Commit da45fee0 authored by Leigh Stoller's avatar Leigh Stoller

Remove a bunch of queries on the users table, switching to user object

methods.

Change a bunch of queries that join on the users table to use the idx
instead of the uid. This will need to be completed before we can really
archive users away, but close at this point.
parent a757ff14
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2005, 2006 University of Utah and the Flux Group. # Copyright (c) 2005, 2006, 2007 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
use English; use English;
...@@ -50,6 +50,7 @@ sub fatal($); ...@@ -50,6 +50,7 @@ sub fatal($);
use lib "@prefix@/lib"; use lib "@prefix@/lib";
use libdb; use libdb;
use libtestbed; use libtestbed;
use User;
# #
# We don't want to run this script unless its the real version. # We don't want to run this script unless its the real version.
...@@ -105,15 +106,14 @@ else { ...@@ -105,15 +106,14 @@ else {
die("Bad data in uid: $uid"); die("Bad data in uid: $uid");
} }
# Need the password hash ... # Map target user to object.
$query_result = my $target_user = User->Lookup($uid);
DBQueryFatal("select u.usr_pswd from users as u ". if (! defined($target_user)) {
"where u.uid='$uid'"); fatal("$uid does not exist!");
if ($query_result->numrows == 0) {
fatal("No such user $uid!");
} }
my ($passhash) = $query_result->fetchrow_array();
# Need the password hash ...
my $passhash = $target_user->pswd();
# shell escape. # shell escape.
$passhash =~ s/\$/\\\$/g; $passhash =~ s/\$/\\\$/g;
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2005, 2006 University of Utah and the Flux Group. # Copyright (c) 2005, 2006, 2007 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
use English; use English;
...@@ -50,6 +50,7 @@ sub fatal($); ...@@ -50,6 +50,7 @@ sub fatal($);
use lib "@prefix@/lib"; use lib "@prefix@/lib";
use libdb; use libdb;
use libtestbed; use libtestbed;
use User;
# #
# We don't want to run this script unless its the real version. # We don't want to run this script unless its the real version.
...@@ -102,6 +103,13 @@ else { ...@@ -102,6 +103,13 @@ else {
die("Bad data in user: $user."); die("Bad data in user: $user.");
} }
# Map target user to object.
my $target_user = User->Lookup($user);
if (! defined($target_user)) {
fatal("$user does not exist!");
}
my $user_dbid = $target_user->dbid();
# #
# This script always does the right thing, so no permission checks. # This script always does the right thing, so no permission checks.
# In fact, all it does is call over to ops to run a script over there. # In fact, all it does is call over to ops to run a script over there.
...@@ -113,7 +121,8 @@ else { ...@@ -113,7 +121,8 @@ else {
my $query_result = my $query_result =
DBQueryFatal("select p.pid,p.trust from group_membership as p ". DBQueryFatal("select p.pid,p.trust from group_membership as p ".
"left join groups as g on g.pid=p.pid and g.gid=p.gid ". "left join groups as g on g.pid=p.pid and g.gid=p.gid ".
"where uid='$user' and p.pid=g.gid and trust!='none'"); "where uid_idx='$user_dbid' and p.pid=g.gid and ".
" trust!='none'");
while (my ($pid,$trust) = $query_result->fetchrow_array()) { while (my ($pid,$trust) = $query_result->fetchrow_array()) {
# #
...@@ -136,10 +145,8 @@ exit(0) ...@@ -136,10 +145,8 @@ exit(0)
# report bugs about Emulab! # report bugs about Emulab!
# #
# Admin users ... TBAdmin() test does not work for this test ... # Admin users ... TBAdmin() test does not work for this test ...
$query_result = #
DBQueryFatal("select admin from users where uid='$user'"); if ($target_user->admin()) {
my ($isadmin) = $query_result->fetchrow_array();
if ($isadmin) {
push(@glist, "Emulab/admin"); push(@glist, "Emulab/admin");
} }
else { else {
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group. # Copyright (c) 2005, 2007 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
use English; use English;
...@@ -47,6 +47,7 @@ $| = 1; ...@@ -47,6 +47,7 @@ $| = 1;
use lib "@prefix@/lib"; use lib "@prefix@/lib";
use libdb; use libdb;
use libtestbed; use libtestbed;
use User;
# #
# We don't want to run this script unless its the real version. # We don't want to run this script unless its the real version.
...@@ -105,20 +106,11 @@ else { ...@@ -105,20 +106,11 @@ else {
# Note that adduser will just update the password if the user already # Note that adduser will just update the password if the user already
# exist in the wiki. # exist in the wiki.
# #
my $target_user = User->Lookup($user);
# if (! defined($target_user)) {
# Look in the DB to see if there is already a wikiname defined. If fatal("$user does not exist!");
# we use that. Otherwise have to form one from the user name. Ick.
#
my $query_result =
DBQueryFatal("select mailman_password ".
"from users where uid='$user'");
if (!$query_result->numrows) {
fatal("No such user $user in the DB!");
} }
my ($password) = $query_result->fetchrow_array(); my $password = $target_user->mailman_password();
if (!defined($password)) { if (!defined($password)) {
fatal("No password defined for $user!"); fatal("No password defined for $user!");
} }
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group. # Copyright (c) 2005, 2007 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
use English; use English;
...@@ -54,6 +54,7 @@ $| = 1; ...@@ -54,6 +54,7 @@ $| = 1;
use lib "@prefix@/lib"; use lib "@prefix@/lib";
use libdb; use libdb;
use libtestbed; use libtestbed;
use User;
# #
# We don't want to run this script unless its the real version. # We don't want to run this script unless its the real version.
...@@ -80,14 +81,6 @@ if (! $MAILMANSUPPORT) { ...@@ -80,14 +81,6 @@ if (! $MAILMANSUPPORT) {
exit(0); exit(0);
} }
#
# Get user DB uid.
#
if (! UNIX2DBUID($UID, \$dbuid)) {
die("*** $0:\n".
" You do not exist in the Emulab Database!\n");
}
# #
# Parse command arguments. Once we return from getopts, all that should be # Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments. # left are the required arguments.
...@@ -114,15 +107,13 @@ else { ...@@ -114,15 +107,13 @@ else {
die("Bad data in uid: $target_uid"); die("Bad data in uid: $target_uid");
} }
my $query_result = my $target_user = User->Lookup($target_uid);
DBQueryFatal("select usr_email, mailman_password, usr_name ". if (! defined($target_user)) {
"from users where uid='$target_uid'"); fatal("$target_uid does not exist!");
}
fatal("No such user in DB: $target_uid!") my $email = $target_user->email();
if (!$query_result->numrows); my $password = $target_user->mailman_password();
my $fullname = $target_user->name();
my ($email, $password, $fullname) = $query_result->fetchrow_array();
# #
# Note that since we are sending cleartext passwords over, pipe the info # Note that since we are sending cleartext passwords over, pipe the info
...@@ -141,6 +132,9 @@ if ($CONTROL ne $BOSSNODE) { ...@@ -141,6 +132,9 @@ if ($CONTROL ne $BOSSNODE) {
TBScriptLock("mailman_update") == 0 or TBScriptLock("mailman_update") == 0 or
fatal("Could not get the lock!"); fatal("Could not get the lock!");
# Watch for embedded quotes.
$fullname =~ s/(\')/\'\\'\'/g;
system("echo \"$password \'$fullname\'\" | ". system("echo \"$password \'$fullname\'\" | ".
"$SSH -host $CONTROL $MMPROXY $optarg adduser $target_uid $email"); "$SSH -host $CONTROL $MMPROXY $optarg adduser $target_uid $email");
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group. # Copyright (c) 2005, 2007 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
use English; use English;
...@@ -54,6 +54,7 @@ $| = 1; ...@@ -54,6 +54,7 @@ $| = 1;
use lib "@prefix@/lib"; use lib "@prefix@/lib";
use libdb; use libdb;
use libtestbed; use libtestbed;
use User;
# #
# We don't want to run this script unless its the real version. # We don't want to run this script unless its the real version.
...@@ -80,14 +81,6 @@ if (! $MAILMANSUPPORT) { ...@@ -80,14 +81,6 @@ if (! $MAILMANSUPPORT) {
exit(0); exit(0);
} }
#
# Get user DB uid.
#
if (! UNIX2DBUID($UID, \$dbuid)) {
die("*** $0:\n".
" You do not exist in the Emulab Database!\n");
}
# #
# Parse command arguments. Once we return from getopts, all that should be # Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments. # left are the required arguments.
...@@ -114,18 +107,12 @@ else { ...@@ -114,18 +107,12 @@ else {
die("Bad data in uid: $target_uid"); die("Bad data in uid: $target_uid");
} }
my $query_result = my $target_user = User->Lookup($target_uid);
DBQueryFatal("select usr_email, mailman_password, usr_name ". if (! defined($target_user)) {
"from users where uid='$target_uid'"); fatal("$target_uid does not exist!");
}
fatal("No such user in DB: $target_uid!") my $email = $target_user->email();
if (!$query_result->numrows);
my ($email, $password, $fullname) = $query_result->fetchrow_array();
#
# Note that since we are sending cleartext passwords over, pipe the info
# into its STDIN so that the passwords are not visible in a ps listing.
# #
# For ssh. # For ssh.
# #
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group. # Copyright (c) 2005, 2007 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
use English; use English;
...@@ -53,6 +53,7 @@ $| = 1; ...@@ -53,6 +53,7 @@ $| = 1;
use lib "@prefix@/lib"; use lib "@prefix@/lib";
use libdb; use libdb;
use libtestbed; use libtestbed;
use User;
# #
# We don't want to run this script unless its the real version. # We don't want to run this script unless its the real version.
...@@ -79,14 +80,6 @@ if (! $MAILMANSUPPORT) { ...@@ -79,14 +80,6 @@ if (! $MAILMANSUPPORT) {
exit(0); exit(0);
} }
#
# Get user DB uid.
#
if (! UNIX2DBUID($UID, \$dbuid)) {
die("*** $0:\n".
" You do not exist in the Emulab Database!\n");
}
# #
# Parse command arguments. Once we return from getopts, all that should be # Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments. # left are the required arguments.
...@@ -113,14 +106,13 @@ else { ...@@ -113,14 +106,13 @@ else {
die("Bad data in uid: $target_uid"); die("Bad data in uid: $target_uid");
} }
my $query_result = my $target_user = User->Lookup($target_uid);
DBQueryFatal("select usr_email, mailman_password, usr_name ". if (! defined($target_user)) {
"from users where uid='$target_uid'"); fatal("$target_uid does not exist!");
}
fatal("No such user in DB: $target_uid!") my $email = $target_user->email();
if (!$query_result->numrows); my $password = $target_user->mailman_password();
my $fullname = $target_user->name();
my ($email, $password, $fullname) = $query_result->fetchrow_array();
# #
# Note that since we are sending cleartext passwords over, pipe the info # Note that since we are sending cleartext passwords over, pipe the info
...@@ -139,6 +131,9 @@ if ($CONTROL ne $BOSSNODE) { ...@@ -139,6 +131,9 @@ if ($CONTROL ne $BOSSNODE) {
TBScriptLock("mailman_update") == 0 or TBScriptLock("mailman_update") == 0 or
fatal("Could not get the lock!"); fatal("Could not get the lock!");
# Watch for embedded quotes.
$fullname =~ s/(\')/\'\\'\'/g;
system("echo \"$password \'$fullname\'\" | ". system("echo \"$password \'$fullname\'\" | ".
" $SSH -host $CONTROL $MMPROXY ". " $SSH -host $CONTROL $MMPROXY ".
" $optarg modifymember $target_uid $email"); " $optarg modifymember $target_uid $email");
......
#!/usr/bin/perl -w #!/usr/bin/perl -w
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2005, 2006 University of Utah and the Flux Group. # Copyright (c) 2005, 2006, 2007 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
use English; use English;
...@@ -52,6 +52,7 @@ $| = 1; ...@@ -52,6 +52,7 @@ $| = 1;
use lib "@prefix@/lib"; use lib "@prefix@/lib";
use libdb; use libdb;
use libtestbed; use libtestbed;
use User;
# #
# If no bugdb support, just exit. # If no bugdb support, just exit.
...@@ -89,7 +90,8 @@ my $optarg = ($debug ? "-d" : ""); ...@@ -89,7 +90,8 @@ my $optarg = ($debug ? "-d" : "");
# Initialize a mailman password for all users. # Initialize a mailman password for all users.
# #
my $query_result = my $query_result =
DBQueryFatal("select uid from users where mailman_password is NULL"); DBQueryFatal("select uid from users ".
"where mailman_password is NULL and status!='archived'");
while (my ($uid) = $query_result->fetchrow_array()) { while (my ($uid) = $query_result->fetchrow_array()) {
print "Setting initial mailman password for $uid\n" print "Setting initial mailman password for $uid\n"
......
...@@ -78,6 +78,7 @@ sub mysystem($) ...@@ -78,6 +78,7 @@ sub mysystem($)
sub Lookup($$) sub Lookup($$)
{ {
my ($class, $token) = @_; my ($class, $token) = @_;
my $status_archived = $USERSTATUS_ARCHIVED;
my $query_result; my $query_result;
# Look in cache first # Look in cache first
...@@ -88,13 +89,18 @@ sub Lookup($$) ...@@ -88,13 +89,18 @@ sub Lookup($$)
# For backwards compatability, look to see if the token is numeric # For backwards compatability, look to see if the token is numeric
# or alphanumeric. If numeric, assumes its an idx, otherwise a name. # or alphanumeric. If numeric, assumes its an idx, otherwise a name.
# #
if ($token =~ /^\d*$/) { if ($token =~ /^\d+$/) {
$query_result = $query_result =
DBQueryWarn("select * from users where uid_idx='$token'"); DBQueryWarn("select * from users where uid_idx='$token'");
} }
elsif ($token =~ /^\w*$/) { elsif ($token =~ /^\w+$/) {
# When looking up by uid, only look for non-archived users;
# Must use an idx if you really want an archived user. This
# will prevent problems with code that has not yet been
# changed to use the idx field.
$query_result = $query_result =
DBQueryWarn("select * from users where uid='$token'"); DBQueryWarn("select * from users ".
"where uid='$token' and status!='$status_archived'");
} }
else { else {
return undef; return undef;
...@@ -208,10 +214,12 @@ sub LookupByUnixId($$) ...@@ -208,10 +214,12 @@ sub LookupByUnixId($$)
sub LookupByWikiName($$) sub LookupByWikiName($$)
{ {
my ($class, $wikiname) = @_; my ($class, $wikiname) = @_;
my $status_archived = $USERSTATUS_ARCHIVED;
my $query_result = my $query_result =
DBQueryFatal("select uid_idx from users ". DBQueryFatal("select uid_idx from users ".
"where wikiname='$wikiname'"); "where wikiname='$wikiname' and ".
" status!='$status_archived'");
return undef return undef
if (! $query_result || !$query_result->numrows); if (! $query_result || !$query_result->numrows);
...@@ -228,10 +236,12 @@ sub LookupByWikiName($$) ...@@ -228,10 +236,12 @@ sub LookupByWikiName($$)
sub LookupByEmail($$) sub LookupByEmail($$)
{ {
my ($class, $email) = @_; my ($class, $email) = @_;
my $status_archived = $USERSTATUS_ARCHIVED;
my $query_result = my $query_result =
DBQueryFatal("select uid_idx from users ". DBQueryFatal("select uid_idx from users ".
"where LCASE(usr_email)=LCASE('$email')"); "where LCASE(usr_email)=LCASE('$email') and ".
" status!='$status_archived'");
return undef return undef
if (! $query_result || !$query_result->numrows); if (! $query_result || !$query_result->numrows);
...@@ -440,6 +450,18 @@ sub ThisUser($) ...@@ -440,6 +450,18 @@ sub ThisUser($)
return User->LookupByUnixId($UID); return User->LookupByUnixId($UID);
} }
#
# The "implied" user is the user the web interface says we are running as.
#
sub ImpliedUser($)
{
return undef
if (! exists($ENV{'HTTP_INVOKING_USER'}));
# The lookup routine checks it argument, so no need to taint check.
return User->Lookup($ENV{'HTTP_INVOKING_USER'});
}
# #
# Refresh a class instance by reloading from the DB. # Refresh a class instance by reloading from the DB.
# #
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2000-2004 University of Utah and the Flux Group. # Copyright (c) 2000-2004, 2007 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
use English; use English;
...@@ -99,7 +99,7 @@ mysystem("$TB/sbin/mkproj $pid"); ...@@ -99,7 +99,7 @@ mysystem("$TB/sbin/mkproj $pid");
# #
my $users_result = my $users_result =
DBQueryFatal("select distinct u.uid,u.admin from group_membership as m ". DBQueryFatal("select distinct u.uid,u.admin from group_membership as m ".
"left join users as u on u.uid=m.uid ". "left join users as u on u.uid_idx=m.uid_idx ".
"where u.status='" . USERSTATUS_ACTIVE() . "'"); "where u.status='" . USERSTATUS_ACTIVE() . "'");
while (my ($uid,$admin) = $users_result->fetchrow_array()) { while (my ($uid,$admin) = $users_result->fetchrow_array()) {
next next
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2000-2006 University of Utah and the Flux Group. # Copyright (c) 2000-2007 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
use Fcntl ':flock'; use Fcntl ':flock';
...@@ -73,6 +73,7 @@ use lib "@prefix@/lib"; ...@@ -73,6 +73,7 @@ use lib "@prefix@/lib";
use libdb; use libdb;
use libtestbed; use libtestbed;
use libtblog; use libtblog;
use User;
# #
# We don't want to run this script unless its the real version. # We don't want to run this script unless its the real version.
...@@ -300,7 +301,7 @@ sub ActiveUsers() ...@@ -300,7 +301,7 @@ sub ActiveUsers()
DBQuery("SELECT DISTINCT u.usr_email from experiments as e ". DBQuery("SELECT DISTINCT u.usr_email from experiments as e ".
"left join group_membership as p ". "left join group_membership as p ".
" on e.pid=p.pid and p.pid=p.gid ". " on e.pid=p.pid and p.pid=p.gid ".
"left join users as u on u.uid=p.uid ". "left join users as u on u.uid_idx=p.uid_idx ".
"where u.status='active' and ". "where u.status='active' and ".
" e.state='active' ". " e.state='active' ".
"order by u.usr_email"))) { "order by u.usr_email"))) {
...@@ -325,7 +326,7 @@ sub RecentUsers() ...@@ -325,7 +326,7 @@ sub RecentUsers()
if (! ($query_result = if (! ($query_result =
DBQuery("select distinct u.usr_email from user_stats as s ". DBQuery("select distinct u.usr_email from user_stats as s ".
"left join users as u on u.uid=s.uid ". "left join users as u on u.uid_idx=s.uid_idx ".
"where ((UNIX_TIMESTAMP(now()) - ". "where ((UNIX_TIMESTAMP(now()) - ".
" UNIX_TIMESTAMP(s.last_activity)) <= $limit) ". " UNIX_TIMESTAMP(s.last_activity)) <= $limit) ".
"order by u.usr_email"))) { "order by u.usr_email"))) {
...@@ -352,7 +353,7 @@ sub RecentProjects() ...@@ -352,7 +353,7 @@ sub RecentProjects()
DBQuery("select distinct u.usr_email from project_stats as s ". DBQuery("select distinct u.usr_email from project_stats as s ".
"left join group_membership as g on ". "left join group_membership as g on ".
" g.pid=s.pid and g.gid=g.pid ". " g.pid=s.pid and g.gid=g.pid ".
"left join users as u on u.uid=g.uid ". "left join users as u on u.uid_idx=g.uid_idx ".
"where u.status='active' and ". "where u.status='active' and ".
" ((UNIX_TIMESTAMP(now()) - ". " ((UNIX_TIMESTAMP(now()) - ".
" UNIX_TIMESTAMP(s.last_activity)) <= $limit) ". " UNIX_TIMESTAMP(s.last_activity)) <= $limit) ".
...@@ -379,7 +380,7 @@ sub RecentProjectLeaders() ...@@ -379,7 +380,7 @@ sub RecentProjectLeaders()
DBQuery("select distinct u.usr_email from project_stats as s ". DBQuery("select distinct u.usr_email from project_stats as s ".
"left join group_membership as g on ". "left join group_membership as g on ".
" g.pid=s.pid and g.gid=g.pid ". " g.pid=s.pid and g.gid=g.pid ".
"left join users as u on u.uid=g.uid ". "left join users as u on u.uid_idx=g.uid_idx ".
"left join projects as p on u.uid=p.head_uid ". "left join projects as p on u.uid=p.head_uid ".
"where u.status='active' and ". "where u.status='active' and ".
" ((UNIX_TIMESTAMP(now()) - ". " ((UNIX_TIMESTAMP(now()) - ".
...@@ -424,7 +425,7 @@ sub WideAreaPeople() ...@@ -424,7 +425,7 @@ sub WideAreaPeople()
my $query_result = my $query_result =
DBQueryFatal("SELECT DISTINCT u.usr_email from projects as p ". DBQueryFatal("SELECT DISTINCT u.usr_email from projects as p ".
"left join group_membership as m on m.pid=p.pid ". "left join group_membership as m on m.pid=p.pid ".
"left join users as u on u.uid=m.uid ". "left join users as u on u.uid_idx=m.uid_idx ".
"where p.approved!=0 and p.pcremote_ok is not null ". "where p.approved!=0 and p.pcremote_ok is not null ".
" and m.trust!='none' and u.status='active' ". " and m.trust!='none' and u.status='active' ".
"order by usr_email"); "order by usr_email");
...@@ -442,7 +443,7 @@ sub ProjectLeaders() ...@@ -442,7 +443,7 @@ sub ProjectLeaders()
($MAILMANSUPPORT ? ($MAILMANSUPPORT ?
", u.uid ,u.usr_name, u.mailman_password " : "") . ", u.uid ,u.usr_name, u.mailman_password " : "") .
" from projects as p ". " from projects as p ".
"left join users as u on u.uid=p.head_uid ". "left join users as u on u.uid_idx=p.head_idx ".
"where p.approved!=0 ". "where p.approved!=0 ".
"order by usr_email"); "order by usr_email");
......
...@@ -499,6 +499,7 @@ sub USERSTATUS_FROZEN() { "frozen"; } ...@@ -499,6 +499,7 @@ sub USERSTATUS_FROZEN() { "frozen"; }
sub USERSTATUS_UNAPPROVED() { "unapproved"; } sub USERSTATUS_UNAPPROVED() { "unapproved"; }
sub USERSTATUS_UNVERIFIED() { "unverified"; } sub USERSTATUS_UNVERIFIED() { "unverified"; }
sub USERSTATUS_NEWUSER() { "newuser"; } sub USERSTATUS_NEWUSER() { "newuser"; }
sub USERSTATUS_ARCHIVED() { "archived"; }
# #
# We want valid project membership to be non-zero for easy membership # We want valid project membership to be non-zero for easy membership
...@@ -911,19 +912,26 @@ sub TBGrpTrust($$$) ...@@ -911,19 +912,26 @@ sub TBGrpTrust($$$)
$gid = $pid; $gid = $pid;
} }
#
# Must map to an existing user to be trusted, obviously
#
my $target_user = User->Lookup($uid);
return PROJMEMBERTRUST_NONE
if (! defined($target_user));
my $uid_idx = $target_user->uid_idx();
# #
# User must be active to be trusted. # User must be active to be trusted.
# #
my $query_result = return PROJMEMBERTRUST_NONE
DBQueryFatal("select status from users ". if ($target_user->status() ne USERSTATUS_ACTIVE());
"where uid='$uid' and status='" . USERSTATUS_ACTIVE() . "'");
if ($query_result->numrows == 0) {
return PROJMEMBERTRUST_NONE;
}
#
# Must be a member of the group.
#
$query_result = $query_result =
DBQueryFatal("select trust from group_membership ".