-
Leigh B. Stoller authored
A user can request a local account on the machine he/she has dedicated to netbed. In fact, multiple people can request local accounts. They just need to fill in the form, supplying the usual personal data we require, and then some info about the node. This includes the IP and the CDKey as verification (we now save the original CDKey in the DB forever), as well as info about the node (location, processor type, connection type). They must fill out the node info for the first account request. Otherwise, it can be ignored (that is, if an entry is already in widearea_nodeinfo, we do not require those fields). Once submitted, the user has to go through the usual verification step. To approve the user, admin people get a new link on the menu to approve widearea accounts. That page looks a lot like the normal join project approval page, only is tailored slightly for widearea accounts instead of projects. Once approved, widearea users get a webonly account. Note that it can be a normal account, say if the user is also in a normal project, or if we just want to give out an account on ops/boss to this person. Just need to clear the webonly flag in the DB, and the account will be built as normal, except they are put in the "guest" group on boss/ops if not a member of any projects. There are two new tables. widearea_accounts and widearea_nodeinfo. The accounts table maps uid's to specific nodes they get an account on (see changes in tmcd). The mapping also includes a trust value (user or root, although it should be rare to give out root access) for the account.
ad90fb6f