--- loncom/interface/loncreateuser.pm 2002/03/22 22:23:23 1.28 +++ loncom/interface/loncreateuser.pm 2002/04/22 18:04:19 1.32 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Create a user # -# $Id: loncreateuser.pm,v 1.28 2002/03/22 22:23:23 matthew Exp $ +# $Id: loncreateuser.pm,v 1.32 2002/04/22 18:04:19 matthew Exp $ # # Copyright Michigan State University Board of Trustees # @@ -47,7 +47,7 @@ # 11/12,11/13,11/15 Scott Harrison # 02/11/02 Matthew Hall # -# $Id: loncreateuser.pm,v 1.28 2002/03/22 22:23:23 matthew Exp $ +# $Id: loncreateuser.pm,v 1.32 2002/04/22 18:04:19 matthew Exp $ ### package Apache::loncreateuser; @@ -68,119 +68,16 @@ BEGIN { $ENV{'SERVER_NAME'}=~/(\w+\.\w+)$/; my $krbdefdom=$1; $krbdefdom=~tr/a-z/A-Z/; - $authformnop=(< - -Do not change login data -

-END - $authformkrb=(< - -Kerberos authenticated with domain - -

-END - $authformint=(< - -Internally authenticated (with initial password -) -

-END - $authformfsys=(< - -Filesystem authenticated (with initial password -) -

-END - $authformloc=(< - -Local Authentication with argument - -

-END - $loginscript=(< -function setkrb(vf) { - if (vf.krbdom.value!='') { - vf.login[0].checked=true; - vf.krbdom.value=vf.krbdom.value.toUpperCase(); - vf.intpwd.value=''; - vf.fsyspwd.value=''; - vf.locarg.value=''; - } -} - -function setint(vf) { - if (vf.intpwd.value!='') { - vf.login[1].checked=true; - vf.krbdom.value=''; - vf.fsyspwd.value=''; - vf.locarg.value=''; - } -} - -function setfsys(vf) { - if (vf.fsyspwd.value!='') { - vf.login[2].checked=true; - vf.krbdom.value=''; - vf.intpwd.value=''; - vf.locarg.value=''; - } -} - -function setloc(vf) { - if (vf.locarg.value!='') { - vf.login[3].checked=true; - vf.krbdom.value=''; - vf.intpwd.value=''; - vf.fsyspwd.value=''; - } -} - -function clicknop(vf) { - vf.krbdom.value=''; - vf.intpwd.value=''; - vf.fsyspwd.value=''; - vf.locarg.value=''; -} - -function clickkrb(vf) { - vf.krbdom.value='$krbdefdom'; - vf.intpwd.value=''; - vf.fsyspwd.value=''; - vf.locarg.value=''; -} - -function clickint(vf) { - vf.krbdom.value=''; - vf.fsyspwd.value=''; - vf.locarg.value=''; -} - -function clickfsys(vf) { - vf.krbdom.value=''; - vf.intpwd.value=''; - vf.locarg.value=''; -} - -function clickloc(vf) { - vf.krbdom.value=''; - vf.intpwd.value=''; - vf.fsyspwd.value=''; -} - -ENDLOGINSCRIPT - $generalrule=< -As a general rule, only authors or co-authors should be filesystem -authenticated (which allows access to the server filesystem). -

-END + my %param = ( formname => 'document.cu', + kerb_def_dom => $krbdefdom + ); + $loginscript = &Apache::loncommon::authform_header(%param); + $generalrule = &Apache::loncommon::authform_authorwarning(%param); + $authformnop = &Apache::loncommon::authform_nochange(%param); + $authformkrb = &Apache::loncommon::authform_kerberos(%param); + $authformint = &Apache::loncommon::authform_internal(%param); + $authformfsys = &Apache::loncommon::authform_filesystem(%param); + $authformloc = &Apache::loncommon::authform_local(%param); } # =================================================================== Phase one @@ -215,6 +112,10 @@ sub phase_two { $ENV{'SERVER_NAME'}=~/(\w+\.\w+)$/; my $krbdefdom=$1; $krbdefdom=~tr/a-z/A-Z/; + my %param = ( formname => 'document.cu', + kerb_def_dom => $krbdefdom + ); + $loginscript = &Apache::loncommon::authform_header(%param); my $defdom=$ENV{'user.domain'}; @@ -224,7 +125,7 @@ sub phase_two { The LearningOnline Network with CAPA -

Personal Data

@@ -295,13 +200,14 @@ $loginscript ID/Student Number

+Home Server:

Login Data

-$generalrule -$authformkrb -$authformint -$authformfsys -$authformloc +

$generalrule

+

$authformkrb

+

$authformint

+

$authformfsys

+

$authformloc

ENDNEWUSER } else { # user already exists $r->print(< 'document.cu', + kerb_def_dom => $krbdefdom + ); + $loginscript = &Apache::loncommon::authform_header(%param); } # Check for a bad authentication type unless ($currentauth=~/^krb4:/ or @@ -417,23 +326,27 @@ END if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) { $r->print(< + ERROR: This user has an unrecognized authentication scheme ($currentauth). Please specify login data below.

Login Data

-$generalrule -$authformkrb -$authformint -$authformfsys -$authformloc +

$generalrule

+

$authformkrb

+

$authformint

+

$authformfsys

+

$authformloc

ENDBADAUTH } else { # This user is not allowed to modify the users # authentication scheme, so just notify them of the problem $r->print(< + ERROR: This user has an unrecognized authentication scheme ($currentauth). Please alert a domain coordinator of this situation. @@ -445,40 +358,23 @@ ENDBADAUTH my $authform_other=''; if ($currentauth=~/^krb4:/) { $authformcurrent=$authformkrb; - $authform_other=$authformint.$authformfsys.$authformloc; - # embarrassing script hack here - $loginscript=~s/login\[3\]/login\[4\]/; # loc - $loginscript=~s/login\[2\]/login\[3\]/; # fsys - $loginscript=~s/login\[1\]/login\[2\]/; # int - $loginscript=~s/login\[0\]/login\[1\]/; # krb4 + $authform_other="

$authformint

\n". + "

$authformfsys

$authformloc

"; } elsif ($currentauth=~/^internal:/) { $authformcurrent=$authformint; - $authform_other=$authformkrb.$authformfsys.$authformloc; - # embarrassing script hack here - $loginscript=~s/login\[3\]/login\[4\]/; # loc - $loginscript=~s/login\[2\]/login\[3\]/; # fsys - $loginscript=~s/login\[1\]/login\[1\]/; # int - $loginscript=~s/login\[0\]/login\[2\]/; # krb4 + $authform_other="

$authformkrb

". + "

$authformfsys

$authformloc

"; } elsif ($currentauth=~/^unix:/) { $authformcurrent=$authformfsys; - $authform_other=$authformkrb.$authformint.$authformloc; - # embarrassing script hack here - $loginscript=~s/login\[3\]/login\[4\]/; # loc - $loginscript=~s/login\[1\]/login\[3\]/; # int - $loginscript=~s/login\[2\]/login\[1\]/; # fsys - $loginscript=~s/login\[0\]/login\[2\]/; # krb4 + $authform_other="

$authformkrb

". + "

$authformint

$authformloc;

"; } elsif ($currentauth=~/^localauth:/) { $authformcurrent=$authformloc; - $authform_other=$authformkrb.$authformint.$authformfsys; - # embarrassing script hack here - $loginscript=~s/login\[3\]/login\[loc\]/; # loc - $loginscript=~s/login\[2\]/login\[4\]/; # fsys - $loginscript=~s/login\[1\]/login\[3\]/; # int - $loginscript=~s/login\[0\]/login\[2\]/; # krb4 - $loginscript=~s/login\[loc\]/login\[1\]/; # loc + $authform_other="

$authformkrb

". + "

$authformint

$authformfsys

"; } $authformcurrent=< @@ -494,11 +390,13 @@ ENDCURRENTAUTH # Current user has login modification privileges $r->print(< +

Change Current Login Data

-$generalrule -$authformnop -$authformcurrent +

$generalrule

+

$authformnop

+

$authformcurrent

Enter New Login Data

$authform_other ENDOTHERAUTHS @@ -570,6 +468,8 @@ ENDDROW # ================================================================= Phase Three sub phase_three { my $r=shift; + my $uhome=&Apache::lonnet::homeserver($ENV{'form.ccuname'}, + $ENV{'form.ccdomain'}); # Error messages my $error = 'Error:'; my $end = ''; @@ -583,69 +483,95 @@ sub phase_three { ENDTHREEHEAD # Check Inputs - if (! $ENV{'form.cuname'} ) { + if (! $ENV{'form.ccuname'} ) { $r->print($error.'No login name specified.'.$end); return; } - if ( $ENV{'form.cuname'} =~/\W/) { + if ( $ENV{'form.ccuname'} =~/\W/) { $r->print($error.'Invalid login name. '. 'Only letters, numbers, and underscores are valid.'. $end); return; } - if (! $ENV{'form.cdomain'} ) { + if (! $ENV{'form.ccdomain'} ) { $r->print($error.'No domain specified.'.$end); return; } - if ( $ENV{'form.cdomain'} =~/\W/) { + if ( $ENV{'form.ccdomain'} =~/\W/) { $r->print($error.'Invalid domain name. '. 'Only letters, numbers, and underscores are valid.'. $end); return; } + if (! exists($ENV{'form.makeuser'})) { + # Modifying an existing user, so check the validity of the name + if ($uhome eq 'no_host') { + $r->print($error.'Unable to determine home server for '. + $ENV{'form.ccuname'}.' in domain '. + $ENV{'form.ccdomain'}.'.'); + return; + } + } # Determine authentication method and password for the user being modified my $amode=''; my $genpwd=''; if ($ENV{'form.login'} eq 'krb') { $amode='krb4'; - $genpwd=$ENV{'form.krbdom'}; + $genpwd=$ENV{'form.krbarg'}; } elsif ($ENV{'form.login'} eq 'int') { $amode='internal'; - $genpwd=$ENV{'form.intpwd'}; + $genpwd=$ENV{'form.intarg'}; } elsif ($ENV{'form.login'} eq 'fsys') { $amode='unix'; - $genpwd=$ENV{'form.fsyspwd'}; + $genpwd=$ENV{'form.fsysarg'}; } elsif ($ENV{'form.login'} eq 'loc') { $amode='localauth'; $genpwd=$ENV{'form.locarg'}; $genpwd=" " if (!$genpwd); + } else { + $r->print($error.'Invalid login mode or password'.$end); + return; } if ($ENV{'form.makeuser'}) { # Create a new user $r->print(<Create User -

Creating user "$ENV{'form.cuname'}" in domain "$ENV{'form.cdomain'}"

+

Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"

ENDNEWUSERHEAD # Check for the authentication mode and password if (! $amode || ! $genpwd) { $r->print($error.'Invalid login mode or password'.$end); return; } + # Determine desired host + my $desiredhost = $ENV{'form.hserver'}; + if (lc($desiredhost) eq 'default') { + $desiredhost = undef; + } else { + my %home_servers = &Apache::loncommon::get_home_servers + ($ENV{'form.ccdomain'}); + if (! exists($home_servers{$desiredhost})) { + $r->print($error.'Invalid home server specified'); + return; + } + } # Call modifyuser my $result = &Apache::lonnet::modifyuser - ($ENV{'form.cdomain'},$ENV{'form.cuname'}, - $ENV{'form.cstid'},$amode,$genpwd, - $ENV{'form.cfirst'},$ENV{'form.cmiddle'}, - $ENV{'form.clast'},$ENV{'form.cgen'} + ($ENV{'form.ccdomain'},$ENV{'form.ccuname'},$ENV{'form.cstid'}, + $amode,$genpwd,$ENV{'form.cfirst'}, + $ENV{'form.cmiddle'},$ENV{'form.clast'},$ENV{'form.cgen'}, + undef,$desiredhost ); $r->print('Generating user: '.$result); - $r->print('
Home server: '.&Apache::lonnet::homeserver - ($ENV{'form.cuname'},$ENV{'form.cdomain'})); + my $home = &Apache::lonnet::homeserver($ENV{'form.ccuname'}, + $ENV{'form.ccdomain'}); + $r->print('
Home server: '.$home.' '. + $Apache::lonnet::libserv{$home}); } elsif ($ENV{'form.login'} ne '') { # Modify user privileges $r->print(<Change User Privileges -

User "$ENV{'form.cuname'}" in domain "$ENV{'form.cdomain'}"

+

User "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"

ENDMODIFYUSERHEAD if (! $amode || ! $genpwd) { $r->print($error.'Invalid login mode or password'.$end); @@ -654,11 +580,11 @@ ENDMODIFYUSERHEAD # Only allow authentification modification if the person has authority if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) { $r->print('Modifying authentication: '. - &Apache::lonnet::modifyuserauth( - $ENV{'form.cdomain'},$ENV{'form.cuname'}, + &Apache::lonnet::modifyuserauth( + $ENV{'form.ccdomain'},$ENV{'form.ccuname'}, $amode,$genpwd)); $r->print('
Home server: '.&Apache::lonnet::homeserver - ($ENV{'form.cuname'},$ENV{'form.cdomain'})); + ($ENV{'form.ccuname'},$ENV{'form.ccdomain'})); } else { # Okay, this is a non-fatal error. $r->print($error.'You do not have the authority to modify '. @@ -670,7 +596,7 @@ ENDMODIFYUSERHEAD # Check for need to change my %userenv = &Apache::lonnet::get ('environment',['firstname','middlename','lastname','generation'], - $ENV{'form.cdomain'},$ENV{'form.cuname'}); + $ENV{'form.ccdomain'},$ENV{'form.ccuname'}); my ($tmp) = keys(%userenv); if ($tmp =~ /^(con_lost|error)/i) { %userenv = (); @@ -680,7 +606,7 @@ ENDMODIFYUSERHEAD # Strip leading and trailing whitespace $ENV{'form.c'.$_} =~ s/(\s+$|^\s+)//g; } - if (&Apache::lonnet::allowed('mau',$ENV{'form.cdomain'}) && + if (&Apache::lonnet::allowed('mau',$ENV{'form.ccdomain'}) && ($ENV{'form.cfirstname'} ne $userenv{'firstname'} || $ENV{'form.cmiddlename'} ne $userenv{'middlename'} || $ENV{'form.clastname'} ne $userenv{'lastname'} || @@ -693,7 +619,7 @@ ENDMODIFYUSERHEAD $changeHash{'generation'} = $ENV{'form.cgeneration'}; my $putresult = &Apache::lonnet::put ('environment',\%changeHash, - $ENV{'form.cdomain'},$ENV{'form.cuname'}); + $ENV{'form.ccdomain'},$ENV{'form.ccuname'}); if ($putresult eq 'ok') { # Tell the user we changed the name $r->print(<<"END"); @@ -718,14 +644,14 @@ ENDMODIFYUSERHEAD END } else { # error occurred $r->print("

Unable to successfully change environment for ". - $ENV{'form.cuname'}." in domain ". - $ENV{'form.cdomain'}."

"); + $ENV{'form.ccuname'}." in domain ". + $ENV{'form.ccdomain'}.""); } } else { # End of if ($ENV ... ) logic # They did not want to change the users name but we can # still tell them what the name is $r->print(<<"END"); -

User "$ENV{'form.cuname'}" in domain "$ENV{'form.cdomain'}"

+

User "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"

$userenv{'firstname'} $userenv{'middlename'} $userenv{'lastname'}

Generation: $userenv{'generation'}

END @@ -740,8 +666,8 @@ END if ($_=~/^form\.rev/) { if ($_=~/^form\.rev\:([^\_]+)\_([^\_]+)$/) { $r->print('Revoking '.$2.' in '.$1.': '. - &Apache::lonnet::assignrole($ENV{'form.cdomain'}, - $ENV{'form.cuname'},$1,$2,$now).'
'); + &Apache::lonnet::assignrole($ENV{'form.ccdomain'}, + $ENV{'form.ccuname'},$1,$2,$now).'
'); if ($2 eq 'st') { $1=~/^\/(\w+)\/(\w+)/; my $cid=$1.'_'.$2; @@ -749,8 +675,8 @@ END &Apache::lonnet::critical('put:'. $ENV{'course.'.$cid.'.domain'}.':'. $ENV{'course.'.$cid.'.num'}.':classlist:'. - &Apache::lonnet::escape($ENV{'form.cuname'}.':'. - $ENV{'form.cdomain'}).'='. + &Apache::lonnet::escape($ENV{'form.ccuname'}.':'. + $ENV{'form.ccdomain'}).'='. &Apache::lonnet::escape($now.':'), $ENV{'course.'.$cid.'.home'}).'
'); } @@ -772,7 +698,7 @@ END # Assign the role and report it $r->print('Assigning: '.$3.' in '.$url.': '. &Apache::lonnet::assignrole( - $ENV{'form.cdomain'},$ENV{'form.cuname'}, + $ENV{'form.ccdomain'},$ENV{'form.ccuname'}, $url,$3,$end,$start). '
'); # Handle students differently @@ -784,8 +710,8 @@ END 'put:'.$ENV{'course.'.$cid.'.domain'}.':'. $ENV{'course.'.$cid.'.num'}.':classlist:'. &Apache::lonnet::escape( - $ENV{'form.cuname'}.':'. - $ENV{'form.cdomain'} ).'='. + $ENV{'form.ccuname'}.':'. + $ENV{'form.ccdomain'} ).'='. &Apache::lonnet::escape($end.':'.$start), $ENV{'course.'.$cid.'.home'}) .'
'); @@ -803,7 +729,7 @@ END # Assign the role and report it. $r->print('Assigning: '.$2.' in '.$url.': '. &Apache::lonnet::assignrole( - $ENV{'form.cdomain'},$ENV{'form.cuname'}, + $ENV{'form.ccdomain'},$ENV{'form.ccuname'}, $url,$2,$end,$start) .'
'); } @@ -902,6 +828,10 @@ ENDTABLE } #---------------------------------------------- end functions for &phase_two +#--------------------------------- functions for &phase_two and &phase_three + +#--------------------------end of functions for &phase_two and &phase_three + 1; __END__