Commit fee5763b authored by Leigh B Stoller's avatar Leigh B Stoller

For ISOLATEADMINS, allow a user to create a new account without a

project/group membership. Confirm this with a confirm page. This
will solve the problem of adding a brand new user to an admins only
project, before they are an admin.
parent ab120cd1
...@@ -1391,6 +1391,32 @@ sub SendVerifiedEmail($) ...@@ -1391,6 +1391,32 @@ sub SendVerifiedEmail($)
DBQueryFatal("select gid_idx from group_membership ". DBQueryFatal("select gid_idx from group_membership ".
"where uid_idx='$uid_idx' and trust='$none'"); "where uid_idx='$uid_idx' and trust='$none'");
if (!$query_result->numrows) {
my $url = "$TBWWW/showuser.php3?user=$uid_idx";
#
# Verified but no groups; send email to testbed ops since
# it is unusual (probably cause of ISOLATEADMINS).
#
SENDMAIL($TBOPS,
"User '$uid' has been verified",
"User '$uid' has been verified, ".
"but is not a member of any groups.\n\n".
"To approve this account, an administrator must do this:\n".
"\n".
" boss> wap tbacct -f add $uid\n".
"\n".
"If this situation arose from ISOLATEADMINS=1, then toggle\n".
"the user's administrator capability on this page:\n".
"\n".
" $url\n".
"\n".
"Then the user will be able to join projects that include ".
"other administrators.\n",
$TBOPS);
return 0;
}
while (my ($gid_idx) = $query_result->fetchrow_array()) { while (my ($gid_idx) = $query_result->fetchrow_array()) {
my $group = Group->Lookup($gid_idx); my $group = Group->Lookup($gid_idx);
......
...@@ -51,6 +51,7 @@ $this_user = CheckLogin($check_status); ...@@ -51,6 +51,7 @@ $this_user = CheckLogin($check_status);
$optargs = OptionalPageArguments("submit", PAGEARG_STRING, $optargs = OptionalPageArguments("submit", PAGEARG_STRING,
"forwikionly", PAGEARG_BOOLEAN, "forwikionly", PAGEARG_BOOLEAN,
"finished", PAGEARG_BOOLEAN, "finished", PAGEARG_BOOLEAN,
"nopidokay", PAGEARG_STRING,
"target_pid", PAGEARG_STRING, "target_pid", PAGEARG_STRING,
"target_gid", PAGEARG_STRING, "target_gid", PAGEARG_STRING,
"formfields", PAGEARG_ARRAY); "formfields", PAGEARG_ARRAY);
...@@ -80,7 +81,10 @@ if ($old_forwikionly == True) { ...@@ -80,7 +81,10 @@ if ($old_forwikionly == True) {
if (!isset($forwikionly)) { if (!isset($forwikionly)) {
$forwikionly = False; $forwikionly = False;
} }
$nopidconfirm = 0;
unset($addpubkeyargs); unset($addpubkeyargs);
unset($pid);
unset($gid);
$ACCOUNTWARNING = $ACCOUNTWARNING =
"Before continuing, please make sure your username " . "Before continuing, please make sure your username " .
...@@ -777,7 +781,17 @@ if (! $returning) { ...@@ -777,7 +781,17 @@ if (! $returning) {
} }
if (!$forwikionly) { if (!$forwikionly) {
if (!isset($formfields["pid"]) || $formfields["pid"] == "") { if (!isset($formfields["pid"]) || $formfields["pid"] == "") {
$errors["Project Name"] = "Missing Field"; if ($returning) {
$errors["Project Name"] = "Missing Field";
}
elseif (isset($nopidokay)) {
if ($nopidokay != "Confirm") {
$errors["Project Name"] = "Please tell us the Project";
}
}
else {
$nopidconfirm = 1;
}
} }
else { else {
# Confirm pid/gid early to avoid spamming the page. # Confirm pid/gid early to avoid spamming the page.
...@@ -806,10 +820,44 @@ if (count($errors)) { ...@@ -806,10 +820,44 @@ if (count($errors)) {
return; return;
} }
#
# No project, lets confirm.
#
if ($nopidconfirm) {
PAGEHEADER("Apply for Project Membership");
echo "<blockquote>\n";
echo "You did not specify a project to join. If you do not join a project ";
echo "you will not be able to use the testbed. ";
echo "But if you are sure, click on <b>Confirm</b>. ";
echo "Else click <b>Back</b> and ";
echo "enter the name of the project you want to join.\n";
echo "<br>\n";
echo "<form enctype=\"multipart/form-data\" action='joinproject.php3'
method=post name=idform>";
#
# Send all of their stuff along.
#
reset($formfields);
while (list($key, $value) = each($formfields)) {
echo "<input type=hidden name=\"formfields[$key]\" ".
"value=\"$value\"></input>\n";
}
echo "<input type=hidden name='submit' value='Submit'>\n";
echo "<center><br>\n";
echo "<input type=submit name=nopidokay value=Confirm>&nbsp;";
echo "<input type=submit name=nopidokay value=Back>\n";
echo "</center></form>";
PAGEFOOTER();
return;
}
# #
# Need the user, project and group objects for the rest of this. # Need the user, project and group objects for the rest of this.
# #
if (!$forwikionly) { if (!$forwikionly && isset($pid)) {
if (! ($project = Project::Lookup($pid))) { if (! ($project = Project::Lookup($pid))) {
TBERROR("Could not lookup object for $pid!", 1); TBERROR("Could not lookup object for $pid!", 1);
} }
...@@ -829,7 +877,8 @@ if (!$forwikionly) { ...@@ -829,7 +877,8 @@ if (!$forwikionly) {
# doing so would not add a non-admin (default for new users) to a # doing so would not add a non-admin (default for new users) to a
# project with admins. # project with admins.
# #
if ($ISOLATEADMINS && !$returning && count($project->GetAdmins())) { if ($ISOLATEADMINS && !$returning &&
isset($project) && count($project->GetAdmins())) {
$errors["Joining Project"] = $errors["Joining Project"] =
"You cannot join this project due to security restrictions!" "You cannot join this project due to security restrictions!"
. " If you were told to join this project specifically, email" . " If you were told to join this project specifically, email"
...@@ -917,7 +966,7 @@ if ($forwikionly) { ...@@ -917,7 +966,7 @@ if ($forwikionly) {
# If this sitevar is set, check to see if this addition will create a # If this sitevar is set, check to see if this addition will create a
# mix of admin and non-admin people in the group. # mix of admin and non-admin people in the group.
# #
if ($ISOLATEADMINS && if ($ISOLATEADMINS && isset($project) &&
!$project->IsMember($user, $ignore)) { !$project->IsMember($user, $ignore)) {
$members = $project->MemberList(); $members = $project->MemberList();
...@@ -949,6 +998,12 @@ if ($ISOLATEADMINS && ...@@ -949,6 +998,12 @@ if ($ISOLATEADMINS &&
} }
} }
# Done if no project to join
if (!isset($project)) {
header("Location: joinproject.php3?finished=1");
exit();
}
# #
# If joining a subgroup, also add to project group. # If joining a subgroup, also add to project group.
# #
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment