Allow joining PI group by PI email address (#350)

bryank-cs · web-flow · commit 576dc144189f · 2025-11-10T15:12:05.000-05:00
* Allow user join by PI email instead of pi_group

* groups.php: Store modalErrors to display on reload
diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php
@@ -477,4 +477,15 @@ public static function GID2OwnerUID(string $gid): string
         }
         return substr($gid, strlen(self::PI_PREFIX));
     }
+
+    public static function ownerMail2GID($email)
+    {
+        global $LDAP;
+        $entry = $LDAP->getUidFromEmail($email);
+        if ($entry !== null) {
+            $ownerUid = $entry->getAttribute("cn")[0];
+            return self::PI_PREFIX . $ownerUid;
+        }
+        return $email; // Leave untouched
+    }
 }
diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php
@@ -6,9 +6,9 @@
 use PHPOpenLDAPer\LDAPEntry;
 
 /**
- * An LDAP connection class which extends ldapConn tailored for the Unity Cluster
+ * An LDAP connection class which extends LDAPConn tailored for the Unity Cluster
  */
-class UnityLDAP extends ldapConn
+class UnityLDAP extends LDAPConn
 {
     private const string RDN = "cn"; // The defauls RDN for LDAP entries is set to "common name"
 
@@ -428,4 +428,13 @@ public function getOrgGroupEntry(string $gid): LDAPEntry
         $gid = ldap_escape($gid, "", LDAP_ESCAPE_DN);
         return $this->getEntry(UnityLDAP::RDN . "=$gid," . CONFIG["ldap"]["orggroup_ou"]);
     }
+
+    public function getUidFromEmail($email)
+    {
+        $email = ldap_escape($email, "", LDAP_ESCAPE_FILTER);
+        $cn = $this->search("mail=$email", CONFIG["ldap"]["user_ou"], ["cn"]);
+        if ($cn && count($cn) == 1) {
+            return $cn[0];
+        }
+    }
 }
diff --git a/webroot/panel/groups.php b/webroot/panel/groups.php
@@ -10,20 +10,25 @@
 
     if (isset($_POST["form_type"])) {
         if (isset($_POST["pi"])) {
-            $pi_account = new UnityGroup($_POST["pi"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
+            $pi_groupname = $_POST["pi"];
+            if (substr($pi_groupname, 0, 3) !== "pi_" && str_contains($pi_groupname, "@")) {
+                $pi_groupname = UnityGroup::ownerMail2GID($pi_groupname);
+            }
+            $pi_account = new UnityGroup($pi_groupname, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
             if (!$pi_account->exists()) {
-                // "\'"  instead of "'", otherwise it will close a single quote from HTML
-                array_push($modalErrors, "This PI doesn\'t exist");
+                array_push($modalErrors, "This PI doesn't exist");
             }
         }
 
         switch ($_POST["form_type"]) {
             case "addPIform":
-                if ($pi_account->requestExists($USER)) {
-                    array_push($modalErrors, "You\'ve already requested this");
-                }
-                if ($pi_account->memberExists($USER)) {
-                    array_push($modalErrors, "You\'re already in this PI group");
+                if ($pi_account->exists()) {
+                    if ($pi_account->requestExists($USER)) {
+                        array_push($modalErrors, "You've already requested this");
+                    }
+                    if ($pi_account->memberExists($USER)) {
+                        array_push($modalErrors, "You're already in this PI group");
+                    }
                 }
                 if ($USER->uid != $SSO["user"]) {
                     $sso_user = $SSO["user"];
@@ -50,8 +55,15 @@
                 break;
         }
     }
+    $_SESSION['MODAL_ERRORS'] = $modalErrors;
+} else {
+    if (isset($_SESSION['MODAL_ERRORS'])) {
+        $modalErrors = $_SESSION['MODAL_ERRORS'];
+        $_SESSION['MODAL_ERRORS'] = array();  // Forget after shown
+    }
 }
 
+
 require $LOC_HEADER;
 ?>
 
@@ -178,7 +190,7 @@
     if (isset($modalErrors) && is_array($modalErrors) && count($modalErrors) > 0) {
         $errorHTML = "";
         foreach ($modalErrors as $error) {
-            $errorHTML .= "<span>$error</span>";
+            $errorHTML .= "<span>" . htmlentities($error) . "</span>";
         }
 
         echo "openModal('Add New PI', '" .
diff --git a/webroot/panel/new_account.php b/webroot/panel/new_account.php
@@ -24,9 +24,13 @@
             );
         }
         if ($_POST["new_user_sel"] == "not_pi") {
-            $form_group = new UnityGroup($_POST["pi"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
+            $pi_groupname = $_POST["pi"];
+            if (substr($pi_groupname, 0, 3) !== "pi_" && str_contains($pi_groupname, "@")) {
+                $pi_groupname = UnityGroup::ownerMail2GID($pi_groupname);
+            }
+            $form_group = new UnityGroup($pi_groupname, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
             if (!$form_group->exists()) {
-                UnityHTTPD::badRequest("The selected PI '" . $_POST["pi"] . "'does not exist");
+                UnityHTTPD::badRequest("The selected PI '" . $pi_groupname . "'does not exist");
             }
             $form_group->newUserRequest(
                 $USER,

Original file line number	Diff line number	Diff line change
`@@ -477,4 +477,15 @@ public static function GID2OwnerUID(string $gid): string`
`477`	`477`	`}`
`478`	`478`	`return substr($gid, strlen(self::PI_PREFIX));`
`479`	`479`	`}`
	`480`	`+`
	`481`	`+ public static function ownerMail2GID($email)`
	`482`	`+ {`
	`483`	`+ global $LDAP;`
	`484`	`+ $entry = $LDAP->getUidFromEmail($email);`
	`485`	`+ if ($entry !== null) {`
	`486`	`+ $ownerUid = $entry->getAttribute("cn")[0];`
	`487`	`+ return self::PI_PREFIX . $ownerUid;`
	`488`	`+ }`
	`489`	`+ return $email; // Leave untouched`
	`490`	`+ }`
`480`	`491`	`}`