--- loncom/interface/loncreateuser.pm 2016/10/22 17:57:54 1.406.2.5 +++ loncom/interface/loncreateuser.pm 2022/11/16 14:47:57 1.406.2.20.2.2 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Create a user # -# $Id: loncreateuser.pm,v 1.406.2.5 2016/10/22 17:57:54 raeburn Exp $ +# $Id: loncreateuser.pm,v 1.406.2.20.2.2 2022/11/16 14:47:57 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -71,6 +71,7 @@ use Apache::longroup; use Apache::lonuserutils; use Apache::loncoursequeueadmin; use LONCAPA qw(:DEFAULT :match); +use HTML::Entities; my $loginscript; # piece of javascript used in two separate instances my $authformnop; @@ -160,7 +161,8 @@ END_SCRIPT '<h3>'.$lt{'usrt'}.'</h3>'."\n". &Apache::loncommon::start_data_table(); - if (&Apache::lonnet::allowed('mut',$ccdomain)) { + if ((&Apache::lonnet::allowed('mut',$ccdomain)) || + (&Apache::lonnet::allowed('udp',$ccdomain))) { $output .= &build_tools_display($ccuname,$ccdomain,'tools'); } @@ -242,6 +244,7 @@ sub build_tools_display { 'aboutme' => "Personal Information Page", 'webdav' => "WebDAV access to Authoring Spaces (if SSL and author/co-author)", 'portfolio' => "Personal User Portfolio", + 'timezone' => "Can set Time Zone", 'avai' => "Available", 'cusa' => "availability", 'chse' => "Change setting", @@ -253,6 +256,7 @@ sub build_tools_display { 'textbook' => 'Can request creation of textbook courses', 'requestauthor' => 'Can request author space', ); + $isadv = &Apache::lonnet::is_advanced_user($ccdomain,$ccuname); if ($context eq 'requestcourses') { %userenv = &Apache::lonnet::userenvironment($ccdomain,$ccuname, 'requestcourses.official','requestcourses.unofficial', @@ -265,7 +269,6 @@ sub build_tools_display { $colspan = ' colspan="2"'; %domconfig = &Apache::lonnet::get_dom('configuration',['requestcourses'],$ccdomain); - $isadv = &Apache::lonnet::is_advanced_user($ccuname,$ccdomain); } elsif ($context eq 'requestauthor') { %userenv = &Apache::lonnet::userenvironment($ccdomain,$ccuname, 'requestauthor'); @@ -279,17 +282,18 @@ sub build_tools_display { } else { %userenv = &Apache::lonnet::userenvironment($ccdomain,$ccuname, 'tools.aboutme','tools.portfolio','tools.blog', - 'tools.webdav'); - @usertools = ('aboutme','blog','webdav','portfolio'); + 'tools.webdav','tools.timezone'); + @usertools = ('aboutme','blog','webdav','portfolio','timezone'); } foreach my $item (@usertools) { my ($custom_access,$curr_access,$cust_on,$cust_off,$tool_on,$tool_off, $currdisp,$custdisp,$custradio); $cust_off = 'checked="checked" '; $tool_on = 'checked="checked" '; - $curr_access = + $curr_access = &Apache::lonnet::usertools_access($ccuname,$ccdomain,$item,undef, - $context); + $context,\%userenv,'', + {'is_adv' => $isadv}); if ($context eq 'requestauthor') { if ($userenv{$context} ne '') { $cust_on = ' checked="checked" '; @@ -426,7 +430,9 @@ sub build_tools_display { } $output .= ' <td'.$colspan.'>'.$custom_access.(' 'x4). $lt{'avai'}.': '.$currdisp.'</td>'."\n". - &Apache::loncommon::end_data_table_row()."\n". + &Apache::loncommon::end_data_table_row()."\n"; + unless (&Apache::lonnet::allowed('udp',$ccdomain)) { + $output .= &Apache::loncommon::start_data_table_row()."\n". ' <td style="vertical-align:top;"><span class="LC_nobreak">'. $lt{'chse'}.': <label>'. @@ -435,6 +441,7 @@ sub build_tools_display { '<label><input type="radio" name="custom'.$item.'" value="1" '. $cust_on.'/>'.$lt{'uscu'}.'</label>'.$custradio.'</td>'. &Apache::loncommon::end_data_table_row()."\n"; + } } return $output; } @@ -527,72 +534,6 @@ sub domainrole_req { &Apache::loncommon::end_data_table(); } -sub domadhocroles { - my ($ccuname,$ccdomain) = @_; - my $confname = &Apache::lonnet::get_domainconfiguser($env{'request.role.domain'}); - my %existing=&Apache::lonnet::dump('roles',$env{'request.role.domain'}, - $confname,'rolesdef_'); - my $output; - if (keys(%existing) > 0) { - my @current; - my $curradhoc = 'adhocroles.'.$env{'request.role.domain'}; - my %userenv = &Apache::lonnet::userenvironment($ccdomain,$ccuname,$curradhoc); - if ($userenv{$curradhoc}) { - @current = split(/,/,$userenv{$curradhoc}); - } - my %customroles; - foreach my $key (keys(%existing)) { - if ($key=~/^rolesdef\_(\w+)$/) { - my $rolename = $1; - my %privs; - ($privs{'system'},$privs{'domain'},$privs{'course'}) = split(/\_/,$existing{$key}); - $customroles{$rolename} = \%privs; - } - } - $output = '<br /><h3>'. - &mt('Ad Hoc Course Roles Selectable via Helpdesk Role'). - '</h3>'."\n". - &Apache::loncommon::start_data_table(). - &Apache::loncommon::start_data_table_header_row(). - '<th>'.&mt('Action').'</th><th>'.&mt('Role').'</th>'. - '<th>'.&mt('Privileges in Course').'<th>'. - &Apache::loncommon::end_data_table_header_row(); - foreach my $key (sort(keys(%customroles))) { - $output .= &Apache::loncommon::start_data_table_row(); - if (grep(/^\Q$key\E$/,@current)) { - $output .= '<td><label>'. - '<input type="checkbox" name="adhocroledel" value="'.$key.'" />'. - &mt('Delete').'</label>'. - '</td>'; - } else { - $output .= '<td><label>'. - '<input type="checkbox" name="adhocroleadd" value="'.$key.'" />'. - &mt('Add').'</label>'. - '</td>'; - } - $output .= '<td>'.$key.'</td><td>'; - foreach my $level ('course','domain','system') { - if ($customroles{$key}{$level}) { - my $suffix; - if (($level eq 'domain') || ($level eq 'system')) { - $suffix = ' ('.&mt($level).')'; - } - my @privs = split(/:/,$customroles{$key}{$level}); - foreach my $item (@privs) { - next if ($item eq ''); - my ($priv,$cond) = split(/\&/,$item); - $output .= &Apache::lonnet::plaintext($priv,'Course').$suffix.'<br />'; - } - } - } - $output .= '</td>'. - &Apache::loncommon::end_data_table_row(); - } - $output .= &Apache::loncommon::end_data_table(); - } - return $output; -} - sub courserequest_titles { my %titles = &Apache::lonlocal::texthash ( official => 'Official', @@ -703,7 +644,8 @@ sub curr_requestauthor { # =================================================================== Phase one sub print_username_entry_form { - my ($r,$context,$response,$srch,$forcenewuser,$crstype,$brcrum) = @_; + my ($r,$context,$response,$srch,$forcenewuser,$crstype,$brcrum, + $permission) = @_; my $defdom=$env{'request.role.domain'}; my $formtoset = 'crtuser'; if (exists($env{'form.startrolename'})) { @@ -729,13 +671,27 @@ sub print_username_entry_form { } my $helpitem = 'Course_Change_Privileges'; if ($env{'form.action'} eq 'custom') { - $helpitem = 'Course_Editing_Custom_Roles'; + if ($context eq 'course') { + $helpitem = 'Course_Editing_Custom_Roles'; + } elsif ($context eq 'domain') { + $helpitem = 'Domain_Editing_Custom_Roles'; + } } elsif ($env{'form.action'} eq 'singlestudent') { $helpitem = 'Course_Add_Student'; } elsif ($env{'form.action'} eq 'accesslogs') { $helpitem = 'Domain_User_Access_Logs'; + } elsif ($context eq 'author') { + $helpitem = 'Author_Change_Privileges'; + } elsif ($context eq 'domain') { + if ($permission->{'cusr'}) { + $helpitem = 'Domain_Change_Privileges'; + } elsif ($permission->{'view'}) { + $helpitem = 'Domain_View_Privileges'; + } else { + undef($helpitem); + } } - my %breadcrumb_text = &singleuser_breadcrumb($crstype); + my %breadcrumb_text = &singleuser_breadcrumb($crstype,$context,$defdom); if ($env{'form.action'} eq 'custom') { push(@{$brcrum}, {href=>"javascript:backPage(document.crtuser)", @@ -763,6 +719,7 @@ sub print_username_entry_form { 'srst' => 'Search for a user and enroll as a student', 'srme' => 'Search for a user and enroll as a member', 'srad' => 'Search for a user and modify/add user information or roles', + 'srvu' => 'Search for a user and view user information and roles', 'srva' => 'Search for a user and view access log information', 'usr' => "Username", 'dom' => "Domain", @@ -810,6 +767,7 @@ sub print_username_entry_form { } } else { my $actiontext = $lt{'srad'}; + my $fixeddom; if ($env{'form.action'} eq 'singlestudent') { if ($crstype eq 'Community') { $actiontext = $lt{'srme'}; @@ -818,6 +776,11 @@ sub print_username_entry_form { } } elsif ($env{'form.action'} eq 'accesslogs') { $actiontext = $lt{'srva'}; + $fixeddom = 1; + } elsif (($env{'form.action'} eq 'singleuser') && + ($context eq 'domain') && (!&Apache::lonnet::allowed('mau',$defdom))) { + $actiontext = $lt{'srvu'}; + $fixeddom = 1; } $r->print("<h3>$actiontext</h3>"); if ($env{'form.origform'} ne 'crtusername') { @@ -826,7 +789,7 @@ sub print_username_entry_form { '<br clear="all" />'); } } - $r->print(&entry_form($defdom,$srch,$forcenewuser,$context,$response,$crstype,1)); + $r->print(&entry_form($defdom,$srch,$forcenewuser,$context,$response,$crstype,$fixeddom)); } } @@ -885,11 +848,16 @@ sub entry_form { $inexact = 1; } } - my $cancreate = - &Apache::lonuserutils::can_create_user($dom,$context,$usertype); + my ($cancreate,$noinstd); + if ($env{'form.action'} eq 'accesslogs') { + $noinstd = 1; + } else { + $cancreate = + &Apache::lonuserutils::can_create_user($dom,$context,$usertype); + } my ($userpicker,$cansearch) = &Apache::loncommon::user_picker($dom,$srch,$forcenewuser, - 'document.crtuser',$cancreate,$usertype,$context,$fixeddom); + 'document.crtuser',$cancreate,$usertype,$context,$fixeddom,$noinstd); my $srchbutton = &mt('Search'); if ($env{'form.action'} eq 'singlestudent') { $srchbutton = &mt('Search and Enroll'); @@ -911,7 +879,9 @@ ENDBLOCK } else { $output = '<p>'.$userpicker.'</p>'; } - if (($env{'form.phase'} eq '') && ($env{'form.action'} ne 'accesslogs')) { + if (($env{'form.phase'} eq '') && ($env{'form.action'} ne 'accesslogs') && + (!(($env{'form.action'} eq 'singleuser') && ($context eq 'domain') && + (!&Apache::lonnet::allowed('mau',$env{'request.role.domain'}))))) { my $defdom=$env{'request.role.domain'}; my $domform = &Apache::loncommon::select_dom_form($defdom,'srchdomain'); my %lt=&Apache::lonlocal::texthash( @@ -1028,7 +998,9 @@ ENDSCRIPT 'stusrch' => "User Search to enroll student", 'memsrch' => "User Search to enroll member", 'srcva' => "Search for a user and view access log information", + 'usrvu' => "User Search to view user roles", 'usel' => "Select a user to add/modify roles", + 'suvr' => "Select a user to view roles", 'stusel' => "Select a user to enroll as a student", 'memsel' => "Select a user to enroll as a member", 'vacsel' => "Select a user to view access log", @@ -1041,12 +1013,16 @@ ENDSCRIPT if ($context eq 'requestcrs') { $r->print('<div>'); } else { - my %breadcrumb_text = &singleuser_breadcrumb($crstype); + my %breadcrumb_text = &singleuser_breadcrumb($crstype,$context,$srch->{'srchdomain'}); my $helpitem; if ($env{'form.action'} eq 'singleuser') { $helpitem = 'Course_Change_Privileges'; } elsif ($env{'form.action'} eq 'singlestudent') { $helpitem = 'Course_Add_Student'; + } elsif ($context eq 'author') { + $helpitem = 'Author_Change_Privileges'; + } elsif ($context eq 'domain') { + $helpitem = 'Domain_Change_Privileges'; } push (@{$brcrum}, {href => "javascript:backPage(document.usersrchform,'','')", @@ -1061,9 +1037,19 @@ ENDSCRIPT ); $r->print(&Apache::loncommon::start_page('User Management',$jscript,{bread_crumbs => $brcrum})); if ($env{'form.action'} eq 'singleuser') { - $r->print("<b>$lt{'usrch'}</b><br />"); + my $readonly; + if (($context eq 'domain') && (!&Apache::lonnet::allowed('mau',$srch->{'srchdomain'}))) { + $readonly = 1; + $r->print("<b>$lt{'usrvu'}</b><br />"); + } else { + $r->print("<b>$lt{'usrch'}</b><br />"); + } $r->print(&entry_form($srch->{'srchdomain'},$srch,undef,$context,undef,$crstype)); - $r->print('<h3>'.$lt{'usel'}.'</h3>'); + if ($readonly) { + $r->print('<h3>'.$lt{'suvr'}.'</h3>'); + } else { + $r->print('<h3>'.$lt{'usel'}.'</h3>'); + } } elsif ($env{'form.action'} eq 'singlestudent') { $r->print($jscript."<b>"); if ($crstype eq 'Community') { @@ -1082,7 +1068,7 @@ ENDSCRIPT $r->print('</h3>'); } elsif ($env{'form.action'} eq 'accesslogs') { $r->print("<b>$lt{'srcva'}</b><br />"); - $r->print(&entry_form($srch->{'srchdomain'},$srch,undef,'accesslogs',undef,undef,1)); + $r->print(&entry_form($srch->{'srchdomain'},$srch,undef,$context,undef,undef,1)); $r->print('<h3>'.$lt{'vacsel'}.'</h3>'); } } @@ -1163,7 +1149,8 @@ sub print_user_modification_page { if (($ccuname eq '') || ($ccdomain eq '')) { my $usermsg = &mt('No username and/or domain provided.'); $env{'form.phase'} = ''; - &print_username_entry_form($r,$context,$usermsg,'','',$crstype,$brcrum); + &print_username_entry_form($r,$context,$usermsg,'','',$crstype,$brcrum, + $permission); return; } my ($form,$formname); @@ -1202,12 +1189,18 @@ sub print_user_modification_page { } $response .= '<p class="LC_warning">' .&mt("You are not authorized to create new $usertypetext{$usertype} users in this domain.") - .' ' - .&mt('Please contact the [_1]helpdesk[_2] for assistance.' - ,'<a href="'.$helplink.'">','</a>') - .'</p><br />'; + .' '; + if ($context eq 'domain') { + $response .= &mt('Please contact a [_1] for assistance.', + &Apache::lonnet::plaintext('dc')); + } else { + $response .= &mt('Please contact the [_1]helpdesk[_2] for assistance.' + ,'<a href="'.$helplink.'">','</a>'); + } + $response .= '</p><br />'; $env{'form.phase'} = ''; - &print_username_entry_form($r,$context,$response,undef,undef,$crstype,$brcrum); + &print_username_entry_form($r,$context,$response,undef,undef,$crstype,$brcrum, + $permission); return; } $newuser = 1; @@ -1231,7 +1224,8 @@ sub print_user_modification_page { 'username'); } $env{'form.phase'} = ''; - &print_username_entry_form($r,$context,$userchkmsg,undef,undef,$crstype,$brcrum); + &print_username_entry_form($r,$context,$userchkmsg,undef,undef,$crstype,$brcrum, + $permission); return; } } @@ -1252,10 +1246,14 @@ sub print_user_modification_page { my $js = &validation_javascript($context,$ccdomain,$pjump_def,$crstype, $groupslist,$newuser,$formname,\%loaditem); - my %breadcrumb_text = &singleuser_breadcrumb($crstype); + my %breadcrumb_text = &singleuser_breadcrumb($crstype,$context,$ccdomain); my $helpitem = 'Course_Change_Privileges'; if ($env{'form.action'} eq 'singlestudent') { $helpitem = 'Course_Add_Student'; + } elsif ($context eq 'author') { + $helpitem = 'Author_Change_Privileges'; + } elsif ($context eq 'domain') { + $helpitem = 'Domain_Change_Privileges'; } push (@{$brcrum}, {href => "javascript:backPage($form)", @@ -1318,7 +1316,7 @@ ENDFORMINFO } my $title = ''; if ($newuser) { - my ($portfolioform,$domroleform,$adhocroleform); + my ($portfolioform,$domroleform); if ((&Apache::lonnet::allowed('mpq',$env{'request.role.domain'})) || (&Apache::lonnet::allowed('mut',$env{'request.role.domain'}))) { # Current user has quota or user tools modification privileges @@ -1328,12 +1326,6 @@ ENDFORMINFO ($ccdomain eq $env{'request.role.domain'})) { $domroleform = '<br />'.&domainrole_req($ccuname,$ccdomain); } - if (&Apache::lonnet::allowed('cdh',$env{'request.role.domain'})) { - $adhocroleform = &domadhocroles($ccuname,$ccdomain); - if ($adhocroleform) { - $adhocroleform = '<br />'.$adhocroleform; - } - } &initialize_authen_forms($ccdomain,$formname); my %lt=&Apache::lonlocal::texthash( 'lg' => 'Login Data', @@ -1444,7 +1436,7 @@ ENDAUTH } else { $r->print(&Apache::lonuserutils::set_login($ccdomain,$authformkrb,$authformint,$authformloc)); } - $r->print($portfolioform.$domroleform.$adhocroleform); + $r->print($portfolioform.$domroleform); if ($env{'form.action'} eq 'singlestudent') { $r->print(&date_sections_select($context,$newuser,$formname, $permission,$crstype,$ccuname, @@ -1462,14 +1454,20 @@ ENDAUTH '"'.$ccuname.'"','"'.$ccdomain.'"'); } } else { - $title = &mt('Modify existing user: [_1] in domain [_2]', + if ($permission->{'cusr'}) { + $title = &mt('Modify existing user: [_1] in domain [_2]', + '"'.$ccuname.'"','"'.$ccdomain.'"'); + } else { + $title = &mt('Existing user: [_1] in domain [_2]', '"'.$ccuname.'"','"'.$ccdomain.'"'); + } } $r->print('<h2>'.$title.'</h2>'."\n"); $r->print('<div class="LC_left_float">'); $r->print(&personal_data_display($ccuname,$ccdomain,$newuser,$context, $inst_results{$ccuname.':'.$ccdomain})); - if (&Apache::lonnet::allowed('ccc',$env{'request.role.domain'})) { + if ((&Apache::lonnet::allowed('ccc',$env{'request.role.domain'})) || + (&Apache::lonnet::allowed('udp',$env{'request.role.domain'}))) { $r->print('<br /><h3>'.&mt('User Can Request Creation of Courses/Communities in this Domain?').'</h3>'. &Apache::loncommon::start_data_table()); if ($env{'request.role.domain'} eq $ccdomain) { @@ -1481,21 +1479,20 @@ ENDAUTH $r->print(&Apache::loncommon::end_data_table()); } $r->print('</div>'); - my @order = ('auth','quota','tools','requestauthor','adhocroles'); + my @order = ('auth','quota','tools','requestauthor'); my %user_text; my ($isadv,$isauthor) = - &Apache::lonnet::is_advanced_user($ccuname,$ccdomain); + &Apache::lonnet::is_advanced_user($ccdomain,$ccuname); if ((!$isauthor) && - (&Apache::lonnet::allowed('cau',$env{'request.role.domain'})) - && ($env{'request.role.domain'} eq $ccdomain)) { + ((&Apache::lonnet::allowed('cau',$env{'request.role.domain'})) || + (&Apache::lonnet::allowed('udp',$env{'request.role.domain'}))) && + ($env{'request.role.domain'} eq $ccdomain)) { $user_text{'requestauthor'} = &domainrole_req($ccuname,$ccdomain); } - if (&Apache::lonnet::allowed('cdh',$env{'request.role.domain'})) { - $user_text{'adhocroles'} = &domadhocroles($ccuname,$ccdomain); - } - $user_text{'auth'} = &user_authentication($ccuname,$ccdomain,$formname); + $user_text{'auth'} = &user_authentication($ccuname,$ccdomain,$formname,$crstype,$permission); if ((&Apache::lonnet::allowed('mpq',$ccdomain)) || - (&Apache::lonnet::allowed('mut',$ccdomain))) { + (&Apache::lonnet::allowed('mut',$ccdomain)) || + (&Apache::lonnet::allowed('udp',$ccdomain))) { # Current user has quota modification privileges $user_text{'quota'} = &user_quotas($ccuname,$ccdomain); } @@ -1553,9 +1550,18 @@ ENDNOTOOLSPRIV if ($gotdiv) { $r->print('</div><div class="LC_clear_float_footer"></div>'); } + my $statuses; + if (($context eq 'domain') && (&Apache::lonnet::allowed('udp',$ccdomain)) && + (!&Apache::lonnet::allowed('mau',$ccdomain))) { + $statuses = ['active']; + } elsif (($context eq 'course') && ((&Apache::lonnet::allowed('vcl',$env{'request.course.id'})) || + ($env{'request.course.sec'} && + &Apache::lonnet::allowed('vcl',$env{'request.course.id'}.'/'.$env{'request.course.sec'})))) { + $statuses = ['active']; + } if ($env{'form.action'} ne 'singlestudent') { &display_existing_roles($r,$ccuname,$ccdomain,\%inccourses,$context, - $roledom,$crstype); + $roledom,$crstype,$showcredits,$statuses); } } ## End of new user/old user logic if ($env{'form.action'} eq 'singlestudent') { @@ -1566,7 +1572,7 @@ ENDNOTOOLSPRIV $btntxt = &mt('Enroll Student'); } $r->print('<br /><input type="button" value="'.$btntxt.'" onclick="setSections(this.form)" />'."\n"); - } else { + } elsif ($permission->{'cusr'}) { $r->print('<div class="LC_left_float">'. '<fieldset><legend>'.&mt('Add Roles').'</legend>'); my $addrolesdisplay = 0; @@ -1588,7 +1594,7 @@ ENDNOTOOLSPRIV if ($newuser) { $r->print(' onclick="auth_check()" \>'."\n"); } else { - $r->print('onclick="this.form.submit()" \>'."\n"); + $r->print(' onclick="this.form.submit()" \>'."\n"); } } else { $r->print('</fieldset></div>'. @@ -1609,7 +1615,7 @@ ENDNOTOOLSPRIV } sub singleuser_breadcrumb { - my ($crstype) = @_; + my ($crstype,$context,$domain) = @_; my %breadcrumb_text; if ($env{'form.action'} eq 'singlestudent') { if ($crstype eq 'Community') { @@ -1617,16 +1623,21 @@ sub singleuser_breadcrumb { } else { $breadcrumb_text{'search'} = 'Enroll a student'; } - $breadcrumb_text{'userpicked'} = 'Select a user', - $breadcrumb_text{'modify'} = 'Set section/dates', + $breadcrumb_text{'userpicked'} = 'Select a user'; + $breadcrumb_text{'modify'} = 'Set section/dates'; } elsif ($env{'form.action'} eq 'accesslogs') { $breadcrumb_text{'search'} = 'View access logs for a user'; - $breadcrumb_text{'userpicked'} = 'Select a user', - $breadcrumb_text{'activity'} = 'Activity', + $breadcrumb_text{'userpicked'} = 'Select a user'; + $breadcrumb_text{'activity'} = 'Activity'; + } elsif (($env{'form.action'} eq 'singleuser') && ($context eq 'domain') && + (!&Apache::lonnet::allowed('mau',$domain))) { + $breadcrumb_text{'search'} = "View user's roles"; + $breadcrumb_text{'userpicked'} = 'Select a user'; + $breadcrumb_text{'modify'} = 'User roles'; } else { $breadcrumb_text{'search'} = 'Create/modify a user'; - $breadcrumb_text{'userpicked'} = 'Select a user', - $breadcrumb_text{'modify'} = 'Set user role', + $breadcrumb_text{'userpicked'} = 'Select a user'; + $breadcrumb_text{'modify'} = 'Set user role'; } return %breadcrumb_text; } @@ -1696,8 +1707,22 @@ sub validation_javascript { sub display_existing_roles { my ($r,$ccuname,$ccdomain,$inccourses,$context,$roledom,$crstype, - $showcredits) = @_; + $showcredits,$statuses) = @_; my $now=time; + my $showall = 1; + my ($showexpired,$showactive); + if ((ref($statuses) eq 'ARRAY') && (@{$statuses} > 0)) { + $showall = 0; + if (grep(/^expired$/,@{$statuses})) { + $showexpired = 1; + } + if (grep(/^active$/,@{$statuses})) { + $showactive = 1; + } + if ($showexpired && $showactive) { + $showall = 1; + } + } my %lt=&Apache::lonlocal::texthash( 'rer' => "Existing Roles", 'rev' => "Revoke", @@ -1761,6 +1786,13 @@ sub display_existing_roles { $area =~ s/\_\w\w$//; my ($role_code,$role_end_time,$role_start_time) = split(/_/,$role); + my $active=1; + $active=0 if (($role_end_time) && ($now>$role_end_time)); + if ($active) { + next unless($showall || $showactive); + } else { + next unless($showall || $showexpired); + } # Is this a custom role? Get role owner and title. my ($croleudom,$croleuname,$croletitle)= ($role_code=~m{^cr/($match_domain)/($match_username)/(\w+)$}); @@ -1769,11 +1801,13 @@ sub display_existing_roles { my $sortkey=$role_code; my $class='Unknown'; my $credits=''; - if ($area =~ m{^/($match_domain)/($match_courseid)} ) { + my $csec; + if ($area =~ m{^/($match_domain)/($match_courseid)}) { $class='Course'; my ($coursedom,$coursedir) = ($1,$2); my $cid = $1.'_'.$2; # $1.'_'.$2 is the course id (eg. 103_12345abcef103l3). + next if ($envkey =~ m{^/$match_domain/$match_courseid/[A-Za-z0-9]+_gr$}); my %coursedata= &Apache::lonnet::coursedescription($cid); if ($coursedir =~ /^$match_community$/) { @@ -1831,12 +1865,13 @@ sub display_existing_roles { $thisrole.='.'.$role_code; } } - if ($area=~m{^/($match_domain)/($match_courseid)/(\w+)}) { - $carea.='<br />'.&mt('Section: [_1]',$3); - $sortkey.="\0$3"; + if ($area=~m{^/($match_domain/$match_courseid/(\w+))}) { + $csec = $2; + $carea.='<br />'.&mt('Section: [_1]',$csec); + $sortkey.="\0$csec"; if (!$allowed) { - if ($env{'request.course.sec'} eq $3) { - if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2.'/'.$3)) { + if ($env{'request.course.sec'} eq $csec) { + if (&Apache::lonnet::allowed('c'.$role_code,$1)) { $allowed = 1; } } @@ -1878,29 +1913,30 @@ sub display_existing_roles { } } my $row = ''; - $row.= '<td>'; - my $active=1; - $active=0 if (($role_end_time) && ($now>$role_end_time)); - if (($active) && ($allowed)) { - $row.= '<input type="checkbox" name="rev:'.$thisrole.'" />'; - } else { - if ($active) { - $row.=' '; + if ($showall) { + $row.= '<td>'; + if (($active) && ($allowed)) { + $row.= '<input type="checkbox" name="rev:'.$thisrole.'" />'; } else { - $row.=&mt('expired or revoked'); + if ($active) { + $row.=' '; + } else { + $row.=&mt('expired or revoked'); + } } - } - $row.='</td><td>'; - if ($allowed && !$active) { - $row.= '<input type="checkbox" name="ren:'.$thisrole.'" />'; - } else { - $row.=' '; - } - $row.='</td><td>'; - if ($delallowed) { - $row.= '<input type="checkbox" name="del:'.$thisrole.'" />'; - } else { - $row.=' '; + $row.='</td><td>'; + if ($allowed && !$active) { + $row.= '<input type="checkbox" name="ren:'.$thisrole.'" />'; + } else { + $row.=' '; + } + $row.='</td><td>'; + if ($delallowed) { + $row.= '<input type="checkbox" name="del:'.$thisrole.'" />'; + } else { + $row.=' '; + } + $row.= '</td>'; } my $plaintext=''; if (!$croletitle) { @@ -1918,17 +1954,31 @@ sub display_existing_roles { '<br />', $croleuname.':'.$croleudom); } - $row.= '</td><td>'.$plaintext. - '</td><td>'.$area. - '</td><td>'.($role_start_time?&Apache::lonlocal::locallocaltime($role_start_time) - : ' ' ). - '</td><td>'.($role_end_time ?&Apache::lonlocal::locallocaltime($role_end_time) - : ' ' ) - ."</td>"; + $row.= '<td>'.$plaintext.'</td>'. + '<td>'.$area.'</td>'. + '<td>'.($role_start_time?&Apache::lonlocal::locallocaltime($role_start_time) + : ' ' ).'</td>'. + '<td>'.($role_end_time ?&Apache::lonlocal::locallocaltime($role_end_time) + : ' ' ).'</td>'; $sortrole{$sortkey}=$envkey; $roletext{$envkey}=$row; $roleclass{$envkey}=$class; - $rolepriv{$envkey}=$allowed; + if ($allowed) { + $rolepriv{$envkey}='edit'; + } else { + if ($context eq 'domain') { + if ((&Apache::lonnet::allowed('vur',$ccdomain)) && + ($envkey=~m{^/$ccdomain/})) { + $rolepriv{$envkey}='view'; + } + } elsif ($context eq 'course') { + if ((&Apache::lonnet::allowed('vcl',$env{'request.course.id'})) || + ($env{'request.course.sec'} && ($env{'request.course.sec'} eq $csec) && + &Apache::lonnet::allowed('vcl',$env{'request.course.id'}.'/'.$env{'request.course.sec'}))) { + $rolepriv{$envkey}='view'; + } + } + } } # end of foreach (table building loop) my $rolesdisplay = 0; @@ -1961,15 +2011,28 @@ sub display_existing_roles { } elsif ($env{'request.role'} =~ /^au\./) { $contextrole = &mt('Existing Co-Author Roles in your Authoring Space'); } else { - $contextrole = &mt('Existing Roles in this Domain'); + if ($showall) { + $contextrole = &mt('Existing Roles in this Domain'); + } elsif ($showactive) { + $contextrole = &mt('Unexpired Roles in this Domain'); + } elsif ($showexpired) { + $contextrole = &mt('Expired or Revoked Roles in this Domain'); + } } $r->print('<div class="LC_left_float">'. '<fieldset><legend>'.$contextrole.'</legend>'. &Apache::loncommon::start_data_table("LC_createuser"). -&Apache::loncommon::start_data_table_header_row(). -'<th>'.$lt{'rev'}.'</th><th>'.$lt{'ren'}.'</th><th>'.$lt{'del'}. -'</th><th>'.$lt{'rol'}.'</th><th>'.$lt{'ext'}. -'</th><th>'.$lt{'sta'}.'</th><th>'.$lt{'end'}.'</th>'. +&Apache::loncommon::start_data_table_header_row()); + if ($showall) { + $r->print( +'<th>'.$lt{'rev'}.'</th><th>'.$lt{'ren'}.'</th><th>'.$lt{'del'}.'</th>' + ); + } elsif ($showexpired) { + $r->print('<th>'.$lt{'rev'}.'</th>'); + } + $r->print( +'<th>'.$lt{'rol'}.'</th><th>'.$lt{'ext'}.'</th>'. +'<th>'.$lt{'sta'}.'</th><th>'.$lt{'end'}.'</th>'. &Apache::loncommon::end_data_table_header_row()); foreach my $type ('Authoring Space','Course','Community','Domain','System','Unknown') { if ($output{$type}) { @@ -2104,19 +2167,19 @@ sub new_domain_roles { } sub user_authentication { - my ($ccuname,$ccdomain,$formname) = @_; + my ($ccuname,$ccdomain,$formname,$crstype,$permission) = @_; my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain); my $outcome; + my %lt=&Apache::lonlocal::texthash( + 'err' => "ERROR", + 'uuas' => "This user has an unrecognized authentication scheme", + 'adcs' => "Please alert a domain coordinator of this situation", + 'sldb' => "Please specify login data below", + 'ld' => "Login Data" + ); # Check for a bad authentication type if ($currentauth !~ /^(krb4|krb5|unix|internal|localauth):/) { # bad authentication scheme - my %lt=&Apache::lonlocal::texthash( - 'err' => "ERROR", - 'uuas' => "This user has an unrecognized authentication scheme", - 'adcs' => "Please alert a domain coordinator of this situation", - 'sldb' => "Please specify login data below", - 'ld' => "Login Data" - ); if (&Apache::lonnet::allowed('mau',$ccdomain)) { &initialize_authen_forms($ccdomain,$formname); @@ -2147,11 +2210,6 @@ ENDBADAUTH &modify_login_block($ccdomain,$currentauth); if (&Apache::lonnet::allowed('mau',$ccdomain)) { # Current user has login modification privileges - my %lt=&Apache::lonlocal::texthash ( - 'ld' => "Login Data", - 'ccld' => "Change Current Login Data", - 'enld' => "Enter New Login Data" - ); $outcome = '<script type="text/javascript" language="Javascript">'."\n". '// <![CDATA['."\n". @@ -2162,7 +2220,7 @@ ENDBADAUTH &Apache::loncommon::start_data_table(). &Apache::loncommon::start_data_table_row(). '<td>'.$authformnop; - if ($can_modify) { + if (($can_modify) && (&Apache::lonnet::allowed('mau',$ccdomain))) { $outcome .= '</td>'."\n". &Apache::loncommon::end_data_table_row(). &Apache::loncommon::start_data_table_row(). @@ -2172,14 +2230,77 @@ ENDBADAUTH $outcome .= ' ('.$authformcurrent.')</td>'. &Apache::loncommon::end_data_table_row()."\n"; } - foreach my $item (@authform_others) { - $outcome .= &Apache::loncommon::start_data_table_row(). - '<td>'.$item.'</td>'. - &Apache::loncommon::end_data_table_row()."\n"; + if (&Apache::lonnet::allowed('mau',$ccdomain)) { + foreach my $item (@authform_others) { + $outcome .= &Apache::loncommon::start_data_table_row(). + '<td>'.$item.'</td>'. + &Apache::loncommon::end_data_table_row()."\n"; + } } $outcome .= &Apache::loncommon::end_data_table(); } else { - if (&Apache::lonnet::allowed('mau',$env{'request.role.domain'})) { + if (($currentauth =~ /^internal:/) && + (&Apache::lonuserutils::can_change_internalpass($ccuname,$ccdomain,$crstype,$permission))) { + $outcome = <<"ENDJS"; +<script type="text/javascript"> +// <![CDATA[ +function togglePwd(form) { + if (form.newintpwd.length) { + if (document.getElementById('LC_ownersetpwd')) { + for (var i=0; i<form.newintpwd.length; i++) { + if (form.newintpwd[i].checked) { + if (form.newintpwd[i].value == 1) { + document.getElementById('LC_ownersetpwd').style.display = 'inline-block'; + } else { + document.getElementById('LC_ownersetpwd').style.display = 'none'; + } + } + } + } + } +} +// ]]> +</script> +ENDJS + + $outcome .= '<h3>'.$lt{'ld'}.'</h3>'. + &Apache::loncommon::start_data_table(). + &Apache::loncommon::start_data_table_row(). + '<td>'.&mt('Internally authenticated').'<br />'.&mt("Change user's password?"). + '<label><input type="radio" name="newintpwd" value="0" checked="checked" onclick="togglePwd(this.form);" />'. + &mt('No').'</label>'.(' 'x2). + '<label><input type="radio" name="newintpwd" value="1" onclick="togglePwd(this.form);" />'.&mt('Yes').'</label>'. + '<div id="LC_ownersetpwd" style="display:none">'. + ' '.&mt('Password').' <input type="password" size="15" name="intarg" value="" />'. + '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.intarg.type='."'text'".' } else { this.form.intarg.type='."'password'".' }" />'.&mt('Visible input').'</label></div></td>'. + &Apache::loncommon::end_data_table_row(). + &Apache::loncommon::end_data_table(); + } + if (&Apache::lonnet::allowed('udp',$ccdomain)) { + # Current user has rights to view domain preferences for user's domain + my $result; + if ($currentauth =~ /^krb(4|5):([^:]*)$/) { + my ($krbver,$krbrealm) = ($1,$2); + if ($krbrealm eq '') { + $result = &mt('Currently Kerberos authenticated, Version [_1].',$krbver); + } else { + $result = &mt('Currently Kerberos authenticated with domain [_1] Version [_2].', + $krbrealm,$krbver); + } + } elsif ($currentauth =~ /^internal:/) { + $result = &mt('Currently internally authenticated.'); + } elsif ($currentauth =~ /^localauth:/) { + $result = &mt('Currently using local (institutional) authentication.'); + } elsif ($currentauth =~ /^unix:/) { + $result = &mt('Currently Filesystem Authenticated.'); + } + $outcome = '<h3>'.$lt{'ld'}.'</h3>'. + &Apache::loncommon::start_data_table(). + &Apache::loncommon::start_data_table_row(). + '<td>'.$result.'</td>'. + &Apache::loncommon::end_data_table_row()."\n". + &Apache::loncommon::end_data_table(); + } elsif (&Apache::lonnet::allowed('mau',$env{'request.role.domain'})) { my %lt=&Apache::lonlocal::texthash( 'ccld' => "Change Current Login Data", 'yodo' => "You do not have privileges to modify the authentication configuration for this user.", @@ -2263,8 +2384,8 @@ sub modify_login_block { } sub personal_data_display { - my ($ccuname,$ccdomain,$newuser,$context,$inst_results,$rolesarray, - $now,$captchaform,$emailusername,$usertype) = @_; + my ($ccuname,$ccdomain,$newuser,$context,$inst_results,$rolesarray,$now, + $captchaform,$emailusername,$usertype,$usernameset,$condition,$excluded,$showsubmit) = @_; my ($output,%userenv,%canmodify,%canmodify_status); my @userinfo = ('firstname','middlename','lastname','generation', 'permanentemail','id'); @@ -2291,6 +2412,7 @@ sub personal_data_display { 'inststatus' => "Affiliation", 'email' => 'E-mail address', 'valid' => 'Validation', + 'username' => 'Username', ); %canmodify_status = @@ -2309,7 +2431,7 @@ sub personal_data_display { if (ref($emailusername) eq 'HASH') { if (ref($emailusername->{$usertype}) eq 'HASH') { my ($infofields,$infotitles) = &Apache::loncommon::emailusername_info(); - @userinfo = (); + @userinfo = (); if ((ref($infofields) eq 'ARRAY') && (ref($infotitles) eq 'HASH')) { foreach my $field (@{$infofields}) { if ($emailusername->{$usertype}->{$field}) { @@ -2339,9 +2461,38 @@ sub personal_data_display { $output = '<h3>'.$lt{'pd'}.'</h3>'. &Apache::lonhtmlcommon::start_pick_box(); if (($context eq 'selfcreate') && ($newuser eq 'email')) { + my $size = 25; + if ($condition) { + if ($condition =~ /^\@[^\@]+$/) { + $size = 10; + } else { + undef($condition); + } + } + if ($excluded) { + unless ($excluded =~ /^\@[^\@]+$/) { + undef($condition); + } + } $output .= &Apache::lonhtmlcommon::row_title($lt{'email'}.'<b>*</b>',undef, 'LC_oddrow_value')."\n". - '<input type="text" name="uname" size="25" value="" autocomplete="off" />'; + '<input type="text" name="uname" size="'.$size.'" value="" autocomplete="off" />'; + if ($condition) { + $output .= $condition; + } elsif ($excluded) { + $output .= '<br /><span style="font-size: smaller">'.&mt('You must use an e-mail address that does not end with [_1]', + $excluded).'</span>'; + } + if ($usernameset eq 'first') { + $output .= '<br /><span style="font-size: smaller">'; + if ($condition) { + $output .= &mt('Your username in LON-CAPA will be the part of your e-mail address before [_1]', + $condition); + } else { + $output .= &mt('Your username in LON-CAPA will be the part of your e-mail address before the @'); + } + $output .= '</span>'; + } $rowcount ++; $output .= &Apache::lonhtmlcommon::row_closure(1); my $upassone = '<input type="password" name="upass'.$now.'" size="20" autocomplete="off" />'; @@ -2356,6 +2507,20 @@ sub personal_data_display { 'LC_oddrow_value')."\n". $upasstwo. &Apache::lonhtmlcommon::row_closure()."\n"; + if ($usernameset eq 'free') { + my $onclick = "toggleUsernameDisp(this,'selfcreateusername');"; + $output .= &Apache::lonhtmlcommon::row_title($lt{'username'},undef,'LC_oddrow_value')."\n". + '<span class="LC_nobreak">'.&mt('Use e-mail address: '). + '<label><input type="radio" name="emailused" value="1" checked="checked" onclick="'.$onclick.'" />'. + &mt('Yes').'</label>'.(' 'x2). + '<label><input type="radio" name="emailused" value="0" onclick="'.$onclick.'" />'. + &mt('No').'</label></span>'."\n". + '<div id="selfcreateusername" style="display: none; font-size: smaller">'. + '<br /><span class="LC_nobreak">'.&mt('Preferred username'). + ' <input type="text" name="username" value="" size="20" autocomplete="off"/>'. + '</span></div>'."\n".&Apache::lonhtmlcommon::row_closure(1); + $rowcount ++; + } } foreach my $item (@userinfo) { my $rowtitle = $lt{$item}; @@ -2457,12 +2622,16 @@ sub personal_data_display { &Apache::lonhtmlcommon::row_closure(1); $rowcount ++; } - my $submit_text = &mt('Create account'); - $output .= &Apache::lonhtmlcommon::row_title()."\n". - '<br /><input type="submit" name="createaccount" value="'. - $submit_text.'" />'. - '<input type="hidden" name="type" value="'.$usertype.'" />'. - &Apache::lonhtmlcommon::row_closure(1); + if ($showsubmit) { + my $submit_text = &mt('Create account'); + $output .= &Apache::lonhtmlcommon::row_title()."\n". + '<br /><input type="submit" name="createaccount" value="'. + $submit_text.'" />'; + if ($usertype ne '') { + $output .= '<input type="hidden" name="type" value="'.$usertype.'" />'. + &Apache::lonhtmlcommon::row_closure(1); + } + } } $output .= &Apache::lonhtmlcommon::end_pick_box(); if (wantarray) { @@ -2546,7 +2715,7 @@ sub get_inststatuses { # ================================================================= Phase Three sub update_user_data { - my ($r,$context,$crstype,$brcrum,$showcredits) = @_; + my ($r,$context,$crstype,$brcrum,$showcredits,$permission) = @_; my $uhome=&Apache::lonnet::homeserver($env{'form.ccuname'}, $env{'form.ccdomain'}); # Error messages @@ -2570,7 +2739,7 @@ sub update_user_data { $jsback."\n". '// ]]>'."\n". '</script>'."\n"; - my %breadcrumb_text = &singleuser_breadcrumb($crstype); + my %breadcrumb_text = &singleuser_breadcrumb($crstype,$context,$env{'form.ccdomain'}); push (@{$brcrum}, {href => "javascript:backPage(document.userupdate)", text => $breadcrumb_text{'search'}, @@ -2587,6 +2756,10 @@ sub update_user_data { my $helpitem = 'Course_Change_Privileges'; if ($env{'form.action'} eq 'singlestudent') { $helpitem = 'Course_Add_Student'; + } elsif ($context eq 'author') { + $helpitem = 'Author_Change_Privileges'; + } elsif ($context eq 'domain') { + $helpitem = 'Domain_Change_Privileges'; } push(@{$brcrum}, {href => "javascript:backPage(document.userupdate,'$env{'form.prevphase'}','modify')", @@ -2678,7 +2851,7 @@ sub update_user_data { my (%alerts,%rulematch,%inst_results,%curr_rules); my @userinfo = ('firstname','middlename','lastname','generation','permanentemail','id'); - my @usertools = ('aboutme','blog','webdav','portfolio'); + my @usertools = ('aboutme','blog','webdav','portfolio','timezone'); my @requestcourses = ('official','unofficial','community','textbook'); my @requestauthor = ('requestauthor'); my ($othertitle,$usertypes,$types) = @@ -2789,12 +2962,6 @@ sub update_user_data { $newcustom{'requestauthor'}, \%changeHash,'requestauthor'); } - if (&Apache::lonnet::allowed('cdh',$env{'request.role.domain'})) { - my @adds = &Apache::loncommon::get_env_multiple('form.adhocroleadd'); - if (&adhocrole_changes(\%changeHash)) { - $changed{'adhocroles.'.$env{'request.role.domain'}} = $changeHash{'adhocroles.'.$env{'request.role.domain'}}; - } - } } if ($canmodify_status{'inststatus'}) { if (exists($env{'form.inststatus'})) { @@ -2814,7 +2981,7 @@ sub update_user_data { $env{'form.ccdomain'},$env{'form.ccuname'}); } } - $r->print('<br />'.&mt('Home server').': '.$uhome.' '. + $r->print('<br />'.&mt('Home Server').': '.$uhome.' '. &Apache::lonnet::hostname($uhome)); } elsif (($env{'form.login'} ne 'nochange') && ($env{'form.login'} ne '' )) { @@ -2829,12 +2996,19 @@ sub update_user_data { &Apache::lonnet::modifyuserauth( $env{'form.ccdomain'},$env{'form.ccuname'}, $amode,$genpwd)); - $r->print('<br />'.&mt('Home server').': '.&Apache::lonnet::homeserver + $r->print('<br />'.&mt('Home Server').': '.&Apache::lonnet::homeserver ($env{'form.ccuname'},$env{'form.ccdomain'})); } else { # Okay, this is a non-fatal error. - $r->print($error.&mt('You do not have the authority to modify this users authentication information.').$end); + $r->print($error.&mt('You do not have privileges to modify the authentication configuration for this user.').$end); } + } elsif (($env{'form.intarg'} ne '') && + (&Apache::lonnet::queryauthenticate($env{'form.ccuname'},$env{'form.ccdomain'}) =~ /^internal:/) && + (&Apache::lonuserutils::can_change_internalpass($env{'form.ccuname'},$env{'form.ccdomain'},$crstype,$permission))) { + $r->print('Modifying authentication: '. + &Apache::lonnet::modifyuserauth( + $env{'form.ccdomain'},$env{'form.ccuname'}, + 'internal',$env{'form.intarg'})); } $r->rflush(); # Finish display of header before time consuming actions start &Apache::lonhtmlcommon::Increment_PrgWin($r,\%prog_state); @@ -2853,12 +3027,13 @@ sub update_user_data { my %userenv = &Apache::lonnet::get ('environment',['firstname','middlename','lastname','generation', 'id','permanentemail','portfolioquota','authorquota','inststatus', - 'tools.aboutme','tools.blog','tools.webdav','tools.portfolio', + 'tools.aboutme','tools.blog','tools.webdav', + 'tools.portfolio','tools.timezone', 'requestcourses.official','requestcourses.unofficial', 'requestcourses.community','requestcourses.textbook', 'reqcrsotherdom.official','reqcrsotherdom.unofficial', 'reqcrsotherdom.community','reqcrsotherdom.textbook', - 'requestauthor','adhocroles.'.$env{'request.role.domain'}], + 'requestauthor'], $env{'form.ccdomain'},$env{'form.ccuname'}); my ($tmp) = keys(%userenv); if ($tmp =~ /^(con_lost|error)/i) { @@ -2997,7 +3172,6 @@ sub update_user_data { &Apache::loncommon::default_quota($env{'form.ccdomain'},$oldinststatus,$name); ($newdefquota{$name},$newsettingstatus{$name}) = ($olddefquota{$name},$oldsettingstatus{$name}); } - push(@disporder,'adhocroles'); my %canshow; if (&Apache::lonnet::allowed('mpq',$env{'form.ccdomain'})) { $canshow{'quota'} = 1; @@ -3016,9 +3190,6 @@ sub update_user_data { if (&Apache::lonnet::allowed('cau',$env{'form.ccdomain'})) { $canshow{'requestauthor'} = 1; } - if (&Apache::lonnet::allowed('cdh',$env{'request.role.domain'})) { - $canshow{'adhocroles'} = 1; - } my (%changeHash,%changed); if ($oldinststatus eq '') { $oldsettings{'inststatus'} = $othertitle; @@ -3132,14 +3303,6 @@ sub update_user_data { &tool_changes('reqcrsotherdom',\@requestcourses,\%oldsettings,\%oldsettingstext, \%userenv,\%changeHash,\%changed,\%newsettings,\%newsettingstext); } - if ($userenv{'adhocroles.'.$env{'request.role.domain'}}) { - $changeHash{'adhocroles.'.$env{'request.role.domain'}} = $userenv{'adhocroles.'.$env{'request.role.domain'}}; - } - if (&adhocrole_changes(\%changeHash,\%userenv)) { - $changed{'adhocroles'} = 1; - $oldsettings{'adhocroles'} = $userenv{'adhocroles.'.$env{'request.role.domain'}}; - $newsettings{'adhocroles'} = $changeHash{'adhocroles.'.$env{'request.role.domain'}}; - } } foreach my $item (@userinfo) { if ($env{'form.c'.$item} ne $userenv{$item}) { @@ -3181,9 +3344,6 @@ sub update_user_data { &Apache::lonnet::usertools_access($env{'user.name'},$env{'user.domain'}, $key,'reload','requestauthor'); } - } elsif ($key eq 'adhocroles') { - $newenvhash{'adhocroles.'.$env{'request.role.domain'}} = - $changeHash{'adhocroles.'.$env{'request.role.domain'}}; } elsif ($key ne 'quota') { $newenvhash{'environment.tools.'.$key} = $changeHash{'tools.'.$key}; @@ -3201,6 +3361,10 @@ sub update_user_data { &Apache::lonnet::appenv(\%newenvhash); } } + if ($changed{'aboutme'}) { + &Apache::loncommon::devalidate_aboutme_cache($env{'form.ccuname'}, + $env{'form.ccdomain'}); + } } } if (keys(%namechanged) > 0) { @@ -3370,12 +3534,12 @@ sub display_userinfo { 'webdav' => 'WebDAV Availability', 'aboutme' => 'Personal Information Page Availability', 'portfolio' => 'Portfolio Availability', + 'timezone' => 'Can set own Time Zone', 'official' => 'Can Request Official Courses', 'unofficial' => 'Can Request Unofficial Courses', 'community' => 'Can Request Communities', 'textbook' => 'Can Request Textbook Courses', 'requestauthor' => 'Can Request Author Role', - 'adhocroles' => 'Ad Hoc Roles Selectable via Helpdesk Role', 'inststatus' => "Affiliation", 'prvs' => 'Previous Value:', 'chto' => 'Changed To:' @@ -3741,70 +3905,6 @@ sub tool_changes { return; } -sub adhocrole_changes { - my ($changehashref,$userenv) = @_; - my @adds = &Apache::loncommon::get_env_multiple('form.adhocroleadd'); - my @dels = &Apache::loncommon::get_env_multiple('form.adhocroledel'); - my (@saved,@added,@alladhoc,$changed); - my $adhoc_key = 'adhocroles.'.$env{'request.role.domain'}; - if (!$env{'form.makeuser'}) { - if (ref($userenv) eq 'HASH') { - my @current; - if ($userenv->{$adhoc_key}) { - @current = split(/,/,$userenv->{$adhoc_key}); - if (@dels) { - foreach my $curr (@current) { - next if ($curr eq ''); - unless (grep(/\Q$curr\E$/,@dels)) { - push(@saved,$curr); - } - } - $changed = 1; - } else { - @saved = @current; - } - } - } - } - if (@adds) { - my $confname = &Apache::lonnet::get_domainconfiguser($env{'request.role.domain'}); - my %existing=&Apache::lonnet::dump('roles',$env{'request.role.domain'}, - $confname,'rolesdef_'); - foreach my $poss (@adds) { - if (exists($existing{'rolesdef_'.$poss})) { - push(@added,$poss); - $changed = 1; - } - } - } - if (@added) { - if (@saved) { - foreach my $add (@added) { - unless (grep(/^\Q$add\E$/,@saved)) { - push(@alladhoc,$add); - } - } - } else { - push(@alladhoc,@added); - } - } - if (@saved) { - push(@alladhoc,@saved); - } - if (@alladhoc) { - my $adhocstr = join(',',sort(@alladhoc)); - $changehashref->{$adhoc_key} = $adhocstr; - } elsif (@dels) { - &Apache::lonnet::del('environment',[$adhoc_key],$env{'form.ccdomain'},$env{'form.ccuname'}); - delete($changehashref->{$adhoc_key}); - if (($env{'form.ccdomain'} eq $env{'user.domain'}) && - ($env{'form.ccuname'} eq $env{'user.name'})) { - &Apache::lonnet::delenv($adhoc_key); - } - } - return $changed; -} - sub update_roles { my ($r,$context,$showcredits) = @_; my $now=time; @@ -4335,9 +4435,9 @@ sub build_roles { # ========================================================== Custom Role Editor sub custom_role_editor { - my ($r,$brcrum,$prefix) = @_; + my ($r,$context,$brcrum,$prefix,$permission) = @_; my $action = $env{'form.customroleaction'}; - my $rolename; + my ($rolename,$helpitem); if ($action eq 'new') { $rolename=$env{'form.newrolename'}; } else { @@ -4348,14 +4448,17 @@ sub custom_role_editor { if ($env{'request.course.id'}) { $crstype = &Apache::loncommon::course_type(); $context = 'course'; + $helpitem = 'Course_Editing_Custom_Roles'; } else { $context = 'domain'; $crstype = 'course'; + $helpitem = 'Domain_Editing_Custom_Roles'; } $rolename=~s/[^A-Za-z0-9]//gs; if (!$rolename || $env{'form.phase'} eq 'pickrole') { - &print_username_entry_form($r,undef,undef,undef,undef,$crstype,$brcrum); + &print_username_entry_form($r,$context,undef,undef,undef,$crstype,$brcrum, + $permission); return; } @@ -4410,11 +4513,10 @@ sub custom_role_editor { text => "Edit custom role", faq => 282, bug => 'Instructor Interface', - help => 'Course_Editing_Custom_Roles'} + help => $helpitem} ); my $args = { bread_crumbs => $brcrum, bread_crumbs_component => 'User Management'}; - $r->print(&Apache::loncommon::start_page('Custom Role Editor', $head_script,$args). $body_top); @@ -4438,11 +4540,11 @@ ENDCCF # ---------------------------------------------------------- Call to definerole sub set_custom_role { - my ($r,$context,$brcrum,$prefix) = @_; + my ($r,$context,$brcrum,$prefix,$permission) = @_; my $rolename=$env{'form.rolename'}; $rolename=~s/[^A-Za-z0-9]//gs; if (!$rolename) { - &custom_role_editor($r,$brcrum,$prefix); + &custom_role_editor($r,$context,$brcrum,$prefix,$permission); return; } my ($jsback,$elements) = &crumb_utilities(); @@ -4451,6 +4553,10 @@ sub set_custom_role { .$jsback."\n" .'// ]]>'."\n" .'</script>'."\n"; + my $helpitem = 'Course_Editing_Custom_Roles'; + if ($context eq 'domain') { + $helpitem = 'Domain_Editing_Custom_Roles'; + } push(@{$brcrum}, {href => "javascript:backPage(document.customresult,'pickrole','')", text => "Pick custom role", @@ -4464,7 +4570,7 @@ sub set_custom_role { text => "Result", faq => 282, bug => 'Instructor Interface', - help => 'Course_Editing_Custom_Roles'}, + help => $helpitem,} ); my $args = { bread_crumbs => $brcrum, bread_crumbs_component => 'User Management'}; @@ -4535,7 +4641,8 @@ sub handler { $r->send_http_header; return OK; } - my ($context,$crstype); + my ($context,$crstype,$cid,$cnum,$cdom,$allhelpitems); + if ($env{'request.course.id'}) { $context = 'course'; $crstype = &Apache::loncommon::course_type(); @@ -4545,6 +4652,69 @@ sub handler { $context = 'domain'; } + my ($permission,$allowed) = + &Apache::lonuserutils::get_permission($context,$crstype); + + if ($allowed) { + my @allhelp; + if ($context eq 'course') { + $cid = $env{'request.course.id'}; + $cdom = $env{'course.'.$cid.'.domain'}; + $cnum = $env{'course.'.$cid.'.num'}; + + if ($permission->{'cusr'}) { + push(@allhelp,'Course_Create_Class_List'); + } + if ($permission->{'view'} || $permission->{'cusr'}) { + push(@allhelp,('Course_Change_Privileges','Course_View_Class_List')); + } + if ($permission->{'custom'}) { + push(@allhelp,'Course_Editing_Custom_Roles'); + } + if ($permission->{'cusr'}) { + push(@allhelp,('Course_Add_Student','Course_Drop_Student')); + } + unless ($permission->{'cusr_section'}) { + if (&Apache::lonnet::auto_run($cnum,$cdom) && (($permission->{'cusr'}) || ($permission->{'view'}))) { + push(@allhelp,'Course_Automated_Enrollment'); + } + if ($permission->{'selfenrolladmin'}) { + push(@allhelp,'Course_Approve_Selfenroll'); + } + } + if ($permission->{'grp_manage'}) { + push(@allhelp,'Course_Manage_Group'); + } + if ($permission->{'view'} || $permission->{'cusr'}) { + push(@allhelp,'Course_User_Logs'); + } + } elsif ($context eq 'author') { + push(@allhelp,('Author_Change_Privileges','Author_Create_Coauthor_List', + 'Author_View_Coauthor_List','Author_User_Logs')); + } else { + if ($permission->{'cusr'}) { + push(@allhelp,'Domain_Change_Privileges'); + if ($permission->{'activity'}) { + push(@allhelp,'Domain_User_Access_Logs'); + } + push(@allhelp,('Domain_Create_Users','Domain_View_Users_List')); + if ($permission->{'custom'}) { + push(@allhelp,'Domain_Editing_Custom_Roles'); + } + push(@allhelp,('Domain_Role_Approvals','Domain_Username_Approvals','Domain_Change_Logs')); + } elsif ($permission->{'view'}) { + push(@allhelp,'Domain_View_Privileges'); + if ($permission->{'activity'}) { + push(@allhelp,'Domain_User_Access_Logs'); + } + push(@allhelp,('Domain_View_Users_List','Domain_Change_Logs')); + } + } + if (@allhelp) { + $allhelpitems = join(',',@allhelp); + } + } + &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}, ['action','state','callingform','roletype','showrole','bulkaction','popup','phase', 'username','domain','srchterm','srchdomain','srchin','srchby','srchtype','queue']); @@ -4555,13 +4725,9 @@ sub handler { if (($env{'form.action'} ne 'dateselect') && ($env{'form.action'} ne 'displayuserreq')) { $brcrum = [{href=>"/adm/createuser", text=>"User Management", - help=>'Course_Create_Class_List,Course_Change_Privileges,Course_View_Class_List,Course_Editing_Custom_Roles,Course_Add_Student,Course_Drop_Student,Course_Automated_Enrollment,Course_Self_Enrollment,Course_Manage_Group'} + help=>$allhelpitems} ]; } - #SD Following files not added to help, because the corresponding .tex-files seem to - #be missing: Course_Approve_Selfenroll,Course_User_Logs, - my ($permission,$allowed) = - &Apache::lonuserutils::get_permission($context,$crstype); if (!$allowed) { if ($context eq 'course') { $r->internal_redirect('/adm/viewclasslist'); @@ -4593,10 +4759,16 @@ sub handler { $r->print(&header(undef,$args)); $r->print(&print_main_menu($permission,$context,$crstype)); } elsif ($env{'form.action'} eq 'upload' && $permission->{'cusr'}) { + my $helpitem = 'Course_Create_Class_List'; + if ($context eq 'author') { + $helpitem = 'Author_Create_Coauthor_List'; + } elsif ($context eq 'domain') { + $helpitem = 'Domain_Create_Users'; + } push(@{$brcrum}, { href => '/adm/createuser?action=upload&state=', text => 'Upload Users List', - help => 'Course_Create_Class_List', + help => $helpitem, }); $bread_crumbs_component = 'Upload Users List'; $args = {bread_crumbs => $brcrum, @@ -4608,18 +4780,44 @@ sub handler { if (! exists($env{'form.state'})) { &Apache::lonuserutils::print_first_users_upload_form($r,$context); } elsif ($env{'form.state'} eq 'got_file') { - &Apache::lonuserutils::print_upload_manager_form($r,$context,$permission, - $crstype,$showcredits); + my $result = + &Apache::lonuserutils::print_upload_manager_form($r,$context, + $permission, + $crstype,$showcredits); + if ($result eq 'missingdata') { + delete($env{'form.state'}); + &Apache::lonuserutils::print_first_users_upload_form($r,$context); + } } elsif ($env{'form.state'} eq 'enrolling') { if ($env{'form.datatoken'}) { - &Apache::lonuserutils::upfile_drop_add($r,$context,$permission, - $showcredits); + my $result = &Apache::lonuserutils::upfile_drop_add($r,$context, + $permission, + $showcredits); + if ($result eq 'missingdata') { + delete($env{'form.state'}); + &Apache::lonuserutils::print_first_users_upload_form($r,$context); + } elsif ($result eq 'invalidhome') { + $env{'form.state'} = 'got_file'; + delete($env{'form.lcserver'}); + my $result = + &Apache::lonuserutils::print_upload_manager_form($r,$context,$permission, + $crstype,$showcredits); + if ($result eq 'missingdata') { + delete($env{'form.state'}); + &Apache::lonuserutils::print_first_users_upload_form($r,$context); + } + } + } else { + delete($env{'form.state'}); + &Apache::lonuserutils::print_first_users_upload_form($r,$context); } } else { &Apache::lonuserutils::print_first_users_upload_form($r,$context); } + $r->print('</form>'); } elsif (((($env{'form.action'} eq 'singleuser') || ($env{'form.action'} eq 'singlestudent')) && ($permission->{'cusr'})) || + (($env{'form.action'} eq 'singleuser') && ($permission->{'view'})) || (($env{'form.action'} eq 'accesslogs') && ($permission->{'activity'}))) { my $phase = $env{'form.phase'}; my @search = ('srchterm','srchby','srchin','srchtype','srchdomain'); @@ -4640,7 +4838,7 @@ sub handler { .'</span>'; $env{'form.phase'} = ''; &print_username_entry_form($r,$context,$response,$srch,undef, - $crstype,$brcrum,$showcredits); + $crstype,$brcrum,$permission); } else { my $ccuname =&LONCAPA::clean_username($srch->{'srchterm'}); my $ccdomain=&LONCAPA::clean_domain($srch->{'srchdomain'}); @@ -4685,7 +4883,8 @@ sub handler { # } #} &print_username_entry_form($r,$context,$response,$srch, - $forcenewuser,$crstype,$brcrum); + $forcenewuser,$crstype,$brcrum, + $permission); } else { &print_useraccesslogs_display($r,$ccuname,$ccdomain,$permission,$brcrum); } @@ -4702,7 +4901,8 @@ sub handler { } else { $env{'form.phase'} = ''; &print_username_entry_form($r,$context,$response,$srch, - $forcenewuser,$crstype,$brcrum); + $forcenewuser,$crstype,$brcrum, + $permission); } } elsif ($env{'form.phase'} eq 'userpicked') { my $ccuname = &LONCAPA::clean_username($env{'form.seluname'}); @@ -4720,17 +4920,17 @@ sub handler { &print_useraccesslogs_display($r,$ccuname,$ccdomain,$permission,$brcrum); } } elsif ($env{'form.phase'} eq 'update_user_data') { - &update_user_data($r,$context,$crstype,$brcrum,$showcredits); + &update_user_data($r,$context,$crstype,$brcrum,$showcredits,$permission); } else { &print_username_entry_form($r,$context,undef,$srch,undef,$crstype, - $brcrum); + $brcrum,$permission); } } elsif ($env{'form.action'} eq 'custom' && $permission->{'custom'}) { my $prefix; if ($env{'form.phase'} eq 'set_custom_roles') { - &set_custom_role($r,$context,$brcrum,$prefix); + &set_custom_role($r,$context,$brcrum,$prefix,$permission); } else { - &custom_role_editor($r,$brcrum,$prefix); + &custom_role_editor($r,$context,$brcrum,$prefix,$permission); } } elsif (($env{'form.action'} eq 'processauthorreq') && ($permission->{'cusr'}) && @@ -4836,56 +5036,92 @@ sub handler { unless ($usertype) { $usertype = 'default'; } + my ($showstatus,$showemail,$pickstart); + my $numextras = 0; + my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom); + if ((ref($types) eq 'ARRAY') && (@{$types} > 0)) { + if (ref($usertypes) eq 'HASH') { + if ($usertypes->{$usertype}) { + $showstatus = $usertypes->{$usertype}; + } else { + $showstatus = $othertitle; + } + if ($showstatus) { + $numextras ++; + } + } + } + if (($info{$uname}{'email'} ne '') && ($info{$uname}{'email'} ne $uname)) { + $showemail = $info{$uname}{'email'}; + $numextras ++; + } if (ref($domconfig{'usercreation'}{'cancreate'}{'emailusername'}{$usertype}) eq 'HASH') { if ((ref($infofields) eq 'ARRAY') && (ref($infotitles) eq 'HASH')) { + $pickstart = 1; $r->print('<div>'.&Apache::lonhtmlcommon::start_pick_box()); - my ($num,$count,$showstatus); + my ($num,$count); $count = scalar(keys(%{$domconfig{'usercreation'}{'cancreate'}{'emailusername'}{$usertype}})); - unless ($usertype eq 'default') { - my ($othertitle,$usertypes,$types) = - &Apache::loncommon::sorted_inst_types($dom); - if (ref($usertypes) eq 'HASH') { - if ($usertypes->{$usertype}) { - $showstatus = $usertypes->{$usertype}; - $count ++; - } - } - } + $count += $numextras; foreach my $field (@{$infofields}) { next unless ($domconfig{'usercreation'}{'cancreate'}{'emailusername'}{$usertype}{$field}); next unless ($infotitles->{$field}); $r->print(&Apache::lonhtmlcommon::row_title($infotitles->{$field}). $info{$uname}{$field}); $num ++; - if ($count == $num) { - $r->print(&Apache::lonhtmlcommon::row_closure(1)); - } else { + unless ($count == $num) { $r->print(&Apache::lonhtmlcommon::row_closure()); } } - if ($showstatus) { - $r->print(&Apache::lonhtmlcommon::row_title(&mt('Status type (self-reported)')). - $showstatus. - &Apache::lonhtmlcommon::row_closure(1)); + } + } + if ($numextras) { + unless ($pickstart) { + $r->print('<div>'.&Apache::lonhtmlcommon::start_pick_box()); + $pickstart = 1; + } + if ($showemail) { + my $closure = ''; + unless ($showstatus) { + $closure = 1; } - $r->print(&Apache::lonhtmlcommon::end_pick_box().'</div>'); + $r->print(&Apache::lonhtmlcommon::row_title(&mt('E-mail address')). + $showemail. + &Apache::lonhtmlcommon::row_closure($closure)); + } + if ($showstatus) { + $r->print(&Apache::lonhtmlcommon::row_title(&mt('Status type[_1](self-reported)','<br />')). + $showstatus. + &Apache::lonhtmlcommon::row_closure(1)); } } + if ($pickstart) { + $r->print(&Apache::lonhtmlcommon::end_pick_box().'</div>'); + } else { + $r->print('<div>'.&mt('No information to display for this account request.').'</div>'); + } + } else { + $r->print('<div>'.&mt('No information available for this account request.').'</div>'); } } } } - $r->print(&close_popup_form()); } + $r->print(&close_popup_form()); } elsif (($env{'form.action'} eq 'listusers') && ($permission->{'view'} || $permission->{'cusr'})) { + my $helpitem = 'Course_View_Class_List'; + if ($context eq 'author') { + $helpitem = 'Author_View_Coauthor_List'; + } elsif ($context eq 'domain') { + $helpitem = 'Domain_View_Users_List'; + } if ($env{'form.phase'} eq 'bulkchange') { push(@{$brcrum}, {href => '/adm/createuser?action=listusers', text => "List Users"}, {href => "/adm/createuser", text => "Result", - help => 'Course_View_Class_List'}); + help => $helpitem}); $bread_crumbs_component = 'Update Users'; $args = {bread_crumbs => $brcrum, bread_crumbs_component => $bread_crumbs_component}; @@ -4902,7 +5138,7 @@ sub handler { push(@{$brcrum}, {href => '/adm/createuser?action=listusers', text => "List Users", - help => 'Course_View_Class_List'}); + help => $helpitem}); $bread_crumbs_component = 'List Users'; $args = {bread_crumbs => $brcrum, bread_crumbs_component => $bread_crumbs_component}; @@ -4983,9 +5219,6 @@ sub handler { } } elsif ($env{'form.action'} eq 'selfenroll') { if ($permission->{selfenrolladmin}) { - my $cid = $env{'request.course.id'}; - my $cdom = $env{'course.'.$cid.'.domain'}; - my $cnum = $env{'course.'.$cid.'.num'}; my %currsettings = ( selfenroll_types => $env{'course.'.$cid.'.internal.selfenroll_types'}, selfenroll_registered => $env{'course.'.$cid.'.internal.selfenroll_registered'}, @@ -5027,36 +5260,58 @@ sub handler { '<span class="LC_error">'.&mt('You do not have permission to configure self-enrollment').'</span>'); } } elsif ($env{'form.action'} eq 'selfenrollqueue') { - push(@{$brcrum}, - {href => '/adm/createuser?action=selfenrollqueue', - text => 'Enrollment requests', - help => 'Course_Self_Enrollment'}); - $bread_crumbs_component = 'Enrollment requests'; - if ($env{'form.state'} eq 'done') { + if ($permission->{selfenrolladmin}) { push(@{$brcrum}, {href => '/adm/createuser?action=selfenrollqueue', - text => 'Result', - help => 'Course_Self_Enrollment'}); - $bread_crumbs_component = 'Enrollment result'; - } - $args = { bread_crumbs => $brcrum, - bread_crumbs_component => $bread_crumbs_component}; - $r->print(&header(undef,$args)); - my $cid = $env{'request.course.id'}; - my $cdom = $env{'course.'.$cid.'.domain'}; - my $cnum = $env{'course.'.$cid.'.num'}; - my $coursedesc = $env{'course.'.$cid.'.description'}; - if (!exists($env{'form.state'})) { - $r->print('<h3>'.&mt('Pending enrollment requests').'</h3>'."\n"); - $r->print(&Apache::loncoursequeueadmin::display_queued_requests($context, - $cdom,$cnum)); - } elsif ($env{'form.state'} eq 'done') { - $r->print('<h3>'.&mt('Enrollment request processing').'</h3>'."\n"); - $r->print(&Apache::loncoursequeueadmin::update_request_queue($context, - $cdom,$cnum,$coursedesc)); + text => 'Enrollment requests', + help => 'Course_Approve_Selfenroll'}); + $bread_crumbs_component = 'Enrollment requests'; + if ($env{'form.state'} eq 'done') { + push(@{$brcrum}, + {href => '/adm/createuser?action=selfenrollqueue', + text => 'Result', + help => 'Course_Approve_Selfenroll'}); + $bread_crumbs_component = 'Enrollment result'; + } + $args = { bread_crumbs => $brcrum, + bread_crumbs_component => $bread_crumbs_component}; + $r->print(&header(undef,$args)); + my $coursedesc = $env{'course.'.$cid.'.description'}; + if (!exists($env{'form.state'})) { + $r->print('<h3>'.&mt('Pending enrollment requests').'</h3>'."\n"); + $r->print(&Apache::loncoursequeueadmin::display_queued_requests($context, + $cdom,$cnum)); + } elsif ($env{'form.state'} eq 'done') { + $r->print('<h3>'.&mt('Enrollment request processing').'</h3>'."\n"); + $r->print(&Apache::loncoursequeueadmin::update_request_queue($context, + $cdom,$cnum,$coursedesc)); + } + } else { + $r->print(&header(undef,{'no_nav_bar' => 1}). + '<span class="LC_error">'.&mt('You do not have permission to manage self-enrollment').'</span>'); } } elsif ($env{'form.action'} eq 'changelogs') { - &print_userchangelogs_display($r,$context,$permission,$brcrum); + if ($permission->{cusr} || $permission->{view}) { + &print_userchangelogs_display($r,$context,$permission,$brcrum); + } else { + $r->print(&header(undef,{'no_nav_bar' => 1}). + '<span class="LC_error">'.&mt('You do not have permission to view change logs').'</span>'); + } + } elsif ($env{'form.action'} eq 'helpdesk') { + if (($permission->{'owner'}) || ($permission->{'co-owner'})) { + if ($env{'form.state'} eq 'process') { + if ($permission->{'owner'}) { + &update_helpdeskaccess($r,$permission,$brcrum); + } else { + &print_helpdeskaccess_display($r,$permission,$brcrum); + } + } else { + &print_helpdeskaccess_display($r,$permission,$brcrum); + } + } else { + $r->print(&header(undef,{'no_nav_bar' => 1}). + '<span class="LC_error">'.&mt('You do not have permission to view helpdesk access').'</span>'); + } } else { $bread_crumbs_component = 'User Management'; $args = { bread_crumbs => $brcrum, @@ -5308,6 +5563,26 @@ sub print_main_menu { listusers => 'Show and manage users in this community.', }, ); + if ($linkcontext eq 'domain') { + unless ($permission->{'cusr'}) { + $links{'domain'}{'singleuser'} = 'View a User'; + $linktitles{'domain'}{'singleuser'} = 'View information about a user in the domain'; + } + } elsif ($linkcontext eq 'course') { + unless ($permission->{'cusr'}) { + $links{'course'}{'singleuser'} = 'View a Course User'; + $linktitles{'course'}{'singleuser'} = 'View information about a user in this course'; + $links{'course'}{'listusers'} = 'List Course Users'; + $linktitles{'course'}{'listusers'} = 'Show information about users in this course'; + } + } elsif ($linkcontext eq 'community') { + unless ($permission->{'cusr'}) { + $links{'community'}{'singleuser'} = 'View a Community User'; + $linktitles{'community'}{'singleuser'} = 'View information about a user in this community'; + $links{'community'}{'listusers'} = 'List Community Users'; + $linktitles{'community'}{'listusers'} = 'Show information about users in this community'; + } + } my @menu = ( {categorytitle => 'Single Users', items => [ @@ -5316,7 +5591,7 @@ sub print_main_menu { icon => 'edit-redo.png', #help => 'Course_Change_Privileges', url => '/adm/createuser?action=singleuser', - permission => $permission->{'cusr'}, + permission => ($permission->{'view'} || $permission->{'cusr'}), linktitle => $linktitles{$linkcontext}{'singleuser'}, }, ]}, @@ -5352,7 +5627,7 @@ sub print_main_menu { { linktext => 'User Access Log', icon => 'document-properties.png', - #help => 'User_Access_Logs', + #help => 'Domain_User_Access_Logs', url => '/adm/createuser?action=accesslogs', permission => $permission->{'activity'}, linktitle => 'View user access log.', @@ -5389,7 +5664,7 @@ sub print_main_menu { icon => 'document-properties.png', #help => 'Course_User_Logs', url => '/adm/createuser?action=changelogs', - permission => $permission->{'cusr'}, + permission => ($permission->{'cusr'} || $permission->{'view'}), linktitle => 'View change log.', }, ); @@ -5445,7 +5720,15 @@ sub print_main_menu { }, ); push(@{ $menu[2]->{items} }, #Category: Administration - { + { + linktext => 'Helpdesk Access', + icon => 'helpdesk-access.png', + #help => 'Course_Helpdesk_Access', + url => '/adm/createuser?action=helpdesk', + permission => ($permission->{'owner'} || $permission->{'co-owner'}), + linktitle => 'Helpdesk access options', + }, + { linktext => 'Custom Roles', icon => 'emblem-photos.png', #help => 'Course_Editing_Custom_Roles', @@ -5466,7 +5749,7 @@ sub print_main_menu { icon => 'document-properties.png', #help => 'Course_User_Logs', url => '/adm/createuser?action=changelogs', - permission => $permission->{'cusr'}, + permission => ($permission->{'view'} || $permission->{'cusr'}), linktitle => 'View change log.', }, ); @@ -5491,7 +5774,8 @@ sub print_main_menu { icon => 'roles.png', #help => 'Course_Automated_Enrollment', permission => (&Apache::lonnet::auto_run($cnum,$cdom) - && $permission->{'cusr'}), + && (($permission->{'cusr'}) || + ($permission->{'view'}))), url => '/adm/populate', linktitle => 'Automated enrollment manager.', } @@ -5540,7 +5824,7 @@ sub restore_prev_selections { } sub print_selfenroll_menu { - my ($r,$context,$cid,$cdom,$cnum,$currsettings,$additional) = @_; + my ($r,$context,$cid,$cdom,$cnum,$currsettings,$additional,$readonly) = @_; my $crstype = &Apache::loncommon::course_type(); my $formname = 'selfenroll'; my $nolink = 1; @@ -5553,6 +5837,10 @@ sub print_selfenroll_menu { butn => 'but no user types have been checked.', wilf => "Please uncheck 'activate' or check at least one type.", ); + my $disabled; + if ($readonly) { + $disabled = ' disabled="disabled"'; + } &js_escape(\%alerts); my $selfenroll_js = <<"ENDSCRIPT"; function update_types(caller,num) { @@ -5685,12 +5973,13 @@ function validate_types(form) { } function check_types(num,countfail,needaction) { - var typeidx = getIndexByName('selfenroll_types_'+num); + var boxname = 'selfenroll_types_'+num; + var typeidx = getIndexByName(boxname); var count = 0; if (typeidx != -1) { - if (document.$formname.elements[typeidx].length) { - for (var k=0; k<document.$formname.elements[typeidx].length; k++) { - if (document.$formname.elements[typeidx][k].checked) { + if (document.$formname.elements[boxname].length) { + for (var k=0; k<document.$formname.elements[boxname].length; k++) { + if (document.$formname.elements[boxname][k].checked) { count ++; } } @@ -5868,13 +6157,13 @@ ENDSCRIPT $output .= ' checked="checked" '; } $output .= 'onchange="javascript:update_types('. - "'selfenroll_all'".');" />'.&mt('Yes').'</label>'. + "'selfenroll_all'".');"'.$disabled.' />'.&mt('Yes').'</label>'. ' <input type="radio" name="selfenroll_all" value="0" '; if ($curr_types ne '*') { $output .= ' checked="checked" '; } $output .= ' onchange="javascript:update_types('. - "'selfenroll_all'".');"/>'.&mt('No').'</label></td>'. + "'selfenroll_all'".');"'.$disabled.' />'.&mt('No').'</label></td>'. &Apache::loncommon::end_data_table_row(). &Apache::loncommon::end_data_table(). &mt('Or').'<br />'. @@ -5896,10 +6185,10 @@ ENDSCRIPT .'</b><input type="hidden" name="selfenroll_dom_'.$num .'" value="'.$currdom.'" /></span><br />' .'<span class="LC_nobreak"><label><input type="checkbox" ' - .'name="selfenroll_delete" value="'.$num.'" onchange="javascript:update_types('."'selfenroll_delete','$num'".');" />' + .'name="selfenroll_delete" value="'.$num.'" onchange="javascript:update_types('."'selfenroll_delete','$num'".');"'.$disabled.' />' .&mt('Delete').'</label></span></td>'; $output .= '<td valign="top"> '.&mt('User types:').'<br />' - .&selfenroll_inst_types($num,$currdom,\@currinsttypes).'</td>' + .&selfenroll_inst_types($num,$currdom,\@currinsttypes,$readonly).'</td>' .&Apache::loncommon::end_data_table_row(); $num ++; } @@ -5914,7 +6203,7 @@ ENDSCRIPT $output .= &Apache::loncommon::start_data_table_row() .'<td colspan="2"><span class="LC_nobreak">'.$add_domtitle.'</span><br />' .&Apache::loncommon::select_dom_form('','selfenroll_newdom', - $includeempty,$showdomdesc) + $includeempty,$showdomdesc,'','','',$readonly) .'<input type="hidden" name="selfenroll_types_total" value="'.$num.'" />' .'</td>'.&Apache::loncommon::end_data_table_row() .&Apache::loncommon::end_data_table(); @@ -5935,15 +6224,15 @@ ENDSCRIPT } if ($registered) { $regon = ' checked="checked" '; - $regoff = ' '; + $regoff = ''; } else { - $regon = ' '; + $regon = ''; $regoff = ' checked="checked" '; } $output .= '<label>'. - '<input type="radio" name="selfenroll_registered" value="1"'.$regon.'/>'. + '<input type="radio" name="selfenroll_registered" value="1"'.$regon.$disabled.' />'. &mt('Yes').'</label> <label>'. - '<input type="radio" name="selfenroll_registered" value="0"'.$regoff.'/>'. + '<input type="radio" name="selfenroll_registered" value="0"'.$regoff.$disabled.' />'. &mt('No').'</label>'; } elsif ($item eq 'enroll_dates') { my ($starttime,$endtime); @@ -5965,10 +6254,10 @@ ENDSCRIPT } my $startform = &Apache::lonhtmlcommon::date_setter($formname,'selfenroll_start_date',$starttime, - undef,undef,undef,undef,undef,undef,undef,$nolink); + $disabled,undef,undef,undef,undef,undef,undef,$nolink); my $endform = &Apache::lonhtmlcommon::date_setter($formname,'selfenroll_end_date',$endtime, - undef,undef,undef,undef,undef,undef,undef,$nolink); + $disabled,undef,undef,undef,undef,undef,undef,$nolink); $output .= &selfenroll_date_forms($startform,$endform); } elsif ($item eq 'access_dates') { my ($starttime,$endtime); @@ -5990,10 +6279,10 @@ ENDSCRIPT } my $startform = &Apache::lonhtmlcommon::date_setter($formname,'selfenroll_start_access',$starttime, - undef,undef,undef,undef,undef,undef,undef,$nolink); + $disabled,undef,undef,undef,undef,undef,undef,$nolink); my $endform = &Apache::lonhtmlcommon::date_setter($formname,'selfenroll_end_access',$endtime, - undef,undef,undef,undef,undef,undef,undef,$nolink); + $disabled,undef,undef,undef,undef,undef,undef,$nolink); $output .= &selfenroll_date_forms($startform,$endform); } elsif ($item eq 'section') { my $currsec; @@ -6017,19 +6306,19 @@ ENDSCRIPT next; } my $sections_select = - &Apache::lonuserutils::course_sections(\%sections_count,'st',$currsec); + &Apache::lonuserutils::course_sections(\%sections_count,'st',$currsec,$disabled); $output .= '<table class="LC_createuser">'."\n". '<tr class="LC_section_row">'."\n". '<td align="center">'.&mt('Existing sections')."\n". '<br />'.$sections_select.'</td><td align="center">'. &mt('New section').'<br />'."\n". - '<input type="text" name="newsec" size="15" value="'.$newsecval.'" />'."\n". + '<input type="text" name="newsec" size="15" value="'.$newsecval.'"'.$disabled.' />'."\n". '<input type="hidden" name="sections" value="" />'."\n". '</td></tr></table>'."\n"; } elsif ($item eq 'approval') { my ($currnotified,$currapproval,%appchecked); my %selfdescs = &Apache::lonuserutils::selfenroll_default_descs(); - if (ref($currsettings) eq 'HASH') { + if (ref($currsettings) eq 'HASH') { $currnotified = $currsettings->{'selfenroll_notifylist'}; $currapproval = $currsettings->{'selfenroll_approval'}; } @@ -6045,8 +6334,8 @@ ENDSCRIPT for my $i (0..2) { $output .= '<label>'. '<input type="radio" name="selfenroll_approval" value="'.$i.'"'. - $appchecked{$i}.' onclick="toggleNotify();" />'.$selfdescs{'approval'}{$i}. - '</label>'.(' 'x2); + $appchecked{$i}.' onclick="toggleNotify();"'.$disabled.' />'. + $selfdescs{'approval'}{$i}.'</label>'.(' 'x2); } my %advhash = &Apache::lonnet::get_course_adv_roles($cid,1); my (@ccs,%notified); @@ -6087,7 +6376,7 @@ ENDSCRIPT &Apache::loncommon::start_data_table_row() } $output .= '<td><span class="LC_nobreak"><label>'. - '<input type="checkbox" name="selfenroll_notify"'.$notifyon.' value="'.$cc.'" />'. + '<input type="checkbox" name="selfenroll_notify"'.$notifyon.' value="'.$cc.'"'.$disabled.' />'. &Apache::loncommon::plainname($ccuname,$ccudom). '</label></span></td>'; $count ++; @@ -6137,26 +6426,28 @@ ENDSCRIPT $nolimit = ' checked="checked" '; } $output .= '<table><tr><td><label>'. - '<input type="radio" name="selfenroll_limit" value="none"'.$nolimit.'/>'. + '<input type="radio" name="selfenroll_limit" value="none"'.$nolimit.$disabled.'/>'. &mt('No limit').'</label></td><td><label>'. - '<input type="radio" name="selfenroll_limit" value="allstudents"'.$crslimit.'/>'. + '<input type="radio" name="selfenroll_limit" value="allstudents"'.$crslimit.$disabled.'/>'. &mt('Limit by total students').'</label></td><td><label>'. - '<input type="radio" name="selfenroll_limit" value="selfenrolled"'.$selflimit.'/>'. + '<input type="radio" name="selfenroll_limit" value="selfenrolled"'.$selflimit.$disabled.'/>'. &mt('Limit by total self-enrolled students'). '</td></tr><tr>'. '<td> </td><td colspan="2"><span class="LC_nobreak">'. (' 'x3).&mt('Maximum number allowed: '). - '<input type="text" name="selfenroll_cap" size = "5" value="'.$currcap.'" /></td></tr></table>'; + '<input type="text" name="selfenroll_cap" size = "5" value="'.$currcap.'"'.$disabled.' /></td></tr></table>'; } $output .= &Apache::lonhtmlcommon::row_closure(1); } } - $output .= &Apache::lonhtmlcommon::end_pick_box(). - '<br /><input type="button" name="selfenrollconf" value="' - .&mt('Save').'" onclick="validate_types(this.form);" />' - .'<input type="hidden" name="action" value="selfenroll" />' - .'<input type="hidden" name="state" value="done" />'."\n". - $additional.'</form>'; + $output .= &Apache::lonhtmlcommon::end_pick_box().'<br />'; + unless ($readonly) { + $output .= '<input type="button" name="selfenrollconf" value="' + .&mt('Save').'" onclick="validate_types(this.form);" />'; + } + $output .= '<input type="hidden" name="action" value="selfenroll" />' + .'<input type="hidden" name="state" value="done" />'."\n" + .$additional.'</form>'; $r->print($output); return; } @@ -6339,12 +6630,16 @@ sub new_selfenroll_dom_row { } sub selfenroll_inst_types { - my ($num,$currdom,$currinsttypes) = @_; + my ($num,$currdom,$currinsttypes,$readonly) = @_; my $output; my $numinrow = 4; my $count = 0; my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($currdom); my $othervalue = 'any'; + my $disabled; + if ($readonly) { + $disabled = ' disabled="disabled"'; + } if ((ref($types) eq 'ARRAY') && (ref($usertypes) eq 'HASH')) { if (keys(%{$usertypes}) > 0) { $othervalue = 'other'; @@ -6369,7 +6664,7 @@ sub selfenroll_inst_types { $output .= 'checked="checked"'; } } - $output .= ' name="selfenroll_types_'.$num.'" />'.$usertypes->{$type}.'</label></span></td>'; + $output .= ' name="selfenroll_types_'.$num.'"'.$disabled.' />'.$usertypes->{$type}.'</label></span></td>'; } $count ++; } @@ -6392,7 +6687,7 @@ sub selfenroll_inst_types { } else { $output .= ' checked="checked"'; } - $output .= ' name="selfenroll_types_'.$num.'" />'.$othertitle.'</label></span></td></tr></table>'; + $output .= ' name="selfenroll_types_'.$num.'"'.$disabled.' />'.$othertitle.'</label></span></td></tr></table>'; } return $output; } @@ -6415,7 +6710,7 @@ sub selfenroll_date_forms { sub print_userchangelogs_display { my ($r,$context,$permission,$brcrum) = @_; my $formname = 'rolelog'; - my ($username,$domain,$crstype,%roleslog); + my ($username,$domain,$crstype,$viewablesec,%roleslog); if ($context eq 'domain') { $domain = $env{'request.role.domain'}; %roleslog=&Apache::lonnet::dump_dom('nohist_rolelog',$domain); @@ -6424,6 +6719,7 @@ sub print_userchangelogs_display { $domain = $env{'course.'.$env{'request.course.id'}.'.domain'}; $username = $env{'course.'.$env{'request.course.id'}.'.num'}; $crstype = &Apache::loncommon::course_type(); + $viewablesec = &Apache::lonuserutils::viewable_section($permission); my %saveable_parameters = ('show' => 'scalar',); &Apache::loncommon::store_course_settings('roles_log', \%saveable_parameters); @@ -6446,6 +6742,10 @@ sub print_userchangelogs_display { my $helpitem; if ($context eq 'course') { $helpitem = 'Course_User_Logs'; + } elsif ($context eq 'domain') { + $helpitem = 'Domain_Role_Logs'; + } elsif ($context eq 'author') { + $helpitem = 'Author_User_Logs'; } push (@{$brcrum}, {href => '/adm/createuser?action=changelogs', @@ -6555,6 +6855,9 @@ ENDSCRIPT next if ($roleslog{$id}{'logentry'}{'context'} ne $curr{'chgcontext'}); } } + if (($context eq 'course') && ($viewablesec ne '')) { + next if ($roleslog{$id}{'logentry'}{'section'} ne $viewablesec); + } $count ++; next if ($count < $minshown); unless ($showntableheader) { @@ -6642,30 +6945,39 @@ sub print_useraccesslogs_display { my $form = 'document.accesslog'; # set breadcrumbs - my %breadcrumb_text = &singleuser_breadcrumb(); - push (@{$brcrum}, - {href => "javascript:backPage($form)", - text => $breadcrumb_text{'search'}}); - my (@prevphases,$prevphasestr); - if ($env{'form.prevphases'}) { - @prevphases = split(/,/,$env{'form.prevphases'}); - $prevphasestr = $env{'form.prevphases'}; - } - if (($env{'form.phase'} eq 'userpicked') || (grep(/^userpicked$/,@prevphases))) { - push(@{$brcrum}, - {href => "javascript:backPage($form,'get_user_info','select')", - text => $breadcrumb_text{'userpicked'}}); - if ($env{'form.phase'} eq 'userpicked') { - $prevphasestr = 'userpicked'; + my %breadcrumb_text = &singleuser_breadcrumb('','domain',$udom); + my $prevphasestr; + if ($env{'form.popup'}) { + $brcrum = []; + } else { + push (@{$brcrum}, + {href => "javascript:backPage($form)", + text => $breadcrumb_text{'search'}}); + my @prevphases; + if ($env{'form.prevphases'}) { + @prevphases = split(/,/,$env{'form.prevphases'}); + $prevphasestr = $env{'form.prevphases'}; + } + if (($env{'form.phase'} eq 'userpicked') || (grep(/^userpicked$/,@prevphases))) { + push(@{$brcrum}, + {href => "javascript:backPage($form,'get_user_info','select')", + text => $breadcrumb_text{'userpicked'}}); + if ($env{'form.phase'} eq 'userpicked') { + $prevphasestr = 'userpicked'; + } } } push(@{$brcrum}, {href => '/adm/createuser?action=accesslogs', text => 'User access logs', - help => 'User_Access_Logs'}); + help => 'Domain_User_Access_Logs'}); my $bread_crumbs_component = 'User Access Logs'; my $args = { bread_crumbs => $brcrum, bread_crumbs_component => 'User Management'}; + if ($env{'form.popup'}) { + $args->{'no_nav_bar'} = 1; + $args->{'bread_crumbs_nomenu'} = 1; + } # set javascript my ($jsback,$elements) = &crumb_utilities(); @@ -6690,8 +7002,12 @@ ENDSCRIPT unless ($permission->{'activity'}) { $r->print('<p class="LC_warning">' .&mt('You do not have rights to display user access logs.') - .'</p>' - .&earlyout_accesslog_form($formname,$prevphasestr,$udom)); + .'</p>'); + if ($env{'form.popup'}) { + $r->print('<p><a href="javascript:window.close()">'.&mt('Close window').'</a></p>'); + } else { + $r->print(&earlyout_accesslog_form($formname,$prevphasestr,$udom)); + } return; } @@ -6711,6 +7027,24 @@ ENDSCRIPT return; } + if (&Apache::lonnet::privileged($uname,$udom, + [$env{'request.role.domain'}],['dc','su'])) { + unless (&Apache::lonnet::privileged($env{'user.name'},$env{'user.domain'}, + [$env{'request.role.domain'}],['dc','su'])) { + $r->print('<p class="LC_warning">' + .&mt('You need to be a privileged user to display user access logs for [_1]', + &Apache::loncommon::aboutmewrapper(&Apache::loncommon::plainname($uname,$udom), + $uname,$udom)) + .'</p>'); + if ($env{'form.popup'}) { + $r->print('<p><a href="javascript:window.close()">'.&mt('Close window').'</a></p>'); + } else { + $r->print(&earlyout_accesslog_form($formname,$prevphasestr,$udom)); + } + return; + } + } + # set defaults my $now = time(); my $defstart = $now - (7*24*3600); @@ -6757,8 +7091,11 @@ ENDSCRIPT my ($nav_script,$nav_links); # table header - my $tableheader = - &Apache::loncommon::start_data_table_header_row() + my $heading = '<h3>'. + &mt('User access logs for: [_1]', + &Apache::loncommon::aboutmewrapper(&Apache::loncommon::plainname($uname,$udom),$uname,$udom)).'</h3>'; + my $tableheader = $heading + .&Apache::loncommon::start_data_table_header_row() .'<th> </th>' .'<th>'.&mt('When').'</th>' .'<th>'.&mt('HostID').'</th>' @@ -6794,14 +7131,14 @@ ENDSCRIPT $r->rflush(); $showntableheader = 1; } - my ($shown,$extra,); - my ($event,$data) = split(/\s+/,&unescape($event)); + my ($shown,$extra); + my ($event,$data) = split(/\s+/,&unescape($event),2); if ($event eq 'Role') { my ($rolecode,$extent) = split(/\./,$data,2); next if ($extent eq ''); my ($crstype,$desc,$info); - if ($extent =~ m{^/($match_domain)/($match_courseid)$}) { - my ($cdom,$cnum) = ($1,$2); + if ($extent =~ m{^/($match_domain)/($match_courseid)(?:/(\w+)|)$}) { + my ($cdom,$cnum,$sec) = ($1,$2,$3); my $cid = $cdom.'_'.$cnum; if (exists($courses{$cid})) { $crstype = $courses{$cid}{'type'}; @@ -6820,6 +7157,9 @@ ENDSCRIPT } } $extra = &mt($crstype).': <a href="/public/'.$cdom.'/'.$cnum.'/syllabus">'.$desc.'</a>'; + if ($sec ne '') { + $extra .= ' ('.&mt('Section: [_1]',$sec).')'; + } } elsif ($extent =~ m{^/($match_domain)/($match_username|$)}) { my ($dom,$name) = ($1,$2); if ($rolecode eq 'au') { @@ -6844,8 +7184,17 @@ ENDSCRIPT $shown = &mt('Role selection: [_1]',$rolename); } else { $shown = &mt($event); - if ($data ne '') { - $extra = &mt('Client IP address: [_1]',$data); + if ($data =~ /^webdav/) { + my ($path,$clientip) = split(/\s+/,$data,2); + $path =~ s/^webdav//; + if ($clientip ne '') { + $extra = &mt('Client IP address: [_1]',$clientip); + } + if ($path ne '') { + $shown .= ' '.&mt('(WebDAV access to [_1])',$path); + } + } elsif ($data ne '') { + $extra = &mt('Client IP address: [_1]',$data); } } $r->print( @@ -6863,11 +7212,15 @@ ENDSCRIPT $r->print(&Apache::loncommon::end_data_table(). &userlogdisplay_navlinks(\%curr,$more_records)); } else { # No content displayed above - $r->print('<p class="LC_info">' + $r->print($heading.'<p class="LC_info">' .&mt('There are no records to display.') .'</p>'); } + if ($env{'form.popup'} == 1) { + $r->print('<input type="hidden" name="popup" value="1" />'."\n"); + } + # Form Footer $r->print( '<input type="hidden" name="currstate" value="" />' @@ -6950,7 +7303,7 @@ sub activity_display_filter { # Update Display button $output .= '<p>' .'<input type="submit" value="'.&mt('Update Display').'" />' - .'</p>'; + .'</p><hr />'; return $output; } @@ -7048,12 +7401,12 @@ sub role_display_filter { &mt('Context:').'</b><br /><select name="chgcontext">'; my @posscontexts; if ($context eq 'course') { - @posscontexts = ('any','automated','updatenow','createcourse','course','domain','selfenroll','requestcourses'); + @posscontexts = ('any','automated','updatenow','createcourse','course','domain','selfenroll','requestcourses','chgtype'); } elsif ($context eq 'domain') { @posscontexts = ('any','domain','requestauthor','domconfig','server'); } else { @posscontexts = ('any','author','domain'); - } + } foreach my $chgtype (@posscontexts) { my $selstr = ''; if ($curr->{'chgcontext'} eq $chgtype) { @@ -7097,6 +7450,7 @@ sub rolechg_contexts { %lt = &Apache::lonlocal::texthash ( any => 'Any', automated => 'Automated Enrollment', + chgtype => 'Enrollment Type/Lock Change', updatenow => 'Roster Update', createcourse => 'Course Creation', course => 'User Management in course', @@ -7127,6 +7481,988 @@ sub rolechg_contexts { return %lt; } +sub print_helpdeskaccess_display { + my ($r,$permission,$brcrum) = @_; + my $formname = 'helpdeskaccess'; + my $helpitem = 'Course_Helpdesk_Access'; + push (@{$brcrum}, + {href => '/adm/createuser?action=helpdesk', + text => 'Helpdesk Access', + help => $helpitem}); + my $bread_crumbs_component = 'Helpdesk Staff Access'; + my $args = { bread_crumbs => $brcrum, + bread_crumbs_component => $bread_crumbs_component}; + + my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; + my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; + my $confname = $cdom.'-domainconfig'; + my $crstype = &Apache::loncommon::course_type(); + + my @accesstypes = ('all','dh','da','none'); + my ($numstatustypes,@jsarray); + my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($cdom); + if (ref($types) eq 'ARRAY') { + if (@{$types} > 0) { + $numstatustypes = scalar(@{$types}); + push(@accesstypes,'status'); + @jsarray = ('bystatus'); + } + } + my %customroles = &get_domain_customroles($cdom,$confname); + my %domhelpdesk = &Apache::lonnet::get_active_domroles($cdom,['dh','da']); + if (keys(%domhelpdesk)) { + push(@accesstypes,('inc','exc')); + push(@jsarray,('notinc','notexc')); + } + push(@jsarray,'privs'); + my $hiddenstr = join("','",@jsarray); + my $rolestr = join("','",sort(keys(%customroles))); + + my $jscript; + my (%settings,%overridden); + if (keys(%customroles)) { + &get_adhocrole_settings($env{'request.course.id'},\@accesstypes, + $types,\%customroles,\%settings,\%overridden); + my %jsfull=(); + my %jslevels= ( + course => {}, + domain => {}, + system => {}, + ); + my %jslevelscurrent=( + course => {}, + domain => {}, + system => {}, + ); + my (%privs,%jsprivs); + &Apache::lonuserutils::custom_role_privs(\%privs,\%jsfull,\%jslevels,\%jslevelscurrent); + foreach my $priv (keys(%jsfull)) { + if ($jslevels{'course'}{$priv}) { + $jsprivs{$priv} = 1; + } + } + my (%elements,%stored); + foreach my $role (keys(%customroles)) { + $elements{$role.'_access'} = 'radio'; + $elements{$role.'_incrs'} = 'radio'; + if ($numstatustypes) { + $elements{$role.'_status'} = 'checkbox'; + } + if (keys(%domhelpdesk) > 0) { + $elements{$role.'_staff_inc'} = 'checkbox'; + $elements{$role.'_staff_exc'} = 'checkbox'; + } + $elements{$role.'_override'} = 'checkbox'; + if (ref($settings{$role}) eq 'HASH') { + if ($settings{$role}{'access'} ne '') { + my $curraccess = $settings{$role}{'access'}; + $stored{$role.'_access'} = $curraccess; + $stored{$role.'_incrs'} = 1; + if ($curraccess eq 'status') { + if (ref($settings{$role}{'status'}) eq 'ARRAY') { + $stored{$role.'_status'} = $settings{$role}{'status'}; + } + } elsif (($curraccess eq 'exc') || ($curraccess eq 'inc')) { + if (ref($settings{$role}{$curraccess}) eq 'ARRAY') { + $stored{$role.'_staff_'.$curraccess} = $settings{$role}{$curraccess}; + } + } + } else { + $stored{$role.'_incrs'} = 0; + } + $stored{$role.'_override'} = []; + if ($env{'course.'.$env{'request.course.id'}.'.internal.adhocpriv.'.$role}) { + if (ref($settings{$role}{'off'}) eq 'ARRAY') { + foreach my $priv (@{$settings{$role}{'off'}}) { + push(@{$stored{$role.'_override'}},$priv); + } + } + if (ref($settings{$role}{'on'}) eq 'ARRAY') { + foreach my $priv (@{$settings{$role}{'on'}}) { + unless (grep(/^$priv$/,@{$stored{$role.'_override'}})) { + push(@{$stored{$role.'_override'}},$priv); + } + } + } + } + } else { + $stored{$role.'_incrs'} = 0; + } + } + $jscript = &Apache::lonhtmlcommon::set_form_elements(\%elements,\%stored); + } + + my $js = <<"ENDJS"; +<script type="text/javascript"> +// <![CDATA[ +$jscript; + +function switchRoleTab(caller,role) { + if (document.getElementById(role+'_maindiv')) { + if (caller.id != 'LC_current_minitab') { + if (document.getElementById('LC_current_minitab')) { + document.getElementById('LC_current_minitab').id=null; + } + var roledivs = Array('$rolestr'); + if (roledivs.length > 0) { + for (var i=0; i<roledivs.length; i++) { + if (document.getElementById(roledivs[i]+'_maindiv')) { + document.getElementById(roledivs[i]+'_maindiv').style.display='none'; + } + } + } + caller.id = 'LC_current_minitab'; + document.getElementById(role+'_maindiv').style.display='block'; + } + } + return false; +} + +function helpdeskAccess(role) { + var curraccess = null; + if (document.$formname.elements[role+'_access'].length) { + for (var i=0; i<document.$formname.elements[role+'_access'].length; i++) { + if (document.$formname.elements[role+'_access'][i].checked) { + curraccess = document.$formname.elements[role+'_access'][i].value; + } + } + } + var shown = Array(); + var hidden = Array(); + if (curraccess == 'none') { + hidden = Array ('$hiddenstr'); + } else { + if (curraccess == 'status') { + shown = Array ('bystatus','privs'); + hidden = Array ('notinc','notexc'); + } else { + if (curraccess == 'exc') { + shown = Array ('notexc','privs'); + hidden = Array ('notinc','bystatus'); + } + if (curraccess == 'inc') { + shown = Array ('notinc','privs'); + hidden = Array ('notexc','bystatus'); + } + if (curraccess == 'all') { + shown = Array ('privs'); + hidden = Array ('notinc','notexc','bystatus'); + } + } + } + if (hidden.length > 0) { + for (var i=0; i<hidden.length; i++) { + if (document.getElementById(role+'_'+hidden[i])) { + document.getElementById(role+'_'+hidden[i]).style.display = 'none'; + } + } + } + if (shown.length > 0) { + for (var i=0; i<shown.length; i++) { + if (document.getElementById(role+'_'+shown[i])) { + if (shown[i] == 'privs') { + document.getElementById(role+'_'+shown[i]).style.display = 'block'; + } else { + document.getElementById(role+'_'+shown[i]).style.display = 'inline'; + } + } + } + } + return; +} + +function toggleAccess(role) { + if ((document.getElementById(role+'_setincrs')) && + (document.getElementById(role+'_setindom'))) { + for (var i=0; i<document.$formname.elements[role+'_incrs'].length; i++) { + if (document.$formname.elements[role+'_incrs'][i].checked) { + if (document.$formname.elements[role+'_incrs'][i].value == 1) { + document.getElementById(role+'_setindom').style.display = 'none'; + document.getElementById(role+'_setincrs').style.display = 'block'; + } else { + document.getElementById(role+'_setincrs').style.display = 'none'; + document.getElementById(role+'_setindom').style.display = 'block'; + } + break; + } + } + } + return; +} + +// ]]> +</script> +ENDJS + + $args->{add_entries} = {onload => "javascript:setFormElements(document.$formname)"}; + + # print page header + $r->print(&header($js,$args)); + # print form header + $r->print('<form action="/adm/createuser" method="post" name="'.$formname.'">'); + + if (keys(%customroles)) { + my %lt = &Apache::lonlocal::texthash( + 'aco' => 'As course owner you may override the defaults set in the domain for role usage and/or privileges.', + 'rou' => 'Role usage', + 'whi' => 'Which helpdesk personnel may use this role?', + 'udd' => 'Use domain default', + 'all' => 'All with domain helpdesk or helpdesk assistant role', + 'dh' => 'All with domain helpdesk role', + 'da' => 'All with domain helpdesk assistant role', + 'none' => 'None', + 'status' => 'Determined based on institutional status', + 'inc' => 'Include all, but exclude specific personnel', + 'exc' => 'Exclude all, but include specific personnel', + 'hel' => 'Helpdesk', + 'rpr' => 'Role privileges', + ); + $lt{'tfh'} = &mt("Custom [_1]ad hoc[_2] course roles available for use by the domain's helpdesk are as follows",'<i>','</i>'); + my %domconfig = &Apache::lonnet::get_dom('configuration',['helpsettings'],$cdom); + my (%domcurrent,%ordered,%description,%domusage,$disabled); + if (ref($domconfig{'helpsettings'}) eq 'HASH') { + if (ref($domconfig{'helpsettings'}{'adhoc'}) eq 'HASH') { + %domcurrent = %{$domconfig{'helpsettings'}{'adhoc'}}; + } + } + my $count = 0; + foreach my $role (sort(keys(%customroles))) { + my ($order,$desc,$access_in_dom); + if (ref($domcurrent{$role}) eq 'HASH') { + $order = $domcurrent{$role}{'order'}; + $desc = $domcurrent{$role}{'desc'}; + $access_in_dom = $domcurrent{$role}{'access'}; + } + if ($order eq '') { + $order = $count; + } + $ordered{$order} = $role; + if ($desc ne '') { + $description{$role} = $desc; + } else { + $description{$role}= $role; + } + $count++; + } + %domusage = &domain_adhoc_access(\%customroles,\%domcurrent,\@accesstypes,$usertypes,$othertitle); + my @roles_by_num = (); + foreach my $item (sort {$a <=> $b } (keys(%ordered))) { + push(@roles_by_num,$ordered{$item}); + } + $r->print('<p>'.$lt{'tfh'}.': <i>'.join('</i>, <i>',map { $description{$_}; } @roles_by_num).'</i>.'); + if ($permission->{'owner'}) { + $r->print('<br />'.$lt{'aco'}.'</p><p>'); + $r->print('<input type="hidden" name="state" value="process" />'. + '<input type="submit" value="'.&mt('Save changes').'" />'); + } else { + if ($env{'course.'.$env{'request.course.id'}.'.internal.courseowner'}) { + my ($ownername,$ownerdom) = split(/:/,$env{'course.'.$env{'request.course.id'}.'.internal.courseowner'}); + $r->print('<br />'.&mt('The course owner -- [_1] -- can override the default access and/or privileges for these ad hoc roles.', + &Apache::loncommon::aboutmewrapper(&Apache::loncommon::plainname($ownername,$ownerdom),$ownername,$ownerdom))); + } + $disabled = ' disabled="disabled"'; + } + $r->print('</p>'); + + $r->print('<div id="LC_minitab_header"><ul>'); + my $count = 0; + my %visibility; + foreach my $role (@roles_by_num) { + my $id; + if ($count == 0) { + $id=' id="LC_current_minitab"'; + $visibility{$role} = ' style="display:block"'; + } else { + $visibility{$role} = ' style="display:none"'; + } + $count ++; + $r->print('<li'.$id.'><a href="#" onclick="javascript:switchRoleTab(this.parentNode,'."'$role'".');">'.$description{$role}.'</a></li>'); + } + $r->print('</ul></div>'); + + foreach my $role (@roles_by_num) { + my %usecheck = ( + all => ' checked="checked"', + ); + my %displaydiv = ( + status => 'none', + inc => 'none', + exc => 'none', + priv => 'block', + ); + my (%selected,$overridden,$incrscheck,$indomcheck,$indomvis,$incrsvis); + if (ref($settings{$role}) eq 'HASH') { + if ($settings{$role}{'access'} ne '') { + $indomvis = ' style="display:none"'; + $incrsvis = ' style="display:block"'; + $incrscheck = ' checked="checked"'; + if ($settings{$role}{'access'} ne 'all') { + $usecheck{$settings{$role}{'access'}} = $usecheck{'all'}; + delete($usecheck{'all'}); + if ($settings{$role}{'access'} eq 'status') { + my $access = 'status'; + $displaydiv{$access} = 'inline'; + if (ref($settings{$role}{$access}) eq 'ARRAY') { + $selected{$access} = $settings{$role}{$access}; + } + } elsif ($settings{$role}{'access'} =~ /^(inc|exc)$/) { + my $access = $1; + $displaydiv{$access} = 'inline'; + if (ref($settings{$role}{$access}) eq 'ARRAY') { + $selected{$access} = $settings{$role}{$access}; + } + } elsif ($settings{$role}{'access'} eq 'none') { + $displaydiv{'priv'} = 'none'; + } + } + } else { + $indomcheck = ' checked="checked"'; + $indomvis = ' style="display:block"'; + $incrsvis = ' style="display:none"'; + } + } else { + $indomcheck = ' checked="checked"'; + $indomvis = ' style="display:block"'; + $incrsvis = ' style="display:none"'; + } + $r->print('<div class="LC_left_float" id="'.$role.'_maindiv"'.$visibility{$role}.'>'. + '<fieldset><legend>'.$lt{'rou'}.'</legend>'. + '<p>'.$lt{'whi'}.' <span class="LC_nobreak">'. + '<label><input type="radio" name="'.$role.'_incrs" value="1"'.$incrscheck.' onclick="toggleAccess('."'$role'".');"'.$disabled.'>'. + &mt('Set here in [_1]',lc($crstype)).'</label>'. + '<span>'.(' 'x2). + '<label><input type="radio" name="'.$role.'_incrs" value="0"'.$indomcheck.' onclick="toggleAccess('."'$role'".');"'.$disabled.'>'. + $lt{'udd'}.'</label><span></p>'. + '<div id="'.$role.'_setindom"'.$indomvis.'>'. + '<span class="LC_cusr_emph">'.$domusage{$role}.'</span></div>'. + '<div id="'.$role.'_setincrs"'.$incrsvis.'>'); + foreach my $access (@accesstypes) { + $r->print('<p><label><input type="radio" name="'.$role.'_access" value="'.$access.'" '.$usecheck{$access}. + ' onclick="helpdeskAccess('."'$role'".');"'.$disabled.' />'.$lt{$access}.'</label>'); + if ($access eq 'status') { + $r->print('<div id="'.$role.'_bystatus" style="display:'.$displaydiv{$access}.'">'. + &Apache::lonuserutils::adhoc_status_types($cdom,undef,$role,$selected{$access}, + $othertitle,$usertypes,$types,$disabled). + '</div>'); + } elsif (($access eq 'inc') && (keys(%domhelpdesk) > 0)) { + $r->print('<div id="'.$role.'_notinc" style="display:'.$displaydiv{$access}.'">'. + &Apache::lonuserutils::adhoc_staff($access,undef,$role,$selected{$access}, + \%domhelpdesk,$disabled). + '</div>'); + } elsif (($access eq 'exc') && (keys(%domhelpdesk) > 0)) { + $r->print('<div id="'.$role.'_notexc" style="display:'.$displaydiv{$access}.'">'. + &Apache::lonuserutils::adhoc_staff($access,undef,$role,$selected{$access}, + \%domhelpdesk,$disabled). + '</div>'); + } + $r->print('</p>'); + } + $r->print('</div></fieldset>'); + my %full=(); + my %levels= ( + course => {}, + domain => {}, + system => {}, + ); + my %levelscurrent=( + course => {}, + domain => {}, + system => {}, + ); + &Apache::lonuserutils::custom_role_privs($customroles{$role},\%full,\%levels,\%levelscurrent); + $r->print('<fieldset id="'.$role.'_privs" style="display:'.$displaydiv{'priv'}.'">'. + '<legend>'.$lt{'rpr'}.'</legend>'. + &role_priv_table($role,$permission,$crstype,\%full,\%levels,\%levelscurrent,$overridden{$role}). + '</fieldset></div><div style="padding:0;clear:both;margin:0;border:0"></div>'); + } + if ($permission->{'owner'}) { + $r->print('<p><input type="submit" value="'.&mt('Save changes').'" /></p>'); + } + } else { + $r->print(&mt('Helpdesk roles have not yet been created in this domain.')); + } + # Form Footer + $r->print('<input type="hidden" name="action" value="helpdesk" />' + .'</form>'); + return; +} + +sub domain_adhoc_access { + my ($roles,$domcurrent,$accesstypes,$usertypes,$othertitle) = @_; + my %domusage; + return unless ((ref($roles) eq 'HASH') && (ref($domcurrent) eq 'HASH') && (ref($accesstypes) eq 'ARRAY')); + foreach my $role (keys(%{$roles})) { + if (ref($domcurrent->{$role}) eq 'HASH') { + my $access = $domcurrent->{$role}{'access'}; + if (($access eq '') || (!grep(/^\Q$access\E$/,@{$accesstypes}))) { + $access = 'all'; + $domusage{$role} = &mt('Any user in domain with active [_1] or [_2] role',&Apache::lonnet::plaintext('dh'), + &Apache::lonnet::plaintext('da')); + } elsif ($access eq 'status') { + if (ref($domcurrent->{$role}{$access}) eq 'ARRAY') { + my @shown; + foreach my $type (@{$domcurrent->{$role}{$access}}) { + unless ($type eq 'default') { + if ($usertypes->{$type}) { + push(@shown,$usertypes->{$type}); + } + } + } + if (grep(/^default$/,@{$domcurrent->{$role}{$access}})) { + push(@shown,$othertitle); + } + if (@shown) { + my $shownstatus = join(' '.&mt('or').' ',@shown); + $domusage{$role} = &mt('Any user in domain with active [_1] or [_2] role, and institutional status: [_3]', + &Apache::lonnet::plaintext('dh'),&Apache::lonnet::plaintext('da'),$shownstatus); + } else { + $domusage{$role} = &mt('No one in the domain'); + } + } + } elsif ($access eq 'inc') { + my @dominc = (); + if (ref($domcurrent->{$role}{'inc'}) eq 'ARRAY') { + foreach my $user (@{$domcurrent->{$role}{'inc'}}) { + my ($uname,$udom) = split(/:/,$user); + push(@dominc,&Apache::loncommon::aboutmewrapper(&Apache::loncommon::plainname($uname,$udom),$uname,$udom)); + } + my $showninc = join(', ',@dominc); + if ($showninc ne '') { + $domusage{$role} = &mt('Include any user in domain with active [_1] or [_2] role, except: [_3]', + &Apache::lonnet::plaintext('dh'),&Apache::lonnet::plaintext('da'),$showninc); + } else { + $domusage{$role} = &mt('Any user in domain with active [_1] or [_2] role', + &Apache::lonnet::plaintext('dh'),&Apache::lonnet::plaintext('da')); + } + } + } elsif ($access eq 'exc') { + my @domexc = (); + if (ref($domcurrent->{$role}{'exc'}) eq 'ARRAY') { + foreach my $user (@{$domcurrent->{$role}{'exc'}}) { + my ($uname,$udom) = split(/:/,$user); + push(@domexc,&Apache::loncommon::aboutmewrapper(&Apache::loncommon::plainname($uname,$udom),$uname,$udom)); + } + } + my $shownexc = join(', ',@domexc); + if ($shownexc ne '') { + $domusage{$role} = &mt('Only the following in the domain with active [_1] or [_2] role: [_3]', + &Apache::lonnet::plaintext('dh'),&Apache::lonnet::plaintext('da'),$shownexc); + } else { + $domusage{$role} = &mt('No one in the domain'); + } + } elsif ($access eq 'none') { + $domusage{$role} = &mt('No one in the domain'); + } elsif ($access eq 'dh') { + $domusage{$role} = &mt('Any user in domain with active [_1] role',&Apache::lonnet::plaintext('dh')); + } elsif ($access eq 'da') { + $domusage{$role} = &mt('Any user in domain with active [_1] role',&Apache::lonnet::plaintext('da')); + } elsif ($access eq 'all') { + $domusage{$role} = &mt('Any user in domain with active [_1] or [_2] role', + &Apache::lonnet::plaintext('dh'),&Apache::lonnet::plaintext('da')); + } + } else { + $domusage{$role} = &mt('Any user in domain with active [_1] or [_2] role', + &Apache::lonnet::plaintext('dh'),&Apache::lonnet::plaintext('da')); + } + } + return %domusage; +} + +sub get_domain_customroles { + my ($cdom,$confname) = @_; + my %existing=&Apache::lonnet::dump('roles',$cdom,$confname,'rolesdef_'); + my %customroles; + foreach my $key (keys(%existing)) { + if ($key=~/^rolesdef\_(\w+)$/) { + my $rolename = $1; + my %privs; + ($privs{'system'},$privs{'domain'},$privs{'course'}) = split(/\_/,$existing{$key}); + $customroles{$rolename} = \%privs; + } + } + return %customroles; +} + +sub role_priv_table { + my ($role,$permission,$crstype,$full,$levels,$levelscurrent,$overridden) = @_; + return unless ((ref($full) eq 'HASH') && (ref($levels) eq 'HASH') && + (ref($levelscurrent) eq 'HASH')); + my %lt=&Apache::lonlocal::texthash ( + 'crl' => 'Course Level Privilege', + 'def' => 'Domain Defaults', + 'ove' => 'Override in Course', + 'ine' => 'In effect', + 'dis' => 'Disabled', + 'ena' => 'Enabled', + ); + if ($crstype eq 'Community') { + $lt{'ove'} = 'Override in Community', + } + my @status = ('Disabled','Enabled'); + my (%on,%off); + if (ref($overridden) eq 'HASH') { + if (ref($overridden->{'on'}) eq 'ARRAY') { + map { $on{$_} = 1; } (@{$overridden->{'on'}}); + } + if (ref($overridden->{'off'}) eq 'ARRAY') { + map { $off{$_} = 1; } (@{$overridden->{'off'}}); + } + } + my $output=&Apache::loncommon::start_data_table(). + &Apache::loncommon::start_data_table_header_row(). + '<th>'.$lt{'crl'}.'</th><th>'.$lt{'def'}.'</th><th>'.$lt{'ove'}. + '</th><th>'.$lt{'ine'}.'</th>'. + &Apache::loncommon::end_data_table_header_row(); + foreach my $priv (sort(keys(%{$full}))) { + next unless ($levels->{'course'}{$priv}); + my $privtext = &Apache::lonnet::plaintext($priv,$crstype); + my ($default,$ineffect); + if ($levelscurrent->{'course'}{$priv}) { + $default = '<img src="/adm/lonIcons/navmap.correct.gif" alt="'.$lt{'ena'}.'" />'; + $ineffect = $default; + } + my ($customstatus,$checked); + $output .= &Apache::loncommon::start_data_table_row(). + '<td>'.$privtext.'</td>'. + '<td>'.$default.'</td><td>'; + if (($levelscurrent->{'course'}{$priv}) && ($off{$priv})) { + if ($permission->{'owner'}) { + $checked = ' checked="checked"'; + } + $customstatus = '<img src="/adm/lonIcons/navmap.wrong.gif" alt="'.$lt{'dis'}.'" />'; + $ineffect = $customstatus; + } elsif ((!$levelscurrent->{'course'}{$priv}) && ($on{$priv})) { + if ($permission->{'owner'}) { + $checked = ' checked="checked"'; + } + $customstatus = '<img src="/adm/lonIcons/navmap.correct.gif" alt="'.$lt{'ena'}.'" />'; + $ineffect = $customstatus; + } + if ($permission->{'owner'}) { + $output .= '<input type="checkbox" name="'.$role.'_override" value="'.$priv.'"'.$checked.' />'; + } else { + $output .= $customstatus; + } + $output .= '</td><td>'.$ineffect.'</td>'. + &Apache::loncommon::end_data_table_row(); + } + $output .= &Apache::loncommon::end_data_table(); + return $output; +} + +sub get_adhocrole_settings { + my ($cid,$accesstypes,$types,$customroles,$settings,$overridden) = @_; + return unless ((ref($accesstypes) eq 'ARRAY') && (ref($customroles) eq 'HASH') && + (ref($settings) eq 'HASH') && (ref($overridden) eq 'HASH')); + foreach my $role (split(/,/,$env{'course.'.$cid.'.internal.adhocaccess'})) { + my ($curraccess,$rest) = split(/=/,$env{'course.'.$cid.'.internal.adhoc.'.$role}); + if (($curraccess ne '') && (grep(/^\Q$curraccess\E$/,@{$accesstypes}))) { + $settings->{$role}{'access'} = $curraccess; + if (($curraccess eq 'status') && (ref($types) eq 'ARRAY')) { + my @status = split(/,/,$rest); + my @currstatus; + foreach my $type (@status) { + if ($type eq 'default') { + push(@currstatus,$type); + } elsif (grep(/^\Q$type\E$/,@{$types})) { + push(@currstatus,$type); + } + } + if (@currstatus) { + $settings->{$role}{$curraccess} = \@currstatus; + } elsif (($curraccess eq 'exc') || ($curraccess eq 'inc')) { + my @personnel = split(/,/,$rest); + $settings->{$role}{$curraccess} = \@personnel; + } + } + } + } + foreach my $role (keys(%{$customroles})) { + if ($env{'course.'.$cid.'.internal.adhocpriv.'.$role}) { + my %currentprivs; + if (ref($customroles->{$role}) eq 'HASH') { + if (exists($customroles->{$role}{'course'})) { + my %full=(); + my %levels= ( + course => {}, + domain => {}, + system => {}, + ); + my %levelscurrent=( + course => {}, + domain => {}, + system => {}, + ); + &Apache::lonuserutils::custom_role_privs($customroles->{$role},\%full,\%levels,\%levelscurrent); + %currentprivs = %{$levelscurrent{'course'}}; + } + } + foreach my $item (split(/,/,$env{'course.'.$cid.'.internal.adhocpriv.'.$role})) { + next if ($item eq ''); + my ($rule,$rest) = split(/=/,$item); + next unless (($rule eq 'off') || ($rule eq 'on')); + foreach my $priv (split(/:/,$rest)) { + if ($priv ne '') { + if ($rule eq 'off') { + push(@{$overridden->{$role}{'off'}},$priv); + if ($currentprivs{$priv}) { + push(@{$settings->{$role}{'off'}},$priv); + } + } else { + push(@{$overridden->{$role}{'on'}},$priv); + unless ($currentprivs{$priv}) { + push(@{$settings->{$role}{'on'}},$priv); + } + } + } + } + } + } + } + return; +} + +sub update_helpdeskaccess { + my ($r,$permission,$brcrum) = @_; + my $helpitem = 'Course_Helpdesk_Access'; + push (@{$brcrum}, + {href => '/adm/createuser?action=helpdesk', + text => 'Helpdesk Access', + help => $helpitem}, + {href => '/adm/createuser?action=helpdesk', + text => 'Result', + help => $helpitem} + ); + my $bread_crumbs_component = 'Helpdesk Staff Access'; + my $args = { bread_crumbs => $brcrum, + bread_crumbs_component => $bread_crumbs_component}; + + # print page header + $r->print(&header('',$args)); + unless ((ref($permission) eq 'HASH') && ($permission->{'owner'})) { + $r->print('<p class="LC_error">'.&mt('You do not have permission to change helpdesk access.').'</p>'); + return; + } + my @accesstypes = ('all','dh','da','none','status','inc','exc'); + my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; + my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; + my $confname = $cdom.'-domainconfig'; + my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($cdom); + my $crstype = &Apache::loncommon::course_type(); + my %customroles = &get_domain_customroles($cdom,$confname); + my (%settings,%overridden); + &get_adhocrole_settings($env{'request.course.id'},\@accesstypes, + $types,\%customroles,\%settings,\%overridden); + my %domhelpdesk = &Apache::lonnet::get_active_domroles($cdom,['dh','da']); + my (%changed,%storehash,@todelete); + + if (keys(%customroles)) { + my (%newsettings,@incrs); + foreach my $role (keys(%customroles)) { + $newsettings{$role} = { + access => '', + status => '', + exc => '', + inc => '', + on => '', + off => '', + }; + my %current; + if (ref($settings{$role}) eq 'HASH') { + %current = %{$settings{$role}}; + } + if (ref($overridden{$role}) eq 'HASH') { + $current{'overridden'} = $overridden{$role}; + } + if ($env{'form.'.$role.'_incrs'}) { + my $access = $env{'form.'.$role.'_access'}; + if (grep(/^\Q$access\E$/,@accesstypes)) { + push(@incrs,$role); + unless ($current{'access'} eq $access) { + $changed{$role}{'access'} = 1; + $storehash{'internal.adhoc.'.$role} = $access; + } + if ($access eq 'status') { + my @statuses = &Apache::loncommon::get_env_multiple('form.'.$role.'_status'); + my @stored; + my @shownstatus; + if (ref($types) eq 'ARRAY') { + foreach my $type (sort(@statuses)) { + if ($type eq 'default') { + push(@stored,$type); + } elsif (grep(/^\Q$type\E$/,@{$types})) { + push(@stored,$type); + push(@shownstatus,$usertypes->{$type}); + } + } + if (grep(/^default$/,@statuses)) { + push(@shownstatus,$othertitle); + } + $storehash{'internal.adhoc.'.$role} .= '='.join(',',@stored); + } + $newsettings{$role}{'status'} = join(' '.&mt('or').' ',@shownstatus); + if (ref($current{'status'}) eq 'ARRAY') { + my @diffs = &Apache::loncommon::compare_arrays(\@stored,$current{'status'}); + if (@diffs) { + $changed{$role}{'status'} = 1; + } + } elsif (@stored) { + $changed{$role}{'status'} = 1; + } + } elsif (($access eq 'inc') || ($access eq 'exc')) { + my @personnel = &Apache::loncommon::get_env_multiple('form.'.$role.'_staff_'.$access); + my @newspecstaff; + my @stored; + my @currstaff; + foreach my $person (sort(@personnel)) { + if ($domhelpdesk{$person}) { + push(@stored,$person); + } + } + if (ref($current{$access}) eq 'ARRAY') { + my @diffs = &Apache::loncommon::compare_arrays(\@stored,$current{$access}); + if (@diffs) { + $changed{$role}{$access} = 1; + } + } elsif (@stored) { + $changed{$role}{$access} = 1; + } + $storehash{'internal.adhoc.'.$role} .= '='.join(',',@stored); + foreach my $person (@stored) { + my ($uname,$udom) = split(/:/,$person); + push(@newspecstaff,&Apache::loncommon::aboutmewrapper(&Apache::loncommon::plainname($uname,$udom,'lastname'),$uname,$udom)); + } + $newsettings{$role}{$access} = join(', ',sort(@newspecstaff)); + } + $newsettings{$role}{'access'} = $access; + } + } else { + if (($current{'access'} ne '') && (grep(/^\Q$current{'access'}\E$/,@accesstypes))) { + $changed{$role}{'access'} = 1; + $newsettings{$role} = {}; + push(@todelete,'internal.adhoc.'.$role); + } + } + if (($env{'form.'.$role.'_incrs'}) && ($env{'form.'.$role.'_access'} eq 'none')) { + if (ref($current{'overridden'}) eq 'HASH') { + push(@todelete,'internal.adhocpriv.'.$role); + } + } else { + my %full=(); + my %levels= ( + course => {}, + domain => {}, + system => {}, + ); + my %levelscurrent=( + course => {}, + domain => {}, + system => {}, + ); + &Apache::lonuserutils::custom_role_privs($customroles{$role},\%full,\%levels,\%levelscurrent); + my (@updatedon,@updatedoff,@override); + @override = &Apache::loncommon::get_env_multiple('form.'.$role.'_override'); + if (@override) { + foreach my $priv (sort(keys(%full))) { + next unless ($levels{'course'}{$priv}); + if (grep(/^\Q$priv\E$/,@override)) { + if ($levelscurrent{'course'}{$priv}) { + push(@updatedoff,$priv); + } else { + push(@updatedon,$priv); + } + } + } + } + if (@updatedon) { + $newsettings{$role}{'on'} = join('</li><li>', map { &Apache::lonnet::plaintext($_,$crstype) } (@updatedon)); + } + if (@updatedoff) { + $newsettings{$role}{'off'} = join('</li><li>', map { &Apache::lonnet::plaintext($_,$crstype) } (@updatedoff)); + } + if (ref($current{'overridden'}) eq 'HASH') { + if (ref($current{'overridden'}{'on'}) eq 'ARRAY') { + if (@updatedon) { + my @diffs = &Apache::loncommon::compare_arrays(\@updatedon,$current{'overridden'}{'on'}); + if (@diffs) { + $changed{$role}{'on'} = 1; + } + } else { + $changed{$role}{'on'} = 1; + } + } elsif (@updatedon) { + $changed{$role}{'on'} = 1; + } + if (ref($current{'overridden'}{'off'}) eq 'ARRAY') { + if (@updatedoff) { + my @diffs = &Apache::loncommon::compare_arrays(\@updatedoff,$current{'overridden'}{'off'}); + if (@diffs) { + $changed{$role}{'off'} = 1; + } + } else { + $changed{$role}{'off'} = 1; + } + } elsif (@updatedoff) { + $changed{$role}{'off'} = 1; + } + } else { + if (@updatedon) { + $changed{$role}{'on'} = 1; + } + if (@updatedoff) { + $changed{$role}{'off'} = 1; + } + } + if (ref($changed{$role}) eq 'HASH') { + if (($changed{$role}{'on'} || $changed{$role}{'off'})) { + my $newpriv; + if (@updatedon) { + $newpriv = 'on='.join(':',@updatedon); + } + if (@updatedoff) { + $newpriv .= ($newpriv ? ',' : '' ).'off='.join(':',@updatedoff); + } + if ($newpriv eq '') { + push(@todelete,'internal.adhocpriv.'.$role); + } else { + $storehash{'internal.adhocpriv.'.$role} = $newpriv; + } + } + } + } + } + if (@incrs) { + $storehash{'internal.adhocaccess'} = join(',',@incrs); + } elsif (@todelete) { + push(@todelete,'internal.adhocaccess'); + } + if (keys(%changed)) { + my ($putres,$delres); + if (keys(%storehash)) { + $putres = &Apache::lonnet::put('environment',\%storehash,$cdom,$cnum); + my %newenvhash; + foreach my $key (keys(%storehash)) { + $newenvhash{'course.'.$env{'request.course.id'}.'.'.$key} = $storehash{$key}; + } + &Apache::lonnet::appenv(\%newenvhash); + } + if (@todelete) { + $delres = &Apache::lonnet::del('environment',\@todelete,$cdom,$cnum); + foreach my $key (@todelete) { + &Apache::lonnet::delenv('course.'.$env{'request.course.id'}.'.'.$key); + } + } + if (($putres eq 'ok') || ($delres eq 'ok')) { + my %domconfig = &Apache::lonnet::get_dom('configuration',['helpsettings'],$cdom); + my (%domcurrent,%ordered,%description,%domusage); + if (ref($domconfig{'helpsettings'}) eq 'HASH') { + if (ref($domconfig{'helpsettings'}{'adhoc'}) eq 'HASH') { + %domcurrent = %{$domconfig{'helpsettings'}{'adhoc'}}; + } + } + my $count = 0; + foreach my $role (sort(keys(%customroles))) { + my ($order,$desc); + if (ref($domcurrent{$role}) eq 'HASH') { + $order = $domcurrent{$role}{'order'}; + $desc = $domcurrent{$role}{'desc'}; + } + if ($order eq '') { + $order = $count; + } + $ordered{$order} = $role; + if ($desc ne '') { + $description{$role} = $desc; + } else { + $description{$role}= $role; + } + $count++; + } + my @roles_by_num = (); + foreach my $item (sort {$a <=> $b } (keys(%ordered))) { + push(@roles_by_num,$ordered{$item}); + } + %domusage = &domain_adhoc_access(\%changed,\%domcurrent,\@accesstypes,$usertypes,$othertitle); + $r->print(&mt('Helpdesk access settings have been changed as follows').'<br />'); + $r->print('<ul>'); + foreach my $role (@roles_by_num) { + next unless (ref($changed{$role}) eq 'HASH'); + $r->print('<li>'.&mt('Ad hoc role').': <b>'.$description{$role}.'</b>'. + '<ul>'); + if ($changed{$role}{'access'} || $changed{$role}{'status'} || $changed{$role}{'inc'} || $changed{$role}{'exc'}) { + $r->print('<li>'); + if ($env{'form.'.$role.'_incrs'}) { + if ($newsettings{$role}{'access'} eq 'all') { + $r->print(&mt('All helpdesk staff can access '.lc($crstype).' with this role.')); + } elsif ($newsettings{$role}{'access'} eq 'dh') { + $r->print(&mt('Helpdesk staff can use this role if they have an active [_1] role', + &Apache::lonnet::plaintext('dh'))); + } elsif ($newsettings{$role}{'access'} eq 'da') { + $r->print(&mt('Helpdesk staff can use this role if they have an active [_1] role', + &Apache::lonnet::plaintext('da'))); + } elsif ($newsettings{$role}{'access'} eq 'none') { + $r->print(&mt('No helpdesk staff can access '.lc($crstype).' with this role.')); + } elsif ($newsettings{$role}{'access'} eq 'status') { + if ($newsettings{$role}{'status'}) { + my ($access,$rest) = split(/=/,$storehash{'internal.adhoc.'.$role}); + if (split(/,/,$rest) > 1) { + $r->print(&mt('Helpdesk staff can use this role if their institutional type is one of: [_1].', + $newsettings{$role}{'status'})); + } else { + $r->print(&mt('Helpdesk staff can use this role if their institutional type is: [_1].', + $newsettings{$role}{'status'})); + } + } else { + $r->print(&mt('No helpdesk staff can access '.lc($crstype).' with this role.')); + } + } elsif ($newsettings{$role}{'access'} eq 'exc') { + if ($newsettings{$role}{'exc'}) { + $r->print(&mt('Helpdesk staff who can use this role are as follows:').' '.$newsettings{$role}{'exc'}.'.'); + } else { + $r->print(&mt('No helpdesk staff can access '.lc($crstype).' with this role.')); + } + } elsif ($newsettings{$role}{'access'} eq 'inc') { + if ($newsettings{$role}{'inc'}) { + $r->print(&mt('All helpdesk staff may use this role except the following:').' '.$newsettings{$role}{'inc'}.'.'); + } else { + $r->print(&mt('All helpdesk staff may use this role.')); + } + } + } else { + $r->print(&mt('Default access set in the domain now applies.').'<br />'. + '<span class="LC_cusr_emph">'.$domusage{$role}.'</span>'); + } + $r->print('</li>'); + } + unless ($newsettings{$role}{'access'} eq 'none') { + if ($changed{$role}{'off'}) { + if ($newsettings{$role}{'off'}) { + $r->print('<li>'.&mt('Privileges which are available by default for this ad hoc role, but are disabled for this specific '.lc($crstype).':'). + '<ul><li>'.$newsettings{$role}{'off'}.'</li></ul></li>'); + } else { + $r->print('<li>'.&mt('All privileges available by default for this ad hoc role are enabled.').'</li>'); + } + } + if ($changed{$role}{'on'}) { + if ($newsettings{$role}{'on'}) { + $r->print('<li>'.&mt('Privileges which are not available by default for this ad hoc role, but are enabled for this specific '.lc($crstype).':'). + '<ul><li>'.$newsettings{$role}{'on'}.'</li></ul></li>'); + } else { + $r->print('<li>'.&mt('None of the privileges unavailable by default for this ad hoc role are enabled.').'</li>'); + } + } + } + $r->print('</ul></li>'); + } + $r->print('</ul>'); + } + } else { + $r->print(&mt('No changes made to helpdesk access settings.')); + } + } + return; +} + #-------------------------------------------------- functions for &phase_two sub user_search_result { my ($context,$srch) = @_; @@ -7186,7 +8522,7 @@ sub user_search_result { } else { unless (($context eq 'requestcrs') && ($srch->{'srchtype'} eq 'exact')) { my $domd_chk = &domdirectorysrch_check($srch); - if ($domd_chk ne 'ok') { + if (($domd_chk ne 'ok') && ($env{'form.action'} ne 'accesslogs')) { my $instd_chk = &instdirectorysrch_check($srch); $response .= '<span class="LC_warning">'.$domd_chk.'</span><br />'; if ($instd_chk eq 'ok') { @@ -7537,7 +8873,7 @@ sub build_search_response { if ($srch->{'srchin'} ne 'alc') { $forcenewuser = 1; my $cansrchinst = 0; - if ($srch->{'srchdomain'}) { + if (($srch->{'srchdomain'}) && ($env{'form.action'} ne 'accesslogs')) { my %domconfig = &Apache::lonnet::get_dom('configuration',['directorysrch'],$srch->{'srchdomain'}); if (ref($domconfig{'directorysrch'}) eq 'HASH') { if ($domconfig{'directorysrch'}{'available'}) { @@ -7587,18 +8923,20 @@ sub build_search_response { .&mt("Click 'Search'") .'</li></ul><br />'; } else { - my $helplink = ' href="javascript:helpMenu('."'display'".')"'; - $response .= '<br /><br />'; - if ($context eq 'requestcrs') { - $response .= &mt("You are not authorized to define new users in the new course's domain - [_1].",$targetdom); - } else { - $response .= &mt("You are not authorized to create new users in your current role's domain - [_1].",$targetdom); + unless (($context eq 'domain') && ($env{'form.action'} eq 'singleuser')) { + my $helplink = ' href="javascript:helpMenu('."'display'".')"'; + $response .= '<br /><br />'; + if ($context eq 'requestcrs') { + $response .= &mt("You are not authorized to define new users in the new course's domain - [_1].",$targetdom); + } else { + $response .= &mt("You are not authorized to create new users in your current role's domain - [_1].",$targetdom); + } + $response .= '<br />' + .&mt('Please contact the [_1]helpdesk[_2] if you need to create a new user.' + ,' <a'.$helplink.'>' + ,'</a>') + .'<br />'; } - $response .= '<br />' - .&mt('Please contact the [_1]helpdesk[_2] if you need to create a new user.' - ,' <a'.$helplink.'>' - ,'</a>') - .'<br />'; } } }