From cc39f8ca204eab53374618e4ee43a7d37a065942 Mon Sep 17 00:00:00 2001 From: Kevin Bryan Date: Mon, 10 Nov 2025 12:40:18 -0500 Subject: [PATCH 1/6] Allow user join by PI email instead of pi_group --- resources/lib/UnityGroup.php | 7 +++++++ resources/lib/UnityLDAP.php | 13 +++++++++++-- webroot/panel/new_account.php | 8 ++++++-- 3 files changed, 24 insertions(+), 4 deletions(-) diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php index e6e9c609..00f55fe8 100644 --- a/resources/lib/UnityGroup.php +++ b/resources/lib/UnityGroup.php @@ -477,4 +477,11 @@ public static function GID2OwnerUID(string $gid): string } return substr($gid, strlen(self::PI_PREFIX)); } + + public static function mailToPIGID($email) + { + global $LDAP; + $ownerUid = $LDAP->getPIOwnerFromEmail($email)->getAttribute("cn")[0]; + return self::PI_PREFIX . $ownerUid; + } } diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php index db8ba3f2..af0882ea 100644 --- a/resources/lib/UnityLDAP.php +++ b/resources/lib/UnityLDAP.php @@ -6,9 +6,9 @@ use PHPOpenLDAPer\LDAPEntry; /** - * An LDAP connection class which extends ldapConn tailored for the Unity Cluster + * An LDAP connection class which extends LDAPConn tailored for the Unity Cluster */ -class UnityLDAP extends ldapConn +class UnityLDAP extends LDAPConn { private const string RDN = "cn"; // The defauls RDN for LDAP entries is set to "common name" @@ -428,4 +428,13 @@ public function getOrgGroupEntry(string $gid): LDAPEntry $gid = ldap_escape($gid, "", LDAP_ESCAPE_DN); return $this->getEntry(UnityLDAP::RDN . "=$gid," . CONFIG["ldap"]["orggroup_ou"]); } + + public function getPIOwnerFromEmail($email) + { + $email = ldap_escape($email, "", LDAP_ESCAPE_FILTER); + $cn = $this->search("mail=$email", CONFIG["ldap"]["user_ou"], ["cn"]); + if ($cn && count($cn) == 1) { + return $cn[0]; + } + } } diff --git a/webroot/panel/new_account.php b/webroot/panel/new_account.php index 34863657..4a94dcb6 100644 --- a/webroot/panel/new_account.php +++ b/webroot/panel/new_account.php @@ -24,9 +24,13 @@ ); } if ($_POST["new_user_sel"] == "not_pi") { - $form_group = new UnityGroup($_POST["pi"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK); + $pi_groupname = $_POST["pi"]; + if (substr($pi_groupname, 0, 3) !== "pi_" && str_contains($pi_groupname, "@")) { + $pi_groupname = UnityGroup::mailToPIGID($pi_groupname); + } + $form_group = new UnityGroup($pi_groupname, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK); if (!$form_group->exists()) { - UnityHTTPD::badRequest("The selected PI '" . $_POST["pi"] . "'does not exist"); + UnityHTTPD::badRequest("The selected PI '" . $pi_groupname . "'does not exist"); } $form_group->newUserRequest( $USER, From 0403d823b8f8ecc827a83ee1bb10d3fd42224f7a Mon Sep 17 00:00:00 2001 From: Kevin Bryan Date: Mon, 10 Nov 2025 13:54:36 -0500 Subject: [PATCH 2/6] mailToPIGID: Don't chain calls that may fail --- resources/lib/UnityGroup.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php index 00f55fe8..d3d47c53 100644 --- a/resources/lib/UnityGroup.php +++ b/resources/lib/UnityGroup.php @@ -481,7 +481,11 @@ public static function GID2OwnerUID(string $gid): string public static function mailToPIGID($email) { global $LDAP; - $ownerUid = $LDAP->getPIOwnerFromEmail($email)->getAttribute("cn")[0]; - return self::PI_PREFIX . $ownerUid; + $entry = $LDAP->getPIOwnerFromEmail($email); + if ($entry !== null) { + $ownerUid = $entry->getAttribute("cn")[0]; + return self::PI_PREFIX . $ownerUid; + } + return $email; // Leave untouched } } From d136dbed23e4f4449a9ff59cf720a0b90f8d9887 Mon Sep 17 00:00:00 2001 From: Kevin Bryan Date: Mon, 10 Nov 2025 13:59:04 -0500 Subject: [PATCH 3/6] groups.php: Store modalErrors to display on reload --- webroot/panel/groups.php | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/webroot/panel/groups.php b/webroot/panel/groups.php index 18b210c8..aa3196bb 100644 --- a/webroot/panel/groups.php +++ b/webroot/panel/groups.php @@ -10,20 +10,25 @@ if (isset($_POST["form_type"])) { if (isset($_POST["pi"])) { - $pi_account = new UnityGroup($_POST["pi"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK); + $pi_groupname = $_POST["pi"]; + if (substr($pi_groupname, 0, 3) !== "pi_" && str_contains($pi_groupname, "@")) { + $pi_groupname = UnityGroup::mailToPIGID($pi_groupname); + } + $pi_account = new UnityGroup($pi_groupname, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK); if (!$pi_account->exists()) { - // "\'" instead of "'", otherwise it will close a single quote from HTML - array_push($modalErrors, "This PI doesn\'t exist"); + array_push($modalErrors, "This PI doesn't exist"); } } switch ($_POST["form_type"]) { case "addPIform": - if ($pi_account->requestExists($USER)) { - array_push($modalErrors, "You\'ve already requested this"); - } - if ($pi_account->memberExists($USER)) { - array_push($modalErrors, "You\'re already in this PI group"); + if ($pi_account->exists()) { + if ($pi_account->requestExists($USER)) { + array_push($modalErrors, "You've already requested this"); + } + if ($pi_account->memberExists($USER)) { + array_push($modalErrors, "You're already in this PI group"); + } } if ($USER->uid != $SSO["user"]) { $sso_user = $SSO["user"]; @@ -50,8 +55,13 @@ break; } } + $_SESSION['MODAL_ERRORS'] = $modalErrors; +} else { + $modalErrors = $_SESSION['MODAL_ERRORS']; + $_SESSION['MODAL_ERRORS'] = array(); // Forget after shown } + require $LOC_HEADER; ?> @@ -178,7 +188,7 @@ if (isset($modalErrors) && is_array($modalErrors) && count($modalErrors) > 0) { $errorHTML = ""; foreach ($modalErrors as $error) { - $errorHTML .= "$error"; + $errorHTML .= "" . htmlentities($error) . ""; } echo "openModal('Add New PI', '" . From 0d1db0433f194f2f88c58729f3b58731990024d9 Mon Sep 17 00:00:00 2001 From: Kevin Bryan Date: Mon, 10 Nov 2025 14:51:00 -0500 Subject: [PATCH 4/6] groups.php: Test variable set before using --- webroot/panel/groups.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/webroot/panel/groups.php b/webroot/panel/groups.php index aa3196bb..4703cc6c 100644 --- a/webroot/panel/groups.php +++ b/webroot/panel/groups.php @@ -57,8 +57,10 @@ } $_SESSION['MODAL_ERRORS'] = $modalErrors; } else { - $modalErrors = $_SESSION['MODAL_ERRORS']; - $_SESSION['MODAL_ERRORS'] = array(); // Forget after shown + if (isset($_SESSION['MODAL_ERRORS'])) { + $modalErrors = $_SESSION['MODAL_ERRORS']; + $_SESSION['MODAL_ERRORS'] = array(); // Forget after shown + } } From 25572b8ba425c38e6ac38080544c061ea10aecf6 Mon Sep 17 00:00:00 2001 From: Kevin Bryan Date: Mon, 10 Nov 2025 14:59:58 -0500 Subject: [PATCH 5/6] getPIOwnerFromEmail -> getUidFromEmail --- resources/lib/UnityGroup.php | 2 +- resources/lib/UnityLDAP.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php index d3d47c53..9089489c 100644 --- a/resources/lib/UnityGroup.php +++ b/resources/lib/UnityGroup.php @@ -481,7 +481,7 @@ public static function GID2OwnerUID(string $gid): string public static function mailToPIGID($email) { global $LDAP; - $entry = $LDAP->getPIOwnerFromEmail($email); + $entry = $LDAP->getUidFromEmail($email); if ($entry !== null) { $ownerUid = $entry->getAttribute("cn")[0]; return self::PI_PREFIX . $ownerUid; diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php index af0882ea..df5c4cc2 100644 --- a/resources/lib/UnityLDAP.php +++ b/resources/lib/UnityLDAP.php @@ -429,7 +429,7 @@ public function getOrgGroupEntry(string $gid): LDAPEntry return $this->getEntry(UnityLDAP::RDN . "=$gid," . CONFIG["ldap"]["orggroup_ou"]); } - public function getPIOwnerFromEmail($email) + public function getUidFromEmail($email) { $email = ldap_escape($email, "", LDAP_ESCAPE_FILTER); $cn = $this->search("mail=$email", CONFIG["ldap"]["user_ou"], ["cn"]); From 45e8a5c880db3ca927aed27a74467cc68b909c14 Mon Sep 17 00:00:00 2001 From: Kevin Bryan Date: Mon, 10 Nov 2025 15:09:03 -0500 Subject: [PATCH 6/6] mailToPIGID -> ownerMail2GID --- resources/lib/UnityGroup.php | 2 +- webroot/panel/groups.php | 2 +- webroot/panel/new_account.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php index 9089489c..cbce33db 100644 --- a/resources/lib/UnityGroup.php +++ b/resources/lib/UnityGroup.php @@ -478,7 +478,7 @@ public static function GID2OwnerUID(string $gid): string return substr($gid, strlen(self::PI_PREFIX)); } - public static function mailToPIGID($email) + public static function ownerMail2GID($email) { global $LDAP; $entry = $LDAP->getUidFromEmail($email); diff --git a/webroot/panel/groups.php b/webroot/panel/groups.php index 4703cc6c..96c683d9 100644 --- a/webroot/panel/groups.php +++ b/webroot/panel/groups.php @@ -12,7 +12,7 @@ if (isset($_POST["pi"])) { $pi_groupname = $_POST["pi"]; if (substr($pi_groupname, 0, 3) !== "pi_" && str_contains($pi_groupname, "@")) { - $pi_groupname = UnityGroup::mailToPIGID($pi_groupname); + $pi_groupname = UnityGroup::ownerMail2GID($pi_groupname); } $pi_account = new UnityGroup($pi_groupname, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK); if (!$pi_account->exists()) { diff --git a/webroot/panel/new_account.php b/webroot/panel/new_account.php index 4a94dcb6..88f637d2 100644 --- a/webroot/panel/new_account.php +++ b/webroot/panel/new_account.php @@ -26,7 +26,7 @@ if ($_POST["new_user_sel"] == "not_pi") { $pi_groupname = $_POST["pi"]; if (substr($pi_groupname, 0, 3) !== "pi_" && str_contains($pi_groupname, "@")) { - $pi_groupname = UnityGroup::mailToPIGID($pi_groupname); + $pi_groupname = UnityGroup::ownerMail2GID($pi_groupname); } $form_group = new UnityGroup($pi_groupname, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK); if (!$form_group->exists()) {