Commit 06e202f8 authored by David Johnson's avatar David Johnson

Don't allow new user creates to occur if they are attempting to join a

project that already has admins.
parent 7b5c2473
......@@ -733,6 +733,22 @@ if (!$forwikionly) {
}
}
#
# If this is a new user, only allow the user creation to proceed if
# doing so would not add a non-admin (default for new users) to a
# project with admins.
#
if (!$returning && count($project->GetAdmins())) {
$errors["Joining Project"] =
"You cannot join project '$pid' due to security restrictions!"
. " If you were told to join this project specifically, email"
. " either the project leader OR $TBMAILADDR_OPS.";
TBERROR("New user '".$formfields["joining_uid"]."' attempted to join project ".
"'$pid'\n".
"which would create a mix of admin and non-admin ".
"users\n\n--- so the user creation was NOT allowed to occur!\n", 0);
}
# Done with sanity checks!
if (count($errors)) {
SPITFORM($formfields, $returning, $errors);
......
......@@ -483,6 +483,28 @@ class Project
return $result;
}
#
# Return an array of any users in the project who are admins.
#
function GetAdmins() {
$pid_idx = $this->pid_idx();
$query_result =
DBQueryFatal("select distinct u.uid_idx from users as u".
" left join group_membership as gm on u.uid=gm.uid".
" where gm.pid_idx='$pid_idx' and u.admin=1");
while ($row = mysql_fetch_array($query_result)) {
$uid_idx = $row["uid_idx"];
if (! ($user = User::Lookup($uid_idx))) {
TBERROR("Project::GetAdmins: ".
"Could not load user $uid_idx!", 1);
}
$result[] = $user;
}
return $result;
}
#
# List of subgroups for a project member (not including default group).
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment