--- loncom/interface/loncreateuser.pm 2007/12/08 19:19:03 1.205 +++ loncom/interface/loncreateuser.pm 2007/12/12 23:59:41 1.207 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Create a user # -# $Id: loncreateuser.pm,v 1.205 2007/12/08 19:19:03 raeburn Exp $ +# $Id: loncreateuser.pm,v 1.207 2007/12/12 23:59:41 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -209,12 +209,14 @@ END_SCRIPT # =================================================================== Phase one sub print_username_entry_form { - my ($r,$response,$srch,$forcenewuser) = @_; + my ($r,$context,$response,$srch,$forcenewuser) = @_; my $defdom=$env{'request.role.domain'}; my $formtoset = 'crtuser'; if (exists($env{'form.startrolename'})) { $formtoset = 'docustom'; $env{'form.rolename'} = $env{'form.startrolename'}; + } elsif ($env{'form.origform'} eq 'crtusername') { + $formtoset = $env{'form.origform'}; } my ($jsback,$elements) = &crumb_utilities(); @@ -252,7 +254,7 @@ sub print_username_entry_form { 'ecrp' => "Edit Custom Role Privileges", 'nr' => "Name of Role", 'cre' => "Custom Role Editor", - 'mod' => "to add/modify roles", + 'mod' => "to edit user information or add/modify roles", ); my $help = &Apache::loncommon::help_open_menu(undef,undef,282,'Instructor Interface'); my $helpsiur=&Apache::loncommon::help_open_topic('Course_Change_Privileges'); @@ -266,7 +268,7 @@ sub print_username_entry_form { $r->print("

$lt{'srch'} $sellink $lt{'mod'}$helpsiur

$response"); - $r->print(&entry_form($defdom,$srch,$forcenewuser)); + $r->print(&entry_form($defdom,$srch,$forcenewuser,$context)); } elsif ($env{'form.action'} eq 'custom') { if (&Apache::lonnet::allowed('mcr','/')) { $r->print(< $userpicker +ENDBLOCK + if ($cancreate) { + my $defdom=$env{'request.role.domain'}; + my $domform = &Apache::loncommon::select_dom_form($defdom,'srchdomain'); + my $helpcrt=&Apache::loncommon::help_open_topic('Course_Change_Privileges'); + my %lt=&Apache::lonlocal::texthash( + 'crnu' => 'Create a new user', + 'usr' => 'Username', + 'dom' => 'in domain', + 'cra' => 'Create user', + ); + $output .= <<"ENDDOCUMENT"; +
+ + + + + + + +

$lt{crnu}$helpcrt

+ + + + + + + +
$lt{'usr'}: $lt{'dom'}:$domform 
+
ENDDOCUMENT + } return $output; } @@ -329,7 +367,7 @@ END # =================================================================== Phase two sub print_user_selection_page { - my ($r,$response,$srch,$srch_results,$operation,$srcharray) = @_; + my ($r,$response,$srch,$srch_results,$operation,$srcharray,$context) = @_; my @fields = ('username','domain','lastname','firstname','permanentemail'); my $sortby = $env{'form.sortby'}; @@ -374,7 +412,7 @@ ENDSCRIPT faq=>282,bug=>'Instructor Interface',}); $r->print(&Apache::lonhtmlcommon::breadcrumbs('User Management')); $r->print("$lt{'usrch'}
"); - $r->print(&entry_form($srch->{'srchdomain'},$srch)); + $r->print(&entry_form($srch->{'srchdomain'},$srch,undef,$context)); $r->print('

'.$lt{'usel'}.'

'); } else { $r->print($jscript."$lt{'stusrch'}
"); @@ -446,7 +484,7 @@ sub print_user_modification_page { my ($r,$ccuname,$ccdomain,$srch,$response,$context) = @_; if (($ccuname eq '') || ($ccdomain eq '')) { my $usermsg = &mt('No username and/or domain provided.'); - &print_username_entry_form($r,$usermsg); + &print_username_entry_form($r,$context,$usermsg); return; } my %abv_auth = &auth_abbrev(); @@ -474,7 +512,7 @@ sub print_user_modification_page { $domdesc,$curr_rules{$ccdomain}{'username'}, 'username'); } - &print_username_entry_form($r,$userchkmsg); + &print_username_entry_form($r,$context,$userchkmsg); return; } } @@ -707,9 +745,11 @@ $loginscript

$lt{'cnu'} "$ccuname" $lt{'ind'} $ccdomain

ENDTITLE - $r->print('
'. - &personal_data_display($ccuname,$ccdomain,$newuser, - %inst_results)); + $r->print('
'); + my $personal_table = + &personal_data_display($ccuname,$ccdomain,$newuser, + $context,%inst_results); + $r->print($personal_table); my ($home_server_pick,$numlib) = &Apache::loncommon::home_server_form_item($ccdomain,'hserver', 'default','hide'); @@ -786,10 +826,12 @@ $crumbs $forminfo

$lt{'cup'} "$ccuname" $lt{'id'} "$ccdomain"

ENDCHANGEUSER - $r->print('
'. - &personal_data_display($ccuname,$ccdomain,$newuser, - %inst_results)); - if ($context eq 'domain') { + $r->print('
'); + my ($personal_table,$showforceid) = + &personal_data_display($ccuname,$ccdomain,$newuser, + $context,%inst_results); + $r->print($personal_table); + if ($showforceid) { $r->print(&Apache::lonuserutils::forceid_change($context)); } $r->print('
'); @@ -1318,13 +1360,16 @@ sub modify_login_block { } sub personal_data_display { - my ($ccuname,$ccdomain,$newuser,%inst_results) = @_; - my ($output,%userenv); + my ($ccuname,$ccdomain,$newuser,$context,%inst_results) = @_; + my ($output,$showforceid,%userenv,%domconfig); if (!$newuser) { # Get the users information %userenv = &Apache::lonnet::get('environment', ['firstname','middlename','lastname','generation', 'permanentemail','id'],$ccdomain,$ccuname); + %domconfig = + &Apache::lonnet::get_dom('configuration',['usermodification'], + $ccdomain); } my %lt=&Apache::lonlocal::texthash( 'pd' => "Personal Data", @@ -1362,21 +1407,47 @@ sub personal_data_display { $output .= ''; } } else { + my $canmodify = 0; if (&Apache::lonnet::allowed('mau',$ccdomain)) { + $canmodify = 1; + } else { + if (ref($domconfig{'usermodification'}) eq 'HASH') { + if (ref($domconfig{'usermodification'}{$context}) eq 'HASH') { + foreach my $key (keys(%{$domconfig{'usermodification'}{$context}})) { + if (ref($domconfig{'usermodification'}{$context}{$key}) eq 'HASH') { + if ($domconfig{'usermodification'}{$context}{$key}{$item}) { + $canmodify = 1; + last; + } + } + } + } + } elsif ($context eq 'course') { + $canmodify = 1; + } + } + if ($canmodify) { $output .= ''; } else { $output .= $userenv{$item}; } + if ($item eq 'id') { + $showforceid = $canmodify; + } } $output .= &Apache::lonhtmlcommon::row_closure(1); } $output .= &Apache::lonhtmlcommon::end_pick_box(); - return $output; + if (wantarray) { + return ($output,$showforceid); + } else { + return $output; + } } # ================================================================= Phase Three sub update_user_data { - my ($r) = @_; + my ($r,$context) = @_; my $uhome=&Apache::lonnet::homeserver($env{'form.ccuname'}, $env{'form.ccdomain'}); # Error messages @@ -1574,10 +1645,116 @@ sub update_user_data { if ($tmp =~ /^(con_lost|error)/i) { %userenv = (); } - # Check to see if we need to change user information + my $no_forceid_alert; + # Check to see if user information can be changed + my %domconfig = + &Apache::lonnet::get_dom('configuration',['usermodification'], + $env{'form.ccdomain'}); + my @roletypes = ('active','future'); + my %roles = &Apache::lonnet::get_my_roles($env{'form.ccuname'},$env{'form.ccdomain'},'userroles',\@roletypes,undef,$env{'request.role.domain'}); + my @userroles; + my ($cnum,$cdom,$auname,$audom); + if ($context eq 'course') { + $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; + $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; + if ($cnum eq '' || $cdom eq '') { + my $cid = $env{'request.course.id'}; + my %coursehash = + &Apache::lonnet::coursedescription($cid,{'one_time' => 1}); + $cdom = $coursehash{'domain'}; + $cnum = $coursehash{'num'}; + } + } elsif ($context eq 'author') { + $auname = $env{'user.name'}; + $audom = $env{'user.domain'}; + } + foreach my $item (keys(%roles)) { + my ($rolenum,$roledom,$role) = split(/:/,$item); + if ($context eq 'course') { + if ($cnum ne '' && $cdom ne '') { + if ($rolenum eq $cnum && $roledom eq $cdom) { + if (!grep(/^\Q$role\E$/,@userroles)) { + push(@userroles,$role); + } + } + } + } elsif ($context eq 'author') { + if ($rolenum eq $auname && $roledom eq $audom) { + if (!grep(/^\Q$role\E$/,@userroles)) { + push(@userroles,$role); + } + } + } + } + # Check for course or co-author roles being activated or re-enabled + if ($context eq 'author' || $context eq 'course') { + foreach my $key (keys(%env)) { + if ($context eq 'author') { + if ($key=~/^form\.act_\Q$audom\E_\Q$auname\E_([^_]+)/) { + if (!grep(/^\Q$1\E$/,@userroles)) { + push(@userroles,$1); + } + } elsif ($key =~/^form\.ren\:\Q$audom\E\/\Q$auname\E_([^_]+)/) { + if (!grep(/^\Q$1\E$/,@userroles)) { + push(@userroles,$1); + } + } + } elsif ($context eq 'course') { + if ($key=~/^form\.act_\Q$cdom\E_\Q$cnum\E_([^_]+)/) { + if (!grep(/^\Q$1\E$/,@userroles)) { + push(@userroles,$1); + } + } elsif ($key =~/^form\.ren\:\Q$cdom\E\/\Q$cnum\E(\/?\w*)_([^_]+)/) { + if (!grep(/^\Q$1\E$/,@userroles)) { + push(@userroles,$1); + } + } + } + } + } + #Check to see if we can change personal data for the user + my (@mod_disallowed,@longroles); + foreach my $role (@userroles) { + if ($role eq 'cr') { + push(@longroles,'Custom'); + } else { + push(@longroles,&Apache::lonnet::plaintext($role)); + } + } foreach my $item ('firstname','middlename','lastname','generation','permanentemail','id') { + my $canmodify = 0; + if (&Apache::lonnet::allowed('mau',$env{'form.ccdomain'})) { + $canmodify = 1; + } else { + if ($context eq 'course' || $context eq 'author') { + if (ref($domconfig{'usermodification'}) eq 'HASH') { + if (ref($domconfig{'usermodification'}{$context}) eq 'HASH') { + foreach my $role (@userroles) { + if (ref($domconfig{'usermodification'}{$context}{$role}) eq 'HASH') { + if ($domconfig{'usermodification'}{$context}{$role}{$item}) { + $canmodify = 1; + last; + } + } + } + } + } + } elsif ($context eq 'course') { + if (grep(/^st$/,@userroles)) { + $canmodify = 1; + } + } + } # Strip leading and trailing whitespace $env{'form.c'.$item} =~ s/(\s+$|^\s+)//g; + if (!$canmodify) { + if (defined($env{'form.c'.$item})) { + if ($env{'form.c'.$item} ne $userenv{$item}) { + push(@mod_disallowed,$item); + } + } + $env{'form.c'.$item} = $userenv{$item}; + } } # Check to see if we can change the ID/student number my $forceid = $env{'form.forceid'}; @@ -1591,6 +1768,7 @@ sub update_user_data { (!$forceid)) { if ($env{'form.cid'} ne $uidhash{$env{'form.ccuname'}}) { $env{'form.cid'} = $userenv{'id'}; + $no_forceid_alert = &mt('New student/employeeID does not match existing ID for this user.').'
'.&mt('Change is not permitted without checking the \'Force ID change\' checkbox on the previous page.').'
'."\n"; } } if ($env{'form.cid'} ne $userenv{'id'}) { @@ -1654,13 +1832,12 @@ sub update_user_data { if ($newisdefault) { $newdefquotatext = &get_defaultquota_text($settingstatus); } - if (&Apache::lonnet::allowed('mau',$env{'form.ccdomain'}) && - ($env{'form.cfirstname'} ne $userenv{'firstname'} || - $env{'form.cmiddlename'} ne $userenv{'middlename'} || - $env{'form.clastname'} ne $userenv{'lastname'} || - $env{'form.cgeneration'} ne $userenv{'generation'} || - $env{'form.cid'} ne $userenv{'id'} || - $env{'form.cpermanentemail'} ne $userenv{'permanentemail'} )) { + if ($env{'form.cfirstname'} ne $userenv{'firstname'} || + $env{'form.cmiddlename'} ne $userenv{'middlename'} || + $env{'form.clastname'} ne $userenv{'lastname'} || + $env{'form.cgeneration'} ne $userenv{'generation'} || + $env{'form.cid'} ne $userenv{'id'} || + $env{'form.cpermanentemail'} ne $userenv{'permanentemail'} ) { $namechanged = 1; } if ($namechanged || $quotachanged) { @@ -1738,7 +1915,7 @@ END $newportfolioquota Mb $newdefquotatext END $r->print(&Apache::loncommon::end_data_table_row(). - &Apache::loncommon::end_data_table()); + &Apache::loncommon::end_data_table().'
'); if ($env{'form.cid'} ne $userenv{'id'}) { &Apache::lonnet::idput($env{'form.ccdomain'}, ($env{'form.ccuname'} => $env{'form.cid'})); @@ -1769,7 +1946,7 @@ END } else { # error occurred $r->print(''.&mt('Unable to successfully change environment for').' '. $env{'form.ccuname'}.' '.&mt('in domain').' '. - $env{'form.ccdomain'}.''); + $env{'form.ccdomain'}.'
'); } } else { # End of if ($env ... ) logic # They did not want to change the users name or quota but we can @@ -1789,6 +1966,34 @@ END $r->print('
['.$lt{'disk'}.': '.$oldportfolioquota.' Mb '. $olddefquotatext.']'); } + if (@mod_disallowed) { + my ($rolestr,$contextname); + if (@longroles > 0) { + $rolestr = join(', ',@longroles); + } else { + $rolestr = &mt('No roles'); + } + if ($context eq 'course') { + $contextname = &mt('course'); + } elsif ($context eq 'author') { + $contextname = &mt('co-author'); + } + $r->print(&mt('The following fields were not updated: ').'
    '); + my %fieldtitles = &Apache::loncommon::personal_data_fieldtitles(); + foreach my $field (@mod_disallowed) { + $r->print('
  • '.$fieldtitles{$field}.'
    • '."\n"); + } + $r->print('
'); + if (@mod_disallowed == 1) { + $r->print(&mt("You do not have the authority to change this field given the user's current set of active/future [_1] roles:",$contextname)); + } else { + $r->print(&mt("You do not have the authority to change these fields given the user's current set of active/future [_1] roles:",$contextname)); + } + $r->print(''.$rolestr.'
'. + &mt('Contact your helpdesk for more information.',"javascript:helpMenu('display')").'
'); + } + $r->print($no_forceid_alert. + &Apache::lonuserutils::print_namespacing_alerts($env{'form.ccdomain'},\%alerts, \%curr_rules)); } ## my $now=time; @@ -2040,6 +2245,9 @@ sub update_result_form { foreach my $item ('srchby','srchin','srchtype','srchterm','srchdomain','ccuname','ccdomain') { $outcome .= ''."\n"; } + if ($env{'form.origname'} ne '') { + $outcome .= ''."\n"; + } foreach my $item ('sortby','seluname','seludom') { if (exists($env{'form.'.$item})) { $outcome .= ''."\n"; @@ -2398,7 +2606,7 @@ sub handler { if ($env{'request.course.id'}) { $context = 'course'; } elsif ($env{'request.role'} =~ /^au\./) { - $context = 'construction_space'; + $context = 'author'; } else { $context = 'domain'; } @@ -2473,8 +2681,20 @@ sub handler { $srch->{$item} = $env{'form.'.$item}; } - if (($phase eq 'get_user_info') || ($phase eq 'userpicked')) { - if ($env{'form.phase'} eq 'get_user_info') { + if (($phase eq 'get_user_info') || ($phase eq 'userpicked') || + ($phase eq 'createnewuser')) { + if ($env{'form.phase'} eq 'createnewuser') { + my $response; + if ($env{'form.srchterm'} !~ /^$match_username$/) { + my $response = &mt('You must specify a valid username. Only the following are allowed: letters numbers - . @'); + &print_username_entry_form($r,$context,$response,$srch); + } else { + my $ccuname =&LONCAPA::clean_username($srch->{'srchterm'}); + my $ccdomain=&LONCAPA::clean_domain($srch->{'srchdomain'}); + &print_user_modification_page($r,$ccuname,$ccdomain, + $srch,$response,$context); + } + } elsif ($env{'form.phase'} eq 'get_user_info') { my ($currstate,$response,$forcenewuser,$results) = &user_search_result($srch); if ($env{'form.currstate'} eq 'modify') { @@ -2482,7 +2702,7 @@ sub handler { } if ($currstate eq 'select') { &print_user_selection_page($r,$response,$srch,$results, - 'createuser',\@search); + 'createuser',\@search,$context); } elsif ($currstate eq 'modify') { my ($ccuname,$ccdomain); if (($srch->{'srchby'} eq 'uname') && @@ -2503,7 +2723,7 @@ sub handler { } elsif ($currstate eq 'query') { &print_user_query_page($r,'createuser'); } else { - &print_username_entry_form($r,$response,$srch, + &print_username_entry_form($r,$context,$response,$srch, $forcenewuser); } } elsif ($env{'form.phase'} eq 'userpicked') { @@ -2513,9 +2733,9 @@ sub handler { $context); } } elsif ($env{'form.phase'} eq 'update_user_data') { - &update_user_data($r); + &update_user_data($r,$context); } else { - &print_username_entry_form($r,undef,$srch); + &print_username_entry_form($r,$context,undef,$srch); } } elsif ($env{'form.action'} eq 'custom' && $permission->{'custom'}) { if ($env{'form.phase'} eq 'set_custom_roles') { @@ -2523,7 +2743,8 @@ sub handler { } else { &custom_role_editor($r); } - } elsif ($env{'form.action'} eq 'listusers' && $permission->{'view'}) { + } elsif (($env{'form.action'} eq 'listusers') && + ($permission->{'view'} || $permission->{'cusr'})) { if ($env{'form.phase'} eq 'bulkchange') { &Apache::lonhtmlcommon::add_breadcrumb ({href=>'backPage(document.studentform)', @@ -2592,7 +2813,7 @@ sub handler { } else { $r->print(&header()); $r->print(&Apache::lonhtmlcommon::breadcrumbs('User Management')); - $r->print(&print_main_menu($permission)); + $r->print(&print_main_menu($permission,$context)); $r->print(&Apache::loncommon::end_page()); } return OK; @@ -2701,15 +2922,18 @@ sub get_permission { } if (&Apache::lonnet::allowed('vcl',$env{'request.course.id'})) { $permission{'view'} = 1; - if (!$permission{'view'}) { - my $scope = $env{'request.course.id'}.'/'.$env{'request.course.sec'}; - $permission{'view'} = &Apache::lonnet::allowed('vcl',$scope); - if ($permission{'view'}) { - $permission{'view_section'} = $env{'request.course.sec'}; - } + } + if (!$permission{'view'}) { + my $scope = $env{'request.course.id'}.'/'.$env{'request.course.sec'}; + $permission{'view'} = &Apache::lonnet::allowed('vcl',$scope); + if ($permission{'view'}) { + $permission{'view_section'} = $env{'request.course.sec'}; } } - } elsif ($context eq 'construction_space') { + if (&Apache::lonnet::allowed('mdg',$env{'request.course.id'})) { + $permission{'grp_manage'} = 1; + } + } elsif ($context eq 'author') { $permission{'cusr'} = &authorpriv($env{'user.name'},$env{'request.role.domain'}); $permission{'view'} = $permission{'cusr'}; } else { @@ -3135,6 +3359,10 @@ sub crumb_utilities { srchtype => 'selectbox', srchdomain => 'selectbox', }, + crtusername => { + srchterm => 'text', + srchdomain => 'selectbox', + }, docustom => { rolename => 'selectbox', newrolename => 'textbox',