function checkForGroupUsage($groupid, $type, &$msg = '')
{
global $user;
$msgs = array();
if ($type == "user") {
$name = getUserGroupName($groupid, 1);
if ($name === 0) {
return 0;
}
# resourcegroup.ownerusergroupid
$query = "SELECT CONCAT(rt.name, '/', rg.name) AS name " . "FROM resourcegroup rg, " . "resourcetype rt " . "WHERE ownerusergroupid = {$groupid} AND " . "rg.resourcetypeid = rt.id";
$usedby = array();
$qh = doQuery($query, 310);
while ($row = mysql_fetch_assoc($qh)) {
$usedby[] = $row['name'];
}
if (count($usedby)) {
$msgs[] = "<h3>Owning User Group for Resource Groups</h3>\n" . implode("<br>\n", $usedby) . "<br>\n";
}
# usergroup.editusergroupid
$query = "SELECT CONCAT(ug.name, '@', a.name) AS name " . "FROM usergroup ug, " . "affiliation a " . "WHERE ug.editusergroupid = {$groupid} AND " . "ug.id != {$groupid} AND " . "ug.affiliationid = a.id";
$usedby = array();
$qh = doQuery($query, 313);
while ($row = mysql_fetch_assoc($qh)) {
$usedby[] = $row['name'];
}
if (count($usedby)) {
$msgs[] = "<h3>'Editable by' Group for User Groups</h3>\n" . implode("<br>\n", $usedby) . "<br>\n";
}
# userpriv.usergroupid
$query = "SELECT DISTINCT privnodeid " . "FROM userpriv " . "WHERE usergroupid = {$groupid}";
$qh = doQuery($query);
$usedby = array();
while ($row = mysql_fetch_assoc($qh)) {
$usedby[] = getNodePath($row['privnodeid']);
}
if (count($usedby)) {
$msgs[] = "<h3>Assigned at Privilege Nodes</h3>\n" . implode("<br>\n", $usedby) . "<br>\n";
}
# blockRequest.groupid
$query = "SELECT name " . "FROM blockRequest " . "WHERE groupid = {$groupid} " . "AND status IN ('requested', 'accepted')";
$qh = doQuery($query, 311);
$usedby = array();
while ($row = mysql_fetch_assoc($qh)) {
$usedby[] = $row['name'];
}
if (count($usedby)) {
$msgs[] = "<h3>Assigned for Block Allocations</h3>\n" . implode("<br>\n", $usedby) . "<br>\n";
}
# serverprofile.admingroupid
$query = "SELECT name FROM serverprofile WHERE admingroupid = {$groupid}";
$qh = doQuery($query);
$usedby = array();
while ($row = mysql_fetch_assoc($qh)) {
$usedby[] = $row['name'];
}
if (count($usedby)) {
$msgs[] = "<h3>Admin User Group for Server Profiles</h3>\n" . implode("<br>\n", $usedby) . "<br>\n";
}
# serverprofile.logingroupid
$query = "SELECT name FROM serverprofile WHERE logingroupid = {$groupid}";
$qh = doQuery($query);
$usedby = array();
while ($row = mysql_fetch_assoc($qh)) {
$usedby[] = $row['name'];
}
if (count($usedby)) {
$msgs[] = "<h3>Access User Group for Server Profiles</h3>\n" . implode("<br>\n", $usedby) . "<br>\n";
}
# serverrequest.admingroupid
$query = "SELECT s.name " . "FROM serverrequest s, " . "request rq " . "WHERE s.admingroupid = {$groupid} AND " . "s.requestid = rq.id";
$qh = doQuery($query);
$usedby = array();
while ($row = mysql_fetch_assoc($qh)) {
$usedby[] = $row['name'];
}
if (count($usedby)) {
$msgs[] = "<h3>Admin User Group for Server Requests</h3>\n" . implode("<br>\n", $usedby) . "<br>\n";
}
# serverrequest.logingroupid
$query = "SELECT s.name " . "FROM serverrequest s, " . "request rq " . "WHERE s.logingroupid = {$groupid} AND " . "s.requestid = rq.id";
$qh = doQuery($query);
$usedby = array();
while ($row = mysql_fetch_assoc($qh)) {
$usedby[] = $row['name'];
}
if (count($usedby)) {
$msgs[] = "<h3>Access User Group for Server Requests</h3>\n" . implode("<br>\n", $usedby) . "<br>\n";
}
if (count($msgs)) {
$msg = "{$name} is currently in use in the following ways. It " . "cannot be deleted until it is no longer in use.<br><br>\n" . implode("<br>\n", $msgs);
return 1;
}
return 0;
}
$name = getResourceGroupName($groupid);
if (is_null($name)) {
return 0;
}
# managementnode.imagelibgroupid
$query = "SELECT hostname FROM managementnode WHERE imagelibgroupid = {$groupid}";
$qh = doQuery($query);
$usedby = array();
while ($row = mysql_fetch_assoc($qh)) {
$usedby[] = $row['hostname'];
}
if (count($usedby)) {
$msgs[] = "<h3>Management Node Image Library Group</h3>\n" . implode("<br>\n", $usedby) . "<br>\n";
}
# resourcepriv.resourcegroupid
$query = "SELECT DISTINCT privnodeid FROM resourcepriv WHERE resourcegroupid = {$groupid}";
$qh = doQuery($query);
$usedby = array();
while ($row = mysql_fetch_assoc($qh)) {
$usedby[] = getNodePath($row['privnodeid']);
}
if (count($usedby)) {
$msgs[] = "<h3>Assigned at Privilege Nodes</h3>\n" . implode("<br>\n", $usedby) . "<br>\n";
}
if (count($msgs)) {
$msg = "{$name} is currently in use in the following ways. It " . "cannot be deleted until it is no longer in use.<br><br>\n" . implode("<br>\n", $msgs);
return 1;
}
return 0;
}
function userLookup()
{
global $user;
$userid = processInputVar("userid", ARG_STRING);
if (get_magic_quotes_gpc()) {
$userid = stripslashes($userid);
}
$affilid = processInputVar('affiliationid', ARG_NUMERIC, $user['affiliationid']);
$force = processInputVar('force', ARG_NUMERIC, 0);
print "<div align=center>\n";
print "<H2>User Lookup</H2>\n";
print "<FORM action=\"" . BASEURL . SCRIPT . "\" method=post>\n";
print "<TABLE>\n";
print " <TR>\n";
print " <TH>Name (last, first) or User ID:</TH>\n";
print " <TD><INPUT type=text name=userid value=\"{$userid}\" size=25></TD>\n";
if (checkUserHasPerm('User Lookup (global)')) {
$affils = getAffiliations();
print " <TD>\n";
print "@";
printSelectInput("affiliationid", $affils, $affilid);
print " </TD>\n";
}
print " </TR>\n";
print " <TR>\n";
print " <TD colspan=2>\n";
print " <input type=checkbox id=force name=force value=1>\n";
print " <label for=force>Attempt forcing an update from LDAP (User ID only)</label>\n";
print " </TD>\n";
print " </TR>\n";
print " <TR>\n";
print " <TD colspan=3 align=center><INPUT type=submit value=Submit>\n";
print " </TR>\n";
print "</TABLE>\n";
$cont = addContinuationsEntry('submitUserLookup');
print "<INPUT type=hidden name=continuation value=\"{$cont}\">\n";
print "</FORM><br>\n";
if (!empty($userid)) {
$esc_userid = mysql_real_escape_string($userid);
if (preg_match('/,/', $userid)) {
$mode = 'name';
$force = 0;
} else {
$mode = 'userid';
}
if (!checkUserHasPerm('User Lookup (global)') && $user['affiliationid'] != $affilid) {
print "<font color=red>{$userid} not found</font><br>\n";
return;
}
if ($mode == 'userid') {
$query = "SELECT id " . "FROM user " . "WHERE unityid = '{$esc_userid}' AND " . "affiliationid = {$affilid}";
