UnityHPC
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 1 addition & 0 deletions b/‎CONTRIBUTING.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎README.md‎
Lines changed: 2 additions & 0 deletions b/‎README.md‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎resources/lib/UnityGroup.php‎
Lines changed: 4 additions & 2 deletions b/‎resources/lib/UnityGroup.php‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎resources/lib/UnityUser.php‎
Lines changed: 34 additions & 10 deletions b/‎resources/lib/UnityUser.php‎
Lines changed: 34 additions & 10 deletions
diff --git a/‎resources/mail/user_dequalified.php‎
Lines changed: 10 additions & 0 deletions b/‎resources/mail/user_dequalified.php‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎resources/mail/user_created.php‎ ‎resources/mail/user_qualified.php‎resources/mail/user_created.php renamed to resources/mail/user_qualified.php
Lines changed: 2 additions & 2 deletions b/‎resources/mail/user_created.php‎ ‎resources/mail/user_qualified.php‎resources/mail/user_created.php renamed to resources/mail/user_qualified.php
Lines changed: 2 additions & 2 deletions
@@ -63,6 +63,7 @@ Notable users:
 - `[email protected]` - admin, PI
 - `[email protected]` - not admin, not PI
 - `[email protected]` - does not yet have an account
+- `[email protected]` - regsitered but not qualified (not a PI or in a PI group)
 
 ### Changes to Dev Environment
 
 
@@ -117,6 +117,8 @@ rm "$prod" && ln -s "$old" "$prod"
 ### 1.3 -> 1.4
 
 - the `[ldap]user_group` option has been renamed to `[ldap]qualified_user_group`
+- the `user_created ` mail template has been renamed to `user_qualified`
+- the `user_dequalified` mail template has been added
 
 ### 1.2 -> 1.3
 
 
@@ -100,7 +100,7 @@ public function approveGroup(?UnityUser $operator = null, bool $send_mail = true
         if ($this->exists()) {
             return;
         }
-        \ensure(!$this->getOwner()->exists());
+        \ensure($this->getOwner()->exists());
         $this->init();
         $this->SQL->removeRequest($this->getOwner()->uid);
         $operator = is_null($operator) ? $this->getOwner()->uid : $operator->uid;
@@ -113,6 +113,7 @@ public function approveGroup(?UnityUser $operator = null, bool $send_mail = true
         if ($send_mail) {
             $this->MAILER->sendMail($this->getOwner()->getMail(), "group_created");
         }
+        $this->getOwner()->setIsQualified(true); // having your own group makes you qualified
     }
 
     /**
@@ -207,7 +208,7 @@ public function cancelGroupJoinRequest(UnityUser $user, bool $send_mail = true):
     public function approveUser(UnityUser $new_user, bool $send_mail = true): void
     {
         $request = $this->SQL->getRequest($new_user->uid, $this->gid);
-        \ensure(!$new_user->exists());
+        \ensure($new_user->exists());
         $this->addUserToGroup($new_user);
         $this->SQL->removeRequest($new_user->uid, $this->gid);
         if ($send_mail) {
@@ -222,6 +223,7 @@ public function approveUser(UnityUser $new_user, bool $send_mail = true): void
                 "org" => $new_user->getOrg(),
             ]);
         }
+        $new_user->setIsQualified(true); // being in a group makes you qualified
     }
 
     public function denyUser(UnityUser $new_user, bool $send_mail = true): void
 
@@ -105,18 +105,42 @@ public function init(
             $org->addUser($this);
         }
 
-        $this->LDAP->getQualifiedUserGroup()->appendAttribute("memberuid", $this->uid);
-        $this->LDAP->getQualifiedUserGroup()->write();
-
-        $this->REDIS->appendCacheArray("sorted_qualified_users", "", $this->uid);
-
         $this->SQL->addLog($this->uid, $_SERVER["REMOTE_ADDR"], "user_added", $this->uid);
+    }
 
-        if ($send_mail) {
-            $this->MAILER->sendMail($this->getMail(), "user_created", [
-                "user" => $this->uid,
-                "org" => $this->getOrg(),
-            ]);
+    public function isQualified(): bool
+    {
+        return $this->LDAP->getQualifiedUserGroup()->attributeValueExists("memberUid", $this->uid);
+    }
+
+    public function setIsQualified(bool $newIsQualified, bool $doSendMail = true): void
+    {
+        $oldIsQualified = $this->isQualified();
+        if ($oldIsQualified == $newIsQualified) {
+            return;
+        }
+        if ($newIsQualified) {
+            $this->LDAP->getQualifiedUserGroup()->appendAttribute("memberuid", $this->uid);
+            $this->LDAP->getQualifiedUserGroup()->write();
+            $this->REDIS->appendCacheArray("sorted_qualified_users", "", $this->uid);
+            if ($doSendMail) {
+                $this->MAILER->sendMail($this->getMail(), "user_qualified", [
+                    "user" => $this->uid,
+                    "org" => $this->getOrg(),
+                ]);
+            }
+        } else {
+            $this->LDAP
+                ->getQualifiedUserGroup()
+                ->removeAttributeEntryByValue("memberuid", $this->uid);
+            $this->LDAP->getQualifiedUserGroup()->write();
+            $this->REDIS->removeCacheArray("sorted_qualified_users", "", $this->uid);
+            if ($doSendMail) {
+                $this->MAILER->sendMail($this->getMail(), "user_dequalified", [
+                    "user" => $this->uid,
+                    "org" => $this->getOrg(),
+                ]);
+            }
         }
     }
 
 
@@ -0,0 +1,10 @@
+<?php
+
+// this template is sent when a user account is no longer qualified
+$this->Subject = "User Deactivated"; ?>
+
+<p>Hello,</p>
+
+<p>Your account on the Unity cluster has been deactivated.</p>
+
+<p>If you believe this to be a mistake, please reply to this email as soon as possible.</p>
@@ -1,7 +1,7 @@
 <?php
 
-// this template is sent when a user account gets created
-$this->Subject = "User Created"; ?>
+// this template is sent when a user account becomes qualified
+$this->Subject = "User Activated"; ?>
 
 <p>Hello,</p>
Original file line number	Diff line number	Diff line change
`@@ -100,7 +100,7 @@ public function approveGroup(?UnityUser $operator = null, bool $send_mail = true`
`100`	`100`	`if ($this->exists()) {`
`101`	`101`	`return;`
`102`	`102`	`}`
`103`		`- \ensure(!$this->getOwner()->exists());`
	`103`	`+ \ensure($this->getOwner()->exists());`
`104`	`104`	`$this->init();`
`105`	`105`	`$this->SQL->removeRequest($this->getOwner()->uid);`
`106`	`106`	`$operator = is_null($operator) ? $this->getOwner()->uid : $operator->uid;`
`@@ -113,6 +113,7 @@ public function approveGroup(?UnityUser $operator = null, bool $send_mail = true`
`113`	`113`	`if ($send_mail) {`
`114`	`114`	`$this->MAILER->sendMail($this->getOwner()->getMail(), "group_created");`
`115`	`115`	`}`
	`116`	`+ $this->getOwner()->setIsQualified(true); // having your own group makes you qualified`
`116`	`117`	`}`
`117`	`118`
`118`	`119`	`/**`
`@@ -207,7 +208,7 @@ public function cancelGroupJoinRequest(UnityUser $user, bool $send_mail = true):`
`207`	`208`	`public function approveUser(UnityUser $new_user, bool $send_mail = true): void`
`208`	`209`	`{`
`209`	`210`	`$request = $this->SQL->getRequest($new_user->uid, $this->gid);`
`210`		`- \ensure(!$new_user->exists());`
	`211`	`+ \ensure($new_user->exists());`
`211`	`212`	`$this->addUserToGroup($new_user);`
`212`	`213`	`$this->SQL->removeRequest($new_user->uid, $this->gid);`
`213`	`214`	`if ($send_mail) {`
`@@ -222,6 +223,7 @@ public function approveUser(UnityUser $new_user, bool $send_mail = true): void`
`222`	`223`	`"org" => $new_user->getOrg(),`
`223`	`224`	`]);`
`224`	`225`	`}`
	`226`	`+ $new_user->setIsQualified(true); // being in a group makes you qualified`
`225`	`227`	`}`
`226`	`228`
`227`	`229`	`public function denyUser(UnityUser $new_user, bool $send_mail = true): void`