version 1.63, 2003/07/19 00:51:05
|
version 1.71, 2003/12/10 19:34:53
|
Line 29
|
Line 29
|
|
|
package Apache::loncreateuser; |
package Apache::loncreateuser; |
|
|
|
=pod |
|
|
|
=head1 NAME |
|
|
|
Apache::loncreateuser - handler to create users and custom roles |
|
|
|
=head1 SYNOPSIS |
|
|
|
Apache::loncreateuser provides an Apache handler for creating users, |
|
editing their login parameters, roles, and removing roles, and |
|
also creating and assigning custom roles. |
|
|
|
=head1 OVERVIEW |
|
|
|
=head2 Custom Roles |
|
|
|
In LON-CAPA, roles are actually collections of privileges. "Teaching |
|
Assistant", "Course Coordinator", and other such roles are really just |
|
collection of privileges that are useful in many circumstances. |
|
|
|
Creating custom roles can be done by the Domain Coordinator through |
|
the Create User functionality. That screen will show all privileges |
|
that can be assigned to users. For a complete list of privileges, |
|
please see C</home/httpd/lonTabs/rolesplain.tab>. |
|
|
|
Custom role definitions are stored in the C<roles.db> file of the role |
|
author. |
|
|
|
=cut |
|
|
use strict; |
use strict; |
use Apache::Constants qw(:common :http); |
use Apache::Constants qw(:common :http); |
use Apache::lonnet; |
use Apache::lonnet; |
use Apache::loncommon; |
use Apache::loncommon; |
|
use Apache::lonlocal; |
|
|
my $loginscript; # piece of javascript used in two separate instances |
my $loginscript; # piece of javascript used in two separate instances |
my $generalrule; |
my $generalrule; |
Line 100 sub print_username_entry_form {
|
Line 131 sub print_username_entry_form {
|
my %existingroles=&my_custom_roles(); |
my %existingroles=&my_custom_roles(); |
my $choice=&Apache::loncommon::select_form('make new role','rolename', |
my $choice=&Apache::loncommon::select_form('make new role','rolename', |
('make new role' => 'Generate new role ...',%existingroles)); |
('make new role' => 'Generate new role ...',%existingroles)); |
|
my %lt=&Apache::lonlocal::texthash( |
|
'siur' => "Set Individual User Roles", |
|
'usr' => "Username", |
|
'dom' => "Domain", |
|
'usrr' => "User Roles", |
|
'ecrp' => "Edit Custom Role Privileges", |
|
'cre' => "Custom Role Editor" |
|
); |
$r->print(<<"ENDDOCUMENT"); |
$r->print(<<"ENDDOCUMENT"); |
<html> |
<html> |
<head> |
<head> |
Line 109 $selscript
|
Line 148 $selscript
|
$bodytag |
$bodytag |
<form action="/adm/createuser" method="post" name="crtuser"> |
<form action="/adm/createuser" method="post" name="crtuser"> |
<input type="hidden" name="phase" value="get_user_info"> |
<input type="hidden" name="phase" value="get_user_info"> |
<h2>Set Individual User Roles</h2> |
<h2>$lt{siur}</h2> |
<table> |
<table> |
<tr><td>Username:</td><td><input type="text" size="15" name="ccuname"> |
<tr><td>$lt{usr}:</td><td><input type="text" size="15" name="ccuname"> |
</td><td rowspan="2">$sellink</td></tr><tr><td> |
</td><td rowspan="2">$sellink</td></tr><tr><td> |
Domain:</td><td>$domform</td></tr> |
$lt{'dom'}:</td><td>$domform</td></tr> |
</table> |
</table> |
<input name="userrole" type="submit" value="User Roles" /> |
<input name="userrole" type="submit" value="$lt{usrr}" /> |
</form> |
</form> |
<form action="/adm/createuser" method="post" name="docustom"> |
<form action="/adm/createuser" method="post" name="docustom"> |
<input type="hidden" name="phase" value="selected_custom_edit"> |
<input type="hidden" name="phase" value="selected_custom_edit"> |
<h2>Edit Custom Role Privileges</h2> |
<h2>$lt{'ecrp'}</h2> |
Name of Role: $choice <input type="text" size="15" name="newrolename" /><br /> |
Name of Role: $choice <input type="text" size="15" name="newrolename" /><br /> |
<input name="customeditor" type="submit" value="Custom Role Editor" /> |
<input name="customeditor" type="submit" value="$lt{'cre'}" /> |
</body> |
</body> |
</html> |
</html> |
ENDDOCUMENT |
ENDDOCUMENT |
Line 280 END
|
Line 319 END
|
<table border=2> |
<table border=2> |
<tr><th>Revoke</th><th>Delete</th><th>Role</th><th>Extent</th><th>Start</th><th>End</th> |
<tr><th>Revoke</th><th>Delete</th><th>Role</th><th>Extent</th><th>Start</th><th>End</th> |
END |
END |
foreach my $area (keys(%rolesdump)) { |
foreach my $area (sort { my $a1=join('_',(split('_',$a))[1,0]); |
|
my $b1=join('_',(split('_',$b))[1,0]); |
|
return $a1 cmp $b1; |
|
} keys(%rolesdump)) { |
next if ($area =~ /^rolesdef/); |
next if ($area =~ /^rolesdef/); |
my $role = $rolesdump{$area}; |
my $role = $rolesdump{$area}; |
my $thisrole=$area; |
my $thisrole=$area; |
$area =~ s/\_\w\w$//; |
$area =~ s/\_\w\w$//; |
my ($role_code,$role_end_time,$role_start_time) = |
my ($role_code,$role_end_time,$role_start_time) = |
split(/_/,$role); |
split(/_/,$role); |
|
# Is this a custom role? Get role owner and title. |
|
my ($croleudom,$croleuname,$croletitle)= |
|
($role_code=~/^cr\/(\w+)\/(\w+)\/(\w+)$/); |
my $bgcol='ffffff'; |
my $bgcol='ffffff'; |
my $allowed=0; |
my $allowed=0; |
my $delallowed=0; |
my $delallowed=0; |
Line 312 END
|
Line 357 END
|
(&Apache::lonnet::allowed('dro',$ccdomain))) { |
(&Apache::lonnet::allowed('dro',$ccdomain))) { |
$delallowed=1; |
$delallowed=1; |
} |
} |
|
# - custom role. Needs more info, too |
|
if ($croletitle) { |
|
if (&Apache::lonnet::allowed('ccr',$1.'/'.$2)) { |
|
$allowed=1; |
|
$thisrole.='.'.$role_code; |
|
} |
|
} |
# Compute the background color based on $area |
# Compute the background color based on $area |
$bgcol=$1.'_'.$2; |
$bgcol=$1.'_'.$2; |
$bgcol=~s/[^7-9a-e]//g; |
$bgcol=~s/[^7-9a-e]//g; |
Line 365 END
|
Line 417 END
|
} else { |
} else { |
$row.=' '; |
$row.=' '; |
} |
} |
$row.= '</td><td>'.&Apache::lonnet::plaintext($role_code). |
my $plaintext=''; |
|
unless ($croletitle) { |
|
$plaintext=&Apache::lonnet::plaintext($role_code); |
|
} else { |
|
$plaintext= |
|
"Customrole '$croletitle' defined by $croleuname\@$croleudom"; |
|
} |
|
$row.= '</td><td>'.$plaintext. |
'</td><td>'.$area. |
'</td><td>'.$area. |
'</td><td>'.($role_start_time?localtime($role_start_time) |
'</td><td>'.($role_start_time?localtime($role_start_time) |
: ' ' ). |
: ' ' ). |
Line 497 ENDCOAUTH
|
Line 556 ENDCOAUTH
|
'<th>Start</th><th>End</th></tr>'); |
'<th>Start</th><th>End</th></tr>'); |
foreach ( sort( keys(%incdomains))) { |
foreach ( sort( keys(%incdomains))) { |
my $thisdomain=$_; |
my $thisdomain=$_; |
foreach ('dc','li','dg','au') { |
foreach ('dc','li','dg','au','sc') { |
if (&Apache::lonnet::allowed('c'.$_,$thisdomain)) { |
if (&Apache::lonnet::allowed('c'.$_,$thisdomain)) { |
my $plrole=&Apache::lonnet::plaintext($_); |
my $plrole=&Apache::lonnet::plaintext($_); |
$r->print(<<ENDDROW); |
$r->print(<<ENDDROW); |
Line 607 ENDTHREEHEAD
|
Line 666 ENDTHREEHEAD
|
if ($ENV{'form.makeuser'}) { |
if ($ENV{'form.makeuser'}) { |
# Create a new user |
# Create a new user |
$r->print(<<ENDNEWUSERHEAD); |
$r->print(<<ENDNEWUSERHEAD); |
<h3>Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h2> |
<h3>Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h3> |
ENDNEWUSERHEAD |
ENDNEWUSERHEAD |
# Check for the authentication mode and password |
# Check for the authentication mode and password |
if (! $amode || ! $genpwd) { |
if (! $amode || ! $genpwd) { |
Line 636 ENDNEWUSERHEAD
|
Line 695 ENDNEWUSERHEAD
|
$r->print('Generating user: '.$result); |
$r->print('Generating user: '.$result); |
my $home = &Apache::lonnet::homeserver($ENV{'form.ccuname'}, |
my $home = &Apache::lonnet::homeserver($ENV{'form.ccuname'}, |
$ENV{'form.ccdomain'}); |
$ENV{'form.ccdomain'}); |
$r->print('<br>Home server: '.$home.' '. |
$r->print('<br />Home server: '.$home.' '. |
$Apache::lonnet::libserv{$home}); |
$Apache::lonnet::libserv{$home}); |
} elsif (($ENV{'form.login'} ne 'nochange') && |
} elsif (($ENV{'form.login'} ne 'nochange') && |
($ENV{'form.login'} ne '' )) { |
($ENV{'form.login'} ne '' )) { |
Line 735 END
|
Line 794 END
|
next if (! $ENV{$_}); |
next if (! $ENV{$_}); |
# Revoke roles |
# Revoke roles |
if ($_=~/^form\.rev/) { |
if ($_=~/^form\.rev/) { |
if ($_=~/^form\.rev\:([^\_]+)\_([^\_]+)$/) { |
if ($_=~/^form\.rev\:([^\_]+)\_([^\_\.]+)$/) { |
|
# Revoke standard role |
$r->print('Revoking '.$2.' in '.$1.': <b>'. |
$r->print('Revoking '.$2.' in '.$1.': <b>'. |
&Apache::lonnet::assignrole($ENV{'form.ccdomain'}, |
&Apache::lonnet::revokerole($ENV{'form.ccdomain'}, |
$ENV{'form.ccuname'},$1,$2,$now).'</b><br>'); |
$ENV{'form.ccuname'},$1,$2).'</b><br>'); |
if ($2 eq 'st') { |
if ($2 eq 'st') { |
$1=~/^\/(\w+)\/(\w+)/; |
$1=~/^\/(\w+)\/(\w+)/; |
my $cid=$1.'_'.$2; |
my $cid=$1.'_'.$2; |
Line 752 END
|
Line 812 END
|
$ENV{'course.'.$cid.'.home'}).'</b><br>'); |
$ENV{'course.'.$cid.'.home'}).'</b><br>'); |
} |
} |
} |
} |
|
if ($_=~/^form\.rev\:([^\_]+)\_cr\.cr\/(\w+)\/(\w+)\/(\w+)$/) { |
|
# Revoke custom role |
|
$r->print( |
|
'Revoking custom role '.$4.' by '.$3.'@'.$2.' in '.$1.': <b>'. |
|
&Apache::lonnet::revokecustomrole($ENV{'form.ccdomain'}, |
