All new accounts created on Gitlab now require administrator approval. If you invite any collaborators, please let Flux staff know so they can approve the accounts.

  1. 25 Apr, 2003 3 commits
  2. 14 Apr, 2003 1 commit
  3. 11 Apr, 2003 3 commits
    • Mac Newbold's avatar
      s/admininstrator/administrator/gi · e9dc17ac
      Mac Newbold authored
      e9dc17ac
    • Chad Barb's avatar
      · a0248828
      Chad Barb authored
      Added site variables ('sitevars').
      These are stored in the sitevariables database table.
      Each one has a name, a description (NOT OPTIONAL!), a
      default value, and a current value.
      If the current value is NULL, the default value is used.
      
      Soon, a mechanism will be added to the install process to
      ensure all needed site variables exist before installing;
      more on that when it is committed.
      
       - Added 'editsitevars.php3' page, accessable to admins
         via the 'Edit Site Variables' menu option.
      
       - Added 'setsitevar' script,
         an interface for listing, viewing in detail, and setting
         site variables.
      
       - Web interface now uses 'web/nologins' and 'web/message'
         instead of one-off database tables.
      
      NOTE that setting a variable to the default value and
      setting a variable to a value which is string-identical
      are NOT the same thing.
      (This doesn't matter yet, but when we push default values out to
       remote sites as part of our install, it will.)
      a0248828
    • Mac Newbold's avatar
      Make a global ADMINMODE var, for use when you don't have a uid handy · ca0afe8a
      Mac Newbold authored
      to call ISADMIN(uid) with.
      ca0afe8a
  4. 13 Feb, 2003 1 commit
    • Leigh B. Stoller's avatar
      Move construction of defaults array up so that it can be used to · a84849f0
      Leigh B. Stoller authored
      determine if the user actually changed anything that requires a
      callout to the scripts, and to determine if email needs to be sent.
      Remove change password indicator since the audit list sees that anyway
      via new "tbacct passwd" command. Change BCC/CC on the email. The
      informative email goes to the user only now (audit list gets the
      script mail), but CC audit whenever the email address is changed.
      a84849f0
  5. 09 Dec, 2002 2 commits
  6. 15 Aug, 2002 1 commit
  7. 26 Jul, 2002 1 commit
  8. 07 Jul, 2002 1 commit
  9. 13 Jun, 2002 1 commit
  10. 12 Jun, 2002 1 commit
  11. 07 Jun, 2002 1 commit
  12. 04 Jun, 2002 1 commit
  13. 29 May, 2002 1 commit
    • Leigh B. Stoller's avatar
      A couple of small changes to prevent the "No Data" errors that · 86c0ffa5
      Leigh B. Stoller authored
      netscape gives when logged in using another browser. Most of the
      problems stems from the desire to allow users to refer to the main
      page in http mode even when logged in. I want to draw the menu as if
      logged in, but have the actual pages demand https mode. I'm also
      trying to catch the case where users have turned off cookies. I think
      Mac's idea is the way to go, but I don't want to mess with it right
      now. These changes will avoid the worst problem.
      86c0ffa5
  14. 22 May, 2002 1 commit
    • Leigh B. Stoller's avatar
      A large set of authorization changes. · d2360b6d
      Leigh B. Stoller authored
      * Cleanup! A lot of the structure derived from the early frame days,
        which had a noticable (and bad) effect on how I wrote the stuff.  I
        cleaned up most of that yuckyness.
      
      * In process, optimize a little bit on the queries. The old code did
        about 9 queries just to write out the menu options, and then
        repeated most of those queries again in the page guts. I've
        consolidated the queries as much as possible (to 3) and cache all
        the results.
      
      * Fix up problem with users who forget their passwords before
        verification. Basically, I fixed the more general problem of not
        being able to update your user info before verification/approval;
        users now get that menu option no matter their status.
      
      * Fix up problem of users being able to access pages before
        verification (but after approval) by going around the menu options.
        The page level check (after the menu is drawn) now checks all
        conditions (password expired, unverified, unapproved, timedout, and
        also nologins()).
      
      * Minor change in approveuser; do not show the new account to the
        project leader until the new user has verified his account.
      
      * Change verification method, as reqwuested by Dave.  In addition to
        providing the key, also provide a web link to take the user straight
        to verification. I actually take them direct to the login page, and
        pass the key in as an argument. If the user is already logged in,
        bypass and go directly to the verify page (not the form page of
        course).  If the user is not logged in, let him log in, and then
        forward the key onward to the verify page. Basically, bypass the
        form all the time, and just do the verification.
      
      * Minor change in showuser; Do not show pid/groups not approved in,
        and if the count is zero, do not draw the table headings.
      d2360b6d
  15. 14 Feb, 2002 1 commit
    • Leigh B. Stoller's avatar
      A morass of form changes. The main goals are to avoid the loss of info · 9ac3d870
      Leigh B. Stoller authored
      when backing up (cause of an error that needs to be fixed) since not
      all browsers handle this the same. Instead, redraw the form with all
      of the original info and a list of error messages at the top.
      Conceptually simple change, but it turns out to be a pain to implement
      since you need to combine the form and processing code in one page
      (well, its just a lot easier to do that), and then change all of the
      forms to deal with a "default" value. That is, each different kind of
      input tag (text, radio, select, checkbox, etc.) requires slightly
      different changes to do that. Lots of forms, lots of entries on the
      forms, and its a long slow tedious process. Much nicer though, although
      the code is a bit harder to grok. At the same time, I added a lot more
      sanity checks of the information being passed in.
      
      The other change is to deal with how browsers handle the back button
      on a form thats been properly submitted. Not all browsers use
      the cache directives the same, and I was often typing back, only to
      have some form get reposted. Thats a major pain in the butt. The way
      to deal with that is to have the processor send out a Location header,
      which modifies the browser history so that the post is no longer in
      the history. You back up straight to the unposted form (if its in the
      cache). I've done this to only some forms, since its a bit of a pain
      to rework things so that you can jump ahead to a page that spits out
      the requisite warm fuzzies for the specific operation just completed.
      
      I've done newproject, joinproject, update user info, newimageid, and
      newimaged_dz forms.
      9ac3d870
  16. 08 Feb, 2002 1 commit
  17. 05 Dec, 2001 1 commit
    • Leigh B. Stoller's avatar
      More inventive ways to avoid real work; add password expiration · 3e2bb386
      Leigh B. Stoller authored
      capability. New DB field in the users table (pswd_expires) which is a
      date field that initially gets set to one year after the user account
      is created. When the password is changed via the web form, it gets
      bumped 1 more year into the future *unless* the current uid is
      different from the target_uid (ie: you are changing a password for
      someone else). In that case, the expiration is set to the current
      date, which forces the target user to change his password next time he
      logs in. I've changed the menu/auth code to look for password
      expiration, and when expired the menu options contain just a single
      option to change the password. All other https pages will fail with a
      password expired message. Normal text pages will work of course.
      3e2bb386
  18. 01 Oct, 2001 1 commit
  19. 15 May, 2001 1 commit
  20. 03 May, 2001 1 commit
    • Leigh B. Stoller's avatar
      A slew of changes for new images/os_info tables. disk_images is gone, · 23a230e8
      Leigh B. Stoller authored
      replaced by the "images" table. New os_info table is added. New web
      pages to add and delete OSIDs to/from the os_info table, for use in
      the NS file. tb-create-os is gone. handle_os no longer operates on the
      tbcmds file, and no longer writes anything into the ir file. Moved the
      setting up of os state (nodes table) from os_setup to handle_os, where
      it should be. os_load and sched_reload now take a single argument, the
      name of the imageid from the images table.
      23a230e8
  21. 02 May, 2001 1 commit
  22. 18 Apr, 2001 1 commit
  23. 08 Dec, 2000 1 commit
  24. 01 Nov, 2000 2 commits