--- loncom/interface/loncreateuser.pm 2002/08/08 19:27:35 1.39
+++ loncom/interface/loncreateuser.pm 2003/03/23 09:06:08 1.51
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Create a user
#
-# $Id: loncreateuser.pm,v 1.39 2002/08/08 19:27:35 matthew Exp $
+# $Id: loncreateuser.pm,v 1.51 2003/03/23 09:06:08 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -44,10 +44,9 @@
# 2/14,2/17,2/19,2/20,2/21,2/22,2/23,3/2,3/17,3/24,04/12 Gerd Kortemeyer
# April Guy Albertelli
# 05/10,10/16 Gerd Kortemeyer
-# 11/12,11/13,11/15 Scott Harrison
# 02/11/02 Matthew Hall
#
-# $Id: loncreateuser.pm,v 1.39 2002/08/08 19:27:35 matthew Exp $
+# $Id: loncreateuser.pm,v 1.51 2003/03/23 09:06:08 albertel Exp $
###
package Apache::loncreateuser;
@@ -71,36 +70,59 @@ BEGIN {
my %param = ( formname => 'document.cu',
kerb_def_dom => $krbdefdom
);
- $loginscript = &Apache::loncommon::authform_header(%param);
+# no longer static due to configurable kerberos defaults
+# $loginscript = &Apache::loncommon::authform_header(%param);
$generalrule = &Apache::loncommon::authform_authorwarning(%param);
$authformnop = &Apache::loncommon::authform_nochange(%param);
- $authformkrb = &Apache::loncommon::authform_kerberos(%param);
+# no longer static due to configurable kerberos defaults
+# $authformkrb = &Apache::loncommon::authform_kerberos(%param);
$authformint = &Apache::loncommon::authform_internal(%param);
$authformfsys = &Apache::loncommon::authform_filesystem(%param);
$authformloc = &Apache::loncommon::authform_local(%param);
}
+
+
+# ==================================================== Figure out author access
+
+sub authorpriv {
+ my ($auname,$audom)=@_;
+ if (($auname ne $ENV{'user.name'}) ||
+ (($audom ne $ENV{'user.domain'}) &&
+ ($audom ne $ENV{'request.role.domain'}))) { return ''; }
+ unless (&Apache::lonnet::allowed('cca',$audom)) { return ''; }
+ return 1;
+}
+
# =================================================================== Phase one
-sub phase_one {
+sub print_username_entry_form {
my $r=shift;
- my $defdom=$ENV{'user.domain'};
+ my $defdom=$ENV{'request.role.domain'};
my @domains = &Apache::loncommon::get_domains();
my $domform = &Apache::loncommon::select_dom_form($defdom,'ccdomain');
+ my $bodytag =&Apache::loncommon::bodytag(
+ 'Create Users, Change User Privileges');
+ my $selscript=&Apache::loncommon::studentbrowser_javascript();
+ my $sellink=&Apache::loncommon::selectstudent_link
+ ('crtuser','ccuname','ccdomain');
$r->print(<<"ENDDOCUMENT");
<html>
<head>
<title>The LearningOnline Network with CAPA</title>
+$selscript
</head>
-<body bgcolor="#FFFFFF">
-<h1>Create User, Change User Privileges</h1>
-<form action=/adm/createuser method=post>
-<input type=hidden name=phase value=two>
+$bodytag
+<form action="/adm/createuser" method="post" name="crtuser">
+<input type="hidden" name="phase" value="get_user_info">
<p>
-Username: <input type=text size=15 name=ccuname><br>
-Domain: $domform
+<table>
+<tr><td>Username:</td><td><input type="text" size="15" name="ccuname">
+</td><td rowspan="2">$sellink</td></tr><tr><td>
+Domain:</td><td>$domform</td></tr>
+</table>
</p>
-<input type=submit value="Continue">
+<input type="submit" value="Continue">
</form>
</body>
</html>
@@ -108,20 +130,22 @@ ENDDOCUMENT
}
# =================================================================== Phase two
-sub phase_two {
+sub print_user_modification_page {
my $r=shift;
my $ccuname=$ENV{'form.ccuname'};
my $ccdomain=$ENV{'form.ccdomain'};
- $ENV{'SERVER_NAME'}=~/(\w+\.\w+)$/;
- my $krbdefdom=$1;
- $krbdefdom=~tr/a-z/A-Z/;
+ my $defdom=$ENV{'request.role.domain'};
+
+ my ($krbdef,$krbdefdom) =
+ &Apache::loncommon::get_kerberos_defaults($defdom);
+
my %param = ( formname => 'document.cu',
- kerb_def_dom => $krbdefdom
+ kerb_def_dom => $krbdefdom,
+ kerb_def_auth => $krbdef
);
$loginscript = &Apache::loncommon::authform_header(%param);
-
- my $defdom=$ENV{'user.domain'};
+ $authformkrb = &Apache::loncommon::authform_kerberos(%param);
$ccuname=~s/\W//g;
$ccdomain=~s/\W//g;
@@ -154,12 +178,12 @@ sub phase_two {
</script>
</head>
-<body bgcolor="#FFFFFF">
-<img align="right" src="/adm/lonIcons/lonlogos.gif">
ENDDOCHEAD
+ $r->print(&Apache::loncommon::bodytag(
+ 'Create Users, Change User Privileges'));
my $forminfo =<<"ENDFORMINFO";
<form action="/adm/createuser" method="post" name="cu">
-<input type="hidden" name="phase" value="three">
+<input type="hidden" name="phase" value="update_user_data">
<input type="hidden" name="ccuname" value="$ccuname">
<input type="hidden" name="ccdomain" value="$ccdomain">
<input type="hidden" name="pres_value" value="" >
@@ -169,7 +193,7 @@ ENDFORMINFO
my $uhome=&Apache::lonnet::homeserver($ccuname,$ccdomain);
my %incdomains;
my %inccourses;
- foreach (%Apache::lonnet::hostdom) {
+ foreach (values(%Apache::lonnet::hostdom)) {
$incdomains{$_}=1;
}
foreach (keys(%ENV)) {
@@ -268,7 +292,12 @@ END
if ($area =~ /^\/(\w+)\/(\d\w+)/ ) {
my %coursedata=
&Apache::lonnet::coursedescription($1.'_'.$2);
- my $carea='Course: '.$coursedata{'description'};
+ my $carea;
+ if (defined($coursedata{'description'})) {
+ $carea='Course: '.$coursedata{'description'};
+ } else {
+ $carea='Unavailable course: '.$area;
+ }
$inccourses{$1.'_'.$2}=1;
if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) {
$allowed=1;
@@ -293,18 +322,12 @@ END
}
}
}
- # I have no idea what the hell the above code does
- # So the following is a check:
- if ($allowed) {
- # If we are looking at a co-author role, make sure it is
- # for the current users construction space before we let
- # them revoke it.
- if (($role_code eq 'ca') &&
- ($ENV{'request.role'} !~ /^dc/)) {
- if ($area !~
- /^\/$ENV{'user.domain'}\/$ENV{'user.name'}/) {
- $allowed = 0;
- }
+ if ($role_code eq 'ca') {
+ $area=~/\/(\w+)\/(\w+)/;
+ if (&authorpriv($2,$1)) {
+ $allowed=1;
+ } else {
+ $allowed=0;
}
}
my $row = '';
@@ -328,21 +351,21 @@ END
$r->print('</table>');
} # End of unless
my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain);
- if ($currentauth=~/^krb4:/) {
- $currentauth=~/^krb4:(.*)/;
- my $krbdefdom2=$1;
+ if ($currentauth=~/^krb(4|5):/) {
+ $currentauth=~/^krb(4|5):(.*)/;
+ my $krbdefdom=$1;
my %param = ( formname => 'document.cu',
kerb_def_dom => $krbdefdom
);
$loginscript = &Apache::loncommon::authform_header(%param);
}
# Check for a bad authentication type
- unless ($currentauth=~/^krb4:/ or
+ unless ($currentauth=~/^krb(4|5):/ or
$currentauth=~/^unix:/ or
$currentauth=~/^internal:/ or
$currentauth=~/^localauth:/
) { # bad authentication scheme
- if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) {
+ if (&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'})) {
$r->print(<<ENDBADAUTH);
<hr />
<script type="text/javascript" language="Javascript">
@@ -375,7 +398,7 @@ ENDBADAUTH
} else { # Authentication type is valid
my $authformcurrent='';
my $authform_other='';
- if ($currentauth=~/^krb4:/) {
+ if ($currentauth=~/^krb(4|5):/) {
$authformcurrent=$authformkrb;
$authform_other="<p>$authformint</p>\n".
"<p>$authformfsys</p><p>$authformloc</p>";
@@ -405,7 +428,7 @@ ENDBADAUTH
<td bgcolor='#cbbcbb'>Changing this value will overwrite existing authentication for the user; you should notify the user of this change.</td></tr>
</table>
ENDCURRENTAUTH
- if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) {
+ if (&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'})) {
# Current user has login modification privileges
$r->print(<<ENDOTHERAUTHS);
<hr />
@@ -426,10 +449,11 @@ ENDOTHERAUTHS
#
# Co-Author
#
-
- if (&Apache::lonnet::allowed('cca',$ENV{'user.domain'})) {
+ if (&authorpriv($ENV{'user.name'},$ENV{'request.role.domain'}) &&
+ ($ENV{'user.name'} ne $ccuname || $ENV{'user.domain'} ne $ccdomain)) {
+ # No sense in assigning co-author role to yourself
my $cuname=$ENV{'user.name'};
- my $cudom=$ENV{'user.domain'};
+ my $cudom=$ENV{'request.role.domain'};
$r->print(<<ENDCOAUTH);
<h4>Construction Space</h4>
<table border=2><tr><th>Activate</th><th>Role</th><th>Extent</th>
@@ -485,7 +509,7 @@ ENDDROW
}
# ================================================================= Phase Three
-sub phase_three {
+sub update_user_data {
my $r=shift;
my $uhome=&Apache::lonnet::homeserver($ENV{'form.ccuname'},
$ENV{'form.ccdomain'});
@@ -498,9 +522,14 @@ sub phase_three {
<head>
<title>The LearningOnline Network with CAPA</title>
</head>
-<body bgcolor="#FFFFFF">
-<img align="right" src="/adm/lonIcons/lonlogos.gif">
ENDTHREEHEAD
+ my $title;
+ if (exists($ENV{'form.makeuser'})) {
+ $title='Set Privileges for New User';
+ } else {
+ $title='Modify User Privileges';
+ }
+ $r->print(&Apache::loncommon::bodytag($title));
# Check Inputs
if (! $ENV{'form.ccuname'} ) {
$r->print($error.'No login name specified.'.$end);
@@ -535,7 +564,8 @@ ENDTHREEHEAD
my $amode='';
my $genpwd='';
if ($ENV{'form.login'} eq 'krb') {
- $amode='krb4';
+ $amode='krb';
+ $amode.=$ENV{'form.krbver'};
$genpwd=$ENV{'form.krbarg'};
} elsif ($ENV{'form.login'} eq 'int') {
$amode='internal';
@@ -560,7 +590,6 @@ ENDTHREEHEAD
if ($ENV{'form.makeuser'}) {
# Create a new user
$r->print(<<ENDNEWUSERHEAD);
-<h1>Create User</h1>
<h3>Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h2>
ENDNEWUSERHEAD
# Check for the authentication mode and password
@@ -596,7 +625,6 @@ ENDNEWUSERHEAD
($ENV{'form.login'} ne '' )) {
# Modify user privileges
$r->print(<<ENDMODIFYUSERHEAD);
-<h1>Change User Privileges</h1>
<h2>User "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h2>
ENDMODIFYUSERHEAD
if (! $amode || ! $genpwd) {
@@ -778,17 +806,17 @@ sub handler {
(&Apache::lonnet::allowed('cin',$ENV{'request.course.id'})) ||
(&Apache::lonnet::allowed('ccr',$ENV{'request.course.id'})) ||
(&Apache::lonnet::allowed('cep',$ENV{'request.course.id'})) ||
- (&Apache::lonnet::allowed('cca',$ENV{'user.domain'})) ||
- (&Apache::lonnet::allowed('mau',$ENV{'user.domain'}))) {
+ (&Apache::lonnet::allowed('cca',$ENV{'request.role.domain'})) ||
+ (&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'}))) {
$r->content_type('text/html');
$r->send_http_header;
unless ($ENV{'form.phase'}) {
- &phase_one($r);
+ &print_username_entry_form($r);
}
- if ($ENV{'form.phase'} eq 'two') {
- &phase_two($r);
- } elsif ($ENV{'form.phase'} eq 'three') {
- &phase_three($r);
+ if ($ENV{'form.phase'} eq 'get_user_info') {
+ &print_user_modification_page($r);
+ } elsif ($ENV{'form.phase'} eq 'update_user_data') {
+ &update_user_data($r);
}
} else {
$ENV{'user.error.msg'}=
@@ -808,6 +836,7 @@ sub course_level_table {
$thiscourse=~s:_:/:g;
my %coursedata=&Apache::lonnet::coursedescription($thiscourse);
my $area=$coursedata{'description'};
+ if (!defined($area)) { $area='Unavailable course: '.$_; }
my $bgcol=$thiscourse;
$bgcol=~s/[^8-9b-e]//g;
$bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6);