$authformkrb
\n"; - } - if ($can_assign{'int'}) { - $response .= "$authformint
\n" - } - if ($can_assign{'loc'}) { - $response .= "$authformloc
\n"; +sub user_authentication { + my ($ccuname,$ccdomain,$krbdefdom,$abv_auth) = @_; + my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain); + my ($loginscript,$outcome); + if ($currentauth=~/^(krb)(4|5):(.*)/) { + my $long_auth = $1.$2; + my $curr_kerb_ver = $2; + my $krbdefdom=$3; + my $curr_authtype = $abv_auth->{$long_auth}; + my %param = ( formname => 'document.cu', + kerb_def_dom => $krbdefdom, + domain => $ccdomain, + curr_authtype => $curr_authtype, + curr_kerb_ver => $curr_kerb_ver, + ); + $loginscript = &Apache::loncommon::authform_header(%param); } - return $response; + # Check for a bad authentication type + if ($currentauth !~ /^(krb4|krb5|unix|internal|localauth):/) { + # bad authentication scheme + my %lt=&Apache::lonlocal::texthash( + 'err' => "ERROR", + 'uuas' => "This user has an unrecognized authentication scheme", + 'adcs' => "Please alert a domain coordinator of this situation", + 'sldb' => "Please specify login data below", + 'ld' => "Login Data" + ); + if (&Apache::lonnet::allowed('mau',$ccdomain)) { + &initialize_authen_forms($ccdomain); + my $choices = &Apache::lonuserutils::set_login($ccdomain,$authformkrb,$authformint,$authformloc); + $outcome = <$authformint
\n" + $authform_other = &Apache::loncommon::start_data_table_row(). + '$authformloc
\n"; + $authform_other .= &Apache::loncommon::start_data_table_row(). + '$authformkrb
\n" + $authform_other = &Apache::loncommon::start_data_table_row(). + '$authformloc
\n"; + $authform_other .= &Apache::loncommon::start_data_table_row(). + '$authformkrb
\n" + $authform_other = &Apache::loncommon::start_data_table_row(). + '$authformint
\n" + $authform_other .= &Apache::loncommon::start_data_table_row(). + '$authformloc
\n"; + $authform_other .= &Apache::loncommon::start_data_table_row(). + '$authformkrb
\n" + $authform_other = &Apache::loncommon::start_data_table_row(). + '$authformint
\n" + $authform_other .= &Apache::loncommon::start_data_table_row(). + ''.&mt('ERROR').': '.&mt('Unknown command').' '.$key.'
'.&mt('ERROR').': '.&mt('Unknown command').' '.$key.'
'.&mt('Create/Modify Another User').'
'); - $r->print(''."\n"); + $r->print(&Apache::loncommon::end_page()); +} + +sub update_result_form { + my ($uhome) = @_; + my $outcome = + ''."\n"; foreach my $item ('srchby','srchin','srchtype','srchterm','srchdomain','ccuname','ccdomain') { - $r->print(''."\n"); + $outcome .= ''."\n"; } foreach my $item ('sortby','seluname','seludom') { if (exists($env{'form.'.$item})) { - $r->print(''."\n"); + $outcome .= ''."\n"; } } - $r->print(''."\n". - ''."\n". - ''); - $r->print(&Apache::loncommon::end_page()); + if ($uhome eq 'no_host') { + $outcome .= ''."\n"; + } + $outcome .= ''."\n". + ''."\n". + ''."\n". + ''; + return $outcome; } sub classlist_drop { @@ -1990,7 +2080,7 @@ sub custom_role_editor { $rolename=~s/[^A-Za-z0-9]//gs; - if (!$rolename) { + if (!$rolename || $env{'form.phase'} eq 'pickrole') { &print_username_entry_form($r); return; } @@ -2059,8 +2149,8 @@ sub custom_role_editor { $head_script .= "\n".$jsback."\n".''."\n"; $r->print(&Apache::loncommon::start_page('Custom Role Editor',$head_script)); &Apache::lonhtmlcommon::add_breadcrumb - ({href=>"javascript:backPage(document.form1,'','')", - text=>"User modify/custom role edit", + ({href=>"javascript:backPage(document.form1,'pickrole','')", + text=>"Pick custom role", faq=>282,bug=>'Instructor Interface',}, {href=>"javascript:backPage(document.form1,'','')", text=>"Edit custom role", @@ -2103,6 +2193,7 @@ ENDCCF &Apache::loncommon::end_data_table_row()); } $r->print(&Apache::loncommon::end_data_table(). + ''. ''."\n".''."\n". ''."\n". @@ -2184,23 +2275,19 @@ sub make_button_code { # ---------------------------------------------------------- Call to definerole sub set_custom_role { my ($r) = @_; - my $rolename=$env{'form.rolename'}; - $rolename=~s/[^A-Za-z0-9]//gs; - if (!$rolename) { - &print_username_entry_form($r); + &custom_role_editor($r); return; } - my ($jsback,$elements) = &crumb_utilities(); my $jscript = ''; $r->print(&Apache::loncommon::start_page('Save Custom Role'),$jscript); &Apache::lonhtmlcommon::add_breadcrumb - ({href=>"javascript:backPage(document.customresult,'','')", - text=>"User modify/custom role edit", + ({href=>"javascript:backPage(document.customresult,'pickrole','')", + text=>"Pick custom role", faq=>282,bug=>'Instructor Interface',}, {href=>"javascript:backPage(document.customresult,'selected_custom_edit','')", text=>"Edit custom role", @@ -2214,14 +2301,14 @@ sub set_custom_role { &Apache::lonnet::get('roles',["rolesdef_$rolename"]); # ------------------------------------------------------- Does this role exist? - $r->print('Create another role, or Create/Modify a user.
'); $r->print(&Apache::loncommon::end_page()); } @@ -2271,75 +2358,316 @@ sub set_custom_role { # ================================================================ Main Handler sub handler { my $r = shift; - if ($r->header_only) { &Apache::loncommon::content_type($r,'text/html'); $r->send_http_header; return OK; } + my $context; + if ($env{'request.course.id'}) { + $context = 'course'; + } elsif ($env{'request.role'} =~ /^au\./) { + $context = 'construction_space'; + } else { + $context = 'domain'; + } + &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}, + ['action','state']); + &Apache::lonhtmlcommon::clear_breadcrumbs(); + &Apache::lonhtmlcommon::add_breadcrumb + ({href=>"/adm/createuser", + text=>"User Management"}); + my ($permission,$allowed) = &get_permission($context); + if (!$allowed) { + $env{'user.error.msg'}= + "/adm/createuser:cst:0:0:Cannot create/modify user data ". + "or view user status."; + return HTTP_NOT_ACCEPTABLE; + } + + &Apache::loncommon::content_type($r,'text/html'); + $r->send_http_header; + + # Main switch on form.action and form.state, as appropriate + if (! exists($env{'form.action'})) { + $r->print(&header()); + $r->print(&Apache::lonhtmlcommon::breadcrumbs('User Management')); + $r->print(&print_main_menu($permission)); + $r->print(&Apache::loncommon::end_page()); + } elsif ($env{'form.action'} eq 'upload' && $permission->{'cusr'}) { + $r->print(&header()); + &Apache::lonhtmlcommon::add_breadcrumb + ({href=>'/adm/createuser?action=upload&state=', + text=>"Upload Users List"}); + $r->print(&Apache::lonhtmlcommon::breadcrumbs('Upload Users List', + 'User_Management_Upload')); + $r->print(''.&Apache::loncommon::end_page()); + } elsif ($env{'form.action'} eq 'expire' && $permission->{'cusr'}) { + $r->print(&header()); + &Apache::lonhtmlcommon::add_breadcrumb + ({href=>'/adm/createuser?action=expire', + text=>"Expire User Roles"}); + $r->print(&Apache::lonhtmlcommon::breadcrumbs('Expire User Roles', + 'User_Management_Drops')); + if (! exists($env{'form.state'})) { + &Apache::lonuserutils::print_expire_menu($r,$context); + } elsif ($env{'form.state'} eq 'done') { + &Apache::lonuserutils::expire_user_list($r); + } else { + &Apache::lonuserutils::print_expire_menu($r,$context); + } + $r->print(&Apache::loncommon::end_page()); + } elsif ($env{'form.action'} eq 'singleuser' && $permission->{'cusr'}) { + my $phase = $env{'form.phase'}; + my @search = ('srchterm','srchby','srchin','srchtype','srchdomain'); + &Apache::loncreateuser::restore_prev_selections(); + my $srch; + foreach my $item (@search) { + $srch->{$item} = $env{'form.'.$item}; + } - if ((&Apache::lonnet::allowed('cta',$env{'request.course.id'})) || - (&Apache::lonnet::allowed('cin',$env{'request.course.id'})) || - (&Apache::lonnet::allowed('ccr',$env{'request.course.id'})) || - (&Apache::lonnet::allowed('cep',$env{'request.course.id'})) || - (&authorpriv($env{'user.name'},$env{'request.role.domain'})) || - (&Apache::lonnet::allowed('mau',$env{'request.role.domain'}))) { - &Apache::loncommon::content_type($r,'text/html'); - $r->send_http_header; - &Apache::lonhtmlcommon::clear_breadcrumbs(); - - my $phase = $env{'form.phase'}; - my @search = ('srchterm','srchby','srchin','srchtype','srchdomain'); - - if (($phase eq 'get_user_info') || ($phase eq 'userpicked')) { - my $srch; - foreach my $item (@search) { - $srch->{$item} = $env{'form.'.$item}; - } - if ($env{'form.phase'} eq 'get_user_info') { - my ($currstate,$response,$forcenewuser,$results) = - &user_search_result($srch); - if ($currstate eq 'select') { - &print_user_selection_page($r,$response,$srch,$results,'createuser',\@search); - } elsif ($currstate eq 'modify') { - my ($ccuname,$ccdomain); - if (($srch->{'srchby'} eq 'uname') && - ($srch->{'srchtype'} eq 'exact')) { - $ccuname = $srch->{'srchterm'}; - $ccdomain= $srch->{'srchdomain'}; - } else { - my @matchedunames = keys(%{$results}); - ($ccuname,$ccdomain) = split(/:/,$matchedunames[0]); - } - $ccuname =&LONCAPA::clean_username($ccuname); - $ccdomain=&LONCAPA::clean_domain($ccdomain); - &print_user_modification_page($r,$ccuname,$ccdomain,$srch, - $response); - } elsif ($currstate eq 'query') { - &print_user_query_page($r,'createuser'); - } else { - &print_username_entry_form($r,$response,$srch,$forcenewuser); - } - } elsif ($env{'form.phase'} eq 'userpicked') { - my $ccuname = &LONCAPA::clean_username($env{'form.seluname'}); - my $ccdomain = &LONCAPA::clean_domain($env{'form.seludom'}); - &print_user_modification_page($r,$ccuname,$ccdomain,$srch); - } - } elsif ($env{'form.phase'} eq 'update_user_data') { - &update_user_data($r); - } elsif ($env{'form.phase'} eq 'selected_custom_edit') { - &custom_role_editor($r); - } elsif ($env{'form.phase'} eq 'set_custom_roles') { - &set_custom_role($r); - } else { - &print_username_entry_form($r); - } - } else { - $env{'user.error.msg'}= - "/adm/createuser:mau:0:0:Cannot modify user data"; - return HTTP_NOT_ACCEPTABLE; - } - return OK; + if (($phase eq 'get_user_info') || ($phase eq 'userpicked')) { + if ($env{'form.phase'} eq 'get_user_info') { + my ($currstate,$response,$forcenewuser,$results) = + &user_search_result($srch); + if ($env{'form.currstate'} eq 'modify') { + $currstate = $env{'form.currstate'}; + } + if ($currstate eq 'select') { + &print_user_selection_page($r,$response,$srch,$results, + 'createuser',\@search); + } elsif ($currstate eq 'modify') { + my ($ccuname,$ccdomain); + if (($srch->{'srchby'} eq 'uname') && + ($srch->{'srchtype'} eq 'exact')) { + $ccuname = $srch->{'srchterm'}; + $ccdomain= $srch->{'srchdomain'}; + } else { + my @matchedunames = keys(%{$results}); + ($ccuname,$ccdomain) = split(/:/,$matchedunames[0]); + } + $ccuname =&LONCAPA::clean_username($ccuname); + $ccdomain=&LONCAPA::clean_domain($ccdomain); + if ($env{'form.forcenewuser'}) { + $response = ''; + } + &print_user_modification_page($r,$ccuname,$ccdomain, + $srch,$response); + } elsif ($currstate eq 'query') { + &print_user_query_page($r,'createuser'); + } else { + &print_username_entry_form($r,$response,$srch, + $forcenewuser); + } + } elsif ($env{'form.phase'} eq 'userpicked') { + my $ccuname = &LONCAPA::clean_username($env{'form.seluname'}); + my $ccdomain = &LONCAPA::clean_domain($env{'form.seludom'}); + &print_user_modification_page($r,$ccuname,$ccdomain,$srch); + } + } elsif ($env{'form.phase'} eq 'update_user_data') { + &update_user_data($r); + } else { + &print_username_entry_form($r,undef,$srch); + } + } elsif ($env{'form.action'} eq 'custom' && $permission->{'custom'}) { + if ($env{'form.phase'} eq 'set_custom_roles') { + &set_custom_role($r); + } else { + &custom_role_editor($r); + } + } elsif ($env{'form.action'} eq 'listusers' && $permission->{'view'}) { + my ($cb_jscript,$jscript,$totcodes,$codetitles,$idlist,$idlist_titles); + my $formname = 'studentform'; + if ($context eq 'domain' && $env{'form.roletype'} eq 'course') { + ($cb_jscript,$jscript,$totcodes,$codetitles,$idlist,$idlist_titles) = + &Apache::lonuserutils::courses_selector($env{'request.role.domain'}, + $formname); + my $js = &add_script($jscript).$cb_jscript; + my $loadcode = + &Apache::lonuserutils::course_selector_loadcode($formname); + if ($loadcode ne '') { + $r->print(&header($js,{'onload' => $loadcode,})); + } else { + $r->print(&header($js)); + } + } else { + $r->print(&header()); + } + &Apache::lonhtmlcommon::add_breadcrumb + ({href=>'/adm/createuser?action=listusers', + text=>"List Users"}); + $r->print(&Apache::lonhtmlcommon::breadcrumbs("List Users", + 'User_Management_List')); + &Apache::lonuserutils::print_userlist($r,undef,$permission,$context, + $formname,$totcodes,$codetitles,$idlist,$idlist_titles); + $r->print(&Apache::loncommon::end_page()); + } elsif ($env{'form.action'} eq 'expire' && $permission->{'cusr'}) { + $r->print(&header()); + &Apache::lonhtmlcommon::add_breadcrumb + ({href=>'/adm/createuser?action=drop', + text=>"Expire Users"}); + $r->print(&Apache::lonhtmlcommon::breadcrumbs('Expire User Roles', + 'User_Management_Drops')); + if (! exists($env{'form.state'})) { + &Apache::lonuserutils::print_expire_menu($r,$context); + } elsif ($env{'form.state'} eq 'done') { + &Apache::lonuserutiles::expire_user_list($r); + } else { + &print_expire_menu($r,$context); + } + $r->print(&Apache::loncommon::end_page()); + } else { + $r->print(&header()); + $r->print(&Apache::lonhtmlcommon::breadcrumbs('User Management')); $r->print(&print_main_menu($permission)); + $r->print(&Apache::loncommon::end_page()); + } + return OK; +} + +sub header { + my ($jscript,$loaditems) = @_; + my $start_page; + if (ref($loaditems) eq 'HASH') { + $start_page=&Apache::loncommon::start_page('User Management',$jscript,{'add_entries' => $loaditems,}); + } else { + $start_page=&Apache::loncommon::start_page('User Management',$jscript); + } + return $start_page; +} + +sub add_script { + my ($js) = @_; + return ''; +} + +############################################################### +############################################################### +# Menu Phase One +sub print_main_menu { + my ($permission) = @_; + my @menu = + ( + { text => 'Upload a File of Users to Modify/Create Users and/or Add roles', + help => 'User_Management_Upload', + action => 'upload', + permission => $permission->{'cusr'}, + }, + { text => 'Create User/Set User Roles for a single user', + help => 'User_Management_Single_User', + action => 'singleuser', + permission => $permission->{'cusr'}, + }, + { text => 'Display Lists of Users', + help => 'User_Management_List', + action => 'listusers', + permission => $permission->{'view'}, + }, +# { text => 'Expire User Roles', +# help => 'User_Management_Drops', +# action => 'expire', +# permission => $permission->{'cusr'}, +# }, + { text => 'Edit Custom Roles', + help => 'Custom_Role_Edit', + action => 'custom', + permission => $permission->{'custom'}, + }, + ); + my $menu_html = ''; + foreach my $menu_item (@menu) { + next if (! $menu_item->{'permission'}); + $menu_html.=''; + $menu_html.=''; + if (exists($menu_item->{'url'})) { + $menu_html.=qq{}; + } else { + $menu_html.= + qq{}; + } + $menu_html.= &mt($menu_item->{'text'}).''; + if (exists($menu_item->{'help'})) { + $menu_html.= + &Apache::loncommon::help_open_topic($menu_item->{'help'}); + } + $menu_html.='
'; + } + return $menu_html; +} + +sub get_permission { + my ($context) = @_; + my %permission; + if ($context eq 'course') { + if ((&Apache::lonnet::allowed('cta',$env{'request.course.id'})) || + (&Apache::lonnet::allowed('cin',$env{'request.course.id'})) || + (&Apache::lonnet::allowed('ccr',$env{'request.course.id'})) || + (&Apache::lonnet::allowed('cep',$env{'request.course.id'})) || + (&Apache::lonnet::allowed('cst',$env{'request.course.id'}))) { + $permission{'cusr'} = 1; + $permission{'view'} = + &Apache::lonnet::allowed('vcl',$env{'request.course.id'}); + + } + if (&Apache::lonnet::allowed('ccr',$env{'request.course.id'})) { + $permission{'custom'} = 1; + } + if (&Apache::lonnet::allowed('vcl',$env{'request.course.id'})) { + $permission{'view'} = 1; + if (!$permission{'view'}) { + my $scope = $env{'request.course.id'}.'/'.$env{'request.course.sec'}; + $permission{'view'} = &Apache::lonnet::allowed('vcl',$scope); + if ($permission{'view'}) { + $permission{'view_section'} = $env{'request.course.sec'}; + } + } + } + } elsif ($context eq 'construction_space') { + $permission{'cusr'} = &authorpriv($env{'user.name'},$env{'request.role.domain'}); + $permission{'view'} = $permission{'cusr'}; + } else { + if ((&Apache::lonnet::allowed('cad',$env{'request.role.domain'})) || + (&Apache::lonnet::allowed('cli',$env{'request.role.domain'})) || + (&Apache::lonnet::allowed('cau',$env{'request.role.domain'})) || + (&Apache::lonnet::allowed('csc',$env{'request.role.domain'})) || + (&Apache::lonnet::allowed('cdg',$env{'request.role.domain'})) || + (&Apache::lonnet::allowed('mau',$env{'request.role.domain'}))) { + $permission{'cusr'} = 1; + } + if (&Apache::lonnet::allowed('ccr',$env{'request.role.domain'})) { + $permission{'custom'} = 1; + } + $permission{'view'} = $permission{'cusr'}; + } + my $allowed = 0; + foreach my $perm (values(%permission)) { + if ($perm) { $allowed=1; last; } + } + return (\%permission,$allowed); +} + +sub restore_prev_selections { + my %saveable_parameters = ('srchby' => 'scalar', + 'srchin' => 'scalar', + 'srchtype' => 'scalar', + ); + &Apache::loncommon::store_settings('user','user_picker', + \%saveable_parameters); + &Apache::loncommon::restore_settings('user','user_picker', + \%saveable_parameters); } #-------------------------------------------------- functions for &phase_two @@ -2760,7 +3088,7 @@ sub course_level_table { my $table = ''; # Custom Roles? - my %customroles=&my_custom_roles(); + my %customroles=&Apache::lonuserutils::my_custom_roles(); my %lt=&Apache::lonlocal::texthash( 'exs' => "Existing sections", 'new' => "Define new section", @@ -2841,9 +3169,9 @@ ENDTIMEENTRY if (%sections_count) { my $currsec = &course_sections(\%sections_count,$customrole); $table.= - '| '.$lt{'exs'}.' '. - $currsec.' | '.
+ '
|