function updateShibUser($userid) { global $mysql_link_vcl; $rc = getAffilidAndLogin($userid, $affilid); if ($rc == -1) { return NULL; } $displast = ''; if (array_key_exists('displayName', $_SERVER) && !empty($_SERVER['displayName'])) { # split displayName into first and last names if (preg_match('/,/', $_SERVER['displayName'])) { $names = explode(',', $_SERVER['displayName']); $user['firstname'] = preg_replace('/^\\s+/', '', $names[1]); $user['firstname'] = preg_replace('/\\s+$/', '', $user['firstname']); $displast = preg_replace('/^\\s+/', '', $names[0]); $displast = preg_replace('/\\s+$/', '', $displast); } else { $names = explode(' ', $_SERVER['displayName']); $displast = array_pop($names); $user['firstname'] = array_shift($names); } } elseif (array_key_exists('givenName', $_SERVER) && !empty($_SERVER['givenName'])) { $user['firstname'] = $_SERVER['givenName']; } else { $user['firstname'] = ''; } if (array_key_exists('sn', $_SERVER) && !empty($_SERVER['sn'])) { $user["lastname"] = $_SERVER['sn']; } else { $user['lastname'] = $displast; } if (array_key_exists('mail', $_SERVER)) { $user["email"] = $_SERVER['mail']; } $user['unityid'] = $userid; $user['affilid'] = $affilid; # check to see if this user already exists in our db $query = "SELECT id " . "FROM user " . "WHERE unityid = '{$userid}' AND " . "affiliationid = {$affilid}"; $qh = doQuery($query, 101); if (!($row = mysql_fetch_assoc($qh))) { # add user to our db $user['id'] = addShibUser($user); return $user; } # update user's data in db $user['id'] = $row['id']; $first = mysql_real_escape_string($user['firstname']); $last = mysql_real_escape_string($user['lastname']); $query = "UPDATE user " . "SET firstname = '{$first}', " . "lastname = '{$last}', "; if (array_key_exists('email', $user)) { $email = mysql_real_escape_string($user['email']); $query .= "email = '{$email}', "; } $query .= "lastupdated = NOW(), " . "validated = 1 " . "WHERE id = {$user['id']}"; doQuery($query, 101, 'vcl', 1); return $user; }
function addUser($loginid) { global $addUserFuncArgs, $addUserFunc; getAffilidAndLogin($loginid, $affilid); if (empty($affilid)) { abort(11); } $addfunc = $addUserFunc[$affilid]; if (array_key_exists($affilid, $addUserFuncArgs)) { return $addfunc($addUserFuncArgs[$affilid], $loginid); } else { return $addfunc($loginid); } }
function userLookup() { global $user, $viewmode; $userid = processInputVar("userid", ARG_STRING); print "<div align=center>\n"; print "<H2>User Lookup</H2>\n"; print "<FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n"; print "<TABLE>\n"; print " <TR>\n"; print " <TH>User ID:</TH>\n"; print " <TD><INPUT type=text name=userid value=\"{$userid}\" size=25></TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TD></TD>\n"; print " <TD align=right><INPUT type=submit value=Submit>\n"; print " </TR>\n"; print "</TABLE>\n"; $cont = addContinuationsEntry('submitUserLookup'); print "<INPUT type=hidden name=continuation value=\"{$cont}\">\n"; print "</FORM>\n"; if (!empty($userid)) { $loginid = $userid; getAffilidAndLogin($loginid, $affilid); if (empty($affilid)) { print "{$matches[2]} is an unknown affiliation<br>\n"; return; } if ($viewmode != ADMIN_DEVELOPER && $user['affiliationid'] != $affilid) { print "You are only allowed to look up users from your own affiliation.<br>\n"; return; } $query = "SELECT id " . "FROM user " . "WHERE unityid = '{$loginid}' AND " . "affiliationid = {$affilid}"; $qh = doQuery($query, 101); if (!mysql_num_rows($qh)) { print "<font color=red>{$userid} not currently found in VCL user database, will try to add...</font><br>\n"; } $userdata = getUserInfo($userid); if (is_null($userdata)) { print "<font color=red>{$userid} not found in any known systems</font><br>\n"; return; } print "<TABLE>\n"; print " <TR>\n"; print " <TH align=right>First Name:</TH>\n"; print " <TD>{$userdata["firstname"]}</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Last Name:</TH>\n"; print " <TD>{$userdata["lastname"]}</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Preferred Name:</TH>\n"; print " <TD>{$userdata["preferredname"]}</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Email:</TH>\n"; print " <TD>{$userdata["email"]}</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right>Admin Level:</TH>\n"; print " <TD>{$userdata["adminlevel"]}</TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right style=\"vertical-align: top\">Groups:</TH>\n"; print " <TD>\n"; uasort($userdata["groups"], "sortKeepIndex"); foreach ($userdata["groups"] as $group) { print " {$group}<br>\n"; } print " </TD>\n"; print " </TR>\n"; print " <TR>\n"; print " <TH align=right style=\"vertical-align: top\">Privileges (found somewhere in the tree):</TH>\n"; print " <TD>\n"; uasort($userdata["privileges"], "sortKeepIndex"); foreach ($userdata["privileges"] as $priv) { if ($priv == "block" || $priv == "cascade") { continue; } print " {$priv}<br>\n"; } print " </TD>\n"; print " </TR>\n"; print "</TABLE>\n"; # get user's resources $userResources = getUserResources(array("imageCheckOut"), array("available"), 0, 0, $userdata['id']); # find nodes where user has privileges $query = "SELECT p.name AS privnode, " . "upt.name AS userprivtype, " . "up.privnodeid " . "FROM userpriv up, " . "privnode p, " . "userprivtype upt " . "WHERE up.privnodeid = p.id AND " . "up.userprivtypeid = upt.id AND " . "up.userid = {$userdata['id']} " . "ORDER BY p.name, " . "upt.name"; $qh = doQuery($query, 101); if (mysql_num_rows($qh)) { print "Nodes where user is granted privileges:<br>\n"; print "<TABLE>\n"; $privnodeid = 0; while ($row = mysql_fetch_assoc($qh)) { if ($privnodeid != $row['privnodeid']) { if ($privnodeid) { print " </TD>\n"; print " </TR>\n"; } print " <TR>\n"; $privnodeid = $row['privnodeid']; print " <TH align=right>{$row['privnode']}</TH>\n"; print " <TD>\n"; } print " {$row['userprivtype']}<br>\n"; } print " </TD>\n"; print " </TR>\n"; print "</TABLE>\n"; } # find nodes where user's groups have privileges if (!empty($userdata['groups'])) { $query = "SELECT DISTINCT p.name AS privnode, " . "upt.name AS userprivtype, " . "up.privnodeid " . "FROM userpriv up, " . "privnode p, " . "userprivtype upt " . "WHERE up.privnodeid = p.id AND " . "up.userprivtypeid = upt.id AND " . "upt.name != 'cascade' AND " . "upt.name != 'block' AND " . "up.usergroupid IN (" . implode(',', array_keys($userdata['groups'])) . ") " . "ORDER BY p.name, " . "upt.name"; $qh = doQuery($query, 101); if (mysql_num_rows($qh)) { print "Nodes where user's groups are granted privileges:<br>\n"; print "<TABLE>\n"; $privnodeid = 0; while ($row = mysql_fetch_assoc($qh)) { if ($privnodeid != $row['privnodeid']) { if ($privnodeid) { print " </TD>\n"; print " </TR>\n"; } print " <TR>\n"; $privnodeid = $row['privnodeid']; print " <TH align=right>{$row['privnode']}</TH>\n"; print " <TD>\n"; } print " {$row['userprivtype']}<br>\n"; } print " </TD>\n"; print " </TR>\n"; print "</TABLE>\n"; } } print "<table>\n"; print " <tr>\n"; print " <th>Images User Has Access To:<th>\n"; print " <td>\n"; foreach ($userResources['image'] as $img) { print " {$img}<br>\n"; } print " </td>\n"; print " </tr>\n"; print "</table>\n"; $requests = array(); $query = "SELECT l.start AS start, " . "l.finalend AS end, " . "c.hostname, " . "i.prettyname AS prettyimage, " . "l.ending " . "FROM log l, " . "image i, " . "computer c, " . "sublog s " . "WHERE l.userid = {$userdata["id"]} AND " . "s.logid = l.id AND " . "i.id = s.imageid AND " . "c.id = s.computerid " . "ORDER BY l.start DESC " . "LIMIT 5"; $qh = doQuery($query, 290); while ($row = mysql_fetch_assoc($qh)) { array_push($requests, $row); } $requests = array_reverse($requests); if (!empty($requests)) { print "<h3>User's last " . count($requests) . " reservations:</h3>\n"; print "<table>\n"; $first = 1; foreach ($requests as $req) { $thisstart = str_replace(' ', ' ', prettyDatetime($req["start"])); $thisend = str_replace(' ', ' ', prettyDatetime($req["end"])); if ($first) { $first = 0; } else { print " <tr>\n"; print " <td colspan=2><hr></td>\n"; print " </tr>\n"; } print " <tr>\n"; print " <th align=right>Image:</th>\n"; print " <td>{$req['prettyimage']}</td>\n"; print " </tr>\n"; print " <tr>\n"; print " <th align=right>Computer:</th>\n"; print " <td>{$req['hostname']}</td>\n"; print " </tr>\n"; print " <tr>\n"; print " <th align=right>Start:</th>\n"; print " <td>{$thisstart}</td>\n"; print " </tr>\n"; print " <tr>\n"; print " <th align=right>End:</th>\n"; print " <td>{$thisend}</td>\n"; print " </tr>\n"; print " <tr>\n"; print " <th align=right>Ending:</th>\n"; print " <td>{$req['ending']}</td>\n"; print " </tr>\n"; } print "</table>\n"; } else { print "User made no reservations in the past week.<br>\n"; } } print "</div>\n"; }