approveproject.php3 7.22 KB
Newer Older
1
<?php
Leigh B. Stoller's avatar
Leigh B. Stoller committed
2 3 4 5 6
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# All rights reserved.
#
7 8
include("defs.php3");

9 10 11 12 13
#
# Standard Testbed Header
#
PAGEHEADER("New Project Approved");

14
#
15
# Only known and logged in users can do this.
16
#
17
$uid = GETLOGIN();
18 19 20 21 22
LOGGEDINORDIE($uid);

#
# Of course verify that this uid has admin privs!
#
23 24
$isadmin = ISADMIN($uid);
if (! $isadmin) {
25 26 27 28
    USERERROR("You do not have admin privledges to approve projects!", 1);
}

echo "<center><h1>
29
      Approving Project '$pid' ...
30 31 32
      </h1></center>";

#
33
# Grab the head_uid for this project. This verifies it is a valid project.
34
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
35 36
$query_result = 
    DBQueryFatal("SELECT head_uid from projects where pid='$pid'");
37 38 39 40
if (($row = mysql_fetch_row($query_result)) == 0) {
    TBERROR("Unknown project $pid", 1);
}
$headuid = $row[0];
41

42 43 44 45 46 47 48 49 50 51
#
# Get the current status for the headuid, which we might need to change
# anyway, and to verify that the user is a valid user. We also need
# the email address to let the user know what happened.
#
# We change the status only if this person is starting his first project.
# In this case, the status will be either "newuser" or "unapproved",
# and we will change it to "unapproved" or "active", respectively.
# If the status is "active", we leave it alone. 
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
52 53 54
$query_result = 
    DBQueryFatal("SELECT status,usr_email,usr_name from users ".
		 "where uid='$headuid'");
55 56 57 58 59 60
if (mysql_num_rows($query_result) == 0) {
    TBERROR("Unknown user $headuid", 1);
}
$row = mysql_fetch_row($query_result);
$curstatus     = $row[0];
$headuid_email = $row[1];
61
$headname      = $row[2];
62
#echo "Status = $curstatus, Email = $headuid_email<br>\n";
63

64
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
65 66
# Then we check that the headuid is really listed in the group_membership
# table (default group), just to be sure. 
67
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
68 69 70
$query_result =
    DBQueryFatal("SELECT trust from group_membership where ".
		 "uid='$headuid' and pid='$pid' and gid='$pid'");
71 72 73
if (mysql_num_rows($query_result) == 0) {
    USERERROR("User $headuid is not the leader of project $pid.", 1);
}
74

75 76 77 78 79
#
# Well, looks like everything is okay. Change the project approval
# value appropriately.
#
if (strcmp($approval, "postpone") == 0) {
80 81 82 83
    if (isset($message) && strcmp($message, "")) {
	USERERROR("You requested postponement for $pid, but there is a ".
		  "message in the text box. Is this what you intended?", 1);
    }
84 85 86 87 88 89
    echo "<p><h3>
             Project approval for project $pid (User: $headuid) was
             postponed for later decision.
          </h3>\n";
}
elseif (strcmp($approval, "moreinfo") == 0) {
90 91
    TBMAIL("$headname '$headuid' <$headuid_email>",
         "Project '$pid' Approval Postponed",
92 93
         "\n".
         "This message is to notify you that your project application\n".
94 95
         "for $pid has been postponed until we have more information.\n".
         "You can just reply to this message to provide more information.\n".
96 97 98
         "\n$message".
         "\n\n".
         "Thanks,\n".
99
         "Testbed Operations\n",
100 101
         "From: $TBMAIL_APPROVAL\n".
         "Bcc: $TBMAIL_APPROVAL\n".
102 103 104 105 106 107 108 109 110
         "Errors-To: $TBMAIL_WWW");

    echo "<p><h3>
             Project approval for project $pid (User: $headuid) was
             postponed pending the reception of more information.
          </h3>\n";
}
elseif ((strcmp($approval, "deny") == 0) ||
	(strcmp($approval, "destroy") == 0)) {
111
    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
112 113 114 115
    # Must delete the group_membership and project records since we require a
    # new application once denied. Send the luser email to let him know.
    # This order is actually important. Release project record last to
    # avoid (incredibly unlikely) name collision with another new project.
116
    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
117 118 119 120
    DBQueryFatal("delete from group_membership ".
		 "where uid='$headuid' and pid='$pid' and gid='$pid'");
    DBQueryFatal("delete from groups where pid='$pid' and gid='$pid'");
    DBQueryFatal("delete from projects where pid='$pid'");
121

122 123
    TBMAIL("$headname '$headuid' <$headuid_email>",
         "Project '$pid' Denied",
124 125
         "\n".
         "This message is to notify you that your project application\n".
126
         "for $pid has been denied.\n".
127 128 129
         "\n$message".
         "\n\n".
         "Thanks,\n".
130
         "Testbed Operations\n",
131 132
         "From: $TBMAIL_APPROVAL\n".
         "Bcc: $TBMAIL_APPROVAL\n".
133
         "Errors-To: $TBMAIL_WWW");
134 135

    #
136 137
    # Well, if the "destroy" option was given, kill the users account
    # from the database.
138
    #
139
    if (strcmp($approval, "destroy") == 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
140
	DBQueryFatal("delete from users where uid='$headuid'");
141

142 143
        TBMAIL("$headname '$headuid' <$headuid_email>",
             "Account '$headuid' Terminated",
144 145
    	     "\n".
             "This message is to notify you that your account has been \n".
146
             "terminated because your project $pid was denied.\n".
147 148
             "\n\n".
             "Thanks,\n".
149
             "Testbed Operations\n",
150 151
             "From: $TBMAIL_APPROVAL\n".
             "Bcc: $TBMAIL_APPROVAL\n".
152
             "Errors-To: $TBMAIL_WWW");
153
    }
154

155 156 157 158 159 160
    echo "<h3><p>
              Project $pid (User: $headuid) has been denied.
          </h3>\n";
}
elseif (strcmp($approval, "approve") == 0) {
    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
161
    # Change the trust value in group_membership to group_root, and set the
162 163
    # project "approved" field to true. 
    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
164 165 166
    DBQueryFatal("UPDATE group_membership ".
		 "set trust='project_root',date_approved=now() ".
		 "WHERE uid='$headuid' and pid='$pid' and gid='$pid'");
167

Leigh B. Stoller's avatar
Leigh B. Stoller committed
168
    DBQueryFatal("UPDATE projects set approved='1' WHERE pid='$pid'");
169

170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188
    #
    # XXX
    # Temporary Plab hack.
    #
    $pcremote_ok = array();
    if (isset($pcplab_okay) &&
	!strcmp($pcplab_okay, "Yep")) {
	    $pcremote_ok[] = "pcplab";
    }
    if (isset($ron_okay) &&
	!strcmp($ron_okay, "Yep")) {
	    $pcremote_ok[] = "pcron";
    }
    if (count($pcremote_ok)) {
	    $foo = implode(",", $pcremote_ok);
	    DBQueryFatal("UPDATE projects set pcremote_ok='$foo' ".
			 "WHERE pid='$pid'");
    }

189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204
    #
    # Change the status if necessary. This only happens for new users
    # being approved in their first project. After this, the status is
    # going to be "active", and we just leave it that way.
    #
    if (strcmp($curstatus, "active")) {
        if (strcmp($curstatus, "newuser") == 0) {
	    $newstatus = "unverified";
        }
        elseif (strcmp($curstatus, "unapproved") == 0) {
	    $newstatus = "active";
        }
        else {
	    TBERROR("Invalid $headuid status $curstatus in ".
                    "approveproject.php3", 1);
        }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
205 206
	DBQueryFatal("UPDATE users set status='$newstatus' ".
		     "WHERE uid='$headuid'");
207
    }
208

209 210
    TBMAIL("$headname '$headuid' <$headuid_email>",
         "Project '$pid' Approval",
211 212 213 214 215 216
         "\n".
	 "This message is to notify you that your project $pid\n".
	 "has been approved.\n".
         "\n$message".
         "\n\n".
         "Thanks,\n".
217
         "Testbed Operations\n",
218 219
         "From: $TBMAIL_APPROVAL\n".
         "Bcc: $TBMAIL_APPROVAL\n".
220
         "Errors-To: $TBMAIL_WWW");
221

222
    #
223 224
    # Invoke the script. This does it all. If it fails, we will find out
    # about it.
225
    #
226
    SUEXEC($uid, $TBADMINGROUP, "webmkproj $pid", 0); 
227

228 229 230 231 232
    echo "<h3><p>
              Project $pid (User: $headuid) has been approved.
          </h3>\n";
}
else {
233 234 235
    TBERROR("Invalid approval value $approval in approveproject.php3.", 1);
}

236 237 238 239
#
# Standard Testbed Footer
# 
PAGEFOOTER();
240
?>