--- loncom/interface/loncreateuser.pm 2002/03/22 22:23:23 1.28
+++ loncom/interface/loncreateuser.pm 2002/12/30 14:10:58 1.46
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Create a user
#
-# $Id: loncreateuser.pm,v 1.28 2002/03/22 22:23:23 matthew Exp $
+# $Id: loncreateuser.pm,v 1.46 2002/12/30 14:10:58 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -47,7 +47,7 @@
# 11/12,11/13,11/15 Scott Harrison
# 02/11/02 Matthew Hall
#
-# $Id: loncreateuser.pm,v 1.28 2002/03/22 22:23:23 matthew Exp $
+# $Id: loncreateuser.pm,v 1.46 2002/12/30 14:10:58 www Exp $
###
package Apache::loncreateuser;
@@ -68,138 +68,60 @@ BEGIN {
$ENV{'SERVER_NAME'}=~/(\w+\.\w+)$/;
my $krbdefdom=$1;
$krbdefdom=~tr/a-z/A-Z/;
- $authformnop=(<<END);
-<p>
-<input type="radio" name="login" value="" checked="checked"
-onClick="clicknop(this.form);">
-Do not change login data
-</p>
-END
- $authformkrb=(<<END);
-<p>
-<input type=radio name=login value=krb onClick="clickkrb(this.form);">
-Kerberos authenticated with domain
-<input type=text size=10 name=krbdom onChange="setkrb(this.form);">
-</p>
-END
- $authformint=(<<END);
-<p>
-<input type=radio name=login value=int onClick="clickint(this.form);">
-Internally authenticated (with initial password
-<input type=text size=10 name=intpwd onChange="setint(this.form);">)
-</p>
-END
- $authformfsys=(<<END);
-<p>
-<input type=radio name=login value=fsys onClick="clickfsys(this.form);">
-Filesystem authenticated (with initial password
-<input type=text size=10 name=fsyspwd onChange="setfsys(this.form);">)
-</p>
-END
- $authformloc=(<<END);
-<p>
-<input type=radio name=login value=loc onClick="clickloc(this.form);" />
-Local Authentication with argument
-<input type=text size=10 name=locarg onChange="setloc(this.form);" />
-</p>
-END
- $loginscript=(<<ENDLOGINSCRIPT);
-<script>
-function setkrb(vf) {
- if (vf.krbdom.value!='') {
- vf.login[0].checked=true;
- vf.krbdom.value=vf.krbdom.value.toUpperCase();
- vf.intpwd.value='';
- vf.fsyspwd.value='';
- vf.locarg.value='';
- }
-}
-
-function setint(vf) {
- if (vf.intpwd.value!='') {
- vf.login[1].checked=true;
- vf.krbdom.value='';
- vf.fsyspwd.value='';
- vf.locarg.value='';
- }
-}
-
-function setfsys(vf) {
- if (vf.fsyspwd.value!='') {
- vf.login[2].checked=true;
- vf.krbdom.value='';
- vf.intpwd.value='';
- vf.locarg.value='';
- }
-}
-
-function setloc(vf) {
- if (vf.locarg.value!='') {
- vf.login[3].checked=true;
- vf.krbdom.value='';
- vf.intpwd.value='';
- vf.fsyspwd.value='';
- }
-}
-
-function clicknop(vf) {
- vf.krbdom.value='';
- vf.intpwd.value='';
- vf.fsyspwd.value='';
- vf.locarg.value='';
-}
-
-function clickkrb(vf) {
- vf.krbdom.value='$krbdefdom';
- vf.intpwd.value='';
- vf.fsyspwd.value='';
- vf.locarg.value='';
+ my %param = ( formname => 'document.cu',
+ kerb_def_dom => $krbdefdom
+ );
+ $loginscript = &Apache::loncommon::authform_header(%param);
+ $generalrule = &Apache::loncommon::authform_authorwarning(%param);
+ $authformnop = &Apache::loncommon::authform_nochange(%param);
+ $authformkrb = &Apache::loncommon::authform_kerberos(%param);
+ $authformint = &Apache::loncommon::authform_internal(%param);
+ $authformfsys = &Apache::loncommon::authform_filesystem(%param);
+ $authformloc = &Apache::loncommon::authform_local(%param);
}
-function clickint(vf) {
- vf.krbdom.value='';
- vf.fsyspwd.value='';
- vf.locarg.value='';
-}
-function clickfsys(vf) {
- vf.krbdom.value='';
- vf.intpwd.value='';
- vf.locarg.value='';
-}
-function clickloc(vf) {
- vf.krbdom.value='';
- vf.intpwd.value='';
- vf.fsyspwd.value='';
-}
-</script>
-ENDLOGINSCRIPT
- $generalrule=<<END;
-<p>
-<i>As a general rule, only authors or co-authors should be filesystem
-authenticated (which allows access to the server filesystem).</i>
-</p>
-END
+# ==================================================== Figure out author access
+
+sub authorpriv {
+ my ($auname,$audom)=@_;
+ if (($auname ne $ENV{'user.name'}) ||
+ (($audom ne $ENV{'user.domain'}) &&
+ ($audom ne $ENV{'request.role.domain'}))) { return ''; }
+ unless (&Apache::lonnet::allowed('cca',$audom)) { return ''; }
+ return 1;
}
# =================================================================== Phase one
-sub phase_one {
+sub print_username_entry_form {
my $r=shift;
- my $defdom=$ENV{'user.domain'};
- $r->print(<<ENDDOCUMENT);
+ my $defdom=$ENV{'request.role.domain'};
+ my @domains = &Apache::loncommon::get_domains();
+ my $domform = &Apache::loncommon::select_dom_form($defdom,'ccdomain');
+ my $bodytag =&Apache::loncommon::bodytag(
+ 'Create Users, Change User Privileges');
+ my $selscript=&Apache::loncommon::studentbrowser_javascript();
+ my $sellink=&Apache::loncommon::selectstudent_link
+ ('crtuser','ccuname','ccdomain');
+ $r->print(<<"ENDDOCUMENT");
<html>
<head>
<title>The LearningOnline Network with CAPA</title>
+$selscript
</head>
-<body bgcolor="#FFFFFF">
-<h1>Create User, Change User Privileges</h1>
-<form action=/adm/createuser method=post>
-<input type=hidden name=phase value=two>
-Username: <input type=text size=15 name=ccuname><br>
-Domain: <input type=text size=15 name=ccdomain value=$defdom><p>
-<input type=submit value="Continue">
+$bodytag
+<form action="/adm/createuser" method="post" name="crtuser">
+<input type="hidden" name="phase" value="get_user_info">
+<p>
+<table>
+<tr><td>Username:</td><td><input type="text" size="15" name="ccuname">
+</td><td rowspan="2">$sellink</td></tr><tr><td>
+Domain:</td><td>$domform</td></tr>
+</table>
+</p>
+<input type="submit" value="Continue">
</form>
</body>
</html>
@@ -207,7 +129,7 @@ ENDDOCUMENT
}
# =================================================================== Phase two
-sub phase_two {
+sub print_user_modification_page {
my $r=shift;
my $ccuname=$ENV{'form.ccuname'};
my $ccdomain=$ENV{'form.ccdomain'};
@@ -215,8 +137,12 @@ sub phase_two {
$ENV{'SERVER_NAME'}=~/(\w+\.\w+)$/;
my $krbdefdom=$1;
$krbdefdom=~tr/a-z/A-Z/;
+ my %param = ( formname => 'document.cu',
+ kerb_def_dom => $krbdefdom
+ );
+ $loginscript = &Apache::loncommon::authform_header(%param);
- my $defdom=$ENV{'user.domain'};
+ my $defdom=$ENV{'request.role.domain'};
$ccuname=~s/\W//g;
$ccdomain=~s/\W//g;
@@ -224,7 +150,7 @@ sub phase_two {
<html>
<head>
<title>The LearningOnline Network with CAPA</title>
-<script>
+<script type="text/javascript" language="Javascript">
function pclose() {
parmwin=window.open("/adm/rat/empty.html","LONCAPAparms",
@@ -249,19 +175,17 @@ sub phase_two {
</script>
</head>
-<body bgcolor="#FFFFFF">
-<img align="right" src="/adm/lonIcons/lonlogos.gif">
ENDDOCHEAD
+ $r->print(&Apache::loncommon::bodytag(
+ 'Create Users, Change User Privileges'));
my $forminfo =<<"ENDFORMINFO";
<form action="/adm/createuser" method="post" name="cu">
-<input type="hidden" name="phase" value="three">
+<input type="hidden" name="phase" value="update_user_data">
<input type="hidden" name="ccuname" value="$ccuname">
<input type="hidden" name="ccdomain" value="$ccdomain">
<input type="hidden" name="pres_value" value="" >
<input type="hidden" name="pres_type" value="" >
<input type="hidden" name="pres_marker" value="" >
-<input type="hidden" name="cuname" value="$ccuname">
-<input type="hidden" name="cdomain" value="$ccdomain">
ENDFORMINFO
my $uhome=&Apache::lonnet::homeserver($ccuname,$ccdomain);
my %incdomains;
@@ -275,12 +199,18 @@ ENDFORMINFO
}
}
if ($uhome eq 'no_host') {
+ my $home_server_list=
+ '<option value="default" selected>default</option>'."\n".
+ &Apache::loncommon::home_server_option_list($ccdomain);
+
$r->print(<<ENDNEWUSER);
$dochead
<h1>Create New User</h1>
$forminfo
<h2>New user "$ccuname" in domain $ccdomain</h2>
+<script type="text/javascript" language="Javascript">
$loginscript
+</script>
<input type='hidden' name='makeuser' value='1' />
<h3>Personal Data</h3>
<p>
@@ -295,13 +225,14 @@ $loginscript
<td><input type='text' name='cgen' size='5' /></td></tr>
</table>
ID/Student Number <input type='text' name='cstid' size='15' /></p>
+Home Server: <select name="hserver" size="1"> $home_server_list </select>
<hr />
<h3>Login Data</h3>
-$generalrule
-$authformkrb
-$authformint
-$authformfsys
-$authformloc
+<p>$generalrule </p>
+<p>$authformkrb </p>
+<p>$authformint </p>
+<p>$authformfsys</p>
+<p>$authformloc </p>
ENDNEWUSER
} else { # user already exists
$r->print(<<ENDCHANGEUSER);
@@ -340,100 +271,116 @@ END
my ($tmp) = keys(%rolesdump);
unless ($tmp =~ /^(con_lost|error)/i) {
my $now=time;
- $r->print('<hr /><h3>Revoke Existing Roles</h3>'.
- '<table border=2><tr><th>Revoke</th><th>Role</th><th>Extent</th>'.
- '<th>Start</th><th>End</th>');
+ $r->print(<<END);
+<hr />
+<h3>Revoke Existing Roles</h3>
+<table border=2>
+<tr><th>Revoke</th><th>Role</th><th>Extent</th><th>Start</th><th>End</th>
+END
foreach my $area (keys(%rolesdump)) {
- if ($area!~/^rolesdef/) {
- my $role = $rolesdump{$area};
- my $thisrole=$area;
- $area=~s/\_\w\w$//;
- my ($role_code,$role_end_time,$role_start_time) =
- split(/_/,$role);
- my $bgcol='ffffff';
- my $allows=0;
- if ($area=~/^\/(\w+)\/(\d\w+)/) {
- my %coursedata=
- &Apache::lonnet::coursedescription($1.'_'.$2);
- my $carea='Course: '.$coursedata{'description'};
- $inccourses{$1.'_'.$2}=1;
- if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) {
- $allows=1;
- }
- # Compute the background color based on $area
- $bgcol=$1.'_'.$2;
- $bgcol=~s/[^8-9b-e]//g;
- $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6);
- if ($area=~/^\/(\w+)\/(\d\w+)\/(\w+)/) {
+ next if ($area =~ /^rolesdef/);
+ my $role = $rolesdump{$area};
+ my $thisrole=$area;
+ $area =~ s/\_\w\w$//;
+ my ($role_code,$role_end_time,$role_start_time) =
+ split(/_/,$role);
+ my $bgcol='ffffff';
+ my $allowed=0;
+ if ($area =~ /^\/(\w+)\/(\d\w+)/ ) {
+ my %coursedata=
+ &Apache::lonnet::coursedescription($1.'_'.$2);
+ my $carea='Course: '.$coursedata{'description'};
+ $inccourses{$1.'_'.$2}=1;
+ if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) {
+ $allowed=1;
+ }
+ # Compute the background color based on $area
+ $bgcol=$1.'_'.$2;
+ $bgcol=~s/[^8-9b-e]//g;
+ $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6);
+ if ($area=~/^\/(\w+)\/(\d\w+)\/(\w+)/) {
$carea.='<br>Section/Group: '.$3;
- }
- $area=$carea;
- } else {
- # Determine if current user is able to revoke privileges
- if ($area=~/^\/(\w+)\//) {
- if (&Apache::lonnet::allowed('c'.$role_code,$1)) {
- $allows=1;
- }
- } else {
- if (&Apache::lonnet::allowed('c'.$role_code,'/')) {
- $allows=1;
- }
- }
- }
- $r->print('<tr bgcolor=#"'.$bgcol.'"><td>');
- my $active=1;
- $active=0 if (($role_end_time) && ($now>$role_end_time));
- if (($active) && ($allows)) {
- $r->print('<input type="checkbox" name="rev:'
- .$thisrole.'">');
- } else {
- $r->print(' ');
- }
- $r->print('</td><td>'.
- &Apache::lonnet::plaintext($role_code).
- '</td><td>'.$area.'</td><td>'.
- ($role_start_time ? localtime($role_start_time)
- : ' ' )
- .'</td><td>'.
- ($role_end_time ? localtime($role_end_time)
- : ' ' )
- ."</td></tr>\n");
- }
+ }
+ $area=$carea;
+ } else {
+ # Determine if current user is able to revoke privileges
+ if ($area=~ /^\/(\w+)\//) {
+ if (&Apache::lonnet::allowed('c'.$role_code,$1)) {
+ $allowed=1;
+ }
+ } else {
+ if (&Apache::lonnet::allowed('c'.$role_code,'/')) {
+ $allowed=1;
+ }
+ }
+ }
+ if ($role_code eq 'ca') {
+ $area=~/\/(\w+)\/(\w+)/;
+ if (&authorpriv($2,$1)) {
+ $allowed=1;
+ } else {
+ $allowed=0;
+ }
+ }
+ my $row = '';
+ $row.='<tr bgcolor=#"'.$bgcol.'"><td>';
+ my $active=1;
+ $active=0 if (($role_end_time) && ($now>$role_end_time));
+ if (($active) && ($allowed)) {
+ $row.= '<input type="checkbox" name="rev:'.$thisrole.'">';
+ } else {
+ $row.=' ';
+ }
+ $row.= '</td><td>'.&Apache::lonnet::plaintext($role_code).
+ '</td><td>'.$area.
+ '</td><td>'.($role_start_time?localtime($role_start_time)
+ : ' ' ).
+ '</td><td>'.($role_end_time ?localtime($role_end_time)
+ : ' ' )
+ ."</td></tr>\n";
+ $r->print($row);
} # end of foreach (table building loop)
$r->print('</table>');
} # End of unless
my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain);
- if ($currentauth=~/^krb4:/) {
- $currentauth=~/^krb4:(.*)/;
- my $krbdefdom2=$1;
- $loginscript=~s/vf\.krbdom\.value='.*?';/vf.krbdom.value='$krbdefdom2';/;
+ if ($currentauth=~/^krb(4|5):/) {
+ $currentauth=~/^krb(4|5):(.*)/;
+ my $krbdefdom=$1;
+ my %param = ( formname => 'document.cu',
+ kerb_def_dom => $krbdefdom
+ );
+ $loginscript = &Apache::loncommon::authform_header(%param);
}
# Check for a bad authentication type
- unless ($currentauth=~/^krb4:/ or
+ unless ($currentauth=~/^krb(4|5):/ or
$currentauth=~/^unix:/ or
$currentauth=~/^internal:/ or
$currentauth=~/^localauth:/
) { # bad authentication scheme
- if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) {
+ if (&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'})) {
$r->print(<<ENDBADAUTH);
<hr />
+<script type="text/javascript" language="Javascript">
$loginscript
+</script>
<font color='#ff0000'>ERROR:</font>
This user has an unrecognized authentication scheme ($currentauth).
Please specify login data below.
<h3>Login Data</h3>
-$generalrule
-$authformkrb
-$authformint
-$authformfsys
-$authformloc
+<p>$generalrule</p>
+<p>$authformkrb</p>
+<p>$authformint</p>
+<p>$authformfsys</p>
+<p>$authformloc</p>
ENDBADAUTH
} else {
# This user is not allowed to modify the users
# authentication scheme, so just notify them of the problem
$r->print(<<ENDBADAUTH);
<hr />
+<script type="text/javascript" language="Javascript">
$loginscript
+</script>
<font color="#ff0000"> ERROR: </font>
This user has an unrecognized authentication scheme ($currentauth).
Please alert a domain coordinator of this situation.
@@ -443,42 +390,25 @@ ENDBADAUTH
} else { # Authentication type is valid
my $authformcurrent='';
my $authform_other='';
- if ($currentauth=~/^krb4:/) {
+ if ($currentauth=~/^krb(4|5):/) {
$authformcurrent=$authformkrb;
- $authform_other=$authformint.$authformfsys.$authformloc;
- # embarrassing script hack here
- $loginscript=~s/login\[3\]/login\[4\]/; # loc
- $loginscript=~s/login\[2\]/login\[3\]/; # fsys
- $loginscript=~s/login\[1\]/login\[2\]/; # int
- $loginscript=~s/login\[0\]/login\[1\]/; # krb4
+ $authform_other="<p>$authformint</p>\n".
+ "<p>$authformfsys</p><p>$authformloc</p>";
}
elsif ($currentauth=~/^internal:/) {
$authformcurrent=$authformint;
- $authform_other=$authformkrb.$authformfsys.$authformloc;
- # embarrassing script hack here
- $loginscript=~s/login\[3\]/login\[4\]/; # loc
- $loginscript=~s/login\[2\]/login\[3\]/; # fsys
- $loginscript=~s/login\[1\]/login\[1\]/; # int
- $loginscript=~s/login\[0\]/login\[2\]/; # krb4
+ $authform_other="<p>$authformkrb</p>".
+ "<p>$authformfsys</p><p>$authformloc</p>";
}
elsif ($currentauth=~/^unix:/) {
$authformcurrent=$authformfsys;
- $authform_other=$authformkrb.$authformint.$authformloc;
- # embarrassing script hack here
- $loginscript=~s/login\[3\]/login\[4\]/; # loc
- $loginscript=~s/login\[1\]/login\[3\]/; # int
- $loginscript=~s/login\[2\]/login\[1\]/; # fsys
- $loginscript=~s/login\[0\]/login\[2\]/; # krb4
+ $authform_other="<p>$authformkrb</p>".
+ "<p>$authformint</p><p>$authformloc;</p>";
}
elsif ($currentauth=~/^localauth:/) {
$authformcurrent=$authformloc;
- $authform_other=$authformkrb.$authformint.$authformfsys;
- # embarrassing script hack here
- $loginscript=~s/login\[3\]/login\[loc\]/; # loc
- $loginscript=~s/login\[2\]/login\[4\]/; # fsys
- $loginscript=~s/login\[1\]/login\[3\]/; # int
- $loginscript=~s/login\[0\]/login\[2\]/; # krb4
- $loginscript=~s/login\[loc\]/login\[1\]/; # loc
+ $authform_other="<p>$authformkrb</p>".
+ "<p>$authformint</p><p>$authformfsys</p>";
}
$authformcurrent=<<ENDCURRENTAUTH;
<table border='1'>
@@ -490,15 +420,17 @@ ENDBADAUTH
<td bgcolor='#cbbcbb'>Changing this value will overwrite existing authentication for the user; you should notify the user of this change.</td></tr>
</table>
ENDCURRENTAUTH
- if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) {
+ if (&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'})) {
# Current user has login modification privileges
$r->print(<<ENDOTHERAUTHS);
<hr />
+<script type="text/javascript" language="Javascript">
$loginscript
+</script>
<h3>Change Current Login Data</h3>
-$generalrule
-$authformnop
-$authformcurrent
+<p>$generalrule</p>
+<p>$authformnop</p>
+<p>$authformcurrent</p>
<h3>Enter New Login Data</h3>
$authform_other
ENDOTHERAUTHS
@@ -509,10 +441,11 @@ ENDOTHERAUTHS
#
# Co-Author
#
-
- if (&Apache::lonnet::allowed('cca',$ENV{'user.domain'})) {
+ if (&authorpriv($ENV{'user.name'},$ENV{'request.role.domain'}) &&
+ ($ENV{'user.name'} ne $ccuname || $ENV{'user.domain'} ne $ccdomain)) {
+ # No sense in assigning co-author role to yourself
my $cuname=$ENV{'user.name'};
- my $cudom=$ENV{'user.domain'};
+ my $cudom=$ENV{'request.role.domain'};
$r->print(<<ENDCOAUTH);
<h4>Construction Space</h4>
<table border=2><tr><th>Activate</th><th>Role</th><th>Extent</th>
@@ -568,8 +501,10 @@ ENDDROW
}
# ================================================================= Phase Three
-sub phase_three {
+sub update_user_data {
my $r=shift;
+ my $uhome=&Apache::lonnet::homeserver($ENV{'form.ccuname'},
+ $ENV{'form.ccdomain'});
# Error messages
my $error = '<font color="#ff0000">Error:</font>';
my $end = '</body></html>';
@@ -579,86 +514,123 @@ sub phase_three {
<head>
<title>The LearningOnline Network with CAPA</title>
</head>
-<body bgcolor="#FFFFFF">
-<img align="right" src="/adm/lonIcons/lonlogos.gif">
ENDTHREEHEAD
+ my $title;
+ if (exists($ENV{'form.makeuser'})) {
+ $title='Set Privileges for New User';
+ } else {
+ $title='Modify User Privileges';
+ }
+ $r->print(&Apache::loncommon::bodytag($title));
# Check Inputs
- if (! $ENV{'form.cuname'} ) {
+ if (! $ENV{'form.ccuname'} ) {
$r->print($error.'No login name specified.'.$end);
return;
}
- if ( $ENV{'form.cuname'} =~/\W/) {
+ if ( $ENV{'form.ccuname'} =~/\W/) {
$r->print($error.'Invalid login name. '.
'Only letters, numbers, and underscores are valid.'.
$end);
return;
}
- if (! $ENV{'form.cdomain'} ) {
+ if (! $ENV{'form.ccdomain'} ) {
$r->print($error.'No domain specified.'.$end);
return;
}
- if ( $ENV{'form.cdomain'} =~/\W/) {
+ if ( $ENV{'form.ccdomain'} =~/\W/) {
$r->print($error.'Invalid domain name. '.
'Only letters, numbers, and underscores are valid.'.
$end);
return;
}
+ if (! exists($ENV{'form.makeuser'})) {
+ # Modifying an existing user, so check the validity of the name
+ if ($uhome eq 'no_host') {
+ $r->print($error.'Unable to determine home server for '.
+ $ENV{'form.ccuname'}.' in domain '.
+ $ENV{'form.ccdomain'}.'.');
+ return;
+ }
+ }
# Determine authentication method and password for the user being modified
my $amode='';
my $genpwd='';
if ($ENV{'form.login'} eq 'krb') {
- $amode='krb4';
- $genpwd=$ENV{'form.krbdom'};
+ $amode='krb';
+ $amode.=$ENV{'form.krbver'};
+ $genpwd=$ENV{'form.krbarg'};
} elsif ($ENV{'form.login'} eq 'int') {
$amode='internal';
- $genpwd=$ENV{'form.intpwd'};
+ $genpwd=$ENV{'form.intarg'};
} elsif ($ENV{'form.login'} eq 'fsys') {
$amode='unix';
- $genpwd=$ENV{'form.fsyspwd'};
+ $genpwd=$ENV{'form.fsysarg'};
} elsif ($ENV{'form.login'} eq 'loc') {
$amode='localauth';
$genpwd=$ENV{'form.locarg'};
$genpwd=" " if (!$genpwd);
+ } elsif (($ENV{'form.login'} eq 'nochange') ||
+ ($ENV{'form.login'} eq '' )) {
+ # There is no need to tell the user we did not change what they
+ # did not ask us to change.
+ # If they are creating a new user but have not specified login
+ # information this will be caught below.
+ } else {
+ $r->print($error.'Invalid login mode or password'.$end);
+ return;
}
if ($ENV{'form.makeuser'}) {
# Create a new user
$r->print(<<ENDNEWUSERHEAD);
-<h1>Create User</h1>
-<h3>Creating user "$ENV{'form.cuname'}" in domain "$ENV{'form.cdomain'}"</h2>
+<h3>Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h2>
ENDNEWUSERHEAD
# Check for the authentication mode and password
if (! $amode || ! $genpwd) {
$r->print($error.'Invalid login mode or password'.$end);
return;
}
+ # Determine desired host
+ my $desiredhost = $ENV{'form.hserver'};
+ if (lc($desiredhost) eq 'default') {
+ $desiredhost = undef;
+ } else {
+ my %home_servers = &Apache::loncommon::get_library_servers
+ ($ENV{'form.ccdomain'});
+ if (! exists($home_servers{$desiredhost})) {
+ $r->print($error.'Invalid home server specified');
+ return;
+ }
+ }
# Call modifyuser
my $result = &Apache::lonnet::modifyuser
- ($ENV{'form.cdomain'},$ENV{'form.cuname'},
- $ENV{'form.cstid'},$amode,$genpwd,
- $ENV{'form.cfirst'},$ENV{'form.cmiddle'},
- $ENV{'form.clast'},$ENV{'form.cgen'}
+ ($ENV{'form.ccdomain'},$ENV{'form.ccuname'},$ENV{'form.cstid'},
+ $amode,$genpwd,$ENV{'form.cfirst'},
+ $ENV{'form.cmiddle'},$ENV{'form.clast'},$ENV{'form.cgen'},
+ undef,$desiredhost
);
$r->print('Generating user: '.$result);
- $r->print('<br>Home server: '.&Apache::lonnet::homeserver
- ($ENV{'form.cuname'},$ENV{'form.cdomain'}));
- } elsif ($ENV{'form.login'} ne '') {
+ my $home = &Apache::lonnet::homeserver($ENV{'form.ccuname'},
+ $ENV{'form.ccdomain'});
+ $r->print('<br>Home server: '.$home.' '.
+ $Apache::lonnet::libserv{$home});
+ } elsif (($ENV{'form.login'} ne 'nochange') &&
+ ($ENV{'form.login'} ne '' )) {
# Modify user privileges
$r->print(<<ENDMODIFYUSERHEAD);
-<h1>Change User Privileges</h1>
-<h2>User "$ENV{'form.cuname'}" in domain "$ENV{'form.cdomain'}"</h2>
+<h2>User "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h2>
ENDMODIFYUSERHEAD
if (! $amode || ! $genpwd) {
$r->print($error.'Invalid login mode or password'.$end);
return;
}
# Only allow authentification modification if the person has authority
- if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) {
+ if (&Apache::lonnet::allowed('mau',$ENV{'form.ccdomain'})) {
$r->print('Modifying authentication: '.
- &Apache::lonnet::modifyuserauth(
- $ENV{'form.cdomain'},$ENV{'form.cuname'},
+ &Apache::lonnet::modifyuserauth(
+ $ENV{'form.ccdomain'},$ENV{'form.ccuname'},
$amode,$genpwd));
$r->print('<br>Home server: '.&Apache::lonnet::homeserver
- ($ENV{'form.cuname'},$ENV{'form.cdomain'}));
+ ($ENV{'form.ccuname'},$ENV{'form.ccdomain'}));
} else {
# Okay, this is a non-fatal error.
$r->print($error.'You do not have the authority to modify '.
@@ -670,7 +642,7 @@ ENDMODIFYUSERHEAD
# Check for need to change
my %userenv = &Apache::lonnet::get
('environment',['firstname','middlename','lastname','generation'],
- $ENV{'form.cdomain'},$ENV{'form.cuname'});
+ $ENV{'form.ccdomain'},$ENV{'form.ccuname'});
my ($tmp) = keys(%userenv);
if ($tmp =~ /^(con_lost|error)/i) {
%userenv = ();
@@ -680,7 +652,7 @@ ENDMODIFYUSERHEAD
# Strip leading and trailing whitespace
$ENV{'form.c'.$_} =~ s/(\s+$|^\s+)//g;
}
- if (&Apache::lonnet::allowed('mau',$ENV{'form.cdomain'}) &&
+ if (&Apache::lonnet::allowed('mau',$ENV{'form.ccdomain'}) &&
($ENV{'form.cfirstname'} ne $userenv{'firstname'} ||
$ENV{'form.cmiddlename'} ne $userenv{'middlename'} ||
$ENV{'form.clastname'} ne $userenv{'lastname'} ||
@@ -693,7 +665,7 @@ ENDMODIFYUSERHEAD
$changeHash{'generