approveproject.php3 6.78 KB
Newer Older
1 2 3
<?php
include("defs.php3");

4 5 6 7 8
#
# Standard Testbed Header
#
PAGEHEADER("New Project Approved");

9
#
10
# Only known and logged in users can do this.
11
#
12
$uid = GETLOGIN();
13 14 15 16 17
LOGGEDINORDIE($uid);

#
# Of course verify that this uid has admin privs!
#
18 19
$isadmin = ISADMIN($uid);
if (! $isadmin) {
20 21 22 23
    USERERROR("You do not have admin privledges to approve projects!", 1);
}

echo "<center><h1>
24
      Approving Project '$pid' ...
25 26 27
      </h1></center>";

#
28
# Grab the head_uid for this project. This verifies it is a valid project.
29
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
30 31
$query_result = 
    DBQueryFatal("SELECT head_uid from projects where pid='$pid'");
32 33 34 35
if (($row = mysql_fetch_row($query_result)) == 0) {
    TBERROR("Unknown project $pid", 1);
}
$headuid = $row[0];
36

37 38 39 40 41 42 43 44 45 46
#
# Get the current status for the headuid, which we might need to change
# anyway, and to verify that the user is a valid user. We also need
# the email address to let the user know what happened.
#
# We change the status only if this person is starting his first project.
# In this case, the status will be either "newuser" or "unapproved",
# and we will change it to "unapproved" or "active", respectively.
# If the status is "active", we leave it alone. 
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
47 48 49
$query_result = 
    DBQueryFatal("SELECT status,usr_email,usr_name from users ".
		 "where uid='$headuid'");
50 51 52 53 54 55
if (mysql_num_rows($query_result) == 0) {
    TBERROR("Unknown user $headuid", 1);
}
$row = mysql_fetch_row($query_result);
$curstatus     = $row[0];
$headuid_email = $row[1];
56
$headname      = $row[2];
57
#echo "Status = $curstatus, Email = $headuid_email<br>\n";
58

59
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
60 61
# Then we check that the headuid is really listed in the group_membership
# table (default group), just to be sure. 
62
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
63 64 65
$query_result =
    DBQueryFatal("SELECT trust from group_membership where ".
		 "uid='$headuid' and pid='$pid' and gid='$pid'");
66 67 68
if (mysql_num_rows($query_result) == 0) {
    USERERROR("User $headuid is not the leader of project $pid.", 1);
}
69

70 71 72 73 74 75 76 77 78 79 80
#
# Well, looks like everything is okay. Change the project approval
# value appropriately.
#
if (strcmp($approval, "postpone") == 0) {
    echo "<p><h3>
             Project approval for project $pid (User: $headuid) was
             postponed for later decision.
          </h3>\n";
}
elseif (strcmp($approval, "moreinfo") == 0) {
81 82
    mail("$headname '$headuid' <$headuid_email>",
         "TESTBED: Project '$pid' Approval Postponed",
83 84
         "\n".
         "This message is to notify you that your project application\n".
85 86
         "for $pid has been postponed until we have more information.\n".
         "You can just reply to this message to provide more information.\n".
87 88 89 90 91
         "\n$message".
         "\n\n".
         "Thanks,\n".
         "Testbed Ops\n".
         "Utah Network Testbed\n",
92 93
         "From: $TBMAIL_APPROVAL\n".
         "Bcc: $TBMAIL_APPROVAL\n".
94 95 96 97 98 99 100 101 102
         "Errors-To: $TBMAIL_WWW");

    echo "<p><h3>
             Project approval for project $pid (User: $headuid) was
             postponed pending the reception of more information.
          </h3>\n";
}
elseif ((strcmp($approval, "deny") == 0) ||
	(strcmp($approval, "destroy") == 0)) {
103
    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
104 105 106 107
    # Must delete the group_membership and project records since we require a
    # new application once denied. Send the luser email to let him know.
    # This order is actually important. Release project record last to
    # avoid (incredibly unlikely) name collision with another new project.
108
    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
109 110 111 112
    DBQueryFatal("delete from group_membership ".
		 "where uid='$headuid' and pid='$pid' and gid='$pid'");
    DBQueryFatal("delete from groups where pid='$pid' and gid='$pid'");
    DBQueryFatal("delete from projects where pid='$pid'");
113

114 115
    mail("$headname '$headuid' <$headuid_email>",
         "TESTBED: Project '$pid' Denied",
116 117
         "\n".
         "This message is to notify you that your project application\n".
118
         "for $pid has been denied.\n".
119 120 121 122 123
         "\n$message".
         "\n\n".
         "Thanks,\n".
         "Testbed Ops\n".
         "Utah Network Testbed\n",
124 125
         "From: $TBMAIL_APPROVAL\n".
         "Bcc: $TBMAIL_APPROVAL\n".
126
         "Errors-To: $TBMAIL_WWW");
127 128

    #
129 130
    # Well, if the "destroy" option was given, kill the users account
    # from the database.
131
    #
132
    if (strcmp($approval, "destroy") == 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
133
	DBQueryFatal("delete from users where uid='$headuid'");
134

135 136
        mail("$headname '$headuid' <$headuid_email>",
             "TESTBED: Account '$headuid' Terminated",
137 138
    	     "\n".
             "This message is to notify you that your account has been \n".
139
             "terminated because your project $pid was denied.\n".
140 141 142 143
             "\n\n".
             "Thanks,\n".
             "Testbed Ops\n".
             "Utah Network Testbed\n",
144 145
             "From: $TBMAIL_APPROVAL\n".
             "Bcc: $TBMAIL_APPROVAL\n".
146
             "Errors-To: $TBMAIL_WWW");
147
    }
148

149 150 151 152 153 154
    echo "<h3><p>
              Project $pid (User: $headuid) has been denied.
          </h3>\n";
}
elseif (strcmp($approval, "approve") == 0) {
    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
155
    # Change the trust value in group_membership to group_root, and set the
156 157
    # project "approved" field to true. 
    #
Leigh B. Stoller's avatar
Leigh B. Stoller committed
158 159 160
    DBQueryFatal("UPDATE group_membership ".
		 "set trust='project_root',date_approved=now() ".
		 "WHERE uid='$headuid' and pid='$pid' and gid='$pid'");
161

Leigh B. Stoller's avatar
Leigh B. Stoller committed
162
    DBQueryFatal("UPDATE projects set approved='1' WHERE pid='$pid'");
163

164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179
    #
    # Change the status if necessary. This only happens for new users
    # being approved in their first project. After this, the status is
    # going to be "active", and we just leave it that way.
    #
    if (strcmp($curstatus, "active")) {
        if (strcmp($curstatus, "newuser") == 0) {
	    $newstatus = "unverified";
        }
        elseif (strcmp($curstatus, "unapproved") == 0) {
	    $newstatus = "active";
        }
        else {
	    TBERROR("Invalid $headuid status $curstatus in ".
                    "approveproject.php3", 1);
        }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
180 181
	DBQueryFatal("UPDATE users set status='$newstatus' ".
		     "WHERE uid='$headuid'");
182
    }
183

184 185
    mail("$headname '$headuid' <$headuid_email>",
         "TESTBED: Project '$pid' Approval",
186 187 188 189 190 191 192 193
         "\n".
	 "This message is to notify you that your project $pid\n".
	 "has been approved.\n".
         "\n$message".
         "\n\n".
         "Thanks,\n".
         "Testbed Ops\n".
         "Utah Network Testbed\n",
194 195
         "From: $TBMAIL_APPROVAL\n".
         "Bcc: $TBMAIL_APPROVAL\n".
196
         "Errors-To: $TBMAIL_WWW");
197

198 199 200 201
    #
    # Create the user accounts. Must be done *before* we create the
    # project directory!
    # 
202
    SUEXEC($uid, "flux", "mkacct-ctrl $headuid", 0);	 	
203 204 205
    #
    # Create the project directory. If it fails, we will find out about it.
    #
206
    SUEXEC($uid, "flux", "mkprojdir $pid", 0);
207

208 209 210 211 212
    echo "<h3><p>
              Project $pid (User: $headuid) has been approved.
          </h3>\n";
}
else {
213 214 215
    TBERROR("Invalid approval value $approval in approveproject.php3.", 1);
}

216 217 218 219
#
# Standard Testbed Footer
# 
PAGEFOOTER();
220
?>