || elseif ($access_type == $TB_PROJECT_MAKEOSID ||
$access_type == $TB_PROJECT_MAKEIMAGEID || $access_type == $TB_PROJECT_MAKEIMAGEID ||
...@@ -304,6 +304,8 @@ function TBProjAccessCheck($uid, $pid, $gid, $access_type) ...@@ -304,6 +304,8 @@ function TBProjAccessCheck($uid, $pid, $gid, $access_type)
$mintrust = $TBDB_TRUST_PROJROOT; $mintrust = $TBDB_TRUST_PROJROOT;
} }
else { else {
# Editing a group requires privs in the project, not group!
$gid = $pid;
$mintrust = $TBDB_TRUST_GROUPROOT; $mintrust = $TBDB_TRUST_GROUPROOT;
} }
} }
......
...@@ -39,7 +39,7 @@ if (strcmp($gid, $pid) == 0) { ...@@ -39,7 +39,7 @@ if (strcmp($gid, $pid) == 0) {
# #
# Verify permission. # Verify permission.
# #
if (! TBProjAccessCheck($uid, $pid, 0, $TB_PROJECT_DELGROUP)) { if (! TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_DELGROUP)) {
USERERROR("You do not have permission to delete groups in project $pid!", USERERROR("You do not have permission to delete groups in project $pid!",
1); 1);
} }
......
...@@ -8,9 +8,9 @@ include("defs.php3"); ...@@ -8,9 +8,9 @@ include("defs.php3");
include("showstuff.php3"); include("showstuff.php3");
# #
# Standard Testbed Header # No testbed header since we spit out a redirect.
# #
PAGEHEADER("Edit Group Membership"); ignore_user_abort(1);
# #
# Only known and logged in users. # Only known and logged in users.
...@@ -18,8 +18,6 @@ PAGEHEADER("Edit Group Membership"); ...@@ -18,8 +18,6 @@ PAGEHEADER("Edit Group Membership");
$uid = GETLOGIN(); $uid = GETLOGIN();
LOGGEDINORDIE($uid); LOGGEDINORDIE($uid);
ignore_user_abort(1);
# #
# First off, sanity check page args. # First off, sanity check page args.
# #
...@@ -50,17 +48,14 @@ if (! TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_EDITGROUP)) { ...@@ -50,17 +48,14 @@ if (! TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_EDITGROUP)) {
# #
# Grab the current user list for the group. The group leader cannot be # Grab the current user list for the group. The group leader cannot be
# removed! Neither can the project leader. Do not include members that # removed! Do not include members that have not been approved to main
# have not been approved to main group either! This will force them to # group either! This will force them to go through the approval page first.
# go through the approval page first.
# #
$curmembers_result = $curmembers_result =
DBQueryFatal("select distinct m.uid from group_membership as m ". DBQueryFatal("select distinct m.uid from group_membership as m ".
"left join groups as g on g.pid=m.pid and g.gid=m.gid ". "left join groups as g on g.pid=m.pid and g.gid=m.gid ".
"left join projects as p on p.pid=m.pid ".
"where m.pid='$pid' and m.gid='$gid' and ". "where m.pid='$pid' and m.gid='$gid' and ".
" m.uid!=g.leader and m.uid!=p.head_uid ". " m.uid!=g.leader and m.trust!='none'");
" and m.trust!='none'");
# #
# Grab the user list from the project. These are the people who can be # Grab the user list from the project. These are the people who can be
...@@ -77,14 +72,18 @@ $nonmembers_result = ...@@ -77,14 +72,18 @@ $nonmembers_result =
function TBCheckTrustConsistency($user, $pid, $gid, $newtrust) function TBCheckTrustConsistency($user, $pid, $gid, $newtrust)
{ {
global $TBDB_TRUST_USER;
# #
# If changing default group trust level, then compare levels. # If changing default group trust level, then compare levels.
# A user may not have greater permission in the default group than # A user may not have root privs in the project and user privs
# in a subgroup. # in the group; make no sense to do that and can violate trust.
# #
if (strcmp($pid, $gid)) { if (strcmp($pid, $gid)) {
$projtrust = TBProjTrust($user, $pid); $projtrust = TBProjTrust($user, $pid);
if ($projtrust > TBTrustConvert($newtrust)) {
if (TBTrustConvert($newtrust) == $TBDB_TRUST_USER &&
$projtrust > $TBDB_TRUST_USER) {
USERERROR("User $user may not have a higher trust level in ". USERERROR("User $user may not have a higher trust level in ".
"the default group of $pid, than in subgroup $gid!", 1); "the default group of $pid, than in subgroup $gid!", 1);
} }
...@@ -275,13 +274,6 @@ if (!$defaultgroup && mysql_num_rows($nonmembers_result)) { ...@@ -275,13 +274,6 @@ if (!$defaultgroup && mysql_num_rows($nonmembers_result)) {
# #
TBGroupUnixInfo($pid, $pid, $unix_gid, $unix_name); TBGroupUnixInfo($pid, $pid, $unix_gid, $unix_name);
echo "<br>
Group '$gid' in project '$pid' is being updated!<br><br>
This will take a minute or two. <b>Please</b> do not click the Stop
button during this time. If you do not receive notification within
a reasonable amount of time, please contact $TBMAILADDR.\n";
flush();
# #
# Run the script. This will do the account stuff for all the people # Run the script. This will do the account stuff for all the people
# in the group. This is the same script that gets run when the group # in the group. This is the same script that gets run when the group
...@@ -289,25 +281,11 @@ flush(); ...@@ -289,25 +281,11 @@ flush();
# #
SUEXEC($uid, $unix_gid, "websetgroups -p $pid $modusers", 1); SUEXEC($uid, $unix_gid, "websetgroups -p $pid $modusers", 1);
echo "<br><br>
<b>Done!</b>
<br>\n";
#
# Show it again!
# #
SHOWGROUP($pid, $gid); # Spit out a redirect so that the history does not include a post
# in it. The back button skips over the post and to the form.
SHOWGROUPMEMBERS($pid, $gid);
#
# Back to ...
# #
echo "<br> header("Location: showgroup.php3?pid=$pid&gid=$gid");
<A href='showgroup.php3?pid=$pid&gid=$gid'>Back to Group page</a>\n";
# # No Testbed footer.
# Standard Testbed Footer
#
PAGEFOOTER();
?> ?>
...@@ -48,18 +48,16 @@ if (! TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_EDITGROUP)) { ...@@ -48,18 +48,16 @@ if (! TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_EDITGROUP)) {
# #
# Grab the user list for the group. Provide a button selection of people # Grab the user list for the group. Provide a button selection of people
# that can be removed. The group leader cannot be removed! Neither can # that can be removed. The group leader cannot be removed!
# the project leader. Do not include members that have not been approved # Do not include members that have not been approved
# to main group either! This will force them to go through the approval # to main group either! This will force them to go through the approval
# page first. # page first.
# #
$curmembers_result = $curmembers_result =
DBQueryFatal("select m.uid,m.trust from group_membership as m ". DBQueryFatal("select m.uid,m.trust from group_membership as m ".
"left join groups as g on g.pid=m.pid and g.gid=m.gid ". "left join groups as g on g.pid=m.pid and g.gid=m.gid ".
"left join projects as p on p.pid=m.pid ".
"where m.pid='$pid' and m.gid='$gid' and ". "where m.pid='$pid' and m.gid='$gid' and ".
" m.uid!=g.leader and m.uid!=p.head_uid ". " m.uid!=g.leader and m.trust!='none'");
" and m.trust!='none'");
# #
# Grab the user list from the project. These are the people who can be # Grab the user list from the project. These are the people who can be
......
...@@ -8,12 +8,8 @@ include("defs.php3"); ...@@ -8,12 +8,8 @@ include("defs.php3");
include("showstuff.php3"); include("showstuff.php3");
# #
# Standard Testbed Header # No header since we issue a redirect later.
# #
PAGEHEADER("Create a Project Group");
$mydebug = 0;
ignore_user_abort(1); ignore_user_abort(1);
# #
...@@ -73,14 +69,11 @@ if (! TBProjAccessCheck($uid, $group_pid, 0, $TB_PROJECT_MAKEGROUP)) { ...@@ -73,14 +69,11 @@ if (! TBProjAccessCheck($uid, $group_pid, 0, $TB_PROJECT_MAKEGROUP)) {
} }
# #
# Verify project and leader. That is, the leader choosen has to be a member # Verify project and leader. Any user can lead a group.
# of the default group for the project and must already possess a
# minimum level of trust since it would make no sense to make "user" a
# group leader.
# #
if (! TBProjAccessCheck($group_leader, $group_pid, 0, $TB_PROJECT_LEADGROUP)) { if (! TBProjAccessCheck($group_leader, $group_pid, 0, $TB_PROJECT_LEADGROUP)) {
USERERROR("$group_leader is not a trusted (local root or better) member ". USERERROR("$group_leader does not have enough permission to lead a group ".
"of the project $group_pid!", 1); "in project $group_pid!", 1);
} }
# #
...@@ -132,22 +125,9 @@ DBQueryFatal("insert into group_membership ". ...@@ -132,22 +125,9 @@ DBQueryFatal("insert into group_membership ".
" 'group_root', now(), now())"); " 'group_root', now(), now())");
# #
# Grab the project head uid for the project. If its different than the # Note, if the project leader wants to be in the subgroup, he/she has to
# the leader for the group, insert the project head also. This is polite. # add themself via the edit page.
# #
$query_result =
DBQueryFatal("select head_uid from projects where pid='$group_pid'");
if (($row = mysql_fetch_row($query_result)) == 0) {
DBFatal("Getting head_uid for project $group_pid.");
}
$head_uid = $row[0];
if (strcmp($head_uid, $group_leader)) {
DBQueryFatal("insert into group_membership ".
"(uid, pid, gid, trust, date_applied, date_approved) ".
"values ('$head_uid','$group_pid','$group_id', ".
" 'group_root', now(), now())");
}
# #
# Grab the unix GID for running scripts. # Grab the unix GID for running scripts.
...@@ -167,25 +147,13 @@ flush(); ...@@ -167,25 +147,13 @@ flush();
# is the same script that gets run when the group membership changes. # is the same script that gets run when the group membership changes.
# #
SUEXEC($uid, $unix_gid, "webmkgroup $group_pid $group_id", 1); SUEXEC($uid, $unix_gid, "webmkgroup $group_pid $group_id", 1);
SUEXEC($uid, $unix_gid, "websetgroups $head_uid $group_leader", 1); SUEXEC($uid, $unix_gid, "websetgroups $group_leader", 1);
echo "<br><br>
<b>Done!</b>
<br>\n";
# #
# Show it! # Spit out a redirect so that the history does not include a post
# # in it. The back button skips over the post and to the form.
SHOWGROUP($group_pid, $group_id);
#
# Back to ...
# #
echo "<br> header("Location: showgroup.php3?pid=$group_pid&gid=$group_id");
<A href='showproject.php3?pid=$group_pid'>Back to Project page</a>\n";
# # No Testbed footer.
# Standard Testbed Footer
#
PAGEFOOTER();
?> ?>
...@@ -51,15 +51,14 @@ if (mysql_num_rows($query_result) == 0) { ...@@ -51,15 +51,14 @@ if (mysql_num_rows($query_result) == 0) {
} }
# #
# Verify that this uid is a member of the project being displayed. # Verify permission to look at the group. This is a little different,
# # since the standard test would look for permission in just the group,
if (!$isadmin) { # but we also want to allow user from the project with appropriate
$query_result = # privs to look at the group.
DBQueryFatal("SELECT trust FROM group_membership ". #
"WHERE uid='$uid' and pid='$pid' and gid='$gid'"); if (! TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_READINFO) &&
if (mysql_num_rows($query_result) == 0) { ! TBMinTrust(TBGrpTrust($uid, $pid, $pid), $TBDB_TRUST_GROUPROOT)) {
USERERROR("You are not a member of Project $pid.", 1); USERERROR("You are not a member of group $gid in project $pid!", 1);
}
} }
# #
...@@ -70,23 +69,38 @@ if ($isadmin || TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_DELUSER)) { ...@@ -70,23 +69,38 @@ if ($isadmin || TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_DELUSER)) {
$prived = 1; $prived = 1;
} }
SUBPAGESTART();
SUBMENUSTART("Group Options");
WRITESUBMENUBUTTON("Edit this Group",
"editgroup_form.php3?pid=$pid&gid=$gid");
# #
# A delete option, but not for the default group! # This menu only makes sense for people with privs to use them.
# #
if (strcmp($gid, $pid)) { if (TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_EDITGROUP) ||
WRITESUBMENUBUTTON("Delete this Group", TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_DELGROUP)) {
"deletegroup.php3?pid=$pid&gid=$gid");
SUBPAGESTART();
SUBMENUSTART("Group Options");
if (TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_EDITGROUP)) {
WRITESUBMENUBUTTON("Edit this Group",
"editgroup_form.php3?pid=$pid&gid=$gid");
}
#
# A delete option, but not for the default group!
#
if (strcmp($gid, $pid) &&
TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_DELGROUP)) {
WRITESUBMENUBUTTON("Delete this Group",
"deletegroup.php3?pid=$pid&gid=$gid");
}
SUBMENUEND();
} }
SUBMENUEND();
SHOWGROUP($pid, $gid); SHOWGROUP($pid, $gid);
SHOWGROUPMEMBERS($pid, $gid, $prived); SHOWGROUPMEMBERS($pid, $gid, $prived);
SUBPAGEEND();
if (TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_EDITGROUP) ||
TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_DELGROUP)) {
SUBPAGEEND();
}
# #
# A list of Group experiments. # A list of Group experiments.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment