approveuser.ajax 3.82 KB
Newer Older
1 2
<?php
#
Leigh Stoller's avatar
Leigh Stoller committed
3
# Copyright (c) 2000-2016 University of Utah and the Flux Group.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
#

function CommonSetup()
{
    global $ajax_args;
    global $this_user;
    global $TB_PROJECT_ADDUSER;

    # Until I get a delay into the waitwait modal.
    sleep(1);

    if (!isset($ajax_args["user_uid"])) {
	SPITAJAX_ERROR(1, "Missing user user_uid");
	return;
    }
    $user_uid    = $ajax_args["user_uid"];
    $target_user = User::Lookup($user_uid);
    
    if (!isset($ajax_args["pid"])) {
	SPITAJAX_ERROR(1, "Missing project pid");
	return;
    }
    $pid     = $ajax_args["pid"];
    $project = Project::Lookup($pid);

    #
    # Check that the current user has the necessary trust level
    # to approver users in the project/group.
    #
    if (! $project->AccessCheck($this_user, $TB_PROJECT_ADDUSER)) {
	SPITAJAX_ERROR(1, "You are not allowed to approve users in project $pid");
	return;
    }
    #
    # Must be an unapproved member ...
    #
    $approved = 0;
    if (! $project->IsMember($target_user, $approved)) {
	SPITAJAX_ERROR(1, "User $user_uid is not a member of project $pid");
	return;
    }
    if ($approved) {
	SPITAJAX_ERROR(1, "User $user_uid is already an approved ".
		          "member of project $pid");
	return;
    }
    return array($target_user, $project);
}

#
# Deny
#
function Do_Deny()
{
    global $this_user;
    global $TBADMINGROUP;
    $this_uid = $this_user->uid();

    list ($target_user, $project) = CommonSetup();
    $pid      = $project->pid();
    $user_uid = $target_user->uid();
    
    #
    # Must delete the group_membership record since we require that the 
    # user reapply once denied. Send the luser email to let him know.
    #
    $project->DeleteMember($target_user);

    #
    # See if user is in any other projects (even unapproved).
    #
    $project_list = $target_user->ProjectMembershipList();

    #
    # If no we can safely delete the user account.
    #
    if (!count($project_list)) {
	SUEXEC($this_uid, $TBADMINGROUP, "webrmuser -n -p $pid $user_uid", 1);
    }
    SPITAJAX_RESPONSE("User $user_uid was denied membership in project $pid");
}

#
# Approve
#
function Do_Approve()
{
    global $this_user;
    global $TBADMINGROUP;
    $this_uid = $this_user->uid();

    list ($target_user, $project) = CommonSetup();
    $pid      = $project->pid();
    $user_uid = $target_user->uid();
    $trust    = TBDB_TRUSTSTRING_LOCALROOT;

    # Create the user if it is not yet approved.
    if ($target_user->status() != TBDB_USERSTATUS_ACTIVE) {
Leigh Stoller's avatar
Leigh Stoller committed
121
	$target_user->SetStatus(TBDB_USERSTATUS_ACTIVE);
122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140

	$retval = SUEXEC($this_uid, $TBADMINGROUP,
			 "webtbacct add $user_uid",
			 SUEXEC_ACTION_CONTINUE);
	if ($retval) {
	    SPITAJAX_ERROR(-1, "Internal error creating new user");
	    return;
	}
    }
    # And update the trust level in the group.
    $retval = SUEXEC($this_uid, $TBADMINGROUP,
		     "webmodgroups -a $pid:$pid:$trust $user_uid",
		     SUEXEC_ACTION_CONTINUE);
    if ($retval) {
	SPITAJAX_ERROR(-1, "Internal error updating user membership");
	return;
    }
    SPITAJAX_RESPONSE("User $user_uid was granted membership in project $pid");
}
Leigh Stoller's avatar
Leigh Stoller committed
141 142 143 144 145

# Local Variables:
# mode:php
# End:
?>