newgroup.php3 3.94 KB
Newer Older
Leigh Stoller's avatar
Leigh Stoller committed
1
<?php
Leigh Stoller's avatar
Leigh Stoller committed
2 3
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
Leigh Stoller's avatar
Leigh Stoller committed
5 6
# All rights reserved.
#
Leigh Stoller's avatar
Leigh Stoller committed
7
include("defs.php3");
8
include("showstuff.php3");
Leigh Stoller's avatar
Leigh Stoller committed
9 10

#
11
# No header since we issue a redirect later.
Leigh Stoller's avatar
Leigh Stoller committed
12
#
13 14
ignore_user_abort(1);

Leigh Stoller's avatar
Leigh Stoller committed
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71
#
# First off, sanity check the form to make sure all the required fields
# were provided. I do this on a per field basis so that we can be
# informative. Be sure to correlate these checks with any changes made to
# the project form. 
#
if (!isset($group_pid) ||
    strcmp($group_pid, "") == 0) {
  FORMERROR("Select Project");
}
if (!isset($group_id) ||
    strcmp($group_id, "") == 0) {
  FORMERROR("Group Name");
}
if (!isset($group_description) ||
    strcmp($group_description, "") == 0) {
  FORMERROR("Group Description");
}
if (!isset($group_leader) ||
    strcmp($group_leader, "") == 0) {
  FORMERROR("Group leader");
}

#
# Only known and logged in users.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);

#
# Check ID for sillyness.
#
if (! ereg("^[-_a-zA-Z0-9]+$", $group_id)) {
    USERERROR("The group name must be alphanumeric characters only!", 1);
}

#
# Database limits
#
if (strlen($group_id) > $TBDB_GIDLEN) {
    USERERROR("The Group name is too long! Please select another.", 1);
}

#
# Certain of these values must be escaped or otherwise sanitized.
# 
$group_description = addslashes($group_description);

#
# Verify permission.
#
if (! TBProjAccessCheck($uid, $group_pid, 0, $TB_PROJECT_MAKEGROUP)) {
    USERERROR("You do not have permission to create groups in project ".
	      "$group_pid!", 1);
}

#
72
# Verify project and leader. Any user can lead a group.
Leigh Stoller's avatar
Leigh Stoller committed
73 74
#
if (! TBProjAccessCheck($group_leader, $group_pid, 0, $TB_PROJECT_LEADGROUP)) {
75 76
    USERERROR("$group_leader does not have enough permission to lead a group ".
	      "in project $group_pid!", 1);
Leigh Stoller's avatar
Leigh Stoller committed
77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127
}
	       
#
# Make sure the GID is not already there.
#
if (TBValidGroup($group_pid, $group_id)) {
    USERERROR("The group $group_id already exists! Please select another.", 1);
}

#
# The unix group name must be globally unique. Form a name and check it.
#
$unix_gname = substr($group_pid, 0, 3) . "-" . $group_id;
$maxtries   = 99;
$count      = 0;

while ($count < $maxtries) {
    if (strlen($unix_gname) > $TBDB_UNIXGLEN) {
	TBERROR("Unix group name $unix_gname is too long!", 1);
    }
    
    $query_result =
	DBQueryFatal("select gid from groups where unix_name='$unix_gname'");

    if (mysql_num_rows($query_result) == 0) {
	break;
    }
    $count++;

    $unix_gname = substr($group_pid, 0, 3) . "-" .
	substr($group_id,  0, strlen($group_id) - 2) . "$count";
}
if ($count == $maxtries) {
    TBERROR("Could not form a unique Unix group name!", 1);
}

#
# Create the new group and set up the initial membership for the leader
# (and the project leader if not the same).
# 
DBQueryFatal("INSERT INTO groups ".
	     "(pid, gid, leader, created, description, unix_gid, unix_name) ".
	     "VALUES ('$group_pid', '$group_id', '$group_leader', now(), ".
	     "        '$group_description', NULL, '$unix_gname')");

DBQueryFatal("insert into group_membership ".
	     "(uid, pid, gid, trust, date_applied, date_approved) ".
	     "values ('$group_leader','$group_pid','$group_id', ".
	     "        'group_root', now(), now())");

#
128 129
# Note, if the project leader wants to be in the subgroup, he/she has to
# add themself via the edit page. 
Leigh Stoller's avatar
Leigh Stoller committed
130 131 132 133 134 135 136 137 138 139 140 141
#

#
# Grab the unix GID for running scripts.
#
TBGroupUnixInfo($group_pid, $group_pid, $unix_gid, $unix_name);

#
# Run the script. This will make the group directory, set the perms,
# and do the account stuff for all of the people in the group. This
# is the same script that gets run when the group membership changes.
#
142
SUEXEC($uid, $unix_gid, "webmkgroup $group_pid $group_id", 1);
143
SUEXEC($uid, $unix_gid, "websetgroups $group_leader", 1);
Leigh Stoller's avatar
Leigh Stoller committed
144

145
#
146 147
# Spit out a redirect so that the history does not include a post
# in it. The back button skips over the post and to the form.
148
# 
149
header("Location: showgroup.php3?pid=$group_pid&gid=$group_id");
150

151
# No Testbed footer.
Leigh Stoller's avatar
Leigh Stoller committed
152
?>