Skip to content

Store user data in request #244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
simonLeary42 merged 31 commits into from
Jun 17, 2025
Merged

Store user data in request #244

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
f0afa80
prevent access to user attributes when they might not be defined
simonLeary42 Jun 7, 2025
39f18c9
getuid without existing is OK
simonLeary42 Jun 7, 2025
5b966cb
store attributes in request
simonLeary42 Jun 7, 2025
7520e97
replace bad variable name (#242)
simonLeary42 Jun 16, 2025
8face3b
email -> mail
simonLeary42 Jun 7, 2025
46bca8c
use new vars
simonLeary42 Jun 7, 2025
c374365
fix request fetch
simonLeary42 Jun 7, 2025
c51641d
fix tests
simonLeary42 Jun 7, 2025
ecce94a
add function getOrgMemberUIDs, copied from UnityGroup
simonLeary42 Jun 7, 2025
611281f
fix inOrg (#245)
simonLeary42 Jun 7, 2025
3825642
rename variable
simonLeary42 Jun 7, 2025
de70f50
use email from request
simonLeary42 Jun 7, 2025
59ef275
fix tests
simonLeary42 Jun 7, 2025
c27ad83
remove extra space
simonLeary42 Jun 7, 2025
42ff922
rewrite tests
simonLeary42 Jun 7, 2025
a2e50a0
fix tests
simonLeary42 Jun 7, 2025
731fc9d
fix tests
simonLeary42 Jun 7, 2025
6e64683
fix tests
simonLeary42 Jun 7, 2025
c92d9ca
fix test
simonLeary42 Jun 7, 2025
2395d8a
remove prune
simonLeary42 Jun 7, 2025
069bb94
remove old comment
simonLeary42 Jun 7, 2025
98df827
more similar to previous revision
simonLeary42 Jun 7, 2025
6762b79
wording
simonLeary42 Jun 7, 2025
db3dd54
consistent
simonLeary42 Jun 7, 2025
10c24a8
Revert "more similar to previous revision"
simonLeary42 Jun 7, 2025
7cba20e
delete org before user
simonLeary42 Jun 7, 2025
5bb021b
flush redis cache in tests
simonLeary42 Jun 9, 2025
62e97f6
Merge branch 'main' into request-name-volatile
simonLeary42 Jun 16, 2025
2c9ecbd
absolute exception
simonLeary42 Jun 16, 2025
d3c1e2e
fix requestExists
simonLeary42 Jun 16, 2025
2c3a0c4
remove redundant assertions
simonLeary42 Jun 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
98 changes: 56 additions & 42 deletions resources/lib/UnityGroup.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ public function exists()
// Portal-facing methods, these are the methods called by scripts in webroot
//

public function requestGroup($send_mail_to_admins, $send_mail = true)
public function requestGroup($firstname, $lastname, $email, $org, $send_mail_to_admins, $send_mail = true)
{
// check for edge cases...
if ($this->exists()) {
Expand All @@ -88,22 +88,22 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
return;
}

$this->SQL->addRequest($this->getOwner()->getUID());
$this->SQL->addRequest($this->getOwner()->getUID(), $firstname, $lastname, $email, $org);

if ($send_mail) {
// send email to requestor
$this->MAILER->sendMail(
$this->getOwner()->getMail(),
$email,
"group_request"
);

$this->WEBHOOK->sendWebhook(
"group_request_admin",
array(
"user" => $this->getOwner()->getUID(),
"org" => $this->getOwner()->getOrg(),
"name" => $this->getOwner()->getFullname(),
"email" => $this->getOwner()->getMail()
"org" => $org,
"name" => "$firstname $lastname",
"email" => $email
)
);

Expand All @@ -113,9 +113,9 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
"group_request_admin",
array(
"user" => $this->getOwner()->getUID(),
"org" => $this->getOwner()->getOrg(),
"name" => $this->getOwner()->getFullname(),
"email" => $this->getOwner()->getMail()
"org" => $org,
"name" => "$firstname $lastname",
"email" => $email
)
);
}
Expand All @@ -125,9 +125,9 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
"group_request_admin",
array(
"user" => $this->getOwner()->getUID(),
"org" => $this->getOwner()->getOrg(),
"name" => $this->getOwner()->getFullname(),
"email" => $this->getOwner()->getMail()
"org" => $org,
"name" => "$firstname $lastname",
"email" => $email
)
);
}
Expand All @@ -138,11 +138,8 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
*/
public function approveGroup($operator = null, $send_mail = true)
{
if (!$this->SQL->requestExists($this->getOwner()->getUID())) {
throw new Exception(
"attempt to approve nonexistent request for group='{$this->getPIUID()}'"
);
}
$uid = $this->getOwner()->getUID();
$request = $this->SQL->getRequest($uid, UnitySQL::REQUEST_BECOME_PI);

// check for edge cases...
if ($this->exists()) {
Expand All @@ -151,7 +148,13 @@ public function approveGroup($operator = null, $send_mail = true)

// check if owner exists
if (!$this->getOwner()->exists()) {
$this->getOwner()->init();
$this->getOwner()->init(
$request["firstname"],
$request["lastname"],
$request["email"],
$request["org"],
$send_mail
);
}

// initialize ldap objects, if this fails the script will crash, but nothing will persistently break
Expand All @@ -173,7 +176,7 @@ public function approveGroup($operator = null, $send_mail = true)
// send email to the newly approved PI
if ($send_mail) {
$this->MAILER->sendMail(
$this->getOwner()->getMail(),
$request["email"],
"group_created"
);
}
Expand Down Expand Up @@ -288,21 +291,22 @@ public function cancelGroupJoinRequest($user, $send_mail = true)
*/
public function approveUser($new_user, $send_mail = true)
{
if (!$this->requestExists($new_user)) {
throw new Exception(
"attempt to approve nonexistent request for group='{$this->getPIUID()}' uid='$new_user'"
);
}

$uid = $new_user->getUID();
$gid = $this->getPIUID();
$request = $this->SQL->getRequest($uid, $gid);
// check if user exists
if (!$new_user->exists()) {
$new_user->init();
$new_user->init(
$request["firstname"],
$request["lastname"],
$request["email"],
$request["org"],
);
}

// add user to the LDAP object
$this->addUserToGroup($new_user);

// remove request, this will fail silently if the request doesn't exist
$this->SQL->removeRequest($new_user->getUID(), $this->pi_uid);

// send email to the requestor
Expand All @@ -320,19 +324,19 @@ public function approveUser($new_user, $send_mail = true)
array(
"group" => $this->pi_uid,
"user" => $new_user->getUID(),
"name" => $new_user->getFullName(),
"email" => $new_user->getMail(),
"org" => $new_user->getOrg()
"name" => $request["firstname"] . " " . $request["lastname"],
"email" => $request["email"],
"org" => $request["org"],
)
);
}
}

public function denyUser($new_user, $send_mail = true)
{
if (!$this->requestExists($new_user)) {
return;
}
$uid = $new_user->getUID();
$gid = $this->getPIUID();
$request = $this->SQL->getRequest($uid, $gid);

// remove request, this will fail silently if the request doesn't exist
$this->SQL->removeRequest($new_user->getUID(), $this->pi_uid);
Expand Down Expand Up @@ -396,7 +400,7 @@ public function removeUser($new_user, $send_mail = true)
}
}

public function newUserRequest($new_user, $send_mail = true)
public function newUserRequest($new_user, $firstname, $lastname, $email, $org, $send_mail = true)
{
if ($this->userExists($new_user)) {
UnitySite::errorLog("warning", "user '$new_user' already in group");
Expand All @@ -413,12 +417,12 @@ public function newUserRequest($new_user, $send_mail = true)
return;
}

$this->addRequest($new_user->getUID());
$this->addRequest($new_user->getUID(), $firstname, $lastname, $email, $org);

if ($send_mail) {
// send email to user
$this->MAILER->sendMail(
$new_user->getMail(),
$email,
"group_user_request",
array("group" => $this->pi_uid)
);
Expand All @@ -430,9 +434,9 @@ public function newUserRequest($new_user, $send_mail = true)
array(
"group" => $this->pi_uid,
"user" => $new_user->getUID(),
"name" => $new_user->getFullName(),
"email" => $new_user->getMail(),
"org" => $new_user->getOrg()
"name" => "$firstname $lastname",
"email" => $email,
"org" => $org,
)
);
}
Expand All @@ -452,7 +456,17 @@ public function getRequests()
$this->REDIS,
$this->WEBHOOK
);
array_push($out, [$user, $request["timestamp"]]);
array_push(
$out,
[
$user,
$request["timestamp"],
$request["firstname"],
$request["lastname"],
$request["email"],
$request["org"],
]
);
}

return $out;
Expand Down Expand Up @@ -563,9 +577,9 @@ public function userExists($user)
return in_array($user->getUID(), $this->getGroupMemberUIDs());
}

private function addRequest($uid)
private function addRequest($uid, $firstname, $lastname, $email, $org)
{
$this->SQL->addRequest($uid, $this->pi_uid);
$this->SQL->addRequest($uid, $firstname, $lastname, $email, $org, $this->pi_uid);
}

//
Expand Down
34 changes: 28 additions & 6 deletions resources/lib/UnitySQL.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,17 +38,23 @@ public function getConn()
//
// requests table methods
//
public function addRequest($requestor, $dest = self::REQUEST_BECOME_PI)
public function addRequest($requestor, $firstname, $lastname, $email, $org, $dest = self::REQUEST_BECOME_PI)
{
if ($this->requestExists($requestor, $dest)) {
return;
}

$stmt = $this->conn->prepare(
"INSERT INTO " . self::TABLE_REQS . " (uid, request_for) VALUES (:uid, :request_for)"
"INSERT INTO " . self::TABLE_REQS . " " .
"(uid, firstname, lastname, email, org, request_for) VALUES " .
"(:uid, :firstname, :lastname, :email, :org, :request_for)"
);
$stmt->bindParam(":uid", $requestor);
$stmt->bindParam(":request_for", $dest);
$stmt->bindParam(":firstname", $firstname);
$stmt->bindParam(":lastname", $lastname);
$stmt->bindParam(":email", $email);
$stmt->bindParam(":org", $org);

$stmt->execute();
}
Expand Down Expand Up @@ -78,17 +84,33 @@ public function removeRequests($dest = self::REQUEST_BECOME_PI)
$stmt->execute();
}

public function requestExists($requestor, $dest = self::REQUEST_BECOME_PI)
public function getRequest($user, $dest)
{
$stmt = $this->conn->prepare(
"SELECT * FROM " . self::TABLE_REQS . " WHERE uid=:uid and request_for=:request_for"
);
$stmt->bindParam(":uid", $requestor);
$stmt->bindParam(":uid", $user);
$stmt->bindParam(":request_for", $dest);

$stmt->execute();
$result = $stmt->fetchAll();
if (count($result) == 0) {
throw new \Exception("no such request: uid='$user' request_for='$dest'");
}
if (count($result) > 1) {
throw new \Exception("multiple requests for uid='$user' request_for='$dest'");
}
return $result[0];
}

return count($stmt->fetchAll()) > 0;
public function requestExists($requestor, $dest = self::REQUEST_BECOME_PI)
{
try {
$this->getRequest($requestor, $dest);
return true;
// FIXME use a specific exception
} catch (\Exception) {
return false;
}
}

public function getRequests($dest = self::REQUEST_BECOME_PI)
Expand Down
Loading