deletepubkey.php3 3.54 KB
Newer Older
1
<?php
Leigh Stoller's avatar
Leigh Stoller committed
2 3 4 5 6
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# All rights reserved.
#
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135
include("defs.php3");
include("showstuff.php3");

#
# No PAGEHEADER since we spit out a redirect later.
# 

#
# Only known and logged in users can do this.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
$isadmin = ISADMIN($uid);

#
# Verify form arguments.
# 
if (!isset($target_uid) ||
    strcmp($target_uid, "") == 0) {
    USERERROR("Improper form arguments!", 1);
}
if (!isset($key) ||
    strcmp($key, "") == 0) {
    USERERROR("Improper form arguments!", 1);
}

#
# Check to make sure thats this is a valid UID.
#
if (! TBCurrentUser($target_uid)) {
    USERERROR("The user $target_uid is not a valid user", 1);
}

#
# Verify that this uid is a member of one of the projects that the
# target_uid is in. Must have proper permission in that group too. 
#
if (!$isadmin &&
    strcmp($uid, $target_uid)) {

    if (! TBUserInfoAccessCheck($uid, $target_uid, $TB_USERINFO_MODIFYINFO)) {
	USERERROR("You do not have permission to change ${user}'s keys!", 1);
    }
}

#
# Get the actual key.
#
$query_result =
    DBQueryFatal("select * from user_pubkeys ".
		 "where uid='$target_uid' and comment='$key'");

if (! mysql_num_rows($query_result)) {
    USERERROR("Public Key '$key' for user '$target_uid' does not exist!", 1);
}

$row    = mysql_fetch_array($query_result);
$pubkey = $row[pubkey];
$chunky = chunk_split($pubkey, 70, "<br>\n");

#
# We run this twice. The first time we are checking for a confirmation
# by putting up a form. The next time through the confirmation will be
# set. Or, the user can hit the cancel button, in which case we should
# probably redirect the browser back up a level.
#
if ($canceled) {
    PAGEHEADER("SSH Public Key Maintenance");
    
    echo "<center><h2><br>
          SSH Public Key deletion canceled!
          </h2></center>\n";

    echo "<br>
          Back to <a href='showpubkeys.php3?target_uid=$target_uid'>
                 ssh public keys</a> for user '$uid'.\n";
    
    PAGEFOOTER();
    return;
}

if (!$confirmed) {
    PAGEHEADER("SSH Public Key Maintenance");

    echo "<center><h2><br>
          Are you <b>REALLY</b>
          sure you want to delete SSH Public Key '$key' for user '$target_uid'?
          </h2>\n";
    
    echo "<form action='deletepubkey.php3?target_uid=$target_uid&key=$key'
                method=post>";
    echo "<b><input type=submit name=confirmed value=Confirm></b>\n";
    echo "<b><input type=submit name=canceled value=Cancel></b>\n";
    echo "</form>\n";
    echo "</center>\n";

    echo "<table align=center border=1 cellpadding=2 cellspacing=2>
           <tr>
              <td>$chunky</td>
           </tr>
          </table>\n";
    
    PAGEFOOTER();
    return;
}

#
# Audit
#
TBUserInfo($uid, $uid_name, $uid_email);
TBUserInfo($target_uid, $targuid_name, $targuid_email);

TBMAIL("$targuid_name <$targuid_email>",
     "SSH Public Key for '$target_uid' Deleted",
     "\n".
     "SSH Public Key for '$target_uid' deleted by '$uid'.\n".
     "\n".
     "$chunky\n".
     "\n".
     "Thanks,\n".
     "Testbed Ops\n".
     "Utah Network Testbed\n",
     "From: $uid_name <$uid_email>\n".
     "Cc: $TBMAIL_AUDIT\n".
     "Errors-To: $TBMAIL_WWW");

DBQueryFatal("delete from user_pubkeys ".
	     "where uid='$target_uid' and comment='$key'");

136 137 138
DBQueryFatal("update users set usr_modified=now() ".
	     "where uid='$target_uid'");

139 140 141
#
# mkacct updates the user pubkeys.
# 
142
SUEXEC($uid, $TBADMINGROUP, "webmkacct -a $target_uid", 0);
143 144 145 146

header("Location: showpubkeys.php3?target_uid=$target_uid");

?>