approveuser_form.php3 7.81 KB
Newer Older
1 2 3
<?php
include("defs.php3");

4 5 6 7 8
#
# Standard Testbed Header
#
PAGEHEADER("New Users Approval Form");

9 10 11
#
# Only known and logged in users can be verified.
#
12
$auth_usr = GETLOGIN();
13 14 15
LOGGEDINORDIE($auth_usr);

echo "
Leigh Stoller's avatar
Leigh Stoller committed
16 17 18
      <h2>Approve new users in your Project or Group</h2>
      Use this page to approve new members of your Project or Group.  Once
      approved, they will be able to log into machines in your Project's 
19
      experiments. Be sure to toggle the menu options appropriately for
20
      each pending user.
21 22 23 24 25 26 27 28 29 30 31

      <p>
      <table cellspacing=2 border=0>
        <tr>
            <td colspan=4>
                <h4>You have the following choices for <b>Action</b>:</td>
        <tr>
        <tr>
            <td>&nbsp</td>
            <td>Postpone</td>
            <td>-</td>
Jay Lepreau's avatar
Jay Lepreau committed
32
            <td>Do nothing; application remains, pending a decision.</td>
33 34 35 36 37
        </tr>
        <tr>
            <td>&nbsp</td>
            <td>Deny</td>
            <td>-</td>
Jay Lepreau's avatar
Jay Lepreau committed
38
            <td>Deny user application and so notify the user.</td>
39 40 41 42 43
        </tr>
        <tr>
            <td>&nbsp</td>
            <td>Nuke</td>
            <td>-</td>
Jay Lepreau's avatar
Jay Lepreau committed
44 45
            <td>Nuke user application.  Kills user account, without
		notice to user.  Useful for
46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69
                bogus project applications.</td>
        </tr>
        <tr>
            <td>&nbsp</td>
            <td>Approve</td>
            <td>-</td>
            <td>Approve the user</td>
        </tr>
      </table>
      </center>
      <p>
      <table cellspacing=2 border=0>
        <tr>
            <td colspan=4>
                <h4>You have the following choices for <b>Trust</b>:</td>
        <tr>
        <tr>
            <td>&nbsp</td>
            <td>User</td>
            <td>-</td>
            <td>User may log into machines in your experiments</td>
        </tr>
        <tr>
            <td>&nbsp</td>
Leigh Stoller's avatar
Leigh Stoller committed
70
            <td>Local Root</td>
71 72
            <td>-</td>
            <td>User may create/destroy experiments in your project and
Jay Lepreau's avatar
Jay Lepreau committed
73
                has root privileges on machines in your experiments</td>
74
        </tr>
Leigh Stoller's avatar
Leigh Stoller committed
75 76 77 78 79 80 81 82 83 84
        <tr>
            <td>&nbsp</td>
            <td>Group Root</td>
            <td>-</td>
            <td>In addition to Local Root privileges, user may also
                approve new group members and 
                modify user info for other users within the group. This
                level of trust is typically given only to TAs and the
                like.</td>
        </tr>
85
      </table>
86 87 88 89 90 91 92 93 94

      <center>
      <b>Important group
       <a href='docwrapper.php3?docname=groups.html#SECURITY'>
       security issues</a> are discussed in the
       <a href='docwrapper.php3?docname=groups.html'>Groups Tutorial</a>
      </b>
      </center><br>

95
      \n";
96 97

#
Leigh Stoller's avatar
Leigh Stoller committed
98 99 100
# Find all of the groups that this person has project/group root in, and 
# then in all of those groups, all of the people who are awaiting to be
# approved (status = none).
101
#
Leigh Stoller's avatar
Leigh Stoller committed
102
# First off, just determine if this person has group/project root anywhere.
103
#
Leigh Stoller's avatar
Leigh Stoller committed
104 105 106
$query_result =
    DBQueryFatal("SELECT pid FROM group_membership WHERE uid='$auth_usr' ".
		 "and (trust='group_root' or trust='project_root')");
107
if (mysql_num_rows($query_result) == 0) {
Leigh Stoller's avatar
Leigh Stoller committed
108
    USERERROR("You do not have Root permissions in any Project or Group.", 1);
109 110 111 112
}

#
# Okay, so this operation sucks out the right people by joining the
Leigh Stoller's avatar
Leigh Stoller committed
113
# group_membership table with itself. Kinda obtuse if you are not a natural
114 115
# DB guy. Sorry. Well, obtuse to me.
# 
Leigh Stoller's avatar
Leigh Stoller committed
116 117 118 119 120
$query_result =
    DBQueryFatal("SELECT g.* FROM group_membership as g ".
		 "LEFT JOIN group_membership as authed ".
		 "ON g.pid=authed.pid and g.gid=authed.gid and ".
		 "   g.uid!='$auth_usr' and g.trust='none' ".
121 122 123
		 "left join users as u on u.uid=g.uid ".
		 "WHERE u.status='" . TBDB_USERSTATUS_UNAPPROVED . "' and ".
		 "      authed.uid='$auth_usr' and ".
Leigh Stoller's avatar
Leigh Stoller committed
124
		 "      (authed.trust='group_root' or ".
125 126
		 "       authed.trust='project_root') ".
		 "ORDER BY g.uid,g.pid,g.gid");
Leigh Stoller's avatar
Leigh Stoller committed
127

128 129 130 131 132 133 134 135 136
if (mysql_num_rows($query_result) == 0) {
    USERERROR("You have no new project members who need approval.", 1);
}

#
# Now build a table with a bunch of selections. The thing to note about the
# form inside this table is that the selection fields are constructed with
# name= on the fly, from the uid of the user to be approved. In other words:
#
Leigh Stoller's avatar
Leigh Stoller committed
137 138 139
#             uid     menu     project/group
#	name=stoller$$approval-testbed/testbed value=approved,denied,postpone
#	name=stoller$$trust-testbed/testbed value=user,local_root
140 141
#
# so that we can go through the entire list of post variables, looking
142
# for these. The alternative is to work backwards, and I do not like that.
143
# 
144 145
echo "<table width=\"100%\" border=2 cellpadding=2 cellspacing=2
       align=\"center\">\n";
146 147 148 149

echo "<tr>
          <td rowspan=2>User</td>
          <td rowspan=2>Project</td>
Leigh Stoller's avatar
Leigh Stoller committed
150
          <td rowspan=2>Group</td>
151
          <td rowspan=2>Date<br>Applied</td>
152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167
          <td rowspan=2>Action</td>
          <td rowspan=2>Trust</td>
          <td>Name</td>
          <td>Title</td>
          <td>Affil</td>
          <td>E-mail</td>
          <td>Phone</td>
      </tr>
      <tr>
          <td>Addr</td>
          <td>Addr2</td>
          <td>City</td>
          <td>State</td>
          <td>Zip</td>
      </tr>\n";

168
echo "<form action='approveuser.php3' method='post'>\n";
169 170

while ($usersrow = mysql_fetch_array($query_result)) {
171 172
    $newuid        = $usersrow[uid];
    $pid           = $usersrow[pid];
Leigh Stoller's avatar
Leigh Stoller committed
173
    $gid           = $usersrow[gid];
174 175 176 177 178 179 180 181
    $date_applied  = $usersrow[date_applied];

    #
    # Cause this field was added late and might be null.
    # 
    if (! $date_applied) {
	$date_applied = "--";
    }
182

Leigh Stoller's avatar
Leigh Stoller committed
183 184 185 186 187 188 189 190 191 192 193 194 195
    #
    # Only project leaders get to add someone as group root.
    # 
    TBProjLeader($pid, $projleader);
    if (strcmp($auth_usr, $projleader) == 0) {
	    $isleader = 1;
    }
    else {
	    $isleader = 0;
    }

    $userinfo_result =
	DBQueryFatal("SELECT * from users where uid='$newuid'");
196 197 198 199 200 201 202 203 204 205 206 207 208 209

    $row	= mysql_fetch_array($userinfo_result);
    $name	= $row[usr_name];
    $email	= $row[usr_email];
    $title	= $row[usr_title];
    $affil	= $row[usr_affil];
    $addr	= $row[usr_addr];
    $addr2	= $row[usr_addr2];
    $city	= $row[usr_city];
    $state	= $row[usr_state];
    $zip	= $row[usr_zip];
    $phone	= $row[usr_phone];

    echo "<tr>
210
              <td colspan=10> </td>
211 212 213 214
          </tr>
          <tr>
              <td rowspan=2>$newuid</td>
              <td rowspan=2>$pid</td>
Leigh Stoller's avatar
Leigh Stoller committed
215
              <td rowspan=2>$gid</td>
216
              <td rowspan=2>$date_applied</td>
217
              <td rowspan=2>
Leigh Stoller's avatar
Leigh Stoller committed
218
                  <select name=\"$newuid\$\$approval-$pid/$gid\">
219 220 221 222
                          <option value='postpone'>Postpone </option>
                          <option value='approve'>Approve </option>
                          <option value='deny'>Deny </option>
                          <option value='nuke'>Nuke </option>
223 224 225
                  </select>
              </td>
              <td rowspan=2>
Leigh Stoller's avatar
Leigh Stoller committed
226
                  <select name=\"$newuid\$\$trust-$pid/$gid\">
227 228
                          <option value='user'>User </option>
                          <option value='local_root'>Local Root </option>\n";
Leigh Stoller's avatar
Leigh Stoller committed
229
    if ($isleader) {
230
	    echo "        <option value='group_root'>Group Root </option>\n";
Leigh Stoller's avatar
Leigh Stoller committed
231 232
    }
    echo "        </select>
233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249
              </td>\n";

    echo "    <td>&nbsp;$name&nbsp;</td>
              <td>&nbsp;$title&nbsp;</td>
              <td>&nbsp;$affil&nbsp;</td>
              <td>&nbsp;$email&nbsp;</td>
              <td>&nbsp;$phone&nbsp;</td>
          </tr>\n";
    echo "<tr>
              <td>&nbsp;$addr&nbsp;</td>
              <td>&nbsp;$addr2&nbsp;</td>
              <td>&nbsp;$city&nbsp;</td>
              <td>&nbsp;$state&nbsp;</td>
              <td>&nbsp;$zip&nbsp;</td>
          </tr>\n";
}
echo "<tr>
Leigh Stoller's avatar
Leigh Stoller committed
250
          <td align=center colspan=11>
251 252 253
              <b><input type='submit' value='Submit' name='OK'></td>
      </tr>
      </form>
254 255 256 257 258 259
      </table>\n";

#
# Standard Testbed Footer
# 
PAGEFOOTER();
260
?>