Commit 1728fe2b authored by Leigh Stoller's avatar Leigh Stoller

Address Pats comments in email to testbed-ops:

    From: "Patrick Tullmann 'tullmann'" <tullmann@cs.utah.edu>
    Subject: Re: TESTBED: aclement janos Project Join Request

    First the reply-to: address for approval mails should be
    testbed-ops@fast (right?).

    Second, Austin isn't listed on my testbed user approval page.  I
    assume Mike or a testbed person approved him (which is good because
    who knows when I'd get around to it. :)

    An option like "remove" or "ignore" or something like that for just
    nuking requests without a reply would be useful (I've got some guy
    from yahoo.com who wants to join Janos).

    Also, the date of the join request would be nice to know (e.g., for
    the above, I think he tried joining 4 or 5 months ago).

    he documentation above the table is out of synch with the pull-down
    boxes.
parent 4c99ee7f
......@@ -124,7 +124,7 @@ while (list ($header, $value) = each ($HTTP_POST_VARS)) {
$query_result = mysql_db_query($TBDBNAME,
"SELECT usr_email,usr_name from users where uid='$uid'");
if (! $query_result) {
TBERROR("Database Error restrieving user status for $uid", 1);
TBERROR("Database Error retrieving user info for $uid", 1);
}
if (mysql_num_rows($query_result) == 0) {
TBERROR("Unknown user $uid", 1);
......@@ -133,6 +133,24 @@ while (list ($header, $value) = each ($HTTP_POST_VARS)) {
$uid_email = $row[0];
$uid_name = $row[1];
#
# Lets get project head email, just in case the person doing the approval
# is not the head of the project. This is polite to do.
#
$query_result = mysql_db_query($TBDBNAME,
"SELECT usr_email,usr_name from users as u ".
"left join projects as p on p.head_uid=u.uid where p.pid='$project'");
if (! $query_result) {
TBERROR("Database Error retrieving user info for project $project ".
"leader", 1);
}
if (mysql_num_rows($query_result) == 0) {
TBERROR("Retrieving user info for project $project leader", 1);
}
$row = mysql_fetch_row($query_result);
$phead_email = $row[0];
$phead_name = $row[1];
#
# Well, looks like everything is okay. Change the project membership
# value appropriately.
......@@ -165,6 +183,7 @@ while (list ($header, $value) = each ($HTTP_POST_VARS)) {
"Testbed Ops\n".
"Utah Network Testbed\n",
"From: $uid_name <$uid_email>\n".
"Cc: $phead_name <$phead_email>\n".
"Bcc: $TBMAIL_APPROVAL\n".
"Errors-To: $TBMAIL_WWW");
......@@ -175,12 +194,79 @@ while (list ($header, $value) = each ($HTTP_POST_VARS)) {
continue;
}
if (strcmp($approval, "nuke") == 0) {
#
# Delete the proj_memb record.
#
$query_result = mysql_db_query($TBDBNAME,
"delete from proj_memb where uid='$user' and pid='$project'");
if (! $query_result) {
TBERROR("Database Error removing $user from project membership ".
"after being denied.", 1);
}
#
# See if user is in any other projects (even unapproved).
#
$query_result = mysql_db_query($TBDBNAME,
"select * from proj_memb where uid='$user'");
if (! $query_result) {
TBERROR("Database Error getting $user from project membership ".
"after being nuked", 1);
}
#
# If yes, then we cannot safely delete the user account.
#
if (mysql_num_rows($query_result)) {
echo "<h3><p>
User $user was denied membership in project $project.<br>
Since the user is a member (or requesting membership)
in other projects, the account cannot be safely removed.
</h3>\n";
continue;
}
#
# No other project membership. If the user is unapproved/newuser,
# it means he was never approved in any project, and so will
# likely not be missed. He will be unapproved if he did his
# verification.
#
if (strcmp($curstatus, "newuser") &&
strcmp($curstatus, "unapproved")) {
echo "<h3><p>
User $user was denied membership in project $project.<br>
Since the user has been approved by, or was active in other
projects in the past, the account cannot be safely removed.
</h3>\n";
continue;
}
$query_result = mysql_db_query($TBDBNAME,
"delete FROM users where uid='$user'");
if (! $query_result) {
TBERROR("Database Error removing $user from users table ".
"after being nuked", 1);
}
echo "<h3><p>
User $user was denied membership in project $project.<br>
The account has also be terminated with prejudice!
</h3>\n";
continue;
}
if (strcmp($approval, "approve") == 0) {
#
# Change the trust value in proj_memb accordingly.
#
$date_approved = date("Y:m:d", time());
$query_result = mysql_db_query($TBDBNAME,
"UPDATE proj_memb set trust='$newtrust' ".
"UPDATE proj_memb set trust='$newtrust', ".
"date_approved='$date_approved' ".
"WHERE uid='$user' and pid='$project'");
if (! $query_result) {
TBERROR("Database Error adding $user to project $project.", 1);
......@@ -220,6 +306,7 @@ while (list ($header, $value) = each ($HTTP_POST_VARS)) {
"Testbed Ops\n".
"Utah Network Testbed\n",
"From: $uid_name <$uid_email>\n".
"Cc: $phead_name <$phead_email>\n".
"Bcc: $TBMAIL_APPROVAL\n".
"Errors-To: $TBMAIL_WWW");
......
......@@ -13,18 +13,66 @@ $auth_usr = GETLOGIN();
LOGGEDINORDIE($auth_usr);
echo "
<h1>Approve new users in your Project</h1>
<h2>Approve new users in your Project</h2>
Use this page to approve new members of your Project. Once
approved, they will be able to log into machines in your Project's
experiments.
<p> If you desire, you may set their trust/privilege
levels to give them more or less access to your nodes:
<ul>
<li>Deny - Deny access to your project.
<li>User - Can log into machines in your experiments.
<li>Root - Granted root access on your project's machines;
can create new experiments.
</ul>\n";
experiments. Be sure to toggle the menu options appropriately for
each pending user.
<p>
<table cellspacing=2 border=0>
<tr>
<td colspan=4>
<h4>You have the following choices for <b>Action</b>:</td>
<tr>
<tr>
<td>&nbsp</td>
<td>Postpone</td>
<td>-</td>
<td>Do nothing; user remains pending decision</td>
</tr>
<tr>
<td>&nbsp</td>
<td>Deny</td>
<td>-</td>
<td>Deny user application</td>
</tr>
<tr>
<td>&nbsp</td>
<td>Nuke</td>
<td>-</td>
<td>Nuke user application. Kills user account. Useful for
bogus project applications.</td>
</tr>
<tr>
<td>&nbsp</td>
<td>Approve</td>
<td>-</td>
<td>Approve the user</td>
</tr>
</table>
</center>
<p>
<table cellspacing=2 border=0>
<tr>
<td colspan=4>
<h4>You have the following choices for <b>Trust</b>:</td>
<tr>
<tr>
<td>&nbsp</td>
<td>User</td>
<td>-</td>
<td>User may log into machines in your experiments</td>
</tr>
<tr>
<td>&nbsp</td>
<td>Root</td>
<td>-</td>
<td>User may create/destroy experiments in your project and
has root privledges on machines in your experiments</td>
</tr>
</table>
\n";
#
# Find all of the groups that this person has group_root in, and then in
......@@ -74,14 +122,15 @@ if (mysql_num_rows($query_result) == 0) {
# name=stoller$$trust-testbed value=user,local_root
#
# so that we can go through the entire list of post variables, looking
# for these. The alternative is to work backwards, and I don't like that.
# for these. The alternative is to work backwards, and I do not like that.
#
echo "<table width=\"100%\" border=2 cellpadding=0 cellspacing=2
align='center'>\n";
echo "<table width=\"100%\" border=2 cellpadding=2 cellspacing=2
align=\"center\">\n";
echo "<tr>
<td rowspan=2>User</td>
<td rowspan=2>Project</td>
<td rowspan=2>Date<br>Applied</td>
<td rowspan=2>Action</td>
<td rowspan=2>Trust</td>
<td>Name</td>
......@@ -103,6 +152,14 @@ echo "<form action='approveuser.php3' method='post'>\n";
while ($usersrow = mysql_fetch_array($query_result)) {
$newuid = $usersrow[uid];
$pid = $usersrow[pid];
$date_applied = $usersrow[date_applied];
#
# Cause this field was added late and might be null.
#
if (! $date_applied) {
$date_applied = "--";
}
$userinfo_result = mysql_db_query($TBDBNAME,
"SELECT * from users where uid=\"$newuid\"");
......@@ -120,16 +177,18 @@ while ($usersrow = mysql_fetch_array($query_result)) {
$phone = $row[usr_phone];
echo "<tr>
<td colspan=9> </td>
<td colspan=10> </td>
</tr>
<tr>
<td rowspan=2>$newuid</td>
<td rowspan=2>$pid</td>
<td rowspan=2>$date_applied</td>
<td rowspan=2>
<select name=\"$newuid\$\$approval-$pid\">
<option value='postpone'>Postpone</option>
<option value='approve'>Approve</option>
<option value='deny'>Deny</option>
<option value='nuke'>Nuke</option>
</select>
</td>
<td rowspan=2>
......@@ -154,7 +213,7 @@ while ($usersrow = mysql_fetch_array($query_result)) {
</tr>\n";
}
echo "<tr>
<td align=center colspan=9>
<td align=center colspan=10>
<b><input type='submit' value='Submit' name='OK'></td>
</tr>
</form>
......
......@@ -346,6 +346,7 @@ mail($TBMAIL_APPROVAL,
"select the 'Project Approval' page.\n\nThey are expecting a result ".
"within 72 hours.\n",
"From: $usr_name '$proj_head_uid' <$usr_email>\n".
"Reply-To: $TBMAIL_APPROVAL\n".
"Errors-To: $TBMAIL_WWW");
#
......
......@@ -259,9 +259,11 @@ if (mysql_num_rows($query_result) > 0) {
# Add to the project, but with trust=none. The project leader will have
# to upgrade the trust level, making the new user real.
#
$date_applied = date("Y:m:d", time());
$query_result = mysql_db_query($TBDBNAME,
"insert into proj_memb (uid,pid,trust) ".
"values ('$joining_uid','$pid','none');");
"insert into proj_memb (uid,pid,trust,date_applied) ".
"values ('$joining_uid','$pid','none','$date_applied');");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error adding adding user $joining_uid to ".
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment