boinc/tools/manage_privileges

164 lines
4.5 KiB
Plaintext
Raw Normal View History

#!/usr/bin/env php
<?php
// This file is part of BOINC.
// http://boinc.berkeley.edu
// Copyright (C) 2011 University of California
//
// BOINC is free software; you can redistribute it and/or modify it
// under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation,
// either version 3 of the License, or (at your option) any later version.
//
// BOINC is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
// script for controlling "manage" privileges.
// See http://boinc.berkeley.edu/trac/wiki/MultiUser
// Run this from the project directory.
// usage:
//
// manage_privileges grant userid {appname|all}
// manage_privileges revoke userid {appname|all}
// manage_privileges list
//
2016-12-16 20:11:20 +00:00
// grant/revoke the "manage" privileges for the given app (or all apps),
// or list all privileges
error_reporting(E_ALL);
ini_set('display_errors', true);
ini_set('display_startup_errors', true);
function usage() {
die("usage:
manage_privileges grant userid {appname|all}
manage_privileges revoke userid {appname|all}
manage_privileges list
");
}
function show_user($user) {
echo "$user->name (ID $user->id)\n";
}
function show_managers() {
echo "Users with global manager privileges: \n";
$buss = BoincUserSubmit::enum("manage_all<>0");
if (!count($buss)) {
echo "none\n";
} else {
foreach ($buss as $bus) {
$user = BoincUser::lookup_id($bus->user_id);
show_user($user);
}
}
$apps = BoincApp::enum(null);
foreach ($apps as $app) {
echo "\nUsers with manager privileges for $app->name:\n";
$busas = BoincUserSubmitApp::enum("app_id=$app->id and manage<>0");
if (!count($busas)) {
echo "none\n";
} else {
foreach ($busas as $busa) {
$user = BoincUser::lookup_id($busa->user_id);
show_user($user);
}
}
}
}
if (!file_exists("config.xml")) {
die("run this script from the project directory\n");
}
chdir("html/inc");
require_once("boinc_db.inc");
require_once("submit_db.inc");
if ($argc < 2) usage();
if ($argv[1] == "list") {
show_managers();
exit;
}
if ($argc < 4) usage();
$user = BoincUser::lookup_id($argv[2]);
if (!$user) {
die("no such user: ".$argv[1]."\n");
}
if ($argv[1] === "grant") {
$grant = true;
} else if ($argv[1] === "revoke") {
$grant = false;
} else {
usage();
}
if ($argv[3] === "all") {
$bus = BoincUserSubmit::lookup_userid($user->id);
if ($bus) {
if ($grant) {
if ($bus->manage_all) {
die("User $user->id already has global manage access\n");
} else {
$bus->update("manage_all=1");
}
} else {
if ($bus->manage_all) {
$bus->update("manage_all=0");
} else {
die("User $user->id does not have global manage access\n");
}
}
} else {
if ($grant) {
BoincUserSubmit::insert("set user_id=$user->id, manage_all=1");
} else {
die("User $user->id does not have global manage access\n");
}
}
} else {
$app = BoincApp::lookup("name='".$argv[3]."'");
if (!$app) die("no such app: ".$argv[3]."\n");
$busa = BoincUserSubmitApp::lookup("user_id=$user->id and app_id=$app->id");
if ($busa) {
if ($grant) {
if ($busa->manage) {
die("User $user->id already has manage access for $app->name\n");
} else {
$busa->update("manage=1");
}
} else {
if ($busa->manage) {
$busa->update("manage=0");
} else {
die("User $user->id does not have manage access for $app->name\n");
}
}
} else {
if ($grant) {
$bus = BoincUserSubmit::lookup_userid($user->id);
if (!$bus) {
BoincUserSubmit::insert("set user_id=$user->id");
}
BoincUserSubmitApp::insert("set user_id=$user->id, app_id=$app->id, manage=1");
} else {
die("User $user->id does not have manage access for $app->name\n");
}
}
}
echo "Done.\n";
?>