--- loncom/interface/loncreateuser.pm 2016/10/22 17:56:12 1.417 +++ loncom/interface/loncreateuser.pm 2016/11/12 00:16:24 1.421 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Create a user # -# $Id: loncreateuser.pm,v 1.417 2016/10/22 17:56:12 raeburn Exp $ +# $Id: loncreateuser.pm,v 1.421 2016/11/12 00:16:24 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -160,7 +160,8 @@ END_SCRIPT '<h3>'.$lt{'usrt'}.'</h3>'."\n". &Apache::loncommon::start_data_table(); - if (&Apache::lonnet::allowed('mut',$ccdomain)) { + if ((&Apache::lonnet::allowed('mut',$ccdomain)) || + (&Apache::lonnet::allowed('udp',$ccdomain))) { $output .= &build_tools_display($ccuname,$ccdomain,'tools'); } @@ -267,7 +268,7 @@ sub build_tools_display { $colspan = ' colspan="2"'; %domconfig = &Apache::lonnet::get_dom('configuration',['requestcourses'],$ccdomain); - $isadv = &Apache::lonnet::is_advanced_user($ccuname,$ccdomain); + $isadv = &Apache::lonnet::is_advanced_user($ccdomain,$ccuname); } elsif ($context eq 'requestauthor') { %userenv = &Apache::lonnet::userenvironment($ccdomain,$ccuname, 'requestauthor'); @@ -334,6 +335,7 @@ sub build_tools_display { ' <td'.$colspan.'>'.$lt{$item}.'</td>'."\n". ' </tr>'."\n". &Apache::loncommon::start_data_table_row()."\n"; + if (($context eq 'requestcourses') || ($context eq 'requestauthor')) { my ($curroption,$currlimit); my $envkey = $context.'.'.$item; @@ -428,7 +430,9 @@ sub build_tools_display { } $output .= ' <td'.$colspan.'>'.$custom_access.(' 'x4). $lt{'avai'}.': '.$currdisp.'</td>'."\n". - &Apache::loncommon::end_data_table_row()."\n". + &Apache::loncommon::end_data_table_row()."\n"; + unless (&Apache::lonnet::allowed('udp',$ccdomain)) { + $output .= &Apache::loncommon::start_data_table_row()."\n". ' <td style="vertical-align:top;"><span class="LC_nobreak">'. $lt{'chse'}.': <label>'. @@ -437,6 +441,7 @@ sub build_tools_display { '<label><input type="radio" name="custom'.$item.'" value="1" '. $cust_on.'/>'.$lt{'uscu'}.'</label>'.$custradio.'</td>'. &Apache::loncommon::end_data_table_row()."\n"; + } } return $output; } @@ -536,7 +541,10 @@ sub domadhocroles { my $confname = &Apache::lonnet::get_domainconfiguser($env{'request.role.domain'}); my %existing=&Apache::lonnet::dump('roles',$env{'request.role.domain'}, $confname,'rolesdef_'); - my $output; + my ($output,$canmodify); + if (&Apache::lonnet::allowed('cdh',$env{'request.role.domain'})) { + $canmodify = 1; + } if (keys(%existing) > 0) { my @current; my $curradhoc = 'adhocroles.'.$env{'request.role.domain'}; @@ -544,6 +552,9 @@ sub domadhocroles { if ($userenv{$curradhoc}) { @current = split(/,/,$userenv{$curradhoc}); } + if (!$canmodify && !@current) { + return; + } my %customroles; foreach my $key (keys(%existing)) { if ($key=~/^rolesdef\_(\w+)$/) { @@ -557,22 +568,28 @@ sub domadhocroles { &mt('Ad Hoc Course Roles Selectable via Helpdesk Role'). '</h3>'."\n". &Apache::loncommon::start_data_table(). - &Apache::loncommon::start_data_table_header_row(). - '<th>'.&mt('Action').'</th><th>'.&mt('Role').'</th>'. - '<th>'.&mt('Privileges in Course').'<th>'. - &Apache::loncommon::end_data_table_header_row(); + &Apache::loncommon::start_data_table_header_row(); + if ($canmodify) { + $output .= '<th>'.&mt('Action').'</th>'; + } + $output .= '<th>'.&mt('Role').'</th>'. + '<th>'.&mt('Privileges in Course').'<th>'. + &Apache::loncommon::end_data_table_header_row(); foreach my $key (sort(keys(%customroles))) { + next if ((!$canmodify) && (!grep(/^\Q$key\E$/,@current))); $output .= &Apache::loncommon::start_data_table_row(); - if (grep(/^\Q$key\E$/,@current)) { - $output .= '<td><label>'. - '<input type="checkbox" name="adhocroledel" value="'.$key.'" />'. - &mt('Delete').'</label>'. - '</td>'; - } else { - $output .= '<td><label>'. - '<input type="checkbox" name="adhocroleadd" value="'.$key.'" />'. - &mt('Add').'</label>'. - '</td>'; + if ($canmodify) { + if (grep(/^\Q$key\E$/,@current)) { + $output .= '<td><label>'. + '<input type="checkbox" name="adhocroledel" value="'.$key.'" />'. + &mt('Delete').'</label>'. + '</td>'; + } else { + $output .= '<td><label>'. + '<input type="checkbox" name="adhocroleadd" value="'.$key.'" />'. + &mt('Add').'</label>'. + '</td>'; + } } $output .= '<td>'.$key.'</td><td>'; foreach my $level ('course','domain','system') { @@ -1207,10 +1224,15 @@ sub print_user_modification_page { } $response .= '<p class="LC_warning">' .&mt("You are not authorized to create new $usertypetext{$usertype} users in this domain.") - .' ' - .&mt('Please contact the [_1]helpdesk[_2] for assistance.' - ,'<a href="'.$helplink.'">','</a>') - .'</p><br />'; + .' '; + if ($context eq 'domain') { + $response .= &mt('Please contact a [_1] for assistance.', + &Apache::lonnet::plaintext('dc')); + } else { + $response .= &mt('Please contact the [_1]helpdesk[_2] for assistance.' + ,'<a href="'.$helplink.'">','</a>'); + } + $response .= '</p><br />'; $env{'form.phase'} = ''; &print_username_entry_form($r,$context,$response,undef,undef,$crstype,$brcrum); return; @@ -1467,14 +1489,20 @@ ENDAUTH '"'.$ccuname.'"','"'.$ccdomain.'"'); } } else { - $title = &mt('Modify existing user: [_1] in domain [_2]', + if ($permission->{'cusr'}) { + $title = &mt('Modify existing user: [_1] in domain [_2]', '"'.$ccuname.'"','"'.$ccdomain.'"'); + } else { + $title = &mt('Existing user: [_1] in domain [_2]', + '"'.$ccuname.'"','"'.$ccdomain.'"'); + } } $r->print('<h2>'.$title.'</h2>'."\n"); $r->print('<div class="LC_left_float">'); $r->print(&personal_data_display($ccuname,$ccdomain,$newuser,$context, $inst_results{$ccuname.':'.$ccdomain})); - if (&Apache::lonnet::allowed('ccc',$env{'request.role.domain'})) { + if ((&Apache::lonnet::allowed('ccc',$env{'request.role.domain'})) || + (&Apache::lonnet::allowed('udp',$env{'request.role.domain'}))) { $r->print('<br /><h3>'.&mt('User Can Request Creation of Courses/Communities in this Domain?').'</h3>'. &Apache::loncommon::start_data_table()); if ($env{'request.role.domain'} eq $ccdomain) { @@ -1489,18 +1517,21 @@ ENDAUTH my @order = ('auth','quota','tools','requestauthor','adhocroles'); my %user_text; my ($isadv,$isauthor) = - &Apache::lonnet::is_advanced_user($ccuname,$ccdomain); + &Apache::lonnet::is_advanced_user($ccdomain,$ccuname); if ((!$isauthor) && - (&Apache::lonnet::allowed('cau',$env{'request.role.domain'})) - && ($env{'request.role.domain'} eq $ccdomain)) { + ((&Apache::lonnet::allowed('cau',$env{'request.role.domain'})) || + (&Apache::lonnet::allowed('udp',$env{'request.role.domain'}))) && + ($env{'request.role.domain'} eq $ccdomain)) { $user_text{'requestauthor'} = &domainrole_req($ccuname,$ccdomain); } - if (&Apache::lonnet::allowed('cdh',$env{'request.role.domain'})) { + if ((&Apache::lonnet::allowed('cdh',$env{'request.role.domain'})) || + (&Apache::lonnet::allowed('udp',$env{'request.role.domain'}))) { $user_text{'adhocroles'} = &domadhocroles($ccuname,$ccdomain); } $user_text{'auth'} = &user_authentication($ccuname,$ccdomain,$formname); if ((&Apache::lonnet::allowed('mpq',$ccdomain)) || - (&Apache::lonnet::allowed('mut',$ccdomain))) { + (&Apache::lonnet::allowed('mut',$ccdomain)) || + (&Apache::lonnet::allowed('udp',$ccdomain))) { # Current user has quota modification privileges $user_text{'quota'} = &user_quotas($ccuname,$ccdomain); } @@ -1558,9 +1589,18 @@ ENDNOTOOLSPRIV if ($gotdiv) { $r->print('</div><div class="LC_clear_float_footer"></div>'); } + my $statuses; + if (($context eq 'domain') && (&Apache::lonnet::allowed('udp',$ccdomain)) && + (!&Apache::lonnet::allowed('mau',$ccdomain))) { + $statuses = ['active']; + } elsif (($context eq 'course') && ((&Apache::lonnet::allowed('vcl',$env{'request.course.id'})) || + ($env{'request.course.sec'} && + &Apache::lonnet::allowed('vcl',$env{'request.course.id'}.'/'.$env{'request.course.sec'})))) { + $statuses = ['active']; + } if ($env{'form.action'} ne 'singlestudent') { &display_existing_roles($r,$ccuname,$ccdomain,\%inccourses,$context, - $roledom,$crstype); + $roledom,$crstype,$showcredits,$statuses); } } ## End of new user/old user logic if ($env{'form.action'} eq 'singlestudent') { @@ -1571,7 +1611,7 @@ ENDNOTOOLSPRIV $btntxt = &mt('Enroll Student'); } $r->print('<br /><input type="button" value="'.$btntxt.'" onclick="setSections(this.form)" />'."\n"); - } else { + } elsif ($permission->{'cusr'}) { $r->print('<div class="LC_left_float">'. '<fieldset><legend>'.&mt('Add Roles').'</legend>'); my $addrolesdisplay = 0; @@ -1701,8 +1741,22 @@ sub validation_javascript { sub display_existing_roles { my ($r,$ccuname,$ccdomain,$inccourses,$context,$roledom,$crstype, - $showcredits) = @_; + $showcredits,$statuses) = @_; my $now=time; + my $showall = 1; + my ($showexpired,$showactive); + if ((ref($statuses) eq 'ARRAY') && (@{$statuses} > 0)) { + $showall = 0; + if (grep(/^expired$/,@{$statuses})) { + $showexpired = 1; + } + if (grep(/^active$/,@{$statuses})) { + $showactive = 1; + } + if ($showexpired && $showactive) { + $showall = 1; + } + } my %lt=&Apache::lonlocal::texthash( 'rer' => "Existing Roles", 'rev' => "Revoke", @@ -1766,6 +1820,13 @@ sub display_existing_roles { $area =~ s/\_\w\w$//; my ($role_code,$role_end_time,$role_start_time) = split(/_/,$role); + my $active=1; + $active=0 if (($role_end_time) && ($now>$role_end_time)); + if ($active) { + next unless($showall || $showactive); + } else { + next unless($showall || $showexpired); + } # Is this a custom role? Get role owner and title. my ($croleudom,$croleuname,$croletitle)= ($role_code=~m{^cr/($match_domain)/($match_username)/(\w+)$}); @@ -1774,11 +1835,13 @@ sub display_existing_roles { my $sortkey=$role_code; my $class='Unknown'; my $credits=''; - if ($area =~ m{^/($match_domain)/($match_courseid)} ) { + my $csec; + if ($area =~ m{^/($match_domain)/($match_courseid)}) { $class='Course'; my ($coursedom,$coursedir) = ($1,$2); my $cid = $1.'_'.$2; # $1.'_'.$2 is the course id (eg. 103_12345abcef103l3). + next if ($envkey =~ m{^/$match_domain/$match_courseid/[A-Za-z0-9]+_gr$}); my %coursedata= &Apache::lonnet::coursedescription($cid); if ($coursedir =~ /^$match_community$/) { @@ -1836,12 +1899,13 @@ sub display_existing_roles { $thisrole.='.'.$role_code; } } - if ($area=~m{^/($match_domain)/($match_courseid)/(\w+)}) { - $carea.='<br />'.&mt('Section: [_1]',$3); - $sortkey.="\0$3"; + if ($area=~m{^/($match_domain/$match_courseid/(\w+))}) { + $csec = $2; + $carea.='<br />'.&mt('Section: [_1]',$csec); + $sortkey.="\0$csec"; if (!$allowed) { - if ($env{'request.course.sec'} eq $3) { - if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2.'/'.$3)) { + if ($env{'request.course.sec'} eq $csec) { + if (&Apache::lonnet::allowed('c'.$role_code,$1)) { $allowed = 1; } } @@ -1883,29 +1947,30 @@ sub display_existing_roles { } } my $row = ''; - $row.= '<td>'; - my $active=1; - $active=0 if (($role_end_time) && ($now>$role_end_time)); - if (($active) && ($allowed)) { - $row.= '<input type="checkbox" name="rev:'.$thisrole.'" />'; - } else { - if ($active) { - $row.=' '; + if ($showall) { + $row.= '<td>'; + if (($active) && ($allowed)) { + $row.= '<input type="checkbox" name="rev:'.$thisrole.'" />'; } else { - $row.=&mt('expired or revoked'); + if ($active) { + $row.=' '; + } else { + $row.=&mt('expired or revoked'); + } } - } - $row.='</td><td>'; - if ($allowed && !$active) { - $row.= '<input type="checkbox" name="ren:'.$thisrole.'" />'; - } else { - $row.=' '; - } - $row.='</td><td>'; - if ($delallowed) { - $row.= '<input type="checkbox" name="del:'.$thisrole.'" />'; - } else { - $row.=' '; + $row.='</td><td>'; + if ($allowed && !$active) { + $row.= '<input type="checkbox" name="ren:'.$thisrole.'" />'; + } else { + $row.=' '; + } + $row.='</td><td>'; + if ($delallowed) { + $row.= '<input type="checkbox" name="del:'.$thisrole.'" />'; + } else { + $row.=' '; + } + $row.= '</td>'; } my $plaintext=''; if (!$croletitle) { @@ -1923,17 +1988,31 @@ sub display_existing_roles { '<br />', $croleuname.':'.$croleudom); } - $row.= '</td><td>'.$plaintext. - '</td><td>'.$area. - '</td><td>'.($role_start_time?&Apache::lonlocal::locallocaltime($role_start_time) - : ' ' ). - '</td><td>'.($role_end_time ?&Apache::lonlocal::locallocaltime($role_end_time) - : ' ' ) - ."</td>"; + $row.= '<td>'.$plaintext.'</td>'. + '<td>'.$area.'</td>'. + '<td>'.($role_start_time?&Apache::lonlocal::locallocaltime($role_start_time) + : ' ' ).'</td>'. + '<td>'.($role_end_time ?&Apache::lonlocal::locallocaltime($role_end_time) + : ' ' ).'</td>'; $sortrole{$sortkey}=$envkey; $roletext{$envkey}=$row; $roleclass{$envkey}=$class; - $rolepriv{$envkey}=$allowed; + if ($allowed) { + $rolepriv{$envkey}='edit'; + } else { + if ($context eq 'domain') { + if ((&Apache::lonnet::allowed('vur',$ccdomain)) && + ($envkey=~m{^/$ccdomain/})) { + $rolepriv{$envkey}='view'; + } + } elsif ($context eq 'course') { + if ((&Apache::lonnet::allowed('vcl',$env{'request.course.id'})) || + ($env{'request.course.sec'} && ($env{'request.course.sec'} eq $csec) && + &Apache::lonnet::allowed('vcl',$env{'request.course.id'}.'/'.$env{'request.course.sec'}))) { + $rolepriv{$envkey}='view'; + } + } + } } # end of foreach (table building loop) my $rolesdisplay = 0; @@ -1966,15 +2045,28 @@ sub display_existing_roles { } elsif ($env{'request.role'} =~ /^au\./) { $contextrole = &mt('Existing Co-Author Roles in your Authoring Space'); } else { - $contextrole = &mt('Existing Roles in this Domain'); + if ($showall) { + $contextrole = &mt('Existing Roles in this Domain'); + } elsif ($showactive) { + $contextrole = &mt('Unexpired Roles in this Domain'); + } elsif ($showexpired) { + $contextrole = &mt('Expired or Revoked Roles in this Domain'); + } } $r->print('<div class="LC_left_float">'. '<fieldset><legend>'.$contextrole.'</legend>'. &Apache::loncommon::start_data_table("LC_createuser"). -&Apache::loncommon::start_data_table_header_row(). -'<th>'.$lt{'rev'}.'</th><th>'.$lt{'ren'}.'</th><th>'.$lt{'del'}. -'</th><th>'.$lt{'rol'}.'</th><th>'.$lt{'ext'}. -'</th><th>'.$lt{'sta'}.'</th><th>'.$lt{'end'}.'</th>'. +&Apache::loncommon::start_data_table_header_row()); + if ($showall) { + $r->print( +'<th>'.$lt{'rev'}.'</th><th>'.$lt{'ren'}.'</th><th>'.$lt{'del'}.'</th>' + ); + } elsif ($showexpired) { + $r->print('<th>'.$lt{'rev'}.'</th>'); + } + $r->print( +'<th>'.$lt{'rol'}.'</th><th>'.$lt{'ext'}.'</th>'. +'<th>'.$lt{'sta'}.'</th><th>'.$lt{'end'}.'</th>'. &Apache::loncommon::end_data_table_header_row()); foreach my $type ('Authoring Space','Course','Community','Domain','System','Unknown') { if ($output{$type}) { @@ -2112,16 +2204,16 @@ sub user_authentication { my ($ccuname,$ccdomain,$formname) = @_; my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain); my $outcome; + my %lt=&Apache::lonlocal::texthash( + 'err' => "ERROR", + 'uuas' => "This user has an unrecognized authentication scheme", + 'adcs' => "Please alert a domain coordinator of this situation", + 'sldb' => "Please specify login data below", + 'ld' => "Login Data" + ); # Check for a bad authentication type if ($currentauth !~ /^(krb4|krb5|unix|internal|localauth):/) { # bad authentication scheme - my %lt=&Apache::lonlocal::texthash( - 'err' => "ERROR", - 'uuas' => "This user has an unrecognized authentication scheme", - 'adcs' => "Please alert a domain coordinator of this situation", - 'sldb' => "Please specify login data below", - 'ld' => "Login Data" - ); if (&Apache::lonnet::allowed('mau',$ccdomain)) { &initialize_authen_forms($ccdomain,$formname); @@ -2147,16 +2239,12 @@ $lt{'uuas'} ($currentauth). $lt{'adcs'}. ENDBADAUTH } } else { # Authentication type is valid + &initialize_authen_forms($ccdomain,$formname,$currentauth,'modifyuser'); my ($authformcurrent,$can_modify,@authform_others) = &modify_login_block($ccdomain,$currentauth); if (&Apache::lonnet::allowed('mau',$ccdomain)) { # Current user has login modification privileges - my %lt=&Apache::lonlocal::texthash ( - 'ld' => "Login Data", - 'ccld' => "Change Current Login Data", - 'enld' => "Enter New Login Data" - ); $outcome = '<script type="text/javascript" language="Javascript">'."\n". '// <![CDATA['."\n". @@ -2167,7 +2255,7 @@ ENDBADAUTH &Apache::loncommon::start_data_table(). &Apache::loncommon::start_data_table_row(). '<td>'.$authformnop; - if ($can_modify) { + if (($can_modify) && (&Apache::lonnet::allowed('mau',$ccdomain))) { $outcome .= '</td>'."\n". &Apache::loncommon::end_data_table_row(). &Apache::loncommon::start_data_table_row(). @@ -2177,14 +2265,40 @@ ENDBADAUTH $outcome .= ' ('.$authformcurrent.')</td>'. &Apache::loncommon::end_data_table_row()."\n"; } - foreach my $item (@authform_others) { - $outcome .= &Apache::loncommon::start_data_table_row(). - '<td>'.$item.'</td>'. - &Apache::loncommon::end_data_table_row()."\n"; + if (&Apache::lonnet::allowed('mau',$ccdomain)) { + foreach my $item (@authform_others) { + $outcome .= &Apache::loncommon::start_data_table_row(). + '<td>'.$item.'</td>'. + &Apache::loncommon::end_data_table_row()."\n"; + } } $outcome .= &Apache::loncommon::end_data_table(); } else { - if (&Apache::lonnet::allowed('mau',$env{'request.role.domain'})) { + if (&Apache::lonnet::allowed('udp',$ccdomain)) { + # Current user has rights to view domain preferences for user's domain + my $result; + if ($currentauth =~ /^krb(4|5):([^:]*)$/) { + my ($krbver,$krbrealm) = ($1,$2); + if ($krbrealm eq '') { + $result = &mt('Currently Kerberos authenticated, Version [_1].',$krbver); + } else { + $result = &mt('Currently Kerberos authenticated with domain [_1] Version [_2].', + $krbver,$krbrealm); + } + } elsif ($currentauth =~ /^internal:/) { + $result = &mt('Currently internally authenticated.'); + } elsif ($currentauth =~ /^localauth:/) { + $result = &mt('Currently using local (institutional) authentication.'); + } elsif ($currentauth =~ /^unix:/) { + $result = &mt('Currently Filesystem Authenticated.'); + } + $outcome = '<h3>'.$lt{'ld'}.'</h3>'. + &Apache::loncommon::start_data_table(). + &Apache::loncommon::start_data_table_row(). + '<td>'.$result.'</td>'. + &Apache::loncommon::end_data_table_row()."\n". + &Apache::loncommon::end_data_table(); + } elsif (&Apache::lonnet::allowed('mau',$env{'request.role.domain'})) { my %lt=&Apache::lonlocal::texthash( 'ccld' => "Change Current Login Data", 'yodo' => "You do not have privileges to modify the authentication configuration for this user.", @@ -4628,6 +4742,7 @@ sub handler { } } elsif (((($env{'form.action'} eq 'singleuser') || ($env{'form.action'} eq 'singlestudent')) && ($permission->{'cusr'})) || + (($env{'form.action'} eq 'singleuser') && ($permission->{'view'})) || (($env{'form.action'} eq 'accesslogs') && ($permission->{'activity'}))) { my $phase = $env{'form.phase'}; my @search = ('srchterm','srchby','srchin','srchtype','srchdomain'); @@ -5035,36 +5150,46 @@ sub handler { '<span class="LC_error">'.&mt('You do not have permission to configure self-enrollment').'</span>'); } } elsif ($env{'form.action'} eq 'selfenrollqueue') { - push(@{$brcrum}, - {href => '/adm/createuser?action=selfenrollqueue', - text => 'Enrollment requests', - help => 'Course_Self_Enrollment'}); - $bread_crumbs_component = 'Enrollment requests'; - if ($env{'form.state'} eq 'done') { + if ($permission->{selfenrolladmin}) { push(@{$brcrum}, {href => '/adm/createuser?action=selfenrollqueue', - text => 'Result', + text => 'Enrollment requests', help => 'Course_Self_Enrollment'}); - $bread_crumbs_component = 'Enrollment result'; - } - $args = { bread_crumbs => $brcrum, - bread_crumbs_component => $bread_crumbs_component}; - $r->print(&header(undef,$args)); - my $cid = $env{'request.course.id'}; - my $cdom = $env{'course.'.$cid.'.domain'}; - my $cnum = $env{'course.'.$cid.'.num'}; - my $coursedesc = $env{'course.'.$cid.'.description'}; - if (!exists($env{'form.state'})) { - $r->print('<h3>'.&mt('Pending enrollment requests').'</h3>'."\n"); - $r->print(&Apache::loncoursequeueadmin::display_queued_requests($context, - $cdom,$cnum)); - } elsif ($env{'form.state'} eq 'done') { - $r->print('<h3>'.&mt('Enrollment request processing').'</h3>'."\n"); - $r->print(&Apache::loncoursequeueadmin::update_request_queue($context, - $cdom,$cnum,$coursedesc)); + $bread_crumbs_component = 'Enrollment requests'; + if ($env{'form.state'} eq 'done') { + push(@{$brcrum}, + {href => '/adm/createuser?action=selfenrollqueue', + text => 'Result', + help => 'Course_Self_Enrollment'}); + $bread_crumbs_component = 'Enrollment result'; + } + $args = { bread_crumbs => $brcrum, + bread_crumbs_component => $bread_crumbs_component}; + $r->print(&header(undef,$args)); + my $cid = $env{'request.course.id'}; + my $cdom = $env{'course.'.$cid.'.domain'}; + my $cnum = $env{'course.'.$cid.'.num'}; + my $coursedesc = $env{'course.'.$cid.'.description'}; + if (!exists($env{'form.state'})) { + $r->print('<h3>'.&mt('Pending enrollment requests').'</h3>'."\n"); + $r->print(&Apache::loncoursequeueadmin::display_queued_requests($context, + $cdom,$cnum)); + } elsif ($env{'form.state'} eq 'done') { + $r->print('<h3>'.&mt('Enrollment request processing').'</h3>'."\n"); + $r->print(&Apache::loncoursequeueadmin::update_request_queue($context, + $cdom,$cnum,$coursedesc)); + } + } else { + $r->print(&header(undef,{'no_nav_bar' => 1}). + '<span class="LC_error">'.&mt('You do not have permission to manage self-enrollment').'</span>'); } } elsif ($env{'form.action'} eq 'changelogs') { - &print_userchangelogs_display($r,$context,$permission,$brcrum); + if ($permission->{cusr} || $permission->{view}) { + &print_userchangelogs_display($r,$context,$permission,$brcrum); + } else { + $r->print(&header(undef,{'no_nav_bar' => 1}). + '<span class="LC_error">'.&mt('You do not have permission to view change logs').'</span>'); + } } else { $bread_crumbs_component = 'User Management'; $args = { bread_crumbs => $brcrum, @@ -5316,6 +5441,27 @@ sub print_main_menu { listusers => 'Show and manage users in this community.', }, ); + if ($linkcontext eq 'domain') { + unless ($permission->{'cusr'}) { + $links{'domain'}{'singleuser'} = 'View a User'; + $linktitles{'domain'}{'singleuser'} = 'View information about a user in the domain'; + + } + } elsif ($linkcontext eq 'course') { + unless ($permission->{'cusr'}) { + $links{'course'}{'singleuser'} = 'View a Course User'; + $linktitles{'course'}{'singleuser'} = 'View information about a user in this course'; + $links{'course'}{'listusers'} = 'List Course Users'; + $linktitles{'course'}{'listusers'} = 'Show information about users in this course'; + } + } elsif ($linkcontext eq 'community') { + unless ($permission->{'cusr'}) { + $links{'community'}{'singleuser'} = 'View a Community User'; + $linktitles{'community'}{'singleuser'} = 'View information about a user in this community'; + $links{'community'}{'listusers'} = 'List Community Users'; + $linktitles{'community'}{'listusers'} = 'Show information about users in this community'; + } + } my @menu = ( {categorytitle => 'Single Users', items => [ @@ -5324,7 +5470,7 @@ sub print_main_menu { icon => 'edit-redo.png', #help => 'Course_Change_Privileges', url => '/adm/createuser?action=singleuser', - permission => $permission->{'cusr'}, + permission => ($permission->{'view'} || $permission->{'cusr'}), linktitle => $linktitles{$linkcontext}{'singleuser'}, }, ]}, @@ -5397,7 +5543,7 @@ sub print_main_menu { icon => 'document-properties.png', #help => 'Course_User_Logs', url => '/adm/createuser?action=changelogs', - permission => $permission->{'cusr'}, + permission => ($permission->{'cusr'} || $permission->{'view'}), linktitle => 'View change log.', }, ); @@ -5477,7 +5623,7 @@ sub print_main_menu { icon => 'document-properties.png', #help => 'Course_User_Logs', url => '/adm/createuser?action=changelogs', - permission => $permission->{'cusr'}, + permission => ($permission->{'view'} || $permission->{'cusr'}), linktitle => 'View change log.', }, ); @@ -5502,7 +5648,8 @@ sub print_main_menu { icon => 'roles.png', #help => 'Course_Automated_Enrollment', permission => (&Apache::lonnet::auto_run($cnum,$cdom) - && $permission->{'cusr'}), + && (($permission->{'cusr'}) || + ($permission->{'view'}))), url => '/adm/populate', linktitle => 'Automated enrollment manager.', } @@ -5551,7 +5698,7 @@ sub restore_prev_selections { } sub print_selfenroll_menu { - my ($r,$context,$cid,$cdom,$cnum,$currsettings,$additional) = @_; + my ($r,$context,$cid,$cdom,$cnum,$currsettings,$additional,$readonly) = @_; my $crstype = &Apache::loncommon::course_type(); my $formname = 'selfenroll'; my $nolink = 1; @@ -5564,6 +5711,10 @@ sub print_selfenroll_menu { butn => 'but no user types have been checked.', wilf => "Please uncheck 'activate' or check at least one type.", ); + my $disabled; + if ($readonly) { + $disabled = ' disabled="disabled"'; + } &js_escape(\%alerts); my $selfenroll_js = <<"ENDSCRIPT"; function update_types(caller,num) { @@ -5879,13 +6030,13 @@ ENDSCRIPT $output .= ' checked="checked" '; } $output .= 'onchange="javascript:update_types('. - "'selfenroll_all'".');" />'.&mt('Yes').'</label>'. + "'selfenroll_all'".');"'.$disabled.' />'.&mt('Yes').'</label>'. ' <input type="radio" name="selfenroll_all" value="0" '; if ($curr_types ne '*') { $output .= ' checked="checked" '; } $output .= ' onchange="javascript:update_types('. - "'selfenroll_all'".');"/>'.&mt('No').'</label></td>'. + "'selfenroll_all'".');"'.$disabled.' />'.&mt('No').'</label></td>'. &Apache::loncommon::end_data_table_row(). &Apache::loncommon::end_data_table(). &mt('Or').'<br />'. @@ -5907,10 +6058,10 @@ ENDSCRIPT .'</b><input type="hidden" name="selfenroll_dom_'.$num .'" value="'.$currdom.'" /></span><br />' .'<span class="LC_nobreak"><label><input type="checkbox" ' - .'name="selfenroll_delete" value="'.$num.'" onchange="javascript:update_types('."'selfenroll_delete','$num'".');" />' + .'name="selfenroll_delete" value="'.$num.'" onchange="javascript:update_types('."'selfenroll_delete','$num'".');"'.$disabled.' />' .&mt('Delete').'</label></span></td>'; $output .= '<td valign="top"> '.&mt('User types:').'<br />' - .&selfenroll_inst_types($num,$currdom,\@currinsttypes).'</td>' + .&selfenroll_inst_types($num,$currdom,\@currinsttypes,$readonly).'</td>' .&Apache::loncommon::end_data_table_row(); $num ++; } @@ -5925,7 +6076,7 @@ ENDSCRIPT $output .= &Apache::loncommon::start_data_table_row() .'<td colspan="2"><span class="LC_nobreak">'.$add_domtitle.'</span><br />' .&Apache::loncommon::select_dom_form('','selfenroll_newdom', - $includeempty,$showdomdesc) + $includeempty,$showdomdesc,'','','',$readonly) .'<input type="hidden" name="selfenroll_types_total" value="'.$num.'" />' .'</td>'.&Apache::loncommon::end_data_table_row() .&Apache::loncommon::end_data_table(); @@ -5946,15 +6097,15 @@ ENDSCRIPT } if ($registered) { $regon = ' checked="checked" '; - $regoff = ' '; + $regoff = ''; } else { - $regon = ' '; + $regon = ''; $regoff = ' checked="checked" '; } $output .= '<label>'. - '<input type="radio" name="selfenroll_registered" value="1"'.$regon.'/>'. + '<input type="radio" name="selfenroll_registered" value="1"'.$regon.$disabled.' />'. &mt('Yes').'</label> <label>'. - '<input type="radio" name="selfenroll_registered" value="0"'.$regoff.'/>'. + '<input type="radio" name="selfenroll_registered" value="0"'.$regoff.$disabled.' />'. &mt('No').'</label>'; } elsif ($item eq 'enroll_dates') { my ($starttime,$endtime); @@ -5976,10 +6127,10 @@ ENDSCRIPT } my $startform = &Apache::lonhtmlcommon::date_setter($formname,'selfenroll_start_date',$starttime, - undef,undef,undef,undef,undef,undef,undef,$nolink); + $disabled,undef,undef,undef,undef,undef,undef,$nolink); my $endform = &Apache::lonhtmlcommon::date_setter($formname,'selfenroll_end_date',$endtime, - undef,undef,undef,undef,undef,undef,undef,$nolink); + $disabled,undef,undef,undef,undef,undef,undef,$nolink); $output .= &selfenroll_date_forms($startform,$endform); } elsif ($item eq 'access_dates') { my ($starttime,$endtime); @@ -6001,10 +6152,10 @@ ENDSCRIPT } my $startform = &Apache::lonhtmlcommon::date_setter($formname,'selfenroll_start_access',$starttime, - undef,undef,undef,undef,undef,undef,undef,$nolink); + $disabled,undef,undef,undef,undef,undef,undef,$nolink); my $endform = &Apache::lonhtmlcommon::date_setter($formname,'selfenroll_end_access',$endtime, - undef,undef,undef,undef,undef,undef,undef,$nolink); + $disabled,undef,undef,undef,undef,undef,undef,$nolink); $output .= &selfenroll_date_forms($startform,$endform); } elsif ($item eq 'section') { my $currsec; @@ -6028,13 +6179,13 @@ ENDSCRIPT next; } my $sections_select = - &Apache::lonuserutils::course_sections(\%sections_count,'st',$currsec); + &Apache::lonuserutils::course_sections(\%sections_count,'st',$currsec,$disabled); $output .= '<table class="LC_createuser">'."\n". '<tr class="LC_section_row">'."\n". '<td align="center">'.&mt('Existing sections')."\n". '<br />'.$sections_select.'</td><td align="center">'. &mt('New section').'<br />'."\n". - '<input type="text" name="newsec" size="15" value="'.$newsecval.'" />'."\n". + '<input type="text" name="newsec" size="15" value="'.$newsecval.'"'.$disabled.' />'."\n". '<input type="hidden" name="sections" value="" />'."\n". '</td></tr></table>'."\n"; } elsif ($item eq 'approval') { @@ -6056,8 +6207,8 @@ ENDSCRIPT for my $i (0..2) { $output .= '<label>'. '<input type="radio" name="selfenroll_approval" value="'.$i.'"'. - $appchecked{$i}.' onclick="toggleNotify();" />'.$selfdescs{'approval'}{$i}. - '</label>'.(' 'x2); + $appchecked{$i}.' onclick="toggleNotify();"'.$disabled.' />'. + $selfdescs{'approval'}{$i}.'</label>'.(' 'x2); } my %advhash = &Apache::lonnet::get_course_adv_roles($cid,1); my (@ccs,%notified); @@ -6098,7 +6249,7 @@ ENDSCRIPT &Apache::loncommon::start_data_table_row() } $output .= '<td><span class="LC_nobreak"><label>'. - '<input type="checkbox" name="selfenroll_notify"'.$notifyon.' value="'.$cc.'" />'. + '<input type="checkbox" name="selfenroll_notify"'.$notifyon.' value="'.$cc.'"'.$disabled.' />'. &Apache::loncommon::plainname($ccuname,$ccudom). '</label></span></td>'; $count ++; @@ -6148,26 +6299,28 @@ ENDSCRIPT $nolimit = ' checked="checked" '; } $output .= '<table><tr><td><label>'. - '<input type="radio" name="selfenroll_limit" value="none"'.$nolimit.'/>'. + '<input type="radio" name="selfenroll_limit" value="none"'.$nolimit.$disabled.'/>'. &mt('No limit').'</label></td><td><label>'. - '<input type="radio" name="selfenroll_limit" value="allstudents"'.$crslimit.'/>'. + '<input type="radio" name="selfenroll_limit" value="allstudents"'.$crslimit.$disabled.'/>'. &mt('Limit by total students').'</label></td><td><label>'. - '<input type="radio" name="selfenroll_limit" value="selfenrolled"'.$selflimit.'/>'. + '<input type="radio" name="selfenroll_limit" value="selfenrolled"'.$selflimit.$disabled.'/>'. &mt('Limit by total self-enrolled students'). '</td></tr><tr>'. '<td> </td><td colspan="2"><span class="LC_nobreak">'. (' 'x3).&mt('Maximum number allowed: '). - '<input type="text" name="selfenroll_cap" size = "5" value="'.$currcap.'" /></td></tr></table>'; + '<input type="text" name="selfenroll_cap" size = "5" value="'.$currcap.'"'.$disabled.' /></td></tr></table>'; } $output .= &Apache::lonhtmlcommon::row_closure(1); } } - $output .= &Apache::lonhtmlcommon::end_pick_box(). - '<br /><input type="button" name="selfenrollconf" value="' - .&mt('Save').'" onclick="validate_types(this.form);" />' - .'<input type="hidden" name="action" value="selfenroll" />' - .'<input type="hidden" name="state" value="done" />'."\n". - $additional.'</form>'; + $output .= &Apache::lonhtmlcommon::end_pick_box().'<br />'; + unless ($readonly) { + $output .= '<input type="button" name="selfenrollconf" value="' + .&mt('Save').'" onclick="validate_types(this.form);" />'; + } + $output .= '<input type="hidden" name="action" value="selfenroll" />' + .'<input type="hidden" name="state" value="done" />'."\n" + .$additional.'</form>'; $r->print($output); return; } @@ -6350,12 +6503,16 @@ sub new_selfenroll_dom_row { } sub selfenroll_inst_types { - my ($num,$currdom,$currinsttypes) = @_; + my ($num,$currdom,$currinsttypes,$readonly) = @_; my $output; my $numinrow = 4; my $count = 0; my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($currdom); my $othervalue = 'any'; + my $disabled; + if ($readonly) { + $disabled = ' disabled="disabled"'; + } if ((ref($types) eq 'ARRAY') && (ref($usertypes) eq 'HASH')) { if (keys(%{$usertypes}) > 0) { $othervalue = 'other'; @@ -6380,7 +6537,7 @@ sub selfenroll_inst_types { $output .= 'checked="checked"'; } } - $output .= ' name="selfenroll_types_'.$num.'" />'.$usertypes->{$type}.'</label></span></td>'; + $output .= ' name="selfenroll_types_'.$num.'"'.$disabled.' />'.$usertypes->{$type}.'</label></span></td>'; } $count ++; } @@ -6403,7 +6560,7 @@ sub selfenroll_inst_types { } else { $output .= ' checked="checked"'; } - $output .= ' name="selfenroll_types_'.$num.'" />'.$othertitle.'</label></span></td></tr></table>'; + $output .= ' name="selfenroll_types_'.$num.'"'.$disabled.' />'.$othertitle.'</label></span></td></tr></table>'; } return $output; } @@ -6426,7 +6583,7 @@ sub selfenroll_date_forms { sub print_userchangelogs_display { my ($r,$context,$permission,$brcrum) = @_; my $formname = 'rolelog'; - my ($username,$domain,$crstype,%roleslog); + my ($username,$domain,$crstype,$viewablesec,%roleslog); if ($context eq 'domain') { $domain = $env{'request.role.domain'}; %roleslog=&Apache::lonnet::dump_dom('nohist_rolelog',$domain); @@ -6435,6 +6592,7 @@ sub print_userchangelogs_display { $domain = $env{'course.'.$env{'request.course.id'}.'.domain'}; $username = $env{'course.'.$env{'request.course.id'}.'.num'}; $crstype = &Apache::loncommon::course_type(); + $viewablesec = &Apache::lonuserutils::viewable_section($permission); my %saveable_parameters = ('show' => 'scalar',); &Apache::loncommon::store_course_settings('roles_log', \%saveable_parameters); @@ -6566,6 +6724,9 @@ ENDSCRIPT next if ($roleslog{$id}{'logentry'}{'context'} ne $curr{'chgcontext'}); } } + if (($context eq 'course') && ($viewablesec ne '')) { + next if ($roleslog{$id}{'logentry'}{'section'} ne $viewablesec); + } $count ++; next if ($count < $minshown); unless ($showntableheader) { @@ -6805,14 +6966,14 @@ ENDSCRIPT $r->rflush(); $showntableheader = 1; } - my ($shown,$extra,); + my ($shown,$extra); my ($event,$data) = split(/\s+/,&unescape($event)); if ($event eq 'Role') { my ($rolecode,$extent) = split(/\./,$data,2); next if ($extent eq ''); my ($crstype,$desc,$info); - if ($extent =~ m{^/($match_domain)/($match_courseid)$}) { - my ($cdom,$cnum) = ($1,$2); + if ($extent =~ m{^/($match_domain)/($match_courseid)(?:/(\w+)|)$}) { + my ($cdom,$cnum,$sec) = ($1,$2,$3); my $cid = $cdom.'_'.$cnum; if (exists($courses{$cid})) { $crstype = $courses{$cid}{'type'}; @@ -6831,6 +6992,9 @@ ENDSCRIPT } } $extra = &mt($crstype).': <a href="/public/'.$cdom.'/'.$cnum.'/syllabus">'.$desc.'</a>'; + if ($sec ne '') { + $extra .= ' ('.&mt('Section: [_1]',$sec).')'; + } } elsif ($extent =~ m{^/($match_domain)/($match_username|$)}) { my ($dom,$name) = ($1,$2); if ($rolecode eq 'au') {