Commit c13d27c3 authored by Leigh Stoller's avatar Leigh Stoller

And finally, all those groups changes I've been whining and yammering

and complaining about this week.

1. editgroup: You can now edit the trust levels for existing group
   members (default group too), and you can specify trust levels when
   adding users to subgroups.

2. approveusers: When approving users in the approval page, you can
   specify different levels of trust. Before, I invisibly set all the
   trust values the same. I also added some ordering to the DB query
   to group users together.

3. I added a great deal of error checking to the processing pages for
   both forms. I split things up into a pre/post pass. The prepass
   goes through all of the form args and checks them for consistency
   and correctness. Nothing is changed in the DB unless all checks
   pass for all args. Then I do a second pass and make the changes.
   Both scripts set the ignore_user_abort() flag to prevent the user
   from stopping the script and causing a DB inconsistency.

4. Added trust consistency checks as well. Rather than allow the
   project or group leader to set inconsistent trust levels, I look
   for those and just plain disallow them. You may not give different
   trust levels in different subgroups of the *same* project, and you
   may not give a user a higher trust level in the default group than
   in the subgroups. Both edit and approve make these checks, and the
   code is absolutely awful.
parent f1d9357a
This diff is collapsed.
......@@ -17,7 +17,7 @@ echo "
Use this page to approve new members of your Project or Group. Once
approved, they will be able to log into machines in your Project's
experiments. Be sure to toggle the menu options appropriately for
each pending user.
each pending user.
<p>
<table cellspacing=2 border=0>
......@@ -83,6 +83,15 @@ echo "
like.</td>
</tr>
</table>
<center>
<b>Important group
<a href='docwrapper.php3?docname=groups.html#SECURITY'>
security issues</a> are discussed in the
<a href='docwrapper.php3?docname=groups.html'>Groups Tutorial</a>
</b>
</center><br>
\n";
#
......@@ -111,7 +120,8 @@ $query_result =
" g.uid!='$auth_usr' and g.trust='none' ".
"WHERE authed.uid='$auth_usr' and ".
" (authed.trust='group_root' or ".
" authed.trust='project_root')");
" authed.trust='project_root') ".
"ORDER BY g.uid,g.pid,g.gid");
if (mysql_num_rows($query_result) == 0) {
USERERROR("You have no new project members who need approval.", 1);
......@@ -204,18 +214,18 @@ while ($usersrow = mysql_fetch_array($query_result)) {
<td rowspan=2>$date_applied</td>
<td rowspan=2>
<select name=\"$newuid\$\$approval-$pid/$gid\">
<option value='postpone'>Postpone</option>
<option value='approve'>Approve</option>
<option value='deny'>Deny</option>
<option value='nuke'>Nuke</option>
<option value='postpone'>Postpone </option>
<option value='approve'>Approve </option>
<option value='deny'>Deny </option>
<option value='nuke'>Nuke </option>
</select>
</td>
<td rowspan=2>
<select name=\"$newuid\$\$trust-$pid/$gid\">
<option value='user'>User</option>
<option value='local_root'>Local Root</option>\n";
<option value='user'>User </option>
<option value='local_root'>Local Root </option>\n";
if ($isleader) {
echo " <option value='group_root'>Group Root</option>\n";
echo " <option value='group_root'>Group Root </option>\n";
}
echo " </select>
</td>\n";
......
......@@ -13,6 +13,8 @@ PAGEHEADER("Edit Group Membership");
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
ignore_user_abort(1);
#
# First off, sanity check page args.
#
......@@ -26,16 +28,17 @@ if (!isset($gid) ||
}
#
# We do not allow the default group to be edited. Never ever!
# The default group membership cannot be changed, but the trust levels can.
#
$defaultgroup = 0;
if (strcmp($gid, $pid) == 0) {
USERERROR("You are not allowed to modify a project's default group!", 1);
$defaultgroup = 1;
}
#
# Verify permission.
#
if (! TBProjAccessCheck($uid, $pid, 0, $TB_PROJECT_EDITGROUP)) {
if (! TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_EDITGROUP)) {
USERERROR("You do not have permission to edit group $gid in ".
"project $pid!", 1);
}
......@@ -56,45 +59,196 @@ $curmembers_result =
# added. Do not include people in the above list, obviously!
#
$nonmembers_result =
DBQueryFatal("select m.uid,m.trust from group_membership as m ".
