13a92c874291e4120ffe9224e02340c69ea8e7de
[cacert-devel.git] / scripts / cron / permissionreview.php
1 #!/usr/bin/php -q
2 <?php
3 /*
4 LibreSSL - CAcert web application
5 Copyright (C) 2004-2012 CAcert Inc.
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; version 2 of the License.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 require_once('../../includes/mysql.php');
22
23 $BOARD_PRIVATE = 'cacert-board-private@lists.cacert.org';
24
25 $flags = array(
26 'admin' => 'Support Engineer',
27 'orgadmin' => 'Organisation Assurer',
28 'board' => 'Board Member',
29 'ttpadmin' => 'Trusted Third Party Admin',
30 'tverify' => 'Tverify Admin',
31 'locadmin' => 'Location Admin'
32 );
33
34 $adminlist = array();
35
36 foreach ($flags as $flag => $description) {
37 $query = "select `fname`, `lname`, `email` from `users` where `$flag` = 1";
38 if(! $res = mysql_query($query) ) {
39 fwrite(STDERR,
40 "MySQL query for flag $flag failed:\n".
41 "\"$query\"\n".
42 mysql_error()
43 );
44
45 continue;
46 }
47
48 $admins = array();
49 $adminlist[$flag] = "";
50
51 while ($row = mysql_fetch_assoc($res)) {
52 $admins[] = $row;
53 $adminlist[$flag] .= "$row[fname] $row[lname] $row[email]\n";
54 }
55
56 foreach ($admins as $admin) {
57 $message = <<<EOF
58 Hello $admin[fname],
59
60 you get this message, because you are listed as $description on
61 CAcert.org. Please review the following list of persons with the same privilege
62 and report to the responsible team leader or board
63 ($BOARD_PRIVATE) if you spot any errors.
64
65 $adminlist[$flag]
66
67
68 Best Regards,
69 CAcert Support
70 EOF;
71 sendmail($admin['email'], "Permissions Review", $message, 'support@cacert.org');
72 }
73 }
74
75
76
77 $message = <<<EOF
78 Dear Board Members,
79
80 it's time for the permission review again. Here is the list of privileged users
81 in the CAcert web application. Please review them and also ask the persons
82 responsible for an up-to-date copy of access lists not directly recorded in the
83 web application (critical admins, software assessors etc.)
84
85
86 EOF;
87
88 foreach ($flags as $flag => $description) {
89 $message .= <<<EOF
90 List of ${description}s:
91 $adminlist[$flag]
92
93 EOF;
94 }
95
96 $message .= <<<EOF
97
98 Best Regards,
99 CAcert Support
100 EOF;
101
102 sendmail($BOARD_PRIVATE, "Permissions Review", $message, 'support@cacert.org');