|
$ENV{'form.ccuname'},$1,$2,$3,$4). |
|
'</b><br>'); |
|
} |
} elsif ($_=~/^form\.del/) { |
} elsif ($_=~/^form\.del/) { |
if ($_=~/^form\.del\:([^\_]+)\_([^\_]+)$/) { |
if ($_=~/^form\.del\:([^\_]+)\_([^\_]+)$/) { |
$r->print('Deleting '.$2.' in '.$1.': '. |
$r->print('Deleting '.$2.' in '.$1.': '. |
Line 771 END
|
Line 839 END
|
} |
} |
} |
} |
} elsif ($_=~/^form\.act/) { |
} elsif ($_=~/^form\.act/) { |
if ($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_([^\_]+)$/) { |
if |
|
($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_cr_cr_([^\_]+)_(\w+)_([^\_]+)$/) { |
|
# Activate a custom role |
|
my $url='/'.$1.'/'.$2; |
|
my $full=$1.'_'.$2.'_cr_cr_'.$3.'_'.$4.'_'.$5; |
|
if ($ENV{'form.sec_'.$full}) { |
|
$url.='/'.$ENV{'form.sec_'.$full}; |
|
} |
|
|
|
my $start = ( $ENV{'form.start_'.$full} ? |
|
$ENV{'form.start_'.$full} : |
|
$now ); |
|
my $end = ( $ENV{'form.end_'.$full} ? |
|
$ENV{'form.end_'.$full} : |
|
0 ); |
|
|
|
$r->print('Assigning custom role "'.$5.'" by '.$4.'@'.$3.' in '.$url. |
|
($start?', starting '.localtime($start):''). |
|
($end?', ending '.localtime($end):'').': <b>'. |
|
&Apache::lonnet::assigncustomrole( |
|
$ENV{'form.ccdomain'},$ENV{'form.ccuname'},$url,$3,$4,$5,$end,$start). |
|
'</b><br>'); |
|
} elsif ($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_([^\_]+)$/) { |
# Activate roles for sections with 3 id numbers |
# Activate roles for sections with 3 id numbers |
# set start, end times, and the url for the class |
# set start, end times, and the url for the class |
|
|
Line 786 END
|
Line 876 END
|
$url.='/'.$ENV{'form.sec_'.$1.'_'.$2.'_'.$3}; |
$url.='/'.$ENV{'form.sec_'.$1.'_'.$2.'_'.$3}; |
} |
} |
# Assign the role and report it |
# Assign the role and report it |
$r->print('Assigning: '.$3.' in '.$url. |
$r->print('Assigning '.$3.' in '.$url. |
($start?', starting '.localtime($start):''). |
($start?', starting '.localtime($start):''). |
($end?', ending '.localtime($end):'').': <b>'. |
($end?', ending '.localtime($end):'').': <b>'. |
&Apache::lonnet::assignrole( |
&Apache::lonnet::assignrole( |
Line 819 END
|
Line 909 END
|
0 ); |
0 ); |
my $url='/'.$1.'/'; |
my $url='/'.$1.'/'; |
# Assign the role and report it. |
# Assign the role and report it. |
$r->print('Assigning: '.$2.' in '.$url.': '. |
$r->print('Assigning '.$2.' in '.$url.': '. |
($start?', starting '.localtime($start):''). |
($start?', starting '.localtime($start):''). |
($end?', ending '.localtime($end):'').': <b>'. |
($end?', ending '.localtime($end):'').': <b>'. |
&Apache::lonnet::assignrole( |
&Apache::lonnet::assignrole( |
$ENV{'form.ccdomain'},$ENV{'form.ccuname'}, |
$ENV{'form.ccdomain'},$ENV{'form.ccuname'}, |
$url,$2,$end,$start) |
$url,$2,$end,$start) |
.'</b><br>'); |
.'</b><br>'); |
} |
} else { |
|
$r->print('<p>ERROR: Unknown command <tt>'.$_.'</tt></p><br>'); |
|
} |
} |
} |
} # End of foreach (keys(%ENV)) |
} # End of foreach (keys(%ENV)) |
$r->print('</body></html>'); |
$r->print('</body></html>'); |
Line 999 sub handler {
|
Line 1091 sub handler {
|
my $r = shift; |
my $r = shift; |
|
|
if ($r->header_only) { |
if ($r->header_only) { |
$r->content_type('text/html'); |
&Apache::loncommon::content_type($r,'text/html'); |
$r->send_http_header; |
$r->send_http_header; |
return OK; |
return OK; |
} |
} |
Line 1010 sub handler {
|
Line 1102 sub handler {
|
(&Apache::lonnet::allowed('cep',$ENV{'request.course.id'})) || |
(&Apache::lonnet::allowed('cep',$ENV{'request.course.id'})) || |
(&Apache::lonnet::allowed('cca',$ENV{'request.role.domain'})) || |
(&Apache::lonnet::allowed('cca',$ENV{'request.role.domain'})) || |
(&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'}))) { |
(&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'}))) { |
$r->content_type('text/html'); |
&Apache::loncommon::content_type($r,'text/html'); |
$r->send_http_header; |
$r->send_http_header; |
unless ($ENV{'form.phase'}) { |
unless ($ENV{'form.phase'}) { |
&print_username_entry_form($r); |
&print_username_entry_form($r); |
Line 1080 ENDTIMEENTRY
|
Line 1172 ENDTIMEENTRY
|
} |
} |
} |
} |
foreach (sort keys %customroles) { |
foreach (sort keys %customroles) { |
my $plrole=$_; |
if (&Apache::lonnet::allowed('ccr',$thiscourse)) { |
$table .= <<ENDENTRY; |
my $plrole=$_; |
|
my $customrole=$protectedcourse.'_cr_cr_'.$ENV{'user.domain'}. |
|
'_'.$ENV{'user.name'}.'_'.$plrole; |
|
$table .= <<ENDENTRY; |
<tr bgcolor="#$bgcol"> |
<tr bgcolor="#$bgcol"> |
<td><input type="checkbox" name="act_$protectedcourse\_$_"></td> |
<td><input type="checkbox" name="act_$customrole"></td> |
<td>$plrole</td> |
<td>$plrole</td> |
<td>$area</td> |
<td>$area</td> |
<td><input type="text" size="5" name="sec_$protectedcourse\_$_"></td> |
<td><input type="text" size="5" name="sec_$customrole"></td> |
<td><input type=hidden name="start_$protectedcourse\_$_" value=''> |
<td><input type=hidden name="start_$customrole" value=''> |
<a href= |
<a href= |
"javascript:pjump('date_start','Start Date $plrole',document.cu.start_$protectedcourse\_$_.value,'start_$protectedcourse\_$_','cu.pres','dateset')">Set Start Date</a></td> |
"javascript:pjump('date_start','Start Date $plrole',document.cu.start_$customrole.value,'start_$customrole','cu.pres','dateset')">Set Start Date</a></td> |
<td><input type=hidden name="end_$protectedcourse\_$_" value=''> |
<td><input type=hidden name="end_$customrole" value=''> |
<a href= |
<a href= |
"javascript:pjump('date_end','End Date $plrole',document.cu.end_$protectedcourse\_$_.value,'end_$protectedcourse\_$_','cu.pres','dateset')">Set End Date</a></td></tr> |
"javascript:pjump('date_end','End Date $plrole',document.cu.end_$customrole.value,'end_$customrole','cu.pres','dateset')">Set End Date</a></td></tr> |
ENDENTRY |
ENDENTRY |
|
} |
} |
} |
} |
} |
return '' if ($table eq ''); # return nothing if there is nothing |
return '' if ($table eq ''); # return nothing if there is nothing |