Commit fee5763b authored by Leigh Stoller's avatar Leigh Stoller

For ISOLATEADMINS, allow a user to create a new account without a

project/group membership. Confirm this with a confirm page. This
will solve the problem of adding a brand new user to an admins only
project, before they are an admin.
parent ab120cd1
......@@ -1391,6 +1391,32 @@ sub SendVerifiedEmail($)
DBQueryFatal("select gid_idx from group_membership ".
"where uid_idx='$uid_idx' and trust='$none'");
if (!$query_result->numrows) {
my $url = "$TBWWW/showuser.php3?user=$uid_idx";
#
# Verified but no groups; send email to testbed ops since
# it is unusual (probably cause of ISOLATEADMINS).
#
SENDMAIL($TBOPS,
"User '$uid' has been verified",
"User '$uid' has been verified, ".
"but is not a member of any groups.\n\n".
"To approve this account, an administrator must do this:\n".
"\n".
" boss> wap tbacct -f add $uid\n".
"\n".
"If this situation arose from ISOLATEADMINS=1, then toggle\n".
"the user's administrator capability on this page:\n".
"\n".
" $url\n".
"\n".
"Then the user will be able to join projects that include ".
"other administrators.\n",
$TBOPS);
return 0;
}
while (my ($gid_idx) = $query_result->fetchrow_array()) {
my $group = Group->Lookup($gid_idx);
......
......@@ -51,6 +51,7 @@ $this_user = CheckLogin($check_status);
$optargs = OptionalPageArguments("submit", PAGEARG_STRING,
"forwikionly", PAGEARG_BOOLEAN,
"finished", PAGEARG_BOOLEAN,
"nopidokay", PAGEARG_STRING,
"target_pid", PAGEARG_STRING,
"target_gid", PAGEARG_STRING,
"formfields", PAGEARG_ARRAY);
......@@ -80,7 +81,10 @@ if ($old_forwikionly == True) {
if (!isset($forwikionly)) {
$forwikionly = False;
}
$nopidconfirm = 0;
unset($addpubkeyargs);
unset($pid);
unset($gid);
$ACCOUNTWARNING =
"Before continuing, please make sure your username " .
......@@ -777,7 +781,17 @@ if (! $returning) {
}
if (!$forwikionly) {
if (!isset($formfields["pid"]) || $formfields["pid"] == "") {
$errors["Project Name"] = "Missing Field";
if ($returning) {
$errors["Project Name"] = "Missing Field";
}
elseif (isset($nopidokay)) {
if ($nopidokay != "Confirm") {
$errors["Project Name"] = "Please tell us the Project";
}
}
else {
$nopidconfirm = 1;
}
}
else {
# Confirm pid/gid early to avoid spamming the page.
......@@ -806,10 +820,44 @@ if (count($errors)) {
return;
}
#
# No project, lets confirm.
#
if ($nopidconfirm) {
PAGEHEADER("Apply for Project Membership");
echo "<blockquote>\n";
echo "You did not specify a project to join. If you do not join a project ";
echo "you will not be able to use the testbed. ";
echo "But if you are sure, click on <b>Confirm</b>. ";
echo "Else click <b>Back</b> and ";
echo "enter the name of the project you want to join.\n";
echo "<br>\n";
echo "<form enctype=\"multipart/form-data\" action='joinproject.php3'
method=post name=idform>";
#
# Send all of their stuff along.
#
reset($formfields);
while (list($key, $value) = each($formfields)) {
echo "<input type=hidden name=\"formfields[$key]\" ".
"value=\"$value\"></input>\n";
}
echo "<input type=hidden name='submit' value='Submit'>\n";
echo "<center><br>\n";
echo "<input type=submit name=nopidokay value=Confirm>&nbsp;";
echo "<input type=submit name=nopidokay value=Back>\n";
echo "</center></form>";
PAGEFOOTER();
return;
}
#
# Need the user, project and group objects for the rest of this.
#
if (!$forwikionly) {
if (!$forwikionly && isset($pid)) {
if (! ($project = Project::Lookup($pid))) {
TBERROR("Could not lookup object for $pid!", 1);
}
......@@ -829,7 +877,8 @@ if (!$forwikionly) {
# doing so would not add a non-admin (default for new users) to a
# project with admins.
#
if ($ISOLATEADMINS && !$returning && count($project->GetAdmins())) {
if ($ISOLATEADMINS && !$returning &&
isset($project) && count($project->GetAdmins())) {
$errors["Joining Project"] =
"You cannot join this project due to security restrictions!"
. " If you were told to join this project specifically, email"
......@@ -917,7 +966,7 @@ if ($forwikionly) {
# If this sitevar is set, check to see if this addition will create a
# mix of admin and non-admin people in the group.
#
if ($ISOLATEADMINS &&
if ($ISOLATEADMINS && isset($project) &&
!$project->IsMember($user, $ignore)) {
$members = $project->MemberList();
......@@ -949,6 +998,12 @@ if ($ISOLATEADMINS &&
}
}
# Done if no project to join
if (!isset($project)) {
header("Location: joinproject.php3?finished=1");
exit();
}
#
# If joining a subgroup, also add to project group.
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment