Commit d2360b6d authored by Leigh Stoller's avatar Leigh Stoller

A large set of authorization changes.

* Cleanup! A lot of the structure derived from the early frame days,
  which had a noticable (and bad) effect on how I wrote the stuff.  I
  cleaned up most of that yuckyness.

* In process, optimize a little bit on the queries. The old code did
  about 9 queries just to write out the menu options, and then
  repeated most of those queries again in the page guts. I've
  consolidated the queries as much as possible (to 3) and cache all
  the results.

* Fix up problem with users who forget their passwords before
  verification. Basically, I fixed the more general problem of not
  being able to update your user info before verification/approval;
  users now get that menu option no matter their status.

* Fix up problem of users being able to access pages before
  verification (but after approval) by going around the menu options.
  The page level check (after the menu is drawn) now checks all
  conditions (password expired, unverified, unapproved, timedout, and
  also nologins()).

* Minor change in approveuser; do not show the new account to the
  project leader until the new user has verified his account.

* Change verification method, as reqwuested by Dave.  In addition to
  providing the key, also provide a web link to take the user straight
  to verification. I actually take them direct to the login page, and
  pass the key in as an argument. If the user is already logged in,
  bypass and go directly to the verify page (not the form page of
  course).  If the user is not logged in, let him log in, and then
  forward the key onward to the verify page. Basically, bypass the
  form all the time, and just do the verification.

* Minor change in showuser; Do not show pid/groups not approved in,
  and if the count is zero, do not draw the table headings.
parent 3bfcfe9f
......@@ -118,7 +118,9 @@ $query_result =
"LEFT JOIN group_membership as authed ".
"ON g.pid=authed.pid and g.gid=authed.gid and ".
" g.uid!='$auth_usr' and g.trust='none' ".
"WHERE authed.uid='$auth_usr' and ".
"left join users as u on u.uid=g.uid ".
"WHERE u.status='" . TBDB_USERSTATUS_UNAPPROVED . "' and ".
" authed.uid='$auth_usr' and ".
" (authed.trust='group_root' or ".
" authed.trust='project_root') ".
"ORDER BY g.uid,g.pid,g.gid");
......
......@@ -28,11 +28,11 @@ $TBDB_IMAGEID_IMAGENAMELEN = 30;
#
# User status field.
#
$TBDB_USERSTATUS_ACTIVE = "active";
$TBDB_USERSTATUS_NEWUSER = "newuser";
$TBDB_USERSTATUS_UNAPPROVED = "unapproved";
$TBDB_USERSTATUS_UNVERIFIED = "unverified";
$TBDB_USERSTATUS_FROZEN = "frozen";
define("TBDB_USERSTATUS_ACTIVE", "active");
define("TBDB_USERSTATUS_NEWUSER", "newuser");
define("TBDB_USERSTATUS_UNAPPROVED", "unapproved");
define("TBDB_USERSTATUS_UNVERIFIED", "unverified");
define("TBDB_USERSTATUS_FROZEN", "frozen");
#
# Trust. Define the trust level as an increasing value. Then define a
......@@ -45,6 +45,15 @@ $TBDB_TRUST_GROUPROOT = 3;
$TBDB_TRUST_PROJROOT = 4;
$TBDB_TRUST_ADMIN = 5;
#
# Text strings in the DB for above.
#
define("TBDB_TRUSTSTRING_NONE", "none");
define("TBDB_TRUSTSTRING_USER", "user");
define("TBDB_TRUSTSTRING_LOCALROOT", "local_root");
define("TBDB_TRUSTSTRING_GROUPROOT", "group_root");
define("TBDB_TRUSTSTRING_PROJROOT", "project_root");
#
# These are the permission types. Different operations for the varying
# types of things we need to control access to.
......
......@@ -141,26 +141,6 @@ function FORMERROR($field) {
"Please go back and fill out the \"$field\" field!", 1);
}
#
# Is this user an admin type?
#
function ISADMIN($uid) {
global $TBDBNAME;
$query_result = mysql_db_query($TBDBNAME,
"SELECT admin FROM users WHERE uid='$uid'");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error getting admin status for $uid: $err\n", 1);
}
$row = mysql_fetch_row($query_result);
$admin = $row[0];
return $admin;
}
#
# Run a program as a user.
#
......
......@@ -12,11 +12,12 @@ $uid = GETLOGIN();
#
# If a uid came in, then we check to see if the login is valid.
# If the login is not valid. We require that the user be logged in
# to start a second project.
# We require that the user be logged in to start a second project.
#
if ($uid) {
LOGGEDINORDIE($uid);
# Allow unapproved users to join multiple groups ...
# Must be verified though.
LOGGEDINORDIE($uid, CHECKLOGIN_UNAPPROVED);
$joining_uid = $uid;
$returning = 1;
}
......@@ -555,25 +556,25 @@ if (! $returning) {
$key = GENKEY($joining_uid);
TBMAIL("$usr_name '$joining_uid' <$usr_email>",
"Your New User Key",
"\n".
"Dear $usr_name ($joining_uid):\n\n".
"This is your account verification key: $key\n\n".
"Please return to:\n\n".
" $TBWWW\n\n".
"and log in using the user name and password you gave us when you\n".
"applied. You will then find an option on the menu called\n".
"'New User Verification'. Select this option, and on the page\n".
"enter your key. You will then be verified as a user. When you \n".
"have been both verified and approved by the project leader, you \n".
"will be marked as an active user, and will be granted full access\n".
"to your user account.\n\n".
"Thanks,\n".
"Testbed Ops\n".
"Utah Network Testbed\n",
"From: $TBMAIL_APPROVAL\n".
"Bcc: $TBMAIL_AUDIT\n".
"Errors-To: $TBMAIL_WWW");
"Your New User Key",
"\n".
"Dear $usr_name ($joining_uid):\n\n".
"This is your account verification key: $key\n\n".
"Please use this link to verify your user account:\n".
"\n".
" ${TBBASE}/login.php3?vuid=$joining_uid&key=$key\n".
"\n".
"Once you have verified your account, the project leader will be\n".
"able to approve you. You MUST verify your account before the project\n".
"leader can approve you. After project approval, you will be\n".
"marked as an active user, and will be granted full access to your\n".
"user account.\n\n".
"Thanks,\n".
"Testbed Ops\n".
"Utah Network Testbed\n",
"From: $TBMAIL_APPROVAL\n".
"Bcc: $TBMAIL_AUDIT\n".
"Errors-To: $TBMAIL_WWW");
}
#
......
......@@ -4,11 +4,29 @@
#
require("defs.php3");
#
# These two for verification.
#
if (!isset($key) || !strcmp($key, "")) {
$key = 0;
}
if (!isset($vuid) || !strcmp($vuid, "")) {
$vuid = 0;
}
#
# Must not be logged in already!
#
if (($known_uid = GETUID()) != FALSE) {
if (CHECKLOGIN($known_uid) == $CHECKLOGIN_LOGGEDIN) {
if (CHECKLOGIN($known_uid) & CHECKLOGIN_LOGGEDIN) {
#
# If doing a verification, zap to that page.
#
if ($key && (!$vuid || !strcmp($vuid, $known_uid))) {
header("Location: $TBBASE/verifyusr.php3?key=$key");
return;
}
PAGEHEADER("Login");
echo "<h3>
......@@ -24,7 +42,7 @@ if (($known_uid = GETUID()) != FALSE) {
#
# Spit out the form.
#
function SPITFORM($uid, $failed)
function SPITFORM($uid, $key, $failed)
{
global $TBDB_UIDLEN, $TBBASE;
......@@ -45,8 +63,12 @@ function SPITFORM($uid, $failed)
</font>
</center>\n";
$keyarg = "";
if ($key)
$keyarg = "?key=$key";
echo "<table align=center border=1>
<form action='${TBBASE}/login.php3' method=post>
<form action='${TBBASE}/login.php3${keyarg}' method=post>
<tr>
<td>Username:</td>
<td><input type=text
......@@ -69,18 +91,40 @@ function SPITFORM($uid, $failed)
</h2></center>\n";
}
#
# Do not bother if NOLOGINS!
#
if (NOLOGINS()) {
PAGEHEADER("Login");
echo "<center>
<font size=+1 color=red>
Logins are temporarily disabled. Please try again later.
</font>
</center><br>\n";
PAGEFOOTER();
die("");
}
#
# If not clicked, then put up a form.
#
if (! isset($login)) {
SPITFORM($known_uid, 0);
if ($vuid)
$known_uid = $vuid;
SPITFORM($known_uid, $key, 0);
PAGEFOOTER();
return;
}
#
# Login clicked.
#
#
$STATUS_LOGGEDIN = 1;
$STATUS_LOGINFAIL = 2;
$login_status = 0;
if (!isset($uid) ||
strcmp($uid, "") == 0) {
$login_status = $STATUS_LOGINFAIL;
......@@ -98,15 +142,23 @@ else {
# Failed, then try again with an error message.
#
if ($login_status == $STATUS_LOGINFAIL) {
SPITFORM($uid, 1);
SPITFORM($uid, $key, 1);
PAGEFOOTER();
return;
}
#
# Zap back to front page in secure mode.
#
header("Location: $TBBASE/");
if ($key) {
#
# If doing a verification, zap to that page.
#
header("Location: $TBBASE/verifyusr.php3?key=$key");
}
else {
#
# Zap back to front page in secure mode.
#
header("Location: $TBBASE/");
}
return;
?>
This diff is collapsed.
......@@ -15,7 +15,7 @@ $changed_password = "No";
# users with expired passwords to change them.
#
$uid = GETLOGIN();
LOGGEDINORDIE_SPECIAL($uid);
LOGGEDINORDIE($uid, CHECKLOGIN_USERSTATUS|CHECKLOGIN_PSWDEXPIRED);
$isadmin = ISADMIN($uid);
#
......
......@@ -16,7 +16,9 @@ $uid = GETLOGIN();
# to start a second project.
#
if ($uid) {
LOGGEDINORDIE($uid);
# Allow unapproved users to create multiple projects ...
# Must be verified though.
LOGGEDINORDIE($uid, CHECKLOGIN_UNAPPROVED);
$proj_head_uid = $uid;
$returning = 1;
}
......@@ -775,25 +777,24 @@ if (! $returning) {
$key = GENKEY($proj_head_uid);
TBMAIL("$usr_name '$proj_head_uid' <$usr_email>",
"Your New User Key",
"\n".
"Dear $usr_name:\n\n".
"This is your account verification key: $key\n\n".
"Please return to:\n\n".
" $TBWWW\n\n".
"and log in using the user name and password you gave us when you\n".
"applied. You will then find an option on the menu called\n".
"'New User Verification'. Select this option, and on the page\n".
"enter your key. You will then be verified as a user. When you \n".
"have been both verified and approved by Testbed Operations, you \n".
"will be marked as an active user, and will be granted full access\n".
"to your user account.\n\n".
"Thanks,\n".
"Testbed Ops\n".
"Utah Network Testbed\n",
"From: $TBMAIL_APPROVAL\n".
"Bcc: $TBMAIL_AUDIT\n".
"Errors-To: $TBMAIL_WWW");
"Your New User Key",
"\n".
"Dear $usr_name:\n\n".
"This is your account verification key: $key\n\n".
"Please use this link to verify your user account:\n".
"\n".
" ${TBBASE}/login.php3?vuid=$proj_head_uid&key=$key\n".
"\n".
"You will then be verified as a user. When you have been both\n".
"verified and approved by Testbed Operations, you will be marked\n".
"as an active user and granted full access to your account.\n".
"\n".
"Thanks,\n".
"Testbed Ops\n".
"Utah Network Testbed\n",
"From: $TBMAIL_APPROVAL\n".
"Bcc: $TBMAIL_AUDIT\n".
"Errors-To: $TBMAIL_WWW");
}
#
......
......@@ -276,9 +276,12 @@ function SHOWGROUPMEMBERS($pid, $gid) {
# A list of groups for a user.
#
function SHOWGROUPMEMBERSHIP($uid) {
$none = TBDB_TRUSTSTRING_NONE;
$query_result =
DBQueryFatal("SELECT * FROM group_membership ".
"WHERE uid='$uid' order by pid");
"WHERE uid='$uid' and trust!='$none' ".
"order by pid");
if (! mysql_num_rows($query_result)) {
return;
......
......@@ -6,7 +6,7 @@ include("showstuff.php3");
# Only known and logged in users can do this.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
LOGGEDINORDIE($uid, CHECKLOGIN_UNAPPROVED);
$isadmin = ISADMIN($uid);
......@@ -116,7 +116,9 @@ $query_result =
DBQueryFatal("select distinct g.pid,g.trust,p.name ".
" from group_membership as g ".
"left join projects as p on p.pid=g.pid ".
"where uid='$target_uid' and g.pid=g.gid order by pid");
"where uid='$target_uid' and g.pid=g.gid and ".
"trust!='" . TBDB_TRUSTSTRING_NONE . "' ".
"order by pid");
if (mysql_num_rows($query_result)) {
echo "<center>
......@@ -168,7 +170,7 @@ if ($isadmin ||
TBUserInfoAccessCheck($uid, $target_uid, $TB_USERINFO_MODIFYINFO)) {
echo "<br><br><center>
<A href='modusr_form.php3?target_uid=$target_uid'>
<A href='moduserinfo.php3?target_uid=$target_uid'>
Edit Profile?</a>
</center>\n";
}
......
......@@ -20,12 +20,12 @@
require("defs.php3");
if (($uid = GETUID())) {
$check_status = CHECKLOGIN($uid);
$check_status = CHECKLOGIN($uid) & CHECKLOGIN_STATUSMASK;
if ($check_status == $CHECKLOGIN_LOGGEDIN) {
if ($check_status == CHECKLOGIN_LOGGEDIN) {
$LOC = "$TBBASE/showuser.php3?target_uid=$uid";
}
elseif ($check_status == $CHECKLOGIN_MAYBEVALID) {
elseif ($check_status == CHECKLOGIN_MAYBEVALID) {
$LOC = "$TBBASE/start.php3";
}
elseif (isset($SSL_PROTOCOL)) {
......
This diff is collapsed.
......@@ -10,7 +10,7 @@ PAGEHEADER("Confirm Verification");
# Only known and logged in users can be verified.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
LOGGEDINORDIE($uid, CHECKLOGIN_UNVERIFIED|CHECKLOGIN_NEWUSER);
#
# Must provide the key!
......@@ -21,29 +21,37 @@ if (!isset($key) || strcmp($key, "") == 0) {
}
#
# The user is logged in, so all we need to do is confirm the key.
# Make sure it matches.
# Grab the status and do the modification.
#
$keymatch = GENKEY($uid);
$query_result =
DBQueryFatal("select status from users where uid='$uid'");
if (strcmp($key, $keymatch)) {
USERERROR("The given key \"$key\" is incorrect. Please go back and ".
"enter the correct key.", 1);
if (($row = mysql_fetch_row($query_result)) == 0) {
TBERROR("Database Error retrieving status for $uid!", 1);
}
$status = $row[0];
#
# Grab the status and do the modification.
# No multiple verifications!
#
if (! strcmp($status, TBDB_USERSTATUS_ACTIVE) ||
! strcmp($status, TBDB_USERSTATUS_UNAPPROVED)) {
USERERROR("You have already been verified. If you did not perform ".
"this verification, please notify Testbed Operations.", 1);
}
#
$query_result = mysql_db_query($TBDBNAME,
"select status from users where uid='$uid'");
if (!$query_result ||
(($row = mysql_fetch_row($query_result)) == 0)) {
$err = mysql_error();
TBERROR("Database Error retrieving status for $uid: $err\n", 1);
# The user is logged in, so all we need to do is confirm the key.
# Make sure it matches.
#
$keymatch = GENKEY($uid);
if (strcmp($key, $keymatch)) {
USERERROR("The given key \"$key\" is incorrect. ".
"Please enter the correct key.", 1);
}
$status = $row[0];
if (strcmp($status, "unverified") == 0) {
if (strcmp($status, TBDB_USERSTATUS_UNVERIFIED) == 0) {
$query_result = mysql_db_query($TBDBNAME,
"update users set status='active' where uid='$uid'");
if (!$query_result) {
......@@ -67,7 +75,7 @@ if (strcmp($status, "unverified") == 0) {
"of emulab. Click on the 'Home' link at your left, and any options ".
"that are now available to you will appear.\n";
}
elseif (strcmp($status, "newuser") == 0) {
elseif (strcmp($status, TBDB_USERSTATUS_NEWUSER) == 0) {
$query_result = mysql_db_query($TBDBNAME,
"update users set status='unapproved' where uid='$uid'");
if (!$query_result) {
......@@ -91,9 +99,9 @@ elseif (strcmp($status, "newuser") == 0) {
"email when that has been done.\n";
}
else {
USERERROR("You have already been verified, $uid. If you did not perform ".
"this verification, please notify Testbed Operations.", 1);
TBERROR("Bad user status '$status' for $uid!", 1);
}
#
# Standard Testbed Footer
......
......@@ -10,7 +10,7 @@ PAGEHEADER("New User Verification");
# Only known and logged in users can be verified.
#
$uid = GETLOGIN();
LOGGEDINORDIE($uid);
LOGGEDINORDIE($uid, CHECKLOGIN_UNVERIFIED|CHECKLOGIN_NEWUSER);
echo "<p>
The purpose of this page is to verify, for security purposes, that
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment