diff --git a/resources/autoload.php b/resources/autoload.php
index 5c0c25c2..18388328 100644
--- a/resources/autoload.php
+++ b/resources/autoload.php
@@ -24,6 +24,8 @@
 require_once __DIR__ . "/lib/UnityWebhook.php";
 require_once __DIR__ . "/lib/UnityRedis.php";
 require_once __DIR__ . "/lib/UnityGithub.php";
+require_once __DIR__ . "/lib/exceptions/PhpUnitNoDieException.php";
+require_once __DIR__ . "/lib/exceptions/UnitySQLRecordNotFound.php";
 
 // run init script
 require __DIR__ . "/init.php";
diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php
index ab2c7270..b025d491 100644
--- a/resources/lib/UnityGroup.php
+++ b/resources/lib/UnityGroup.php
@@ -76,7 +76,7 @@ public function exists()
     // Portal-facing methods, these are the methods called by scripts in webroot
     //
 
-    public function requestGroup($send_mail_to_admins, $send_mail = true)
+    public function requestGroup($firstname, $lastname, $email, $org, $send_mail_to_admins, $send_mail = true)
     {
         // check for edge cases...
         if ($this->exists()) {
@@ -88,12 +88,12 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
             return;
         }
 
-        $this->SQL->addRequest($this->getOwner()->getUID());
+        $this->SQL->addRequest($this->getOwner()->getUID(), $firstname, $lastname, $email, $org);
 
         if ($send_mail) {
             // send email to requestor
             $this->MAILER->sendMail(
-                $this->getOwner()->getMail(),
+                $email,
                 "group_request"
             );
 
@@ -101,9 +101,9 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
                 "group_request_admin",
                 array(
                     "user" => $this->getOwner()->getUID(),
-                    "org" => $this->getOwner()->getOrg(),
-                    "name" => $this->getOwner()->getFullname(),
-                    "email" => $this->getOwner()->getMail()
+                    "org" => $org,
+                    "name" => "$firstname $lastname",
+                    "email" => $email
                 )
             );
 
@@ -113,9 +113,9 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
                     "group_request_admin",
                     array(
                         "user" => $this->getOwner()->getUID(),
-                        "org" => $this->getOwner()->getOrg(),
-                        "name" => $this->getOwner()->getFullname(),
-                        "email" => $this->getOwner()->getMail()
+                        "org" => $org,
+                        "name" => "$firstname $lastname",
+                        "email" => $email
                     )
                 );
             }
@@ -125,9 +125,9 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
                 "group_request_admin",
                 array(
                     "user" => $this->getOwner()->getUID(),
-                    "org" => $this->getOwner()->getOrg(),
-                    "name" => $this->getOwner()->getFullname(),
-                    "email" => $this->getOwner()->getMail()
+                    "org" => $org,
+                    "name" => "$firstname $lastname",
+                    "email" => $email
                 )
             );
         }
@@ -138,10 +138,10 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
      */
     public function approveGroup($operator = null, $send_mail = true)
     {
-        if (!$this->SQL->requestExists($this->getOwner()->getUID())) {
-            throw new Exception(
-                "attempt to approve nonexistent request for group='{$this->getPIUID()}'"
-            );
+        $uid = $this->getOwner()->getUID();
+        $request = $this->SQL->getRequest($uid, UnitySQL::REQUEST_BECOME_PI);
+        if (is_null($request)) {
+            throw new Exception("uid '$uid' does not have a group request!");
         }
 
         // check for edge cases...
@@ -151,7 +151,13 @@ public function approveGroup($operator = null, $send_mail = true)
 
         // check if owner exists
         if (!$this->getOwner()->exists()) {
-            $this->getOwner()->init();
+            $this->getOwner()->init(
+                $request["firstname"],
+                $request["lastname"],
+                $request["email"],
+                $request["org"],
+                $send_mail
+            );
         }
 
         // initialize ldap objects, if this fails the script will crash, but nothing will persistently break
@@ -173,7 +179,7 @@ public function approveGroup($operator = null, $send_mail = true)
         // send email to the newly approved PI
         if ($send_mail) {
             $this->MAILER->sendMail(
-                $this->getOwner()->getMail(),
+                $request["email"],
                 "group_created"
             );
         }
@@ -288,21 +294,27 @@ public function cancelGroupJoinRequest($user, $send_mail = true)
      */
     public function approveUser($new_user, $send_mail = true)
     {
-        if (!$this->requestExists($new_user)) {
-            throw new Exception(
-                "attempt to approve nonexistent request for group='{$this->getPIUID()}' uid='$new_user'"
-            );
+
+        $uid = $new_user->getUID();
+        $gid = $this->getPIUID();
+        $request = $this->SQL->getRequest($uid, $gid);
+        if (is_null($request)) {
+            throw new Exception("uid '$uid' does not have a request for group '$gid'!");
         }
 
         // check if user exists
         if (!$new_user->exists()) {
-            $new_user->init();
+            $new_user->init(
+                $request["firstname"],
+                $request["lastname"],
+                $request["email"],
+                $request["org"],
+            );
         }
 
         // add user to the LDAP object
         $this->addUserToGroup($new_user);
 
-        // remove request, this will fail silently if the request doesn't exist
         $this->SQL->removeRequest($new_user->getUID(), $this->pi_uid);
 
         // send email to the requestor
@@ -320,9 +332,9 @@ public function approveUser($new_user, $send_mail = true)
                 array(
                     "group" => $this->pi_uid,
                     "user" => $new_user->getUID(),
-                    "name" => $new_user->getFullName(),
-                    "email" => $new_user->getMail(),
-                    "org" => $new_user->getOrg()
+                    "name" => $request["firstname"] . " " . $request["lastname"],
+                    "email" => $request["email"],
+                    "org" => $request["org"],
                     )
             );
         }
@@ -330,8 +342,11 @@ public function approveUser($new_user, $send_mail = true)
 
     public function denyUser($new_user, $send_mail = true)
     {
-        if (!$this->requestExists($new_user)) {
-            return;
+        $uid = $new_user->getUID();
+        $gid = $this->getPIUID();
+        $request = $this->SQL->getRequest($uid, $gid);
+        if (is_null($request)) {
+            throw new Exception("uid '$uid' does not have a request for group '$gid'!");
         }
 
         // remove request, this will fail silently if the request doesn't exist
@@ -396,7 +411,7 @@ public function removeUser($new_user, $send_mail = true)
         }
     }
 
-    public function newUserRequest($new_user, $send_mail = true)
+    public function newUserRequest($new_user, $firstname, $lastname, $email, $org, $send_mail = true)
     {
         if ($this->userExists($new_user)) {
             UnitySite::errorLog("warning", "user '$new_user' already in group");
@@ -413,12 +428,12 @@ public function newUserRequest($new_user, $send_mail = true)
             return;
         }
 
-        $this->addRequest($new_user->getUID());
+        $this->addRequest($new_user->getUID(), $firstname, $lastname, $email, $org);
 
         if ($send_mail) {
             // send email to user
             $this->MAILER->sendMail(
-                $new_user->getMail(),
+                $email,
                 "group_user_request",
                 array("group" => $this->pi_uid)
             );
@@ -430,9 +445,9 @@ public function newUserRequest($new_user, $send_mail = true)
                 array(
                     "group" => $this->pi_uid,
                     "user" => $new_user->getUID(),
-                    "name" => $new_user->getFullName(),
-                    "email" => $new_user->getMail(),
-                    "org" => $new_user->getOrg()
+                    "name" => "$firstname $lastname",
+                    "email" => $email,
+                    "org" => $org,
                     )
             );
         }
@@ -452,7 +467,17 @@ public function getRequests()
                 $this->REDIS,
                 $this->WEBHOOK
             );
-            array_push($out, [$user, $request["timestamp"]]);
+            array_push(
+                $out,
+                [
+                    $user,
+                    $request["timestamp"],
+                    $request["firstname"],
+                    $request["lastname"],
+                    $request["email"],
+                    $request["org"],
+                ]
+            );
         }
 
         return $out;
@@ -563,9 +588,9 @@ public function userExists($user)
         return in_array($user->getUID(), $this->getGroupMemberUIDs());
     }
 
-    private function addRequest($uid)
+    private function addRequest($uid, $firstname, $lastname, $email, $org)
     {
-        $this->SQL->addRequest($uid, $this->pi_uid);
+        $this->SQL->addRequest($uid, $firstname, $lastname, $email, $org, $this->pi_uid);
     }
 
     //
diff --git a/resources/lib/UnitySQL.php b/resources/lib/UnitySQL.php
index d2c5eb39..98f43457 100644
--- a/resources/lib/UnitySQL.php
+++ b/resources/lib/UnitySQL.php
@@ -4,6 +4,7 @@
 
 use PDO;
 use PDOException;
+use UnityWebPortal\lib\exceptions\UnitySQLRecordNotFound;
 
 class UnitySQL
 {
@@ -109,12 +110,28 @@ private function update($table, $filters, $data)
         $stmt->execute();
     }
 
-    public function addRequest($requestor, $dest = self::REQUEST_BECOME_PI)
-    {
+    public function addRequest(
+        $requestor,
+        $firstname,
+        $lastname,
+        $email,
+        $org,
+        $dest = self::REQUEST_BECOME_PI
+    ) {
         if ($this->requestExists($requestor, $dest)) {
             return;
         }
-        $this->insert(self::TABLE_REQS, ["uid" => $requestor, "request_for" => $dest]);
+        $this->insert(
+            self::TABLE_REQS,
+            [
+                "uid" => $requestor,
+                "firstname" => $firstname,
+                "lastname" => $lastname,
+                "email" => $email,
+                "org" => $org,
+                "request_for" => $dest
+            ]
+        );
     }
 
     public function removeRequest($requestor, $dest = self::REQUEST_BECOME_PI)
@@ -130,10 +147,26 @@ public function removeRequests($dest = self::REQUEST_BECOME_PI)
         $this->delete(self::TABLE_REQS, ["request_for" => $dest]);
     }
 
-    public function requestExists($requestor, $dest = self::REQUEST_BECOME_PI)
+    public function getRequest($user, $dest)
     {
         $results = $this->search(self::TABLE_REQS, ["request_for" => $dest]);
-        return count($results) > 0;
+        if (count($results) == 0) {
+            throw new UnitySQLRecordNotFound("no such request: uid='$user' request_for='$dest'");
+        }
+        if (count($results) > 1) {
+            throw new Exception("multiple requests for uid='$user' request_for='$dest'");
+        }
+        return $results[0];
+    }
+
+    public function requestExists($requestor, $dest = self::REQUEST_BECOME_PI)
+    {
+        try {
+            self::getRequest($requestor, $dest);
+            return true;
+        } catch (UnitySQLRecordNotFound) {
+            return false;
+        }
     }
 
     public function getRequests($dest = self::REQUEST_BECOME_PI)
diff --git a/resources/lib/UnityUser.php b/resources/lib/UnityUser.php
index e1465251..983e2a5f 100644
--- a/resources/lib/UnityUser.php
+++ b/resources/lib/UnityUser.php
@@ -49,10 +49,11 @@ public function __toString()
      * @param string $firstname First name of new account
      * @param string $lastname Last name of new account
      * @param string $email email of new account
+     * @param string $org organization name of new account
      * @param bool $isPI boolean value for if the user checked the "I am a PI box"
      * @return void
      */
-    public function init($send_mail = true)
+    public function init($firstname, $lastname, $email, $org, $send_mail = true)
     {
         //
         // Create LDAP group
@@ -74,14 +75,14 @@ public function init($send_mail = true)
         if (!$ldapUserEntry->exists()) {
             $ldapUserEntry->setAttribute("objectclass", UnityLDAP::POSIX_ACCOUNT_CLASS);
             $ldapUserEntry->setAttribute("uid", $this->uid);
-            $ldapUserEntry->setAttribute("givenname", $this->getFirstname());
-            $ldapUserEntry->setAttribute("sn", $this->getLastname());
+            $ldapUserEntry->setAttribute("givenname", $firstname);
+            $ldapUserEntry->setAttribute("sn", $lastname);
             $ldapUserEntry->setAttribute(
                 "gecos",
-                \transliterator_transliterate("Latin-ASCII", "{$this->getFirstname()} {$this->getLastname()}")
+                \transliterator_transliterate("Latin-ASCII", "$firstname $lastname")
             );
-            $ldapUserEntry->setAttribute("mail", $this->getMail());
-            $ldapUserEntry->setAttribute("o", $this->getOrg());
+            $ldapUserEntry->setAttribute("mail", $email);
+            $ldapUserEntry->setAttribute("o", $org);
             $ldapUserEntry->setAttribute("homedirectory", self::HOME_DIR . $this->uid);
             $ldapUserEntry->setAttribute("loginshell", $this->LDAP->getDefUserShell());
             $ldapUserEntry->setAttribute("uidnumber", strval($id));
@@ -90,10 +91,10 @@ public function init($send_mail = true)
         }
 
         // update cache
-        //$this->REDIS->setCache($this->uid, "firstname", $this->getFirstname());
-        //$this->REDIS->setCache($this->uid, "lastname", $this->getLastname());
-        //$this->REDIS->setCache($this->uid, "mail", $this->getMail());
-        //$this->REDIS->setCache($this->uid, "org", $this->getOrg());
+        $this->REDIS->setCache($this->uid, "firstname", $firstname);
+        $this->REDIS->setCache($this->uid, "lastname", $lastname);
+        $this->REDIS->setCache($this->uid, "mail", $email);
+        $this->REDIS->setCache($this->uid, "org", $org);
         $this->REDIS->setCache($this->uid, "homedir", self::HOME_DIR . $this->uid);
         $this->REDIS->setCache($this->uid, "loginshell", $this->LDAP->getDefUserShell());
         $this->REDIS->setCache($this->uid, "sshkeys", array());
@@ -189,6 +190,7 @@ public function setOrg($org)
 
     public function getOrg($ignorecache = false)
     {
+        assert($this->exists());
         if (!$ignorecache) {
             $cached_val = $this->REDIS->getCache($this->getUID(), "org");
             if (!is_null($cached_val)) {
@@ -238,6 +240,7 @@ public function setFirstname($firstname, $operator = null)
      */
     public function getFirstname($ignorecache = false)
     {
+        assert($this->exists());
         if (!$ignorecache) {
             $cached_val = $this->REDIS->getCache($this->getUID(), "firstname");
             if (!is_null($cached_val)) {
@@ -287,6 +290,7 @@ public function setLastname($lastname, $operator = null)
      */
     public function getLastname($ignorecache = false)
     {
+        assert($this->exists());
         if (!$ignorecache) {
             $cached_val = $this->REDIS->getCache($this->getUID(), "lastname");
             if (!is_null($cached_val)) {
@@ -309,6 +313,7 @@ public function getLastname($ignorecache = false)
 
     public function getFullname()
     {
+        assert($this->exists());
         return $this->getFirstname() . " " . $this->getLastname();
     }
 
@@ -341,6 +346,7 @@ public function setMail($email, $operator = null)
      */
     public function getMail($ignorecache = false)
     {
+        assert($this->exists());
         if (!$ignorecache) {
             $cached_val = $this->REDIS->getCache($this->getUID(), "mail");
             if (!is_null($cached_val)) {
@@ -404,6 +410,7 @@ public function setSSHKeys($keys, $operator = null, $send_mail = true)
      */
     public function getSSHKeys($ignorecache = false)
     {
+        assert($this->exists());
         if (!$ignorecache) {
             $cached_val = $this->REDIS->getCache($this->getUID(), "sshkeys");
             if (!is_null($cached_val)) {
@@ -480,6 +487,7 @@ public function setLoginShell($shell, $operator = null, $send_mail = true)
      */
     public function getLoginShell($ignorecache = false)
     {
+        assert($this->exists());
         if (!$ignorecache) {
             $cached_val = $this->REDIS->getCache($this->getUID(), "loginshell");
             if (!is_null($cached_val)) {
@@ -528,6 +536,7 @@ public function setHomeDir($home, $operator = null)
      */
     public function getHomeDir($ignorecache = false)
     {
+        assert($this->exists());
         if (!$ignorecache) {
             $cached_val = $this->REDIS->getCache($this->getUID(), "homedir");
             if (!is_null($cached_val)) {
diff --git a/resources/lib/exceptions/UnitySQLRecordNotFound.php b/resources/lib/exceptions/UnitySQLRecordNotFound.php
new file mode 100644
index 00000000..8f767316
--- /dev/null
+++ b/resources/lib/exceptions/UnitySQLRecordNotFound.php
@@ -0,0 +1,6 @@
+<?php
+namespace UnityWebPortal\lib\exceptions;
+
+class UnitySQLRecordNotFound extends \Exception
+{
+}
diff --git a/test/functional/NewUserTest.php b/test/functional/NewUserTest.php
index 87706716..4e72a048 100644
--- a/test/functional/NewUserTest.php
+++ b/test/functional/NewUserTest.php
@@ -3,13 +3,27 @@
 use PHPUnit\Framework\TestCase;
 use UnityWebPortal\lib\exceptions\PhpUnitNoDieException;
 use UnityWebPortal\lib\UnityGroup;
+use UnityWebPortal\lib\UnityOrg;
+use UnityWebPortal\lib\UnitySQL;
 
 class NewUserTest extends TestCase
 {
-    private function assertNumberGroupRequests(int $x)
+    private function assertRequestedPIGroup(bool $expected)
     {
         global $USER, $SQL;
-        $this->assertEquals($x, count($SQL->getRequestsByUser($USER->getUID())));
+        $this->assertEquals(
+            $expected,
+            $SQL->requestExists($USER->getUID(), UnitySQL::REQUEST_BECOME_PI)
+        );
+    }
+
+    private function assertRequestedMembership(bool $expected, string $gid)
+    {
+        global $USER, $SQL;
+        $this->assertEquals(
+            $expected,
+            $SQL->requestExists($USER->getUID(), $gid)
+        );
     }
 
     private function requestGroupCreation()
@@ -45,12 +59,12 @@ private function ensureUserDoesNotExist()
     {
         global $USER, $SQL, $LDAP, $REDIS;
         $SQL->deleteRequestsByUser($USER->getUID());
-        $org = $USER->getOrgGroup();
-        if ($org->exists() and $org->inOrg($USER)) {
-            $org->removeUser($USER);
-            assert(!$org->inOrg($USER));
-        }
         if ($USER->exists()) {
+            $org = $USER->getOrgGroup();
+            if ($org->exists() and $org->inOrg($USER)) {
+                $org->removeUser($USER);
+                assert(!$org->inOrg($USER));
+            }
             $USER->getLDAPUser()->delete();
             assert(!$USER->exists());
         }
@@ -70,8 +84,8 @@ private function ensureUserDoesNotExist()
 
     private function ensureOrgGroupDoesNotExist()
     {
-        global $USER, $REDIS;
-        $org_group = $USER->getOrgGroup();
+        global $USER, $SSO, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK;
+        $org_group = new UnityOrg($SSO["org"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
         if ($org_group->exists()) {
             $org_group->getLDAPOrgGroup()->delete();
             assert(!$org_group->exists());
@@ -100,18 +114,20 @@ private function ensurePIGroupDoesNotExist()
 
     public function testCreateUserByJoinGoup()
     {
-        global $USER, $SQL, $LDAP;
+        global $USER, $SSO, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK;
         switchUser(...getUserIsPIHasNoMembersNoMemberRequests());
         $pi_group = $USER->getPIGroup();
+        $gid = $pi_group->getPIUID();
         switchUser(...getNonExistentUser());
         $this->assertTrue(!$USER->exists());
-        $this->assertTrue(!$USER->getOrgGroup()->exists());
+        $newOrg = new UnityOrg($SSO["org"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
+        $this->assertTrue(!$newOrg->exists());
         $this->assertTrue($pi_group->exists());
         $this->assertTrue(!$pi_group->userExists($USER));
-        $this->assertNumberGroupRequests(0);
+        $this->assertRequestedMembership(false, $gid);
         try {
             $this->requestGroupMembership($pi_group->getPIUID());
-            $this->assertNumberGroupRequests(1);
+            $this->assertRequestedMembership(true, $gid);
 
             // $second_request_failed = false;
             // try {
@@ -120,21 +136,21 @@ public function testCreateUserByJoinGoup()
             //     $second_request_failed = true;
             // }
             // $this->assertTrue($second_request_failed);
-            $this->assertNumberGroupRequests(1);
+            $this->assertRequestedMembership(true, $gid);
 
             $this->cancelAllRequests();
-            $this->assertNumberGroupRequests(0);
+            $this->assertRequestedMembership(false, $gid);
 
             $this->requestGroupMembership($pi_group->getPIUID());
             $this->assertTrue($pi_group->requestExists($USER));
-            $this->assertNumberGroupRequests(1);
+            $this->assertRequestedMembership(true, $gid);
 
             $pi_group->approveUser($USER);
             $this->assertTrue(!$pi_group->requestExists($USER));
-            $this->assertNumberGroupRequests(0);
+            $this->assertRequestedMembership(false, $gid);
             $this->assertTrue($pi_group->userExists($USER));
             $this->assertTrue($USER->exists());
-            $this->assertTrue($USER->getOrgGroup()->exists());
+            $this->assertTrue($newOrg->exists());
 
             // $third_request_failed = false;
             // try {
@@ -143,26 +159,27 @@ public function testCreateUserByJoinGoup()
             //     $third_request_failed = true;
             // }
             // $this->assertTrue($third_request_failed);
-            $this->assertNumberGroupRequests(0);
+            $this->assertRequestedMembership(false, $gid);
             $this->assertTrue(!$pi_group->requestExists($USER));
         } finally {
+            $this->ensureOrgGroupDoesNotExist();
             $this->ensureUserNotInPIGroup($pi_group);
             $this->ensureUserDoesNotExist();
-            $this->ensureOrgGroupDoesNotExist();
         }
     }
 
     public function testCreateUserByCreateGroup()
     {
-        global $USER, $SQL, $LDAP;
+        global $USER, $SSO, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK;
         switchuser(...getNonExistentUser());
         $pi_group = $USER->getPIGroup();
         $this->assertTrue(!$USER->exists());
         $this->assertTrue(!$pi_group->exists());
-        $this->assertTrue(!$USER->getOrgGroup()->exists());
+        $newOrg = new UnityOrg($SSO["org"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
+        $this->assertTrue(!$newOrg->exists());
         try {
             $this->requestGroupCreation();
-            $this->assertNumberGroupRequests(1);
+            $this->assertRequestedPIGroup(true);
 