$affilname = getAffiliationName($affilid);
$userid = "{$userid}@{$affilname}";
$esc_userid = "{$esc_userid}@{$affilname}";
} else {
$tmp = explode(',', $userid);
$last = mysql_real_escape_string(trim($tmp[0]));
$first = mysql_real_escape_string(trim($tmp[1]));
$query = "SELECT CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "affiliation a " . "WHERE u.firstname = '{$first}' AND " . "u.lastname = '{$last}' AND " . "u.affiliationid = {$affilid} AND " . "a.id = {$affilid}";
}
$qh = doQuery($query, 101);
if (!mysql_num_rows($qh)) {
if ($mode == 'name') {
print "<font color=red>User not found</font><br>\n";
return;
} else {
print "<font color=red>{$userid} not currently found in VCL user database, will try to add...</font><br>\n";
}
} elseif ($force) {
$_SESSION['userresources'] = array();
$row = mysql_fetch_assoc($qh);
$newtime = unixToDatetime(time() - SECINDAY - 5);
$query = "UPDATE user SET lastupdated = '{$newtime}' WHERE id = {$row['id']}";
doQuery($query, 101);
} elseif ($mode == 'name') {
$row = mysql_fetch_assoc($qh);
$userid = $row['unityid'];
$esc_userid = $row['unityid'];
}
$userdata = getUserInfo($esc_userid);
if (is_null($userdata)) {
$userdata = getUserInfo($esc_userid, 1);
if (is_null($userdata)) {
print "<font color=red>{$userid} not found</font><br>\n";
return;
}
}
$userdata["groups"] = getUsersGroups($userdata["id"], 1, 1);
print "<TABLE>\n";
if (!empty($userdata['unityid'])) {
print " <TR>\n";
print " <TH align=right>User ID:</TH>\n";
print " <TD>{$userdata["unityid"]}</TD>\n";
print " </TR>\n";
}
if (!empty($userdata['firstname'])) {
print " <TR>\n";
print " <TH align=right>First Name:</TH>\n";
print " <TD>{$userdata["firstname"]}</TD>\n";
print " </TR>\n";
}
if (!empty($userdata['lastname'])) {
print " <TR>\n";
print " <TH align=right>Last Name:</TH>\n";
print " <TD>{$userdata["lastname"]}</TD>\n";
print " </TR>\n";
}
if (!empty($userdata['preferredname'])) {
print " <TR>\n";
print " <TH align=right>Preferred Name:</TH>\n";
print " <TD>{$userdata["preferredname"]}</TD>\n";
print " </TR>\n";
}
if (!empty($userdata['affiliation'])) {
print " <TR>\n";
print " <TH align=right>Affiliation:</TH>\n";
print " <TD>{$userdata["affiliation"]}</TD>\n";
print " </TR>\n";
}
if (!empty($userdata['email'])) {
print " <TR>\n";
print " <TH align=right>Email:</TH>\n";
print " <TD>{$userdata["email"]}</TD>\n";
print " </TR>\n";
}
print " <TR>\n";
print " <TH align=right style=\"vertical-align: top\">Groups:</TH>\n";
print " <TD>\n";
uasort($userdata["groups"], "sortKeepIndex");
foreach ($userdata["groups"] as $group) {
print " {$group}<br>\n";
}
print " </TD>\n";
print " </TR>\n";
print " <TR>\n";
print " <TH align=right style=\"vertical-align: top\">User Group Permissions:</TH>\n";
print " <TD>\n";
if (count($userdata['groupperms'])) {
foreach ($userdata['groupperms'] as $perm) {
print " {$perm}<br>\n";
}
} else {
print " No additional user group permissions\n";
}
print " </TD>\n";
print " </TR>\n";
print " <TR>\n";
print " <TH align=right style=\"vertical-align: top\">Privileges (found somewhere in the tree):</TH>\n";
print " <TD>\n";
uasort($userdata["privileges"], "sortKeepIndex");
foreach ($userdata["privileges"] as $priv) {
if ($priv == "block" || $priv == "cascade") {
continue;
}
print " {$priv}<br>\n";
}
print " </TD>\n";
print " </TR>\n";
print "</TABLE>\n";
# get user's resources
$userResources = getUserResources(array("imageCheckOut"), array("available"), 0, 0, $userdata['id']);
# find nodes where user has privileges
$query = "SELECT p.name AS privnode, " . "upt.name AS userprivtype, " . "up.privnodeid " . "FROM userpriv up, " . "privnode p, " . "userprivtype upt " . "WHERE up.privnodeid = p.id AND " . "up.userprivtypeid = upt.id AND " . "up.userid = {$userdata['id']} " . "ORDER BY p.name, " . "upt.name";
$qh = doQuery($query, 101);
if (mysql_num_rows($qh)) {
print "Nodes where user is granted privileges:<br>\n";
print "<TABLE>\n";
$privnodeid = 0;
while ($row = mysql_fetch_assoc($qh)) {
if ($privnodeid != $row['privnodeid']) {
if ($privnodeid) {
print " </TD>\n";
print " </TR>\n";
}
print " <TR>\n";
$privnodeid = $row['privnodeid'];
$path = getNodePath($privnodeid);
print " <TH align=right>{$path}</TH>\n";
print " <TD>\n";
}
print " {$row['userprivtype']}<br>\n";
}
print " </TD>\n";
print " </TR>\n";
print "</TABLE>\n";
}
# find nodes where user's groups have privileges
if (!empty($userdata['groups'])) {
$query = "SELECT DISTINCT p.name AS privnode, " . "upt.name AS userprivtype, " . "up.privnodeid " . "FROM userpriv up, " . "privnode p, " . "userprivtype upt " . "WHERE up.privnodeid = p.id AND " . "up.userprivtypeid = upt.id AND " . "upt.name != 'cascade' AND " . "upt.name != 'block' AND " . "up.usergroupid IN (" . implode(',', array_keys($userdata['groups'])) . ") " . "ORDER BY p.name, " . "upt.name";
$qh = doQuery($query, 101);
if (mysql_num_rows($qh)) {
print "Nodes where user's groups are granted privileges:<br>\n";
print "<TABLE>\n";
$privnodeid = 0;
while ($row = mysql_fetch_assoc($qh)) {
if ($privnodeid != $row['privnodeid']) {
if ($privnodeid) {
print " </TD>\n";
print " </TR>\n";
}
print " <TR>\n";
$privnodeid = $row['privnodeid'];
$path = getNodePath($privnodeid);
print " <TH align=right>{$path}</TH>\n";
print " <TD>\n";
}
print " {$row['userprivtype']}<br>\n";
}
print " </TD>\n";
print " </TR>\n";
print "</TABLE>\n";
}
}
print "<table>\n";
print " <tr>\n";
print " <th>Images User Has Access To:<th>\n";
print " <td>\n";
foreach ($userResources['image'] as $img) {
print " {$img}<br>\n";
}
print " </td>\n";
print " </tr>\n";
print "</table>\n";
# login history
$query = "SELECT authmech, " . "timestamp, " . "passfail, " . "remoteIP, " . "code " . "FROM loginlog " . "WHERE (user = '******'unityid']}' OR " . "user = '******'unityid']}@{$userdata['affiliation']}') AND " . "affiliationid = {$userdata['affiliationid']} " . "ORDER BY timestamp DESC " . "LIMIT 8";
$logins = array();
$qh = doQuery($query);
while ($row = mysql_fetch_assoc($qh)) {
$logins[] = $row;
}
if (count($logins)) {
$logins = array_reverse($logins);
print "<h3>Login History (last 8 attempts)</h3>\n";
print "<table summary=\"login attempts\">\n";
print "<colgroup>\n";
print "<col class=\"logincol\" />\n";
print "<col class=\"logincol\" />\n";
print "<col class=\"logincol\" />\n";
print "<col class=\"logincol\" />\n";
print "<col />\n";
print "</colgroup>\n";
print " <tr>\n";
print " <th>Authentication Method</th>\n";
print " <th>Timestamp</th>\n";
print " <th>Result</th>\n";
print " <th>Remote IP</th>\n";
print " <th>Extra Info</th>\n";
print " </tr>\n";
foreach ($logins as $login) {
print " <tr>\n";
print " <td class=\"logincell\">{$login['authmech']}</td>\n";
$ts = prettyDatetime($login['timestamp'], 1);
print " <td class=\"logincell\">{$ts}</td>\n";
if ($login['passfail']) {
print " <td class=\"logincell\"><font color=\"#008000\">Pass</font></td>\n";
} else {
print " <td class=\"logincell\"><font color=\"red\">Fail</font></td>\n";
}
print " <td class=\"logincell\">{$login['remoteIP']}</td>\n";
print " <td class=\"logincell\">{$login['code']}</td>\n";
print " </tr>\n";
}
print "</table>\n";
} else {
print "<h3>Login History</h3>\n";
print "There are no login attempts by this user.<br>\n";
}
# reservation history
$requests = array();
$query = "SELECT DATE_FORMAT(l.start, '%W, %b %D, %Y, %h:%i %p') AS start, " . "DATE_FORMAT(l.finalend, '%W, %b %D, %Y, %h:%i %p') AS end, " . "c.hostname, " . "i.prettyname AS prettyimage, " . "s.IPaddress, " . "l.ending " . "FROM log l, " . "image i, " . "computer c, " . "sublog s " . "WHERE l.userid = {$userdata['id']} AND " . "s.logid = l.id AND " . "i.id = s.imageid AND " . "c.id = s.computerid " . "ORDER BY l.start DESC " . "LIMIT 5";
$qh = doQuery($query, 290);
while ($row = mysql_fetch_assoc($qh)) {
array_push($requests, $row);
}
$requests = array_reverse($requests);
if (!empty($requests)) {
print "<h3>User's last " . count($requests) . " reservations:</h3>\n";
print "<table>\n";
$first = 1;
foreach ($requests as $req) {
if ($first) {
$first = 0;
} else {
print " <tr>\n";
print " <td colspan=2><hr></td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Image:</th>\n";
print " <td>{$req['prettyimage']}</td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th align=right>Computer:</th>\n";
print " <td>{$req['hostname']}</td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th align=right>Start:</th>\n";
print " <td>{$req['start']}</td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th align=right>End:</th>\n";
print " <td>{$req['end']}</td>\n";
print " </tr>\n";
if ($req['IPaddress'] != '') {
print " <tr>\n";
print " <th align=right>IP Address:</th>\n";
print " <td>{$req['IPaddress']}</td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Ending:</th>\n";
print " <td>{$req['ending']}</td>\n";
print " </tr>\n";
}
print "</table>\n";
} else {
print "User made no reservations in the past week.<br>\n";
}
# current reservations
$requests = array();
$query = "SELECT DATE_FORMAT(rq.start, '%W, %b %D, %Y, %h:%i %p') AS start, " . "DATE_FORMAT(rq.end, '%W, %b %D, %Y, %h:%i %p') AS end, " . "rq.id AS requestid, " . "MIN(rs.id) AS reservationid, " . "c.hostname AS computer, " . "i.prettyname AS prettyimage, " . "c.IPaddress AS compIP, " . "rs.remoteIP AS userIP, " . "ch.hostname AS vmhost, " . "mn.hostname AS managementnode, " . "srq.name AS servername, " . "aug.name AS admingroup, " . "lug.name AS logingroup, " . "s1.name AS state, " . "s2.name AS laststate " . "FROM image i, " . "managementnode mn, " . "request rq " . "LEFT JOIN reservation rs ON (rs.requestid = rq.id) " . "LEFT JOIN computer c ON (rs.computerid = c.id) " . "LEFT JOIN vmhost vh ON (c.vmhostid = vh.id) " . "LEFT JOIN computer ch ON (vh.computerid = ch.id) " . "LEFT JOIN serverrequest srq ON (srq.requestid = rq.id) " . "LEFT JOIN usergroup aug ON (aug.id = srq.admingroupid) " . "LEFT JOIN usergroup lug ON (lug.id = srq.logingroupid) " . "LEFT JOIN state s1 ON (s1.id = rq.stateid) " . "LEFT JOIN state s2 ON (s2.id = rq.laststateid) " . "WHERE rq.userid = {$userdata['id']} AND " . "i.id = rs.imageid AND " . "mn.id = rs.managementnodeid " . "GROUP BY rq.id " . "ORDER BY rq.start";
$qh = doQuery($query, 290);
while ($row = mysql_fetch_assoc($qh)) {
array_push($requests, $row);
}
$requests = array_reverse($requests);
if (!empty($requests)) {
print "<h3>User's current reservations:</h3>\n";
print "<table>\n";
$first = 1;
foreach ($requests as $req) {
if ($first) {
$first = 0;
} else {
print " <tr>\n";
print " <td colspan=2><hr></td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Request ID:</th>\n";
print " <td>{$req['requestid']}</td>\n";
print " </tr>\n";
if ($req['servername'] != '') {
print " <tr>\n";
print " <th align=right>Reservation Name:</th>\n";
print " <td>{$req['servername']}</td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Image:</th>\n";
print " <td>{$req['prettyimage']}</td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th align=right>State:</th>\n";
if ($req['state'] == 'pending') {
print " <td>{$req['laststate']}</td>\n";
} else {
print " <td>{$req['state']}</td>\n";
}
print " </tr>\n";
print " <tr>\n";
print " <th align=right>Computer:</th>\n";
print " <td>{$req['computer']}</td>\n";
print " </tr>\n";
if (!empty($req['vmhost'])) {
print " <tr>\n";
print " <th align=right>VM Host:</th>\n";
print " <td>{$req['vmhost']}</td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Start:</th>\n";
print " <td>{$req['start']}</td>\n";
print " </tr>\n";
print " <tr>\n";
print " <th align=right>End:</th>\n";
if ($req['end'] == 'Friday, Jan 1st, 2038, 12:00 AM') {
print " <td>(indefinite)</td>\n";
} else {
print " <td>{$req['end']}</td>\n";
}
print " </tr>\n";
if ($req['compIP'] != '') {
print " <tr>\n";
print " <th align=right>Node's IP Address:</th>\n";
print " <td>{$req['compIP']}</td>\n";
print " </tr>\n";
}
if ($req['userIP'] != '') {
print " <tr>\n";
print " <th align=right>User's IP Address:</th>\n";
print " <td>{$req['userIP']}</td>\n";
print " </tr>\n";
}
if ($req['admingroup'] != '') {
print " <tr>\n";
print " <th align=right>Admin Group:</th>\n";
print " <td>{$req['admingroup']}</td>\n";
print " </tr>\n";
}
if ($req['logingroup'] != '') {
print " <tr>\n";
print " <th align=right>Access Group:</th>\n";
print " <td>{$req['logingroup']}</td>\n";
print " </tr>\n";
}
print " <tr>\n";
print " <th align=right>Management Node:</th>\n";
print " <td>{$req['managementnode']}</td>\n";
print " </tr>\n";
}
print "</table>\n";
} else {
print "User does not have any current reservations.<br>\n";
}
}
print "</div>\n";
}
