editgroup_form.php3 7.51 KB
Newer Older
Leigh Stoller's avatar
Leigh Stoller committed
1
<?php
Leigh Stoller's avatar
Leigh Stoller committed
2 3
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
Leigh Stoller's avatar
Leigh Stoller committed
5 6
# All rights reserved.
#
Leigh Stoller's avatar
Leigh Stoller committed
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
include("defs.php3");
include("showstuff.php3");

#
# Standard Testbed Header
#
PAGEHEADER("Edit Group Membership");

#
# Only known and logged in users.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);

#
# First off, sanity check page args.
#
if (!isset($pid) ||
    strcmp($pid, "") == 0) {
    USERERROR("Must provide a Project ID!", 1);
}
if (!isset($gid) ||
    strcmp($gid, "") == 0) {
    USERERROR("Must privide a Group ID!", 1);
}

#
34
# The default group membership cannot be changed, but the trust levels can.
Leigh Stoller's avatar
Leigh Stoller committed
35
#
36
$defaultgroup = 0;
Leigh Stoller's avatar
Leigh Stoller committed
37
if (strcmp($gid, $pid) == 0) {
38
    $defaultgroup = 1;
Leigh Stoller's avatar
Leigh Stoller committed
39 40 41 42 43
}

#
# Verify permission.
#
44
if (! TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_EDITGROUP)) {
Leigh Stoller's avatar
Leigh Stoller committed
45 46 47 48
    USERERROR("You do not have permission to edit group $gid in ".
	      "project $pid!", 1);
}

49 50 51 52 53 54 55 56
#
# See if user is allowed to add non-members to group.
# 
$grabusers = 0;
if (TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_GROUPGRABUSERS)) {
    $grabusers = 1;
}

57 58 59 60 61 62 63 64
#
# See if user is allowed to bestow group_root upon members of group.
# 
$bestowgrouproot = 0;
if (TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_BESTOWGROUPROOT)) {
    $bestowgrouproot = 1;
}

Leigh Stoller's avatar
Leigh Stoller committed
65 66
#
# Grab the user list for the group. Provide a button selection of people
67 68
# that can be removed. The group leader cannot be removed!
# Do not include members that have not been approved
69 70
# to main group either! This will force them to go through the approval
# page first.
Leigh Stoller's avatar
Leigh Stoller committed
71 72
#
$curmembers_result =
73
    DBQueryFatal("select m.uid,m.trust from group_membership as m ".
Leigh Stoller's avatar
Leigh Stoller committed
74 75
		 "left join groups as g on g.pid=m.pid and g.gid=m.gid ".
		 "where m.pid='$pid' and m.gid='$gid' and ".
76
		 "      m.uid!=g.leader and m.trust!='none'");
Leigh Stoller's avatar
Leigh Stoller committed
77 78 79

#
# Grab the user list from the project. These are the people who can be
80 81 82
# added. Do not include people in the above list, obviously! Do not
# include members that have not been approved to main group either! This
# will force them to go through the approval page first.
Leigh Stoller's avatar
Leigh Stoller committed
83 84 85 86 87
# 
$nonmembers_result =
    DBQueryFatal("select m.uid from group_membership as m ".
		 "left join group_membership as a on ".
		 "     a.uid=m.uid and a.pid=m.pid and a.gid='$gid' ".
88 89
		 "where m.pid='$pid' and m.gid=m.pid and a.uid is NULL ".
		 "      and m.trust!='none'");
Leigh Stoller's avatar
Leigh Stoller committed
90 91 92 93 94 95

#
# We do not allow the actual group info to be edited. Just the membership.
#
SHOWGROUP($pid, $gid);

96 97 98 99 100 101
echo "<br><center>
       Important <a href='docwrapper.php3?docname=groups.html#SECURITY'>
       security issues</a> are discussed in the
       <a href='docwrapper.php3?docname=groups.html'>Groups Tutorial</a>.
      </center>\n";

102
if (mysql_num_rows($curmembers_result) ||
103
    ($grabusers && mysql_num_rows($nonmembers_result))) {
104 105 106 107
    echo "<br>
          <form action='editgroup.php3?pid=$pid&gid=$gid' method=post>
          <table align=center border=1>\n";
}
Leigh Stoller's avatar
Leigh Stoller committed
108 109

if (mysql_num_rows($curmembers_result)) {
110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128
    if ($defaultgroup) {
	echo "<tr><td align=center colspan=2 nowrap=1>
              <br>
              <font size=+1><b>Edit Trust Level</b></font>
              <br>
              You may edit trust level in the default group,<br>
                but you are not allowed to remove members.
              </td></tr>\n";
    }
    else {
	echo "<tr><td align=center colspan=2 nowrap=1>
              <br>
              <font size=+1><b>Remove/Edit Group Members.</b></font>
              <br>
              Deselect the ones you would like to remove,<br>
                   or edit their trust value.
              </td></tr>\n";
    }

Leigh Stoller's avatar
Leigh Stoller committed
129
    while ($row = mysql_fetch_array($curmembers_result)) {
130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156
	$user  = $row[0];
	$trust = $row[1];

	if ($defaultgroup) {
	    echo "<tr>
                     <td>
                       <input type=hidden name='change_$user' value=permit>
                          <A href='showuser.php3?target_uid=$user'>
                             $user &nbsp</A>
                     </td>\n";
	}
	else {
	    echo "<tr>
                     <td>   
                       <input checked type=checkbox value=permit
                              name='change_$user'>
                          <A href='showuser.php3?target_uid=$user'>
                             $user &nbsp</A>
                     </td>\n";
	}

	echo "   <td align=center>
                    <select name='$user\$\$trust'>\n";

	#
	# We want to have the current trust value selected in the menu.
	#
157 158 159 160 161 162 163 164 165
	if (TBCheckGroupTrustConsistency($user, $pid, $gid, "user", 0)) {
	    echo "<option value='user' " .
		((strcmp($trust, "user") == 0) ? "selected" : "") .
		    ">User </option>\n";
	}
	if (TBCheckGroupTrustConsistency($user, $pid, $gid, "local_root", 0)) {
	    echo "<option value='local_root' " .
		((strcmp($trust, "local_root") == 0) ? "selected" : "") .
		    ">Local Root </option>\n";
166 167 168 169 170 171 172 173 174 175

	    #
	    # If group_root is already selected, or we have permission to set it,
	    # show it. Otherwise do not.
	    #
	    if (strcmp($trust, "group_root") == 0 || $bestowgrouproot) {
		echo "<option value='group_root' " .
		    ((strcmp($trust, "group_root") == 0) ? "selected" : "") .
			">Group Root </option>\n";
	    }
176
	}
177
	echo "        </select>
178
                   </td>\n";
Leigh Stoller's avatar
Leigh Stoller committed
179
    }
180
    echo "</tr>\n";
Leigh Stoller's avatar
Leigh Stoller committed
181 182
}

183
if ($grabusers && mysql_num_rows($nonmembers_result)) {
184 185
    echo "<tr><td align=center colspan=2 nowrap=1>
          <br>
186
          <font size=+1><b>Add Group Members</b></font>[<b>1</b>].
187 188 189
             <br>
             Select the ones you would like to add.<br>
             Be sure to select the appropriate trust level.
Leigh Stoller's avatar
Leigh Stoller committed
190 191 192
          </td></tr>\n";
    
    while ($row = mysql_fetch_array($nonmembers_result)) {
193 194 195 196 197 198 199 200 201 202
	$user  = $row[0];
	$trust = $row[1];
	
	echo "<tr>
                 <td>
                   <input type=checkbox value=permit name='add_$user'>
                      <A href='showuser.php3?target_uid=$user'>$user &nbsp</A>
                 </td>\n";

	echo "   <td align=center>
203
                   <select name='$user\$\$trust'>\n";
204

205 206 207 208 209 210 211 212 213
	if (TBCheckGroupTrustConsistency($user, $pid, $gid, "user", 0)) {
	    echo "<option value='user' " .
		((strcmp($trust, "user") == 0) ? "selected" : "") .
		    ">User</option>\n";
	}
	if (TBCheckGroupTrustConsistency($user, $pid, $gid, "local_root", 0)) {
	    echo "<option value='local_root' " .
		((strcmp($trust, "local_root") == 0) ? "selected" : "") .
		    ">Local Root</option>\n";
214 215 216 217 218 219

	    if ($bestowgrouproot) {
		echo "<option value='group_root' " .
		    ((strcmp($trust, "group_root") == 0) ? "selected" : "") .
			">Group Root</option>\n";
	    }
220
	}
221
	echo "        </select>
222
	    </td>\n";
Leigh Stoller's avatar
Leigh Stoller committed
223
    }
224
    echo "</tr>\n";
Leigh Stoller's avatar
Leigh Stoller committed
225 226
}

227
if (mysql_num_rows($curmembers_result) ||
228
    ($grabusers && mysql_num_rows($nonmembers_result))) {
229 230 231 232 233
    echo "<tr>
             <td align=center colspan=2>
                 <b><input type=submit value=Submit></b>
             </td>
          </tr>\n";
Leigh Stoller's avatar
Leigh Stoller committed
234

235 236 237 238 239 240 241 242 243
    echo "</table>
          </form>\n";
}
else {
    echo "<br><center>
           <em>There are no project members who are eligible to be added
               or removed from this group[<b>1</b>].</em>
             </center>\n";
}
Leigh Stoller's avatar
Leigh Stoller committed
244

245 246 247 248 249 250 251 252 253 254 255
echo "<h4><blockquote><blockquote><blockquote>
      <ol>
       <li> Only members who have already been approved to the main
            project will be listed. If a project member is missing, please
            go to <a href=approveuser_form.php3>New User Approval</a>
            and approve the user to the main project group. Then you can
            reload this page and add those members to other groups in your
            project.\n";
echo "</ol>
      </blockquote></blockquote></blockquote>
      </h4>\n";
256

Leigh Stoller's avatar
Leigh Stoller committed
257 258 259 260 261
#
# Standard Testbed Footer
# 
PAGEFOOTER();
?>