             // $second_request_failed = false;
             // try {
@@ -171,19 +188,19 @@ public function testCreateUserByCreateGroup()
             //     $second_request_failed = true;
             // }
             // $this->assertTrue($second_request_failed);
-            $this->assertNumberGroupRequests(1);
+            $this->assertRequestedPIGroup(true);
 
             $this->cancelAllRequests();
-            $this->assertNumberGroupRequests(0);
+            $this->assertRequestedPIGroup(false);
 
             $this->requestGroupCreation();
-            $this->assertNumberGroupRequests(1);
+            $this->assertRequestedPIGroup(true);
 
             $pi_group->approveGroup();
-            $this->assertNumberGroupRequests(0);
+            $this->assertRequestedPIGroup(false);
             $this->assertTrue($pi_group->exists());
             $this->assertTrue($USER->exists());
-            $this->assertTrue($USER->getOrgGroup()->exists());
+            $this->assertTrue($newOrg->exists());
 
             // $third_request_failed = false;
             // try {
@@ -192,11 +209,11 @@ public function testCreateUserByCreateGroup()
             //     $third_request_failed = true;
             // }
             // $this->assertTrue($third_request_failed);
-            $this->assertNumberGroupRequests(0);
+            $this->assertRequestedPIGroup(false);
         } finally {
+            $this->ensureOrgGroupDoesNotExist();
             $this->ensurePIGroupDoesNotExist();
             $this->ensureUserDoesNotExist();
-            $this->ensureOrgGroupDoesNotExist();
         }
     }
 }
diff --git a/test/functional/PiBecomeRequestTest.php b/test/functional/PiBecomeRequestTest.php
index d0c1edd2..6cebd61c 100644
--- a/test/functional/PiBecomeRequestTest.php
+++ b/test/functional/PiBecomeRequestTest.php
@@ -1,6 +1,7 @@
 <?php
 
 use PHPUnit\Framework\TestCase;
+use UnityWebPortal\lib\UnitySQL;
 
 class PiBecomeRequestTest extends TestCase
 {
@@ -49,7 +50,9 @@ public function testRequestBecomePi()
             );
             $this->assertNumberPiBecomeRequests(1);
         } finally {
-            $SQL->removeRequest($USER->getUID());
+            if ($SQL->requestExists($USER, UnitySQL::REQUEST_BECOME_PI)) {
+                $SQL->removeRequest($USER->getUID(), UnitySQL::REQUEST_BECOME_PI);
+            }
         }
     }
 
@@ -67,7 +70,9 @@ public function testRequestBecomePiUserRequestedAccountDeletion()
             );
             $this->assertNumberPiBecomeRequests(0);
         } finally {
-            $SQL->removeRequest($USER->getUID());
+            if ($SQL->requestExists($USER, UnitySQL::REQUEST_BECOME_PI)) {
+                $SQL->removeRequest($USER->getUID(), UnitySQL::REQUEST_BECOME_PI);
+            }
         }
     }
 }
diff --git a/test/functional/PiMemberApproveTest.php b/test/functional/PiMemberApproveTest.php
index 539f1fc5..94ee6af8 100644
--- a/test/functional/PiMemberApproveTest.php
+++ b/test/functional/PiMemberApproveTest.php
@@ -3,87 +3,105 @@
 use PHPUnit\Framework\TestCase;
 use PHPUnit\Framework\Attributes\DataProvider;
 use UnityWebPortal\lib\UnityUser;
+use UnityWebPortal\lib\UnityGroup;
+use UnityWebPortal\lib\UnitySSO;
 
 class PiMemberApproveTest extends TestCase {
-    static $requestUid;
-    static $noRequestUid;
-
-    public static function setUpBeforeClass(): void{
-        global $USER;
-        switchUser(...getNormalUser());
-        self::$requestUid = $USER->getUID();
-        switchUser(...getNormalUser2());
-        self::$noRequestUid = $USER->getUID();
-    }
+        static $userWithRequestSwitchArgs;
+        static $userWithoutRequestSwitchArgs;
+        static $piSwitchArgs;
+        static $pi;
+        static $userWithRequestUID;
+        static $userWithoutRequestUID;
+        static $piUID;
+        static $userWithRequest;
+        static $userWithoutRequest;
+        static $piGroup;
+        static $piGroupGID;
 
     private function approveUser(string $uid)
     {
-        post(
+        http_post(
             __DIR__ . "/../../webroot/panel/pi.php",
-            ["form_type" => "userReq", "action" => "approve", "uid" => $uid]
+            ["form_type" => "userReq", "action" => "Approve", "uid" => $uid]
         );
     }
 
-    public function testApproveRequest()
+    private function requestJoinPI(string $gid)
+    {
+        http_post(
+            __DIR__ . "/../../webroot/panel/groups.php",
+            ["form_type" => "addPIform", "pi" => $gid]
+        );
+    }
+
+    private function assertGroupMembers(UnityGroup $group, array $members)
     {
-        global $USER, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK;
-        switchUser(...getUserIsPIHasNoMembersNoMemberRequests());
-        $pi = $USER;
-        $piGroup = $USER->getPIGroup();
-        $this->assertTrue($piGroup->exists());
         $this->assertTrue(
             arraysAreEqualUnOrdered(
-                [$pi->getUID()],
-                $piGroup->getGroupMemberUIDs()
+                $members,
+                $group->getGroupMemberUIDs()
             )
         );
+    }
+
+    public function testApproveRequest()
+    {
+        global $USER;
+        $userSwitchArgs = getNormalUser();
+        $piSwitchArgs = getUserIsPIHasNoMembersNoMemberRequests();
+        switchUser(...$userSwitchArgs);
+        $user = $USER;
+        $uid = $USER->getUID();
+        switchUser(...$piSwitchArgs);
+        $piUID = $USER->getUID();
+        $piGroup = $USER->getPIGroup();
+
+        $this->assertTrue($piGroup->exists());
+        $this->assertGroupMembers($piGroup, [$piUID]);
         $this->assertEmpty($piGroup->getRequests());
-        $requestedUser = new UnityUser(self::$requestUid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
         try {
-            $piGroup->newUserRequest($requestedUser);
-            $this->assertFalse($piGroup->userExists($requestedUser));
+            switchUser(...$userSwitchArgs);
+            $this->requestJoinPI($piGroup->getPIUID());
+            $this->assertFalse($piGroup->userExists($user));
 
-            $piGroup->approveUser($requestedUser);
+            switchUser(...$piSwitchArgs);
+            $this->approveUser($uid);
+            $this->assertTrue(!$piGroup->requestExists($user));
             $this->assertEmpty($piGroup->getRequests());
-
-            $this->assertTrue(
-                arraysAreEqualUnOrdered(
-                    [$pi->getUID(), self::$requestUid],
-                    $piGroup->getGroupMemberUIDs()
-                )
-            );
-            $this->assertTrue($piGroup->userExists($requestedUser));
+            $this->assertGroupMembers($piGroup, [$piUID, $uid]);
+            $this->assertTrue($piGroup->userExists($user));
         } finally {
-            $piGroup->removeUser($requestedUser);
-            $SQL->removeRequest(self::$requestUid, $piGroup->getPIUID());
+            if ($piGroup->userExists($user)) {
+                $piGroup->removeUser($user);
+            }
+            if ($piGroup->requestExists($user)) {
+                $piGroup->cancelGroupJoinRequest($user);
+            }
         }
     }
 
     public function testApproveNonexistentRequest()
     {
-        global $USER, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK;
+        global $USER;
+        switchUser(...getNormalUser2());
+        $user = $USER;
+        $uid = $USER->getUID();
         switchUser(...getUserIsPIHasNoMembersNoMemberRequests());
-        $pi = $USER;
+        $piUID = $USER->getUID();
         $piGroup = $USER->getPIGroup();
+
         $this->assertTrue($piGroup->exists());
-        $this->assertTrue(
-            arraysAreEqualUnOrdered(
-                [$pi->getUID()],
-                $piGroup->getGroupMemberUIDs()
-            )
-        );
+        $this->assertGroupMembers($piGroup, [$piUID]);
         $this->assertEmpty($piGroup->getRequests());
-
-        $notRequestedUser = new UnityUser(self::$noRequestUid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
-        $this->assertFalse($piGroup->userExists($notRequestedUser));
+        $this->assertFalse($piGroup->userExists($user));
         $this->assertEmpty($piGroup->getRequests());
-
         try {
             $this->expectException(Exception::class);
-            $piGroup->approveUser($notRequestedUser);
+            $piGroup->approveUser($user);
         } finally {
-            if ($piGroup->userExists($notRequestedUser)) {
-                $piGroup->removeUser($notRequestedUser);
+            if ($piGroup->userExists($user)) {
+                $piGroup->removeUser($user);
             }
         }
     }
diff --git a/test/functional/PiMemberDenyTest.php b/test/functional/PiMemberDenyTest.php
index dbe405fa..4278a1d5 100644
--- a/test/functional/PiMemberDenyTest.php
+++ b/test/functional/PiMemberDenyTest.php
@@ -37,7 +37,13 @@ public function testDenyRequest()
         $this->assertEmpty($piGroup->getRequests());
         $requestedUser = new UnityUser(self::$requestUid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
         try {
-            $piGroup->newUserRequest($requestedUser);
+            $piGroup->newUserRequest(
+                $requestedUser,
+                $requestedUser->getFirstname(),
+                $requestedUser->getLastname(),
+                $requestedUser->getMail(),
+                $requestedUser->getOrg(),
+            );
             $this->assertFalse($piGroup->userExists($requestedUser));
 
             $piGroup->denyUser($requestedUser);
diff --git a/test/functional/PiRemoveUserTest.php b/test/functional/PiRemoveUserTest.php
index 2acd46fd..1d7dd72f 100644
--- a/test/functional/PiRemoveUserTest.php
+++ b/test/functional/PiRemoveUserTest.php
@@ -43,7 +43,13 @@ public function testRemoveUser()
             $this->assertFalse($piGroup->userExists($memberToDelete));
         } finally {
             if (!$piGroup->userExists($memberToDelete)) {
-                $piGroup->newUserRequest($memberToDelete);
+                $piGroup->newUserRequest(
+                    $memberToDelete,
+                    $memberToDelete->getFirstname(),
+                    $memberToDelete->getLastname(),
+                    $memberToDelete->getMail(),
+                    $memberToDelete->getOrg(),
+                );
                 $piGroup->approveUser($memberToDelete);
             }
         }
@@ -63,7 +69,13 @@ public function testRemovePIFromTheirOwnGroup()
             $this->assertTrue($piGroup->userExists($pi));
         } finally {
             if (!$piGroup->userExists($pi)) {
-                $piGroup->newUserRequest($pi);
+                $piGroup->newUserRequest(
+                    $pi,
+                    $pi->getFirstname(),
+                    $pi->getLastname(),
+                    $pi->getMail(),
+                    $pi->getOrg(),
+                );
                 $piGroup->approveUser($pi);
             }
        }
diff --git a/test/phpunit-bootstrap.php b/test/phpunit-bootstrap.php
index 2240c7f6..1be5a278 100644
--- a/test/phpunit-bootstrap.php
+++ b/test/phpunit-bootstrap.php
@@ -19,6 +19,7 @@
 require_once __DIR__ . "/../resources/lib/UnityRedis.php";
 require_once __DIR__ . "/../resources/lib/UnityGithub.php";
 require_once __DIR__ . "/../resources/lib/exceptions/PhpUnitNoDieException.php";
+require_once __DIR__ . "/../resources/lib/exceptions/UnitySQLRecordNotFound.php";
 
 $GLOBALS["PHPUNIT_NO_DIE_PLEASE"] = true;
 
diff --git a/tools/docker-dev/build.sh b/tools/docker-dev/build.sh
index 4b9dc59b..91c5c9cd 100755
--- a/tools/docker-dev/build.sh
+++ b/tools/docker-dev/build.sh
@@ -3,4 +3,4 @@ set -e
 cd "$(dirname "$0")"
 docker-compose down
 docker-compose build
-docker image prune
+# docker image prune
diff --git a/tools/docker-dev/sql/bootstrap.sql b/tools/docker-dev/sql/bootstrap.sql
index ab0aab8b..bfb5cbf3 100644
--- a/tools/docker-dev/sql/bootstrap.sql
+++ b/tools/docker-dev/sql/bootstrap.sql
@@ -173,6 +173,10 @@ CREATE TABLE `requests` (
   `id` int(11) NOT NULL,
   `request_for` varchar(131) NOT NULL,
   `uid` varchar(128) NOT NULL,
+  `firstname` varchar(768) NOT NULL,
+  `lastname` varchar(768) NOT NULL,
+  `email` varchar(768) NOT NULL,
+  `org` varchar(768) NOT NULL,
   `timestamp` timestamp NOT NULL DEFAULT current_timestamp()
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
 
diff --git a/webroot/admin/ajax/get_group_members.php b/webroot/admin/ajax/get_group_members.php
index 1be95c5d..e3e56759 100644
--- a/webroot/admin/ajax/get_group_members.php
+++ b/webroot/admin/ajax/get_group_members.php
@@ -48,23 +48,22 @@
     $i++;
 }
 
-foreach ($requests as $i => $request) {
+foreach ($requests as $i => [$user, $timestamp, $firstname, $lastname, $email, $org]) {
     if ($i >= $count - 1) {
         echo "<tr class='expanded $i last'>";
     } else {
         echo "<tr class='expanded $i'>";
     }
-
-    [$request, $timestamp] = $request;
-    echo "<td>" . $request->getFirstname() . " " . $request->getLastname() . "</td>";
-    echo "<td>" . $request->getUID() . "</td>";
-    echo "<td><a href='mailto:" . $request->getMail() . "'>" . $request->getMail() . "</a></td>";
+    $uid = $user->getUID();
+    echo "<td>" . $firstname . " " . $lastname . "</td>";
+    echo "<td>" . $uid . "</td>";
+    echo "<td><a href='mailto:" . $email . "'>" . $email . "</a></td>";
     echo "<td>";
     echo
     "<form action='' method='POST' 
-    onsubmit='return confirm(\"Are you sure you want to approve " . $request->getUID() . "?\");'>
+    onsubmit='return confirm(\"Are you sure you want to approve " . $uid . "?\");'>
     <input type='hidden' name='form_type' value='reqChild'>
-    <input type='hidden' name='uid' value='" . $request->getUID() . "'>
+    <input type='hidden' name='uid' value='" . $uid . "'>
     <input type='hidden' name='pi' value='" . $group->getPIUID() . "'>
     <input type='submit' name='action' value='Approve'>
     <input type='submit' name='action' value='Deny'></form>";
diff --git a/webroot/admin/pi-mgmt.php b/webroot/admin/pi-mgmt.php
index 24e09d61..f5ba919f 100644
--- a/webroot/admin/pi-mgmt.php
+++ b/webroot/admin/pi-mgmt.php
@@ -77,19 +77,19 @@
         $request_user = new UnityUser($request["uid"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
 
         echo "<tr>";
-        echo "<td>" . $request_user->getFirstname() . " " . $request_user->getLastname() . "</td>";
-        echo "<td>" . $request_user->getUID() . "</td>";
-        echo "<td><a href='mailto:" . $request_user->getMail() . "'>" . $request_user->getMail() . "</a></td>";
+        echo "<td>" . $request["firstname"] . " " . $request["lastname"] . "</td>";
+        echo "<td>" . $request["uid"] . "</td>";
+        echo "<td><a href='mailto:" . $request["mail"] . "'>" . $request["mail"] . "</a></td>";
         echo "<td>" . date("jS F, Y", strtotime($request['timestamp'])) . "</td>";
         echo "<td>";
         echo
         "<form action='' method='POST'>
         <input type='hidden' name='form_type' value='req'>
-        <input type='hidden' name='uid' value='" . $request_user->getUID() . "'>
+        <input type='hidden' name='uid' value='" . $request["uid"] . "'>
         <input type='submit' name='action' value='Approve'
-        onclick='return confirm(\"Are you sure you want to approve " . $request_user->getUID() . "?\");'>
+        onclick='return confirm(\"Are you sure you want to approve " . $request["uid"] . "?\");'>
         <input type='submit' name='action' value='Deny'
-        onclick='return confirm(\"Are you sure you want to deny " . $request_user->getUID() . "?\");'>
+        onclick='return confirm(\"Are you sure you want to deny " . $request["uid"] . "?\");'>
         </form>";
         echo "</td>";
         echo "</tr>";
diff --git a/webroot/panel/account.php b/webroot/panel/account.php
index 14047f3f..61449833 100644
--- a/webroot/panel/account.php
+++ b/webroot/panel/account.php
@@ -54,11 +54,25 @@
             $USER->setLoginShell($_POST["shellSelect"], $OPERATOR);
             break;
         case "pi_request":
-            if (!$USER->isPI()) {
-                if (!$SQL->requestExists($USER->getUID())) {
-                    $USER->getPIGroup()->requestGroup($SEND_PIMESG_TO_ADMINS);
-                }
+            if ($USER->isPI()) {
+                UnitySite::badRequest("already a PI");
+            }
+            if ($SQL->requestExists($USER->getUID())) {
+                UnitySite::badRequest("already requested to be PI");
+            }
+            if ($USER->getUID() != $SSO["user"]) {
+                UnitySite::badRequest(
+                    "cannot request due to uid mismatch: " .
+                        "USER='{$USER->getUID()}' SSO[user]='$sso_user'"
+                );
             }
+            $USER->getPIGroup()->requestGroup(
+                $SSO["firstname"],
+                $SSO["lastname"],
+                $SSO["mail"],
+                $SSO["org"],
+                $SEND_PIMESG_TO_ADMINS
+            );
             break;
         case "account_deletion_request":
             $hasGroups = count($USER->getGroups()) > 0;
diff --git a/webroot/panel/groups.php b/webroot/panel/groups.php
index 916acb9e..fc916e60 100644
--- a/webroot/panel/groups.php
+++ b/webroot/panel/groups.php
@@ -31,9 +31,17 @@
                     array_push($modalErrors, "You\'re already in this PI group");
                 }
 
+                if ($USER->getUID() != $SSO["user"]) {
+                    $sso_user = $SSO["user"];
+                    UnitySite::badRequest(
+                        "cannot request due to uid mismatch: " .
+                            "USER='{$USER->getUID()}' SSO[user]='$sso_user'"
+                    );
+                }
+
                 // Add row to sql
                 if (empty($modalErrors)) {
-                    $pi_account->newUserRequest($USER);
+                    $pi_account->newUserRequest($USER, $SSO["firstname"], $SSO["lastname"], $SSO["mail"], $SSO["org"]);
                 }
                 break;
             case "removePIForm":
@@ -160,6 +168,7 @@
     }
     ?>
 
+    // tables.js uses ajax_url to populate expandable tables
     var ajax_url = "<?php echo $CONFIG["site"]["prefix"]; ?>/panel/ajax/get_group_members.php?pi_uid=";
 </script>
 
diff --git a/webroot/panel/new_account.php b/webroot/panel/new_account.php
index 4c831029..0ab8f7df 100644
--- a/webroot/panel/new_account.php
+++ b/webroot/panel/new_account.php
@@ -17,18 +17,36 @@
         if (!isset($_POST["eula"]) || $_POST["eula"] != "agree") {
             UnitySite::badRequest("user did not agree to EULA");
         }
+        if ($USER->getUID() != $SSO["user"]) {
+            $sso_user = $SSO["user"];
+            UnitySite::badRequest(
+                "cannot request due to uid mismatch: USER='{$USER->getUID()}' SSO[user]='$sso_user'"
+            );
+        }
         if ($_POST["new_user_sel"] == "not_pi") {
             $form_group = new UnityGroup($_POST["pi"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
             if (!$form_group->exists()) {
                 UnitySite::badRequest("The selected PI does not exist");
             }
-            $form_group->newUserRequest($USER);
+            $form_group->newUserRequest(
+                $USER,
+                $SSO["firstname"],
+                $SSO["lastname"],
+                $SSO["mail"],
+                $SSO["org"]
+            );
         }
         if ($_POST["new_user_sel"] == "pi") {
             if (!isset($_POST["confirm_pi"]) || $_POST["confirm_pi"] != "agree") {
                 UnitySite::badRequest("user did not agree to account policy");
             }
-            $USER->getPIGroup()->requestGroup($SEND_PIMESG_TO_ADMINS);
+            $USER->getPIGroup()->requestGroup(
+                $SSO["firstname"],
+                $SSO["lastname"],
+                $SSO["mail"],
+                $SSO["org"],
+                $SEND_PIMESG_TO_ADMINS
+            );
         }
     } elseif (isset($_POST["cancel"])) {
         foreach ($pending_requests as $request) {
diff --git a/webroot/panel/pi.php b/webroot/panel/pi.php
index 8cafa812..f86b43ff 100644
--- a/webroot/panel/pi.php
+++ b/webroot/panel/pi.php
@@ -53,21 +53,23 @@
     echo "<h5>Pending Requests</h5>";
     echo "<table>";
 
-    foreach ($requests as $request) {
+    foreach ($requests as [$user, $timestamp, $firstname, $lastname, $email, $org]) {
+        $uid = $user->getUID();
+        $date = date("jS F, Y", strtotime($timestamp));
         echo "<tr>";
-        echo "<td>" . $request[0]->getFirstname() . " " . $request[0]->getLastname() . "</td>";
-        echo "<td>" . $request[0]->getUID() . "</td>";
-        echo "<td><a href='mailto:" . $request[0]->getMail() . "'>" . $request[0]->getMail() . "</a></td>";
-        echo "<td>" . date("jS F, Y", strtotime($request[1])) . "</td>";
+        echo "<td>" . $firstname . " " . $lastname . "</td>";
+        echo "<td>" . $uid . "</td>";
+        echo "<td><a href='mailto:" . $email . "'>" . $email . "</a></td>";
+        echo "<td>" . $date . "</td>";
         echo "<td>";
         echo
         "<form action='' method='POST'>
         <input type='hidden' name='form_type' value='userReq'>
-        <input type='hidden' name='uid' value='" . $request[0]->getUID() . "'>
+        <input type='hidden' name='uid' value='" . $uid . "'>
         <input type='submit' name='action' value='Approve'
-        onclick='return confirm(\"Are you sure you want to approve " . $request[0]->getUID() . "?\")'>
+        onclick='return confirm(\"Are you sure you want to approve " . $uid . "?\")'>
         <input type='submit' name='action' value='Deny'
-        onclick='return confirm(\"Are you sure you want to deny " . $request[0]->getUID() . "?\")'>
+        onclick='return confirm(\"Are you sure you want to deny " . $uid . "?\")'>
         </form>";
         echo "</td>";
         echo "</tr>";