Approve new users in your Project or Group Use this page to approve new members of your Project or Group. Once approved, they will be able to log into machines in your Project's experiments. Be sure to toggle the menu options appropriately for each pending user.

You have the following choices for Action:
  Postpone - Do nothing; application remains, pending a decision.
  Deny - Deny user application and so notify the user.
  Nuke - Nuke user application. Kills user account, without notice to user. Useful for bogus project applications.
  Approve - Approve the user

You have the following choices for Trust:
  User - User may log into machines in your experiments
  Local Root - User may create/destroy experiments in your project and has root privileges on machines in your experiments
  Group Root - In addition to Local Root privileges, user may also approve new group members and modify user info for other users within the group. This level of trust is typically given only to TAs and the like.

Important group security issues are discussed in the Groups Tutorial

\n"; # # Find all of the groups that this person has project/group root in, and # then in all of those groups, all of the people who are awaiting to be # approved (status = none). # # First off, just determine if this person has group/project root anywhere. # $query_result = DBQueryFatal("SELECT pid FROM group_membership WHERE uid='$auth_usr' ". "and (trust='group_root' or trust='project_root')"); if (mysql_num_rows($query_result) == 0) { USERERROR("You do not have Root permissions in any Project or Group.", 1); } # # Okay, so this operation sucks out the right people by joining the # group_membership table with itself. Kinda obtuse if you are not a natural # DB guy. Sorry. Well, obtuse to me. # $query_result = DBQueryFatal("SELECT g.* FROM group_membership as g ". "LEFT JOIN group_membership as authed ". "ON g.pid=authed.pid and g.gid=authed.gid and ". " g.uid!='$auth_usr' and g.trust='none' ". "WHERE authed.uid='$auth_usr' and ". " (authed.trust='group_root' or ". " authed.trust='project_root') ". "ORDER BY g.uid,g.pid,g.gid"); if (mysql_num_rows($query_result) == 0) { USERERROR("You have no new project members who need approval.", 1); } # # Now build a table with a bunch of selections. The thing to note about the # form inside this table is that the selection fields are constructed with # name= on the fly, from the uid of the user to be approved. In other words: # # uid menu project/group # name=stoller$$approval-testbed/testbed value=approved,denied,postpone # name=stoller$$trust-testbed/testbed value=user,local_root # # so that we can go through the entire list of post variables, looking # for these. The alternative is to work backwards, and I do not like that. # echo "\n"; echo "\n"; echo "\n"; while ($usersrow = mysql_fetch_array($query_result)) { $newuid = $usersrow[uid]; $pid = $usersrow[pid]; $gid = $usersrow[gid]; $date_applied = $usersrow[date_applied]; # # Cause this field was added late and might be null. # if (! $date_applied) { $date_applied = "--"; } # # Only project leaders get to add someone as group root. # TBProjLeader($pid, $projleader); if (strcmp($auth_usr, $projleader) == 0) { $isleader = 1; } else { $isleader = 0; } $userinfo_result = DBQueryFatal("SELECT * from users where uid='$newuid'"); $row = mysql_fetch_array($userinfo_result); $name = $row[usr_name]; $email = $row[usr_email]; $title = $row[usr_title]; $affil = $row[usr_affil]; $addr = $row[usr_addr]; $addr2 = $row[usr_addr2]; $city = $row[usr_city]; $state = $row[usr_state]; $zip = $row[usr_zip]; $phone = $row[usr_phone]; echo "\n"; echo " \n"; echo "\n"; } echo "
User Project Group Date
Applied		 Action Trust Name Title Affil E-mail Phone
Addr Addr2 City State Zip
$newuid $pid $gid $date_applied  $name   $title   $affil   $email   $phone 
 $addr   $addr2   $city   $state   $zip 
\n"; # # Standard Testbed Footer # PAGEFOOTER(); ?>