DBQueryFatal("select m.uid from group_membership as m ".
"left join group_membership as a on ".
" a.uid=m.uid and a.pid=m.pid and a.gid='$gid' ".
"where m.pid='$pid' and m.gid=m.pid and a.uid is NULL");
function TBCheckTrustConsistency($user, $pid, $gid, $newtrust)
{
#
# If changing default group trust level, then compare levels.
# A user may not have greater permission in the default group than
# in a subgroup.
#
if (strcmp($pid, $gid)) {
$projtrust = TBProjTrust($user, $pid);
if ($projtrust > TBTrustConvert($newtrust)) {
USERERROR("User $user may not have a higher trust level in ".
"the default group of $pid, than in subgroup $gid!", 1);
}
}
else
$projtrust = TBTrustConvert($newtrust);
#
# Get all the subgroups not equal to the subgroup being changed.
#
$query_result =
DBQueryFatal("select trust,gid from group_membership ".
"where uid='$user' and pid='$pid' and trust!='none' ".
" and gid!=pid and gid!='$gid'");
while ($row = mysql_fetch_array($query_result)) {
$grptrust = $row[0];
$ogid = $row[1];
if ($projtrust > TBTrustConvert($grptrust)) {
USERERROR("User $user may not have a higher trust level in ".
"the default group of $pid, than in subgroup $ogid!", 1);
}
if (strcmp($pid, $gid)) {
#
# Check to make sure new trust is same as all other subgroup trust.
#
if (strcmp($newtrust, $grptrust)) {
USERERROR("User $user may not have different trust levels in ".
"different subgroups of $pid!", 1);
}
}
}
return 1;
}
#
# First pass does checks. Second pass does the real thing.
#
#
# Go through the list of current members. For each one, check to see if
# the checkbox for that person was checked. If not, delete the person
# from the group membership.
# from the group membership. Otherwise, look to see if the trust level
# has been changed.
#
if (mysql_num_rows($curmembers_result)) {
while ($row = mysql_fetch_array($curmembers_result)) {
$deluid = $row[0];
$foo = "delete_$row[0]";
$user = $row[0];
$foo = "change_$user";
#
# Is member to be deleted?
#
if (!$defaultgroup && !isset($$foo)) {
# Yes.
continue;
}
#
# There should be a corresponding trust variable in the POST vars.
# Note that we construct the variable name and indirect to it.
#
$foo = "$user\$\$trust";
$newtrust = $$foo;
if (! isset($$foo)) {
if (!$newtrust || strcmp($newtrust, "") == 0) {
TBERROR("Error finding trust for $user in editgroup.php3", 1);
}
if (strcmp($newtrust, "user") &&
strcmp($newtrust, "local_root") &&
strcmp($newtrust, "group_root")) {
TBERROR("Invalid trust $newtrust for $user in editgroup.php3.", 1);
}
TBCheckTrustConsistency($user, $pid, $gid, $newtrust);
}
}
#
# Go through the list of non members. For each one, check to see if
# the checkbox for that person was checked. If so, add the person
# to the group membership, with the trust level specified.
#
if (!$defaultgroup && mysql_num_rows($nonmembers_result)) {
while ($row = mysql_fetch_array($nonmembers_result)) {
$user = $row[0];
$foo = "add_$user";
if (isset($$foo)) {
#
# There should be a corresponding trust variable in the POST vars.
# Note that we construct the variable name and indirect to it.
#
$bar = "$user\$\$trust";
$newtrust = $$bar;
if (!$newtrust || strcmp($newtrust, "") == 0) {
TBERROR("Error finding trust for $user in editgroup.php3",
1);
}
if (strcmp($newtrust, "user") &&
strcmp($newtrust, "local_root") &&
strcmp($newtrust, "group_root")) {
TBERROR("Invalid trust $newtrust for $user in editgroup.php3.",
1);
}
TBCheckTrustConsistency($user, $pid, $gid, $newtrust);
}
}
}
#
# Now do the second pass, which makes the changes.
#
#
# Go through the list of current members. For each one, check to see if
# the checkbox for that person was checked. If not, delete the person
# from the group membership. Otherwise, look to see if the trust level
# has been changed.
#
if (mysql_num_rows($curmembers_result)) {
mysql_data_seek($curmembers_result, 0);
while ($row = mysql_fetch_array($curmembers_result)) {
$user = $row[0];
$foo = "change_$user";
if (!$defaultgroup && !isset($$foo)) {
DBQueryFatal("delete from group_membership ".
"where pid='$pid' and gid='$gid' and uid='$deluid'");
"where pid='$pid' and gid='$gid' and uid='$user'");
continue;
}
#
# There should be a corresponding trust variable in the POST vars.
# Note that we construct the variable name and indirect to it.
#
$foo = "$user\$\$trust";
$newtrust = $$foo;
DBQueryFatal("update group_membership set trust='$newtrust' ".
"where pid='$pid' and gid='$gid' and uid='$user'");
}
}
#
# Go through the list of non members. For each one, check to see if
# the checkbox for that person was checked. If so, add the person
# to the group membership. For now, they get the same permission they
# already have in the default group. At some point provide a way to
# do this on the page.
# to the group membership, with the trust level specified.
#
if (mysql_num_rows($nonmembers_result)) {
if (!$defaultgroup && mysql_num_rows($nonmembers_result)) {
mysql_data_seek($nonmembers_result, 0);
while ($row = mysql_fetch_array($nonmembers_result)) {
$adduid = $row[0];
$trust = $row[1];
$foo = "add_$row[0]";
$user = $row[0];
$foo = "add_$user";
if (isset($$foo)) {
#
# There should be a corresponding trust variable in the POST vars.
# Note that we construct the variable name and indirect to it.
#
$bar = "$user\$\$trust";
$newtrust = $$bar;
DBQueryFatal("insert into group_membership ".
"(uid, pid, gid, trust, date_applied,date_approved) ".
"values ('$adduid','$pid','$gid', '$trust', ".
"(uid, pid, gid, trust, ".
" date_applied,date_approved) ".
"values ('$user','$pid','$gid', '$newtrust', ".
" now(), now())");
}
}
......@@ -110,30 +264,30 @@ TBGroupUnixInfo($pid, $pid, $unix_gid, $unix_name);
# in the group. This is the same script that gets run when the group
# is first created.
#
SUEXEC($uid, $unix_gid, "webgroupupdate $pid $gid", 1);
#SUEXEC($uid, $unix_gid, "webgroupupdate $pid $gid", 1);
#
# No show it again.
# Show it again!
#
SHOWGROUP($pid, $gid);
SHOWGROUPMEMBERS($pid, $gid);
#
# An edit option.
#
echo "<p><center>
Do you want to edit this Group?
<A href='editgroup_form.php3?pid=$pid&gid=$gid'>Yes</a>
echo "<br><center>
<A href='editgroup_form.php3?pid=$pid&gid=$gid'>Edit</a> this Group?
</center>\n";
SHOWGROUPMEMBERS($pid, $gid);
#
# A delete option
# A delete option, but not for the default group!
#
echo "<p><center>
Do you want to delete this Group?
<A href='deletegroup.php3?pid=$pid&gid=$gid'>Yes</a>
</center>\n";
if (! $defaultgroup) {
echo "<p>
<A href='deletegroup.php3?pid=$pid&gid=$gid'>Delete</a> this Group?
\n";
}
#
# Standard Testbed Footer
......
......@@ -26,16 +26,17 @@ if (!isset($gid) ||
}
#
# We do not allow the default group to be edited. Never ever!
# The default group membership cannot be changed, but the trust levels can.
#
$defaultgroup = 0;
if (strcmp($gid, $pid) == 0) {
USERERROR("You are not allowed to modify a project's default group!", 1);
$defaultgroup = 1;
}
#
# Verify permission.
#
if (! TBProjAccessCheck($uid, $pid, 0, $TB_PROJECT_EDITGROUP)) {
if (! TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_EDITGROUP)) {
USERERROR("You do not have permission to edit group $gid in ".
"project $pid!", 1);
}
......@@ -46,7 +47,7 @@ if (! TBProjAccessCheck($uid, $pid, 0, $TB_PROJECT_EDITGROUP)) {
# the project leader.
#
$curmembers_result =
DBQueryFatal("select m.uid from group_membership as m ".
DBQueryFatal("select m.uid,m.trust from group_membership as m ".
"left join groups as g on g.pid=m.pid and g.gid=m.gid ".
"left join projects as p on p.pid=m.pid ".
"where m.pid='$pid' and m.gid='$gid' and ".
......@@ -67,41 +68,109 @@ $nonmembers_result =
#
SHOWGROUP($pid, $gid);
echo "<form action='editgroup.php3?pid=$pid&gid=$gid' method=post>
echo "<br>
<form action='editgroup.php3?pid=$pid&gid=$gid' method=post>
<table align=center border=1>\n";
if (mysql_num_rows($curmembers_result)) {
echo "<tr><td align=center>
<b>These are the current group members.<br>
Deselect the ones you would like to remove.</b>
</td></tr>\n";
echo "<tr><td align=center>\n";
if ($defaultgroup) {
echo "<tr><td align=center colspan=2 nowrap=1>
<br>
<font size=+1><b>Edit Trust Level</b></font>
<br>
You may edit trust level in the default group,<br>
but you are not allowed to remove members.
</td></tr>\n";
}
else {
echo "<tr><td align=center colspan=2 nowrap=1>
<br>
<font size=+1><b>Remove/Edit Group Members.</b></font>
<br>
Deselect the ones you would like to remove,<br>
or edit their trust value.
</td></tr>\n";
}
while ($row = mysql_fetch_array($curmembers_result)) {
echo "<input checked type=checkbox value=permit name='delete_$row[0]'>
$row[0] &nbsp\n";
$user = $row[0];
$trust = $row[1];
if ($defaultgroup) {
echo "<tr>
<td>
<input type=hidden name='change_$user' value=permit>
<A href='showuser.php3?target_uid=$user'>
$user &nbsp</A>
</td>\n";
}
else {
echo "<tr>
<td>
<input checked type=checkbox value=permit
name='change_$user'>
<A href='showuser.php3?target_uid=$user'>
$user &nbsp</A>
</td>\n";
}
echo " <td align=center>
<select name='$user\$\$trust'>\n";
#
# We want to have the current trust value selected in the menu.
#
echo "<option value='user' " .
((strcmp($trust, "user") == 0) ? "selected" : "") .
">User </option>\n";
echo "<option value='local_root' " .
((strcmp($trust, "local_root") == 0) ? "selected" : "") .
">Local Root </option>\n";
echo "<option value='group_root' " .
((strcmp($trust, "group_root") == 0) ? "selected" : "") .
">Group Root </option>\n";
echo " </select>
</td>\n";
}
echo "</td></tr>\n";
echo "</tr>\n";
}
if (mysql_num_rows($nonmembers_result)) {
echo "<tr><td align=center>
<b>These are project members who are not in the group.<br>
Select the ones you would like to add.</b>
echo "<tr><td align=center colspan=2 nowrap=1>
<br>
<font size=+1><b>Add Group Members.</b></font>
<br>
Select the ones you would like to add.<br>
Be sure to select the appropriate trust level.
</td></tr>\n";
echo "<tr><td align=center>\n";
while ($row = mysql_fetch_array($nonmembers_result)) {
echo "<input type=checkbox value=permit name='add_$row[0]'>
$row[0] &nbsp\n";
$user = $row[0];
$trust = $row[1];
echo "<tr>
<td>
<input type=checkbox value=permit name='add_$user'>
<A href='showuser.php3?target_uid=$user'>$user &nbsp</A>
</td>\n";
echo " <td align=center>
<select name='$user\$\$trust'>
<option value='user'>User</option>
<option value='local_root'>Local Root</option>
<option value='group_root'>Group Root</option>\n";
echo " </select>
</td>\n";
}
echo "</td></tr>\n";
echo "</tr>\n";
}
echo "<tr>
<td align=center>
<td align=center colspan=2>
<b><input type=submit value=Submit></b>
</td>
</tr>\n";
......@@ -109,6 +178,12 @@ echo "<tr>
echo "</table>
</form>\n";
echo "<br><center>
Important <a href='docwrapper.php3?docname=groups.html#SECURITY'>
security issues</a> are discussed in the
<a href='docwrapper.php3?docname=groups.html'>Groups Tutorial</a>.
</center>\n";
#
# Standard Testbed Footer
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment