approveuser_form.php3 6.95 KB
Newer Older
1
<?php
Leigh Stoller's avatar
Leigh Stoller committed
2 3
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2003, 2006, 2007 University of Utah and the Flux Group.
Leigh Stoller's avatar
Leigh Stoller committed
5 6
# All rights reserved.
#
7 8
include("defs.php3");

9 10 11
#
# Standard Testbed Header
#
12
PAGEHEADER("New User Approval");
13

14 15 16
#
# Only known and logged in users can be verified.
#
17 18 19 20
$this_user   = CheckLoginOrDie();
$auth_usr    = $this_user->uid();
$auth_usridx = $this_user->uid_idx();

21 22 23 24 25
#
# The reason for this call is to make sure that globals are set properly.
#
$reqargs = RequiredPageArguments();

26 27 28 29 30 31 32 33 34 35
#
# Find all of the groups that this person has project/group root in, and 
# then in all of those groups, all of the people who are awaiting to be
# approved (status = none).
#
$approvelist = $this_user->ApprovalList(1);

if (count($approvelist) == 0) {
    USERERROR("You have no new project members who need approval.", 1);
}
36 37

echo "
Leigh Stoller's avatar
Leigh Stoller committed
38
      <h2>Approve new users in your Project or Group</h2>
Chad Barb's avatar
Chad Barb committed
39
      <p>
Leigh Stoller's avatar
Leigh Stoller committed
40 41
      Use this page to approve new members of your Project or Group.  Once
      approved, they will be able to log into machines in your Project's 
42
      experiments. Be sure to toggle the menu options appropriately for
43
      each pending user.
Chad Barb's avatar
Chad Barb committed
44
      </p>
45

Chad Barb's avatar
Chad Barb committed
46 47
      <center>
      <h4>You have the following choices for <b>Action</b>:</h4>
48 49
      <table cellspacing=2 border=0>
        <tr>
Chad Barb's avatar
Chad Barb committed
50
            <td><b>Postpone</b></td>
Jay Lepreau's avatar
Jay Lepreau committed
51
            <td>Do nothing; application remains, pending a decision.</td>
52 53
        </tr>
        <tr>
Chad Barb's avatar
Chad Barb committed
54
            <td><b>Deny</b></td>
Jay Lepreau's avatar
Jay Lepreau committed
55
            <td>Deny user application and so notify the user.</td>
56 57
        </tr>
        <tr>
Chad Barb's avatar
Chad Barb committed
58
            <td><b>Nuke</b></td>
Jay Lepreau's avatar
Jay Lepreau committed
59 60
            <td>Nuke user application.  Kills user account, without
		notice to user.  Useful for
61 62 63
                bogus project applications.</td>
        </tr>
        <tr>
Chad Barb's avatar
Chad Barb committed
64
            <td><b>Approve</b></td>
65 66 67
            <td>Approve the user</td>
        </tr>
      </table>
Chad Barb's avatar
Chad Barb committed
68 69 70
      <br />
      <h4>You have the following choices for <b>Trust</b>:</h4>
      <table cellspacing=2 cellpadding=4 border=0>
71
        <tr>
Chad Barb's avatar
Chad Barb committed
72
            <td><b>User</b></td>
73 74 75
            <td>User may log into machines in your experiments</td>
        </tr>
        <tr>
Chad Barb's avatar
Chad Barb committed
76
            <td><b>Local Root</b></td>
77
            <td>User may create/destroy experiments in your project and
Jay Lepreau's avatar
Jay Lepreau committed
78
                has root privileges on machines in your experiments</td>
79
        </tr>
Leigh Stoller's avatar
Leigh Stoller committed
80
        <tr>
Chad Barb's avatar
Chad Barb committed
81
            <td><b>Group Root</b></td>
Leigh Stoller's avatar
Leigh Stoller committed
82 83 84 85 86 87
            <td>In addition to Local Root privileges, user may also
                approve new group members and 
                modify user info for other users within the group. This
                level of trust is typically given only to TAs and the
                like.</td>
        </tr>
88
      </table>
Chad Barb's avatar
Chad Barb committed
89
      <br />
90 91 92
      <b>Important group
       <a href='docwrapper.php3?docname=groups.html#SECURITY'>
       security issues</a> are discussed in the
Chad Barb's avatar
Chad Barb committed
93
       <a href='docwrapper.php3?docname=groups.html'>Groups Tutorial</a>.
94
      </b>
Chad Barb's avatar
Chad Barb committed
95
      </center><br />
96

97
      \n";
98 99 100 101 102 103

#
# Now build a table with a bunch of selections. The thing to note about the
# form inside this table is that the selection fields are constructed with
# name= on the fly, from the uid of the user to be approved. In other words:
#
Leigh Stoller's avatar
Leigh Stoller committed
104 105 106
#             uid     menu     project/group
#	name=stoller$$approval-testbed/testbed value=approved,denied,postpone
#	name=stoller$$trust-testbed/testbed value=user,local_root
107 108
#
# so that we can go through the entire list of post variables, looking
109
# for these. The alternative is to work backwards, and I do not like that.
110
# 
111 112
echo "<table width=\"100%\" border=2 cellpadding=2 cellspacing=2
       align=\"center\">\n";
113 114

echo "<tr>
115 116 117 118 119 120 121 122 123 124 125
          <th rowspan=2>User</th>
          <th rowspan=2>Project</th>
          <th rowspan=2>Group</th>
          <th rowspan=2>Date<br>Applied</th>
          <th rowspan=2>Action</th>
          <th rowspan=2>Trust</th>
          <th>Name</th>
          <th>Title</th>
          <th>Affil</th>
          <th>E-mail</th>
          <th>Phone</th>
126 127
      </tr>
      <tr>
128
          <th colspan=5>Address</th>
129 130
      </tr>\n";

131
echo "<form action='approveuser.php3' method='post'>\n";
132

133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148
while (list ($uid_idx, $grouplist) = each ($approvelist)) {
  if (! ($user = User::Lookup($uid_idx))) {
    TBERROR("Could not lookup user $uid_idx", 1);
  }

  # Iterate over groups for this user.
  for ($i = 0; $i < count($grouplist); $i++) {
    $group        = $grouplist[$i];
    
    $newuid       = $user->uid();
    $gid          = $group->gid();
    $gid_idx      = $group->gid_idx();
    $pid          = $group->pid();
    $pid_idx      = $group->pid_idx();

    $group->MemberShipInfo($user, $trust, $date_applied, $date_approved);
149 150 151 152 153 154 155

    #
    # Cause this field was added late and might be null.
    # 
    if (! $date_applied) {
	$date_applied = "--";
    }
156

157 158 159 160 161 162 163 164 165 166 167
    $name	= $user->name();
    $email	= $user->email();
    $title	= $user->title();
    $affil	= $user->affil();
    $addr	= $user->addr();
    $addr2	= $user->addr2();
    $city	= $user->city();
    $state	= $user->state();
    $zip	= $user->zip();
    $country	= $user->country();
    $phone	= $user->phone();
168

169
     echo "<tr>
170 171
              <td rowspan=2>$newuid</td>
              <td rowspan=2>$pid</td>
Leigh Stoller's avatar
Leigh Stoller committed
172
              <td rowspan=2>$gid</td>
173
              <td rowspan=2>$date_applied</td>
174
              <td rowspan=2>
175
                  <select name=\"U${uid_idx}\$\$approval-$pid/$gid\">
176 177 178 179
                          <option value='postpone'>Postpone </option>
                          <option value='approve'>Approve </option>
                          <option value='deny'>Deny </option>
                          <option value='nuke'>Nuke </option>
180 181 182
                  </select>
              </td>
              <td rowspan=2>
183
                  <select name=\"U${uid_idx}\$\$trust-$pid/$gid\">\n";
184 185
     
    if ($group->CheckTrustConsistency($user, TBDB_TRUSTSTRING_USER, 0)) {
186
	echo  "<option value='user'>User </option>\n";
Leigh Stoller's avatar
Leigh Stoller committed
187
    }
188
    if ($group->CheckTrustConsistency($user, TBDB_TRUSTSTRING_LOCALROOT, 0)) {
189 190
	# local_root means any root is valid.
        echo  "<option value='local_root'>Local Root </option>\n";
191 192 193

	# Allowed to set to group root?
	if ($group->AccessCheck($this_user, $TB_PROJECT_BESTOWGROUPROOT)) {
194 195
	    echo  "<option value='group_root'>Group Root </option>\n";
	}
196
    }	
Leigh Stoller's avatar
Leigh Stoller committed
197
    echo "        </select>
198 199 200 201 202 203 204 205 206
              </td>\n";

    echo "    <td>&nbsp;$name&nbsp;</td>
              <td>&nbsp;$title&nbsp;</td>
              <td>&nbsp;$affil&nbsp;</td>
              <td>&nbsp;$email&nbsp;</td>
              <td>&nbsp;$phone&nbsp;</td>
          </tr>\n";
    echo "<tr>
207 208 209 210 211
              <td colspan=5>&nbsp;$addr&nbsp;";
    if (strcmp($addr2,"")) { 
	echo "&nbsp;$addr2&nbsp;"; 
    }
    echo "                  &nbsp;$city&nbsp;
212
                            &nbsp;$state&nbsp;
213 214
                            &nbsp;$zip&nbsp;
                            &nbsp;$country&nbsp;</td>
215
          </tr>\n";
216
  }
217 218
}
echo "<tr>
Leigh Stoller's avatar
Leigh Stoller committed
219
          <td align=center colspan=11>
220 221 222
              <b><input type='submit' value='Submit' name='OK'></td>
      </tr>
      </form>
223 224 225 226 227 228
      </table>\n";

#
# Standard Testbed Footer
# 
PAGEFOOTER();
229
?>