Commit 1ebdf309 authored by Robert Ricci's avatar Robert Ricci

Make sure that the head uid of a project is 'active' or 'unapproved'

before allowing a project to be approved. (In approveproject_form,
this meant removing the automatic transition from 'newuser' to
'unverified')

Since this check is done in two places, once in the form, and once in
the page that does the work, it's possible for this to get out of
sync.
parent 5801e47c
......@@ -168,6 +168,25 @@ elseif ((strcmp($approval, "deny") == 0) ||
</h3>\n";
}
elseif (strcmp($approval, "approve") == 0) {
#
# Change the status if necessary. This only happens for new users
# being approved in their first project. After this, the status is
# going to be "active", and we just leave it that way.
#
if (strcmp($curstatus, "active")) {
if (strcmp($curstatus, "unapproved") == 0) {
$newstatus = "active";
}
else {
TBERROR("Invalid $headuid status $curstatus in ".
"approveproject.php3", 1);
}
DBQueryFatal("UPDATE users set status='$newstatus' ".
"WHERE uid='$headuid'");
}
#
# Change the trust value in group_membership to group_root, and set the
# project "approved" field to true.
......@@ -197,26 +216,6 @@ elseif (strcmp($approval, "approve") == 0) {
"WHERE pid='$pid'");
}
#
# Change the status if necessary. This only happens for new users
# being approved in their first project. After this, the status is
# going to be "active", and we just leave it that way.
#
if (strcmp($curstatus, "active")) {
if (strcmp($curstatus, "newuser") == 0) {
$newstatus = "unverified";
}
elseif (strcmp($curstatus, "unapproved") == 0) {
$newstatus = "active";
}
else {
TBERROR("Invalid $headuid status $curstatus in ".
"approveproject.php3", 1);
}
DBQueryFatal("UPDATE users set status='$newstatus' ".
"WHERE uid='$headuid'");
}
TBMAIL("$headname '$headuid' <$headuid_email>",
"Project '$pid' Approval",
"\n".
......
......@@ -88,6 +88,17 @@ echo "<center>
SHOWUSER($projleader);
#
# Check to make sure that the head user is 'unapproved' or 'active'
#
$headstatus = TBUserStatus($projleader);
if (!strcmp($headstatus,TBDB_USERSTATUS_UNAPPROVED) ||
!strcmp($headstatus,TBDB_USERSTATUS_ACTIVE)) {
$approvable = 1;
} else {
$approvable = 0;
}
#
# Now put up the menu choice along with a text box for an email message.
#
......@@ -100,12 +111,20 @@ echo "<center>
echo "<tr>
<td align=center>
<select name=approval>
<option value='postpone'>Postpone</option>
<option value='approve'>Approve</option>
<option value='postpone'>Postpone</option>";
if ($approvable) {
echo " <option value='approve'>Approve</option>";
}
echo "
<option value='moreinfo'>More Info</option>
<option value='deny'>Deny</option>
<option value='destroy'>Destroy</option>
</select>
</select>";
if (!$approvable) {
echo " <br><b>WARNING:</b> Project cannot be approved,";
echo" since head user has not been verified";
}
echo "
</td>
</tr>\n";
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment