Approve new users in your Project or Group

Use this page to approve new members of your Project or Group. Once approved, they will be able to log into machines in your Project's experiments. Be sure to toggle the menu options appropriately for each pending user.

You have the following choices for Action:

Postpone	Do nothing; application remains, pending a decision.
Deny	Deny user application and so notify the user.
Nuke	Nuke user application. Kills user account, without notice to user. Useful for bogus project applications.
Approve	Approve the user

You have the following choices for Trust:

User	User may log into machines in your experiments
Local Root	User may create/destroy experiments in your project and has root privileges on machines in your experiments
Group Root	In addition to Local Root privileges, user may also approve new group members and modify user info for other users within the group. This level of trust is typically given only to TAs and the like.

Important group security issues are discussed in the Groups Tutorial.
\n"; # # Find all of the groups that this person has project/group root in, and # then in all of those groups, all of the people who are awaiting to be # approved (status = none). # # First off, just determine if this person has group/project root anywhere. # $query_result = DBQueryFatal("SELECT pid FROM group_membership WHERE uid='$auth_usr' ". "and (trust='group_root' or trust='project_root')"); if (mysql_num_rows($query_result) == 0) { USERERROR("You do not have Root permissions in any Project or Group.", 1); } # # Okay, so this operation sucks out the right people by joining the # group_membership table with itself. Kinda obtuse if you are not a natural # DB guy. Sorry. Well, obtuse to me. # $query_result = DBQueryFatal("select g.* from group_membership as authed ". "left join group_membership as g on ". " g.pid=authed.pid and g.gid=authed.gid ". "left join users as u on u.uid=g.uid ". "where u.status!='". TBDB_USERSTATUS_UNVERIFIED . "' and ". " u.status!='" . TBDB_USERSTATUS_NEWUSER . "' and g.uid!='$auth_usr' and ". " g.trust='". TBDB_TRUSTSTRING_NONE . "' ". " and authed.uid='$auth_usr' and ". " (authed.trust='group_root' or ". " authed.trust='project_root') ". "ORDER BY g.uid,g.pid,g.gid"); if (mysql_num_rows($query_result) == 0) { USERERROR("You have no new project members who need approval.", 1); } # # Now build a table with a bunch of selections. The thing to note about the # form inside this table is that the selection fields are constructed with # name= on the fly, from the uid of the user to be approved. In other words: # # uid menu project/group # name=stoller$$approval-testbed/testbed value=approved,denied,postpone # name=stoller$$trust-testbed/testbed value=user,local_root # # so that we can go through the entire list of post variables, looking # for these. The alternative is to work backwards, and I do not like that. # echo "\n"; echo "\n"; echo "\n"; while ($usersrow = mysql_fetch_array($query_result)) { $newuid = $usersrow[uid]; $pid = $usersrow[pid]; $gid = $usersrow[gid]; $date_applied = $usersrow[date_applied]; # # Cause this field was added late and might be null. # if (! $date_applied) { $date_applied = "--"; } $userinfo_result = DBQueryFatal("SELECT * from users where uid='$newuid'"); $row = mysql_fetch_array($userinfo_result); $name = $row[usr_name]; $email = $row[usr_email]; $title = $row[usr_title]; $affil = $row[usr_affil]; $addr = $row[usr_addr]; $addr2 = $row[usr_addr2]; $city = $row[usr_city]; $state = $row[usr_state]; $zip = $row[usr_zip]; $phone = $row[usr_phone]; echo "\n"; echo " \n"; echo "\n"; } echo "

User	Project	Group	Date Applied	Action	Trust	Name	Title	Affil	E-mail	Phone
User	Project	Group	Date Applied	Action	Trust	Addr
$newuid	$pid	$gid	$date_applied			$name	$title	$affil	$email	$phone
$newuid	$pid	$gid	$date_applied			$addr

\n"; # # Standard Testbed Footer # PAGEFOOTER(); ?>