Skip to content

GitLab

Commit 24a4e884 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Add delete user page.

parent 49cb9931
Hide whitespace changes
Inline Side-by-side
www/deleteuser.php3 0 → 100644
View file @ 24a4e884
<?php
include("defs.php3");
#
# Standard Testbed Header
#
PAGEHEADER("Delete User Account");
#
# Only known and logged in users allowed.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
#
# Verify arguments.
#
if (!isset($target_uid) ||
strcmp($target_uid, "") == 0) {
USERERROR("You must provide a User ID.", 1);
}
$isadmin = ISADMIN($uid);
#
# Confirm a real user
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT uid FROM users where uid='$target_uid'");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error getting user $target_uid: $err\n", 1);
}
if (mysql_num_rows($query_result) == 0) {
USERERROR("No such user '$target_uid'", 1);
}
#
# Check user. We will eventually allow project leaders to do this.
#
if (!$isadmin) {
USERERROR("You do not have permission to remove user '$target_uid'", 1);
}
#
# We run this twice. The first time we are checking for a confirmation
# by putting up a form. The next time through the confirmation will be
# set. Or, the user can hit the cancel button, in which case we should
# probably redirect the browser back up a level.
#
if ($canceled) {
echo "<center><h2><br>
User Removal Canceled!
</h2></center>\n";
PAGEFOOTER();
return;
}
if (!$confirmed) {
echo "<center><h2><br>
Are you <b>REALLY</b> sure you want to remove User '$target_uid?'
</h2>\n";
echo "<form action=\"deleteuser.php3\" method=\"post\">";
echo "<input type=hidden name=target_uid value=\"$target_uid\">\n";
echo "<b><input type=submit name=confirmed value=Confirm></b>\n";
echo "<b><input type=submit name=canceled value=Cancel></b>\n";
echo "</form>\n";
echo "</center>\n";
PAGEFOOTER();
return;
}
if (!$confirmed_twice) {
echo "<center><h2><br>
Okay, lets be sure.<br>
Are you <b>REALLY REALLY</b> sure you want to remove
User '$target_uid?'
</h2>\n";
echo "<form action=\"deleteuser.php3\" method=\"post\">";
echo "<input type=hidden name=target_uid value=\"$target_uid\">\n";
echo "<input type=hidden name=confirmed value=Confirm>\n";
echo "<b><input type=submit name=confirmed_twice value=Confirm></b>\n";
echo "<b><input type=submit name=canceled value=Cancel></b>\n";
echo "</form>\n";
echo "</center>\n";
PAGEFOOTER();
return;
}
#
# The project membership table needs to be cleansed.
#
$query_result = mysql_db_query($TBDBNAME,
"delete FROM proj_memb where uid='$target_uid'");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error removing $target_uid from project ".
"membership table: $err\n", 1);
}
#
# Then the users table,
#
$query_result = mysql_db_query($TBDBNAME,
"delete FROM users where uid='$target_uid'");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error removing $target_uid from users table: ".
"$err\n", 1);
}
#
# Remove the user account from the control nodes.
#
SUEXEC($uid, "flux", "rmacct-ctrl_wrapper $target_uid", 0);
#
# Warm fuzzies.
#
echo "<center><h2>
User '$target_uid' has been removed with prejudice!
</h2></center>\n";
#
# Generate an email to the testbed list so we all know what happened.
#
$query_result = mysql_db_query($TBDBNAME,
"select usr_name,usr_email FROM users where uid='$uid'");
$row = mysql_fetch_row($query_result);
$uid_name = $row[0];
$uid_email = $row[1];
mail($TBMAIL_CONTROL,
"TESTBED: User $target_uid removed",
"User '$target_uid' has been removed by $uid ($uid_name).\n\n".
"Please remember to remove the backup directory in /users\n\n",
"From: $uid_name <$uid_email>\n".
"Errors-To: $TBMAIL_WWW");
#
# Standard Testbed Footer
#
PAGEFOOTER();
?>
www/index.php3
View file @ 24a4e884
......@@ -96,30 +96,32 @@ if (isset($uid)) {
New Project Approval</A><p>\n";
echo "<A href='nodecontrol_list.php3'>
Node Control</A><p>\n";
echo "<A href='showuser_list.php3'>
User List</A>\n";
echo "<hr>\n";
}
if ($trusted) {
# Only group leaders can do these options
echo "<A href='approveuser_form.php3'>
New User Approval</A>\n";
New User Approval</A><p>\n";
}
# Since a user can be a member of more than one project,
# display this option, and let the form decide if the user is
# allowed to do this.
echo "<p><A href='showproject_list.php3'>
echo "<A href='showproject_list.php3'>
Project Information</A><p>\n";
echo "<p><A href='beginexp_form.php3'>
Begin an Experiment</A>\n";
echo "<p><A href='endexp_list.php3'>
End an Experiment</A>\n";
echo "<p><A href='showexp_list.php3'>
Experiment Information</A>\n";
echo "<p><A href='modusr_form.php3'>
Update user information</A>\n";
echo "<p><A href='reserved.php3'>
Node Reservation Status</A>\n";
echo "<p><A href='http://www.cs.utah.edu/~danderse/dnard/status.html'>
Node Up/Down Status</A>\n";
echo "</p>\n";
echo "<A href='beginexp_form.php3'>
Begin an Experiment</A><p>\n";
echo "<A href='endexp_list.php3'>
End an Experiment</A><p>\n";
echo "<A href='showexp_list.php3'>
Experiment Information</A><p>\n";
echo "<A href='modusr_form.php3'>
Update user information</A><p>\n";
echo "<A href='reserved.php3'>
Node Reservation Status</A><p>\n";
echo "<A href='http://www.cs.utah.edu/~danderse/dnard/status.html'>
Node Up/Down Status</A><p>\n";
}
elseif ($status == "unapproved") {
USERERROR("Your account has not been approved yet. ".
......
www/showuser_list.php3 0 → 100644
View file @ 24a4e884
<?php
include("defs.php3");
#
# Standard Testbed Header
#
PAGEHEADER("Show User Information List");
#
#
# Only known and logged in users allowed.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
#
# Admin users can see all users, while normal users can only see
# users in their projects.
#
$isadmin = ISADMIN($uid);
#
# Get the project list.
#
if ($isadmin) {
$query_result = mysql_db_query($TBDBNAME,
"SELECT u.* FROM users as u order by u.uid");
}
else {
$query_result = mysql_db_query($TBDBNAME,
"select distinct u.* from users as u ".
"left join proj_memb as p1 on u.uid=p1.uid ".
"left join proj_memb as p2 on p1.pid=p2.pid ".
"where p2.uid='$uid' order by u.uid");
}
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error getting user list: $err\n", 1);
}
if (mysql_num_rows($query_result) == 0) {
if ($isadmin) {
USERERROR("There are no users!", 1);
}
else {
USERERROR("There are no users in any of your projects!", 1);
}
}
echo "<center><h3>
User List
</h3></center>\n";
echo "<table width=\"100%\" border=2 cellpadding=0 cellspacing=2
align='center'>\n";
echo "<tr>
<td>UID</td>
<td>Name</td>
<td>Projects</td>\n";
#
# Admin users get a "delete" option.
#
if ($isadmin) {
echo "<td align=center>Delete?</td>\n";
}
echo "</tr>\n";
while ($row = mysql_fetch_array($query_result)) {
$thisuid = $row[uid];
$name = $row[usr_name];
#
# Suck out a list of projects too.
#
$projmemb_result = mysql_db_query($TBDBNAME,
"SELECT pid FROM proj_memb where uid='$thisuid' order by pid");
echo "<tr>
<td><A href='showuser.php3?target_uid=$thisuid'>$thisuid</A></td>
<td>$name</td>\n";
if ($count = mysql_num_rows($projmemb_result)) {
echo "<td> ";
while ($projrow = mysql_fetch_array($projmemb_result)) {
$pid = $projrow[pid];
echo "<A href='showproject.php3?pid=$pid'>$pid</A>";
$count--;
if ($count)
echo ", ";
}
echo "</td>\n";
}
else {
echo "<td>--</td>\n";
}
if ($isadmin) {
echo "<td align=center><A href='deleteuser.php3?target_uid=$thisuid'>
<img alt=\"o\" src=\"redball.gif\"></A></td>\n";
}
echo "</tr>\n";
}
echo "</table>\n";
#
# Standard Testbed Footer
#
PAGEFOOTER();
?>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment