Commit 250f9c20 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Major reorg of deleteuser page. Dump the old rmacct-ctrl (finally!)

and replace with script to delete a user, either from a single project
or from the entire testbed. All of the DB stuff is done in the script;
the web interface no longer does anything but error checks. This is
because removing a user requires some finess in when things are
removed, and if there are any failures I wanted to make sure that the
script could be rerun on a user, without barfing.

Add lots of error checks to make sure not deleting a user who is
"important" (project head, group head, experiment head, etc).

Add "request" mode. If a project leader deletes a user from his
project, and the user has no more project memberships, show a click
button to send us email requesting the user be deleted from the
testbed.

Bottom line, project leaders can now delete users from their project,
but must ask us to delete the account from the testbed.
parent 81f3778d
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# All rights reserved.
#
include("defs.php3");
......@@ -24,30 +24,153 @@ if (!isset($target_uid) ||
strcmp($target_uid, "") == 0) {
USERERROR("You must provide a User ID.", 1);
}
if (isset($target_pid) &&
strcmp($target_pid, "") == 0) {
USERERROR("You must provide a valid project ID.", 1);
}
$isadmin = ISADMIN($uid);
#
# Confirm a real user
#
$query_result =
DBQueryFatal("SELECT status FROM users where uid='$target_uid'");
if (mysql_num_rows($query_result) == 0) {
# Confirm target is a real user.
#
if (! TBCurrentUser($target_uid)) {
USERERROR("No such user '$target_uid'", 1);
}
#
# Check user. We will eventually allow project leaders to do this.
# Requesting? Fire off email and we are done.
#
if (isset($request) && $request) {
TBUserInfo($uid, $uid_name, $uid_email);
TBMAIL($TBMAIL_OPS,
"Delete User Request: '$target_uid'",
"$uid is requesting that user account '$target_uid' be deleted\n".
"from the testbed since $uid is no longer a member of any ".
"projects.\n",
"From: $uid_name '$uid' <$uid_email>\n".
"Errors-To: $TBMAIL_WWW");
echo "A request to remove user '$target_uid' has been sent to Testbed
Operations. If you do not hear back within a reasonable amount
of time, please contact $TBMAILADDR.\n";
#
# Standard Testbed Footer
#
PAGEFOOTER();
return;
}
#
# Confirm optional pid is a real pid.
#
if (isset($target_pid) && !TBValidProject($target_pid)) {
USERERROR("No such project '$target_pid'", 1);
}
#
# Check user. Proj leaders can remove users from their project, but thats
# all we allow. Deleting user accounts is left to admin people only.
#
if (!$isadmin) {
USERERROR("You do not have permission to remove user '$target_uid'", 1);
if (! isset($target_pid) ||
! TBProjAccessCheck($uid, $target_pid, 0, $TB_PROJECT_DELUSER)) {
USERERROR("You do not have permission to remove user '$target_uid'",
1);
}
}
#
# Must not be the head of the project being removed from, or any projects
# if being completely removed.
#
if (isset($target_pid)) {
TBProjLeader($target_pid, $leader_uid);
if (! strcmp($target_uid, $leader_uid)) {
USERERROR("$target_uid is the leader of project $target_pid!", 1);
}
}
else {
$query_result =
DBQueryFatal("select pid from projects where head_uid='$target_uid'");
if (mysql_num_rows($query_result)) {
USERERROR("$target_uid is still heading up projects!", 1);
}
}
#
# We run this twice. The first time we are checking for a confirmation
# by putting up a form. The next time through the confirmation will be
# set. Or, the user can hit the cancel button, in which case we should
# probably redirect the browser back up a level.
# Must not be the head of any groups in the project, or any groups if
# being deleted from the testbed.
#
if (isset($target_pid)) {
$query_result =
DBQueryFatal("select pid,gid from groups ".
"where leader='$target_uid' and pid='$target_pid'");
if (mysql_num_rows($query_result)) {
USERERROR("$target_uid is still leading groups in ".
"project '$target_pid'", 1);
}
}
else {
$query_result =
DBQueryFatal("select pid,gid from groups where leader='$target_uid'");
if (mysql_num_rows($query_result)) {
USERERROR("$target_uid is still heading up groups!", 1);
}
}
#
# User must not be heading up any experiments at all. If deleting from
# just a specific project, must not be heading up experiments in that
# project.
#
$query_result =
DBQueryFatal("SELECT * FROM experiments ".
"where expt_head_uid='$target_uid' ".
(isset($target_pid) ? "and pid='$target_pid'" : ""));
if (mysql_num_rows($query_result)) {
echo "<center><h3>
User '$target_uid' is heading up the following experiments ".
(isset($target_pid) ? "in project '$target_pid' " : "") .
":</h3></center>\n";
echo "<table align=center border=1 cellpadding=2 cellspacing=2>\n";
echo "<tr>
<th align=center>PID</td>
<th align=center>EID</td>
<th align=center>State</td>
<th align=center>Description</td>
</tr>\n";
while ($projrow = mysql_fetch_array($query_result)) {
$pid = $projrow[pid];
$eid = $projrow[eid];
$state= $projrow[state];
$name = stripslashes($projrow[expt_name]);
if ($projrow[swap_requests] > 0) {
$state .= "&nbsp;(idle)";
}
echo "<tr>
<td><A href='showproject.php3?pid=$pid'>$pid</A></td>
<td><A href='showexp.php3?pid=$pid&eid=$eid'>$eid</A></td>
<td>$state</td>
<td>$name</td>
</tr>\n";
}
echo "</table>\n";
USERERROR("They must be terminated before you can remove the user!", 1);
}
#
# We do a double confirmation, running this script multiple times.
#
if ($canceled) {
echo "<center><h2><br>
......@@ -59,12 +182,22 @@ if ($canceled) {
}
if (!$confirmed) {
echo "<center><h2><br>
Are you <b>REALLY</b> sure you want to remove User '$target_uid?'
</h2>\n";
echo "<center><br>\n";
if (isset($target_pid)) {
echo "Are you <b>REALLY</b> sure you want to remove user
'$target_uid' from project '$target_pid?'\n";
}
else {
echo "Are you <b>REALLY</b> sure you want to delete user
'$target_uid' from the testbed?\n";
}
echo "<form action=\"deleteuser.php3\" method=\"post\">";
echo "<form action=deleteuser.php3 method=post>";
echo "<input type=hidden name=target_uid value=\"$target_uid\">\n";
if (isset($target_pid)) {
echo "<input type=hidden name=target_pid value=\"$target_pid\">\n";
}
echo "<b><input type=submit name=confirmed value=Confirm></b>\n";
echo "<b><input type=submit name=canceled value=Cancel></b>\n";
echo "</form>\n";
......@@ -75,14 +208,23 @@ if (!$confirmed) {
}
if (!$confirmed_twice) {
echo "<center><h2><br>
Okay, lets be sure.<br>
Are you <b>REALLY REALLY</b> sure you want to remove
User '$target_uid?'
</h2>\n";
echo "<center><br>
Okay, lets be sure.<br>\n";
if (isset($target_pid)) {
echo "Are you <b>REALLY REALLY</b> sure you want to remove user
'$target_uid' from project '$target_pid?'\n";
}
else {
echo "Are you <b>REALLY REALLY</b> sure you want to delete user
'$target_uid' from the testbed?\n";
}
echo "<form action=\"deleteuser.php3\" method=\"post\">";
echo "<form action=deleteuser.php3 method=post>";
echo "<input type=hidden name=target_uid value=\"$target_uid\">\n";
if (isset($target_pid)) {
echo "<input type=hidden name=target_pid value=\"$target_pid\">\n";
}
echo "<input type=hidden name=confirmed value=Confirm>\n";
echo "<b><input type=submit name=confirmed_twice value=Confirm></b>\n";
echo "<b><input type=submit name=canceled value=Cancel></b>\n";
......@@ -93,63 +235,55 @@ if (!$confirmed_twice) {
return;
}
#
# Set the status to frozen. This prevents possible race conditions.
#
DBQueryFatal("update users set status='" . TBDB_USERSTATUS_FROZEN . "'" .
"where uid='$target_uid'");
#
# Remove the user account before killing the user entry. The side
# effect is to also set the update_accounts flag for of the nodes the
# user had access to.
#
SUEXEC($uid, $TBADMINGROUP, "rmacct-ctrl $target_uid", 0);
#
# Now it is okay to clean the group membership table.
#
$query_result =
DBQueryFatal("delete FROM group_membership where uid='$target_uid'");
#
# Then the users table,
#
$query_result =
DBQueryFatal("delete FROM users where uid='$target_uid'");
#
# Then the pubkey tables.
#
$query_result =
DBQueryFatal("delete FROM user_pubkeys where uid='$target_uid'");
$query_result =
DBQueryFatal("delete FROM user_sfskeys where uid='$target_uid'");
echo "<br>
User '$target_uid' is being removed" .
(isset($target_pid) ? " from project '$target_pid' " : "") .
"!<br><br>
This will take a minute or two. <b>Please</b> do not click the Stop
button during this time. If you do not receive notification within
a reasonable amount of time, please contact $TBMAILADDR.\n";
flush();
#
# Must do widearea_accounts too!
# All the real work is done in the script.
#
$query_result =
DBQueryFatal("delete FROM widearea_accounts where uid='$target_uid'");
SUEXEC($uid, $TBADMINGROUP,
"webrmuser " . (isset($target_pid) ? "-p $target_pid " : " ") .
"$target_uid",
1);
#
# Warm fuzzies.
#
echo "<center><h2>
User '$target_uid' has been removed with prejudice!
</h2></center>\n";
echo "<br><br><b>Done</b><br><br>\n";
#
# Generate an email to the testbed list so we all know what happened.
# If a user was removed from a project, and that user no longer has
# any project membership, ask if they want the user deleted. Admin
# people can act on it immediately of couse, but mere users, even
# project leaders, must send us a request for it.
#
TBUserInfo($uid, $uid_name, $uid_email);
if (isset($target_pid)) {
$query_result =
DBQueryFatal("select pid,gid from group_membership ".
"where uid='$target_uid' and pid=gid");
TBMAIL($TBMAIL_OPS,
"User $target_uid removed",
"User '$target_uid' has been removed by $uid ($uid_name).\n\n".
"Please remember to remove the directory in /users if appropriate\n\n",
"From: $uid_name <$uid_email>\n".
"Errors-To: $TBMAIL_WWW");
if (! mysql_num_rows($query_result)) {
echo "<b>User '$target_uid' is no longer a member of any projects.\n";
if ($isadmin) {
echo "Do you want to
<A href='deleteuser.php3?target_uid=$target_uid'>
delete this user from the testbed?</a>\n";
}
else {
echo "You can
<A href='deleteuser.php3?target_uid=$target_uid&request=1'>
request</a>
that we delete this user from the testbed?</a></b>\n";
}
}
}
#
# Standard Testbed Footer
......
......@@ -287,7 +287,7 @@ flush();
# in the group. This is the same script that gets run when the group
# is first created.
#
SUEXEC($uid, $unix_gid, "websetgroups -a -p $pid $modusers", 1);
SUEXEC($uid, $unix_gid, "websetgroups -p $pid $modusers", 1);
echo "<br><br>
<b>Done!</b>
......@@ -301,20 +301,10 @@ SHOWGROUP($pid, $gid);
SHOWGROUPMEMBERS($pid, $gid);
#
# An edit option.
# Back to ...
#
echo "<br><center>
<A href='editgroup_form.php3?pid=$pid&gid=$gid'>Edit</a> this Group?
</center>\n";
#
# A delete option, but not for the default group!
#
if (! $defaultgroup) {
echo "<p>
<A href='deletegroup.php3?pid=$pid&gid=$gid'>Delete</a> this Group?
\n";
}
echo "<br>
<A href='showgroup.php3?pid=$pid&gid=$gid'>Back to Group page</a>\n";
#
# Standard Testbed Footer
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment