Commit 4a5b9abd authored by Leigh Stoller's avatar Leigh Stoller

Fix several bugs in this script; we don't use it much I guess.

parent 2131133c
...@@ -24,8 +24,7 @@ $isadmin = ISADMIN(); ...@@ -24,8 +24,7 @@ $isadmin = ISADMIN();
if (!isset($user) || $user == "") { if (!isset($user) || $user == "") {
USERERROR("You must provide a User ID.", 1); USERERROR("You must provide a User ID.", 1);
} }
if (isset($target_pid) && if (isset($pid) && $pid == "") {
strcmp($target_pid, "") == 0) {
USERERROR("You must provide a valid project ID.", 1); USERERROR("You must provide a valid project ID.", 1);
} }
...@@ -67,10 +66,12 @@ if (isset($request) && $request) { ...@@ -67,10 +66,12 @@ if (isset($request) && $request) {
# #
# Confirm optional pid is a real pid and check permission # Confirm optional pid is a real pid and check permission
# #
if (isset($target_pid)) { if (isset($pid)) {
if (! ($target_project = Project::Lookup($target_pid))) { if (! ($target_project = Project::Lookup($pid))) {
USERERROR("No such project '$target_pid'", 1); USERERROR("No such project '$pid'", 1);
} }
$target_pid = $target_project->pid();
if (! $isadmin && if (! $isadmin &&
! $target_project->AccessCheck($this_user, $TB_PROJECT_DELUSER)) { ! $target_project->AccessCheck($this_user, $TB_PROJECT_DELUSER)) {
USERERROR("You do not have permission to remove user ". USERERROR("You do not have permission to remove user ".
...@@ -82,7 +83,7 @@ if (isset($target_pid)) { ...@@ -82,7 +83,7 @@ if (isset($target_pid)) {
# Must not be the head of the project being removed from, or any projects # Must not be the head of the project being removed from, or any projects
# if being completely removed. # if being completely removed.
# #
if (isset($target_pid)) { if (isset($target_project)) {
$leader = $target_project->GetLeader(); $leader = $target_project->GetLeader();
if ($leader->SameUser($target_user)) { if ($leader->SameUser($target_user)) {
...@@ -101,7 +102,7 @@ else { ...@@ -101,7 +102,7 @@ else {
# Must not be the head of any groups in the project, or any groups if # Must not be the head of any groups in the project, or any groups if
# being deleted from the testbed. # being deleted from the testbed.
# #
if (isset($target_pid)) { if (isset($target_project)) {
$query_result = $query_result =
DBQueryFatal("select pid,gid from groups ". DBQueryFatal("select pid,gid from groups ".
"where leader='$target_uid' and pid='$target_pid'"); "where leader='$target_uid' and pid='$target_pid'");
...@@ -128,12 +129,12 @@ else { ...@@ -128,12 +129,12 @@ else {
$query_result = $query_result =
DBQueryFatal("SELECT * FROM experiments ". DBQueryFatal("SELECT * FROM experiments ".
"where expt_head_uid='$target_dbuid' ". "where expt_head_uid='$target_dbuid' ".
(isset($target_pid) ? "and pid='$target_pid'" : "")); (isset($target_project) ? "and pid='$target_pid'" : ""));
if (mysql_num_rows($query_result)) { if (mysql_num_rows($query_result)) {
echo "<center><h3> echo "<center><h3>
User '$target_uid' is heading up the following experiments ". User '$target_uid' is heading up the following experiments ".
(isset($target_pid) ? "in project '$target_pid' " : "") . (isset($target_project) ? "in project '$target_pid' " : "") .
":</h3></center>\n"; ":</h3></center>\n";
echo "<table align=center border=1 cellpadding=2 cellspacing=2>\n"; echo "<table align=center border=1 cellpadding=2 cellspacing=2>\n";
...@@ -181,7 +182,7 @@ if ($canceled) { ...@@ -181,7 +182,7 @@ if ($canceled) {
if (!$confirmed) { if (!$confirmed) {
echo "<center><br>\n"; echo "<center><br>\n";
if (isset($target_pid)) { if (isset($target_project)) {
echo "Are you <b>REALLY</b> sure you want to remove user echo "Are you <b>REALLY</b> sure you want to remove user
'$target_uid' from project '$target_pid'?\n"; '$target_uid' from project '$target_pid'?\n";
} }
...@@ -190,11 +191,12 @@ if (!$confirmed) { ...@@ -190,11 +191,12 @@ if (!$confirmed) {
'$target_uid' from the testbed?\n"; '$target_uid' from the testbed?\n";
} }
echo "<form action=deleteuser.php3 method=post>"; if (isset($target_project))
echo "<input type=hidden name=user value=\"$user\">\n"; $url = CreateURL("deleteuser", $target_user, $target_project);
if (isset($target_pid)) { else
echo "<input type=hidden name=target_pid value=\"$target_pid\">\n"; $url = CreateURL("deleteuser", $target_user);
}
echo "<form action='$url' method=post>";
echo "<b><input type=submit name=confirmed value=Confirm></b>\n"; echo "<b><input type=submit name=confirmed value=Confirm></b>\n";
echo "<b><input type=submit name=canceled value=Cancel></b>\n"; echo "<b><input type=submit name=canceled value=Cancel></b>\n";
echo "</form>\n"; echo "</form>\n";
...@@ -208,7 +210,7 @@ if (!$confirmed_twice) { ...@@ -208,7 +210,7 @@ if (!$confirmed_twice) {
echo "<center><br> echo "<center><br>
Okay, let's be sure.<br>\n"; Okay, let's be sure.<br>\n";
if (isset($target_pid)) { if (isset($target_project)) {
echo "Are you <b>REALLY REALLY</b> sure you want to remove user echo "Are you <b>REALLY REALLY</b> sure you want to remove user
'$target_uid' from project '$target_pid'?\n"; '$target_uid' from project '$target_pid'?\n";
} }
...@@ -216,12 +218,13 @@ if (!$confirmed_twice) { ...@@ -216,12 +218,13 @@ if (!$confirmed_twice) {
echo "Are you <b>REALLY REALLY</b> sure you want to delete user echo "Are you <b>REALLY REALLY</b> sure you want to delete user
'$target_uid' from the testbed?\n"; '$target_uid' from the testbed?\n";
} }
if (isset($target_project))
$url = CreateURL("deleteuser", $target_user, $target_project);
else
$url = CreateURL("deleteuser", $target_user);
echo "<form action=deleteuser.php3 method=post>"; echo "<form action='$url' method=post>";
echo "<input type=hidden name=user value=\"$user\">\n";
if (isset($target_pid)) {
echo "<input type=hidden name=target_pid value=\"$target_pid\">\n";
}
echo "<input type=hidden name=confirmed value=Confirm>\n"; echo "<input type=hidden name=confirmed value=Confirm>\n";
echo "<b><input type=submit name=confirmed_twice value=Confirm></b>\n"; echo "<b><input type=submit name=confirmed_twice value=Confirm></b>\n";
echo "<b><input type=submit name=canceled value=Cancel></b>\n"; echo "<b><input type=submit name=canceled value=Cancel></b>\n";
...@@ -238,7 +241,7 @@ STARTBUSY("User '$target_uid' is being removed!"); ...@@ -238,7 +241,7 @@ STARTBUSY("User '$target_uid' is being removed!");
# All the real work is done in the script. # All the real work is done in the script.
# #
SUEXEC($uid, $TBADMINGROUP, SUEXEC($uid, $TBADMINGROUP,
"webrmuser " . (isset($target_pid) ? "-p $target_pid " : " ") . "webrmuser " . (isset($target_project) ? "-p $target_pid " : " ") .
"$target_uid", "$target_uid",
SUEXEC_ACTION_DIE); SUEXEC_ACTION_DIE);
...@@ -250,7 +253,7 @@ STOPBUSY(); ...@@ -250,7 +253,7 @@ STOPBUSY();
# people can act on it immediately of couse, but mere users, even # people can act on it immediately of couse, but mere users, even
# project leaders, must send us a request for it. # project leaders, must send us a request for it.
# #
if (isset($target_pid)) { if (isset($target_project)) {
$projlist = $target_user->ProjectMembershipList(); $projlist = $target_user->ProjectMembershipList();
if (! count($projlist)) { if (! count($projlist)) {
...@@ -269,7 +272,7 @@ if (isset($target_pid)) { ...@@ -269,7 +272,7 @@ if (isset($target_pid)) {
} }
} }
else { else {
if (isset($target_pid)) { if (isset($target_project)) {
PAGEREPLACE(CreateURL("showgroup", URLARG_PID, $target_pid, PAGEREPLACE(CreateURL("showgroup", URLARG_PID, $target_pid,
URLARG_GID, $target_pid)); URLARG_GID, $target_pid));
} }
......
...@@ -808,6 +808,7 @@ class Group ...@@ -808,6 +808,7 @@ class Group
function ShowMembers($prived = 0) { function ShowMembers($prived = 0) {
$gid_idx = $this->gid_idx(); $gid_idx = $this->gid_idx();
$pid_idx = $this->pid_idx(); $pid_idx = $this->pid_idx();
$project = $this->Project();
$query_result = $query_result =
DBQueryFatal("select uid_idx,trust from group_membership ". DBQueryFatal("select uid_idx,trust from group_membership ".
...@@ -817,7 +818,7 @@ class Group ...@@ -817,7 +818,7 @@ class Group
return; return;
} }
$showdel = (($prived && $pid_idx == $gid_idx) ? 1 : 0); $showdel = (($prived && $pid_idx == $gid_idx) ? 1 : 0);
$projgrp = (($pid_idx == $gid_idx) ? 1 : 0); $projgrp = $this->IsProjectGroup();
echo "<center>\n"; echo "<center>\n";
if ($projgrp) if ($projgrp)
...@@ -851,8 +852,7 @@ class Group ...@@ -851,8 +852,7 @@ class Group
$usr_email = $target_user->email(); $usr_email = $target_user->email();
$usr_uid = $target_user->uid(); $usr_uid = $target_user->uid();
$showuser_url = CreateURL("showuser", $target_user); $showuser_url = CreateURL("showuser", $target_user);
$deluser_url = CreateURL("deleteuser", $target_user, $deluser_url = CreateURL("deleteuser", $target_user, $project);
URLARG_PID, $pid);
echo "<tr> echo "<tr>
<td>$usr_name</td>\n"; <td>$usr_name</td>\n";
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment