approveuser_form.php3 6.83 KB
Newer Older
1
<?php
Leigh Stoller's avatar
Leigh Stoller committed
2 3
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2003, 2006 University of Utah and the Flux Group.
Leigh Stoller's avatar
Leigh Stoller committed
5 6
# All rights reserved.
#
7 8
include("defs.php3");

9 10 11
#
# Standard Testbed Header
#
12
PAGEHEADER("New User Approval");
13

14 15 16
#
# Only known and logged in users can be verified.
#
17 18 19 20 21 22 23 24 25 26 27 28 29 30
$this_user   = CheckLoginOrDie();
$auth_usr    = $this_user->uid();
$auth_usridx = $this_user->uid_idx();

#
# Find all of the groups that this person has project/group root in, and 
# then in all of those groups, all of the people who are awaiting to be
# approved (status = none).
#
$approvelist = $this_user->ApprovalList(1);

if (count($approvelist) == 0) {
    USERERROR("You have no new project members who need approval.", 1);
}
31 32

echo "
Leigh Stoller's avatar
Leigh Stoller committed
33
      <h2>Approve new users in your Project or Group</h2>
Chad Barb's avatar
Chad Barb committed
34
      <p>
Leigh Stoller's avatar
Leigh Stoller committed
35 36
      Use this page to approve new members of your Project or Group.  Once
      approved, they will be able to log into machines in your Project's 
37
      experiments. Be sure to toggle the menu options appropriately for
38
      each pending user.
Chad Barb's avatar
Chad Barb committed
39
      </p>
40

Chad Barb's avatar
Chad Barb committed
41 42
      <center>
      <h4>You have the following choices for <b>Action</b>:</h4>
43 44
      <table cellspacing=2 border=0>
        <tr>
Chad Barb's avatar
Chad Barb committed
45
            <td><b>Postpone</b></td>
Jay Lepreau's avatar
Jay Lepreau committed
46
            <td>Do nothing; application remains, pending a decision.</td>
47 48
        </tr>
        <tr>
Chad Barb's avatar
Chad Barb committed
49
            <td><b>Deny</b></td>
Jay Lepreau's avatar
Jay Lepreau committed
50
            <td>Deny user application and so notify the user.</td>
51 52
        </tr>
        <tr>
Chad Barb's avatar
Chad Barb committed
53
            <td><b>Nuke</b></td>
Jay Lepreau's avatar
Jay Lepreau committed
54 55
            <td>Nuke user application.  Kills user account, without
		notice to user.  Useful for
56 57 58
                bogus project applications.</td>
        </tr>
        <tr>
Chad Barb's avatar
Chad Barb committed
59
            <td><b>Approve</b></td>
60 61 62
            <td>Approve the user</td>
        </tr>
      </table>
Chad Barb's avatar
Chad Barb committed
63 64 65
      <br />
      <h4>You have the following choices for <b>Trust</b>:</h4>
      <table cellspacing=2 cellpadding=4 border=0>
66
        <tr>
Chad Barb's avatar
Chad Barb committed
67
            <td><b>User</b></td>
68 69 70
            <td>User may log into machines in your experiments</td>
        </tr>
        <tr>
Chad Barb's avatar
Chad Barb committed
71
            <td><b>Local Root</b></td>
72
            <td>User may create/destroy experiments in your project and
Jay Lepreau's avatar
Jay Lepreau committed
73
                has root privileges on machines in your experiments</td>
74
        </tr>
Leigh Stoller's avatar
Leigh Stoller committed
75
        <tr>
Chad Barb's avatar
Chad Barb committed
76
            <td><b>Group Root</b></td>
Leigh Stoller's avatar
Leigh Stoller committed
77 78 79 80 81 82
            <td>In addition to Local Root privileges, user may also
                approve new group members and 
                modify user info for other users within the group. This
                level of trust is typically given only to TAs and the
                like.</td>
        </tr>
83
      </table>
Chad Barb's avatar
Chad Barb committed
84
      <br />
85 86 87
      <b>Important group
       <a href='docwrapper.php3?docname=groups.html#SECURITY'>
       security issues</a> are discussed in the
Chad Barb's avatar
Chad Barb committed
88
       <a href='docwrapper.php3?docname=groups.html'>Groups Tutorial</a>.
89
      </b>
Chad Barb's avatar
Chad Barb committed
90
      </center><br />
91

92
      \n";
93 94 95 96 97 98

#
# Now build a table with a bunch of selections. The thing to note about the
# form inside this table is that the selection fields are constructed with
# name= on the fly, from the uid of the user to be approved. In other words:
#
Leigh Stoller's avatar
Leigh Stoller committed
99 100 101
#             uid     menu     project/group
#	name=stoller$$approval-testbed/testbed value=approved,denied,postpone
#	name=stoller$$trust-testbed/testbed value=user,local_root
102 103
#
# so that we can go through the entire list of post variables, looking
104
# for these. The alternative is to work backwards, and I do not like that.
105
# 
106 107
echo "<table width=\"100%\" border=2 cellpadding=2 cellspacing=2
       align=\"center\">\n";
108 109

echo "<tr>
110 111 112 113 114 115 116 117 118 119 120
          <th rowspan=2>User</th>
          <th rowspan=2>Project</th>
          <th rowspan=2>Group</th>
          <th rowspan=2>Date<br>Applied</th>
          <th rowspan=2>Action</th>
          <th rowspan=2>Trust</th>
          <th>Name</th>
          <th>Title</th>
          <th>Affil</th>
          <th>E-mail</th>
          <th>Phone</th>
121 122
      </tr>
      <tr>
123
          <th colspan=5>Address</th>
124 125
      </tr>\n";

126
echo "<form action='approveuser.php3' method='post'>\n";
127

128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143
while (list ($uid_idx, $grouplist) = each ($approvelist)) {
  if (! ($user = User::Lookup($uid_idx))) {
    TBERROR("Could not lookup user $uid_idx", 1);
  }

  # Iterate over groups for this user.
  for ($i = 0; $i < count($grouplist); $i++) {
    $group        = $grouplist[$i];
    
    $newuid       = $user->uid();
    $gid          = $group->gid();
    $gid_idx      = $group->gid_idx();
    $pid          = $group->pid();
    $pid_idx      = $group->pid_idx();

    $group->MemberShipInfo($user, $trust, $date_applied, $date_approved);
144 145 146 147 148 149 150

    #
    # Cause this field was added late and might be null.
    # 
    if (! $date_applied) {
	$date_applied = "--";
    }
151

152 153 154 155 156 157 158 159 160 161 162
    $name	= $user->name();
    $email	= $user->email();
    $title	= $user->title();
    $affil	= $user->affil();
    $addr	= $user->addr();
    $addr2	= $user->addr2();
    $city	= $user->city();
    $state	= $user->state();
    $zip	= $user->zip();
    $country	= $user->country();
    $phone	= $user->phone();
163

164
     echo "<tr>
165 166
              <td rowspan=2>$newuid</td>
              <td rowspan=2>$pid</td>
Leigh Stoller's avatar
Leigh Stoller committed
167
              <td rowspan=2>$gid</td>
168
              <td rowspan=2>$date_applied</td>
169
              <td rowspan=2>
Leigh Stoller's avatar
Leigh Stoller committed
170
                  <select name=\"$newuid\$\$approval-$pid/$gid\">
171 172 173 174
                          <option value='postpone'>Postpone </option>
                          <option value='approve'>Approve </option>
                          <option value='deny'>Deny </option>
                          <option value='nuke'>Nuke </option>
175 176 177
                  </select>
              </td>
              <td rowspan=2>
178
                  <select name=\"$newuid\$\$trust-$pid/$gid\">\n";
179 180
     
    if ($group->CheckTrustConsistency($user, TBDB_TRUSTSTRING_USER, 0)) {
181
	echo  "<option value='user'>User </option>\n";
Leigh Stoller's avatar
Leigh Stoller committed
182
    }
183
    if ($group->CheckTrustConsistency($user, TBDB_TRUSTSTRING_LOCALROOT, 0)) {
184 185
	# local_root means any root is valid.
        echo  "<option value='local_root'>Local Root </option>\n";
186 187 188

	# Allowed to set to group root?
	if ($group->AccessCheck($this_user, $TB_PROJECT_BESTOWGROUPROOT)) {
189 190
	    echo  "<option value='group_root'>Group Root </option>\n";
	}
191
    }	
Leigh Stoller's avatar
Leigh Stoller committed
192
    echo "        </select>
193 194 195 196 197 198 199 200 201
              </td>\n";

    echo "    <td>&nbsp;$name&nbsp;</td>
              <td>&nbsp;$title&nbsp;</td>
              <td>&nbsp;$affil&nbsp;</td>
              <td>&nbsp;$email&nbsp;</td>
              <td>&nbsp;$phone&nbsp;</td>
          </tr>\n";
    echo "<tr>
202 203 204 205 206
              <td colspan=5>&nbsp;$addr&nbsp;";
    if (strcmp($addr2,"")) { 
	echo "&nbsp;$addr2&nbsp;"; 
    }
    echo "                  &nbsp;$city&nbsp;
207
                            &nbsp;$state&nbsp;
208 209
                            &nbsp;$zip&nbsp;
                            &nbsp;$country&nbsp;</td>
210
          </tr>\n";
211
  }
212 213
}
echo "<tr>
Leigh Stoller's avatar
Leigh Stoller committed
214
          <td align=center colspan=11>
215 216 217
              <b><input type='submit' value='Submit' name='OK'></td>
      </tr>
      </form>
218 219 220 221 222 223
      </table>\n";

#
# Standard Testbed Footer
# 
PAGEFOOTER();
224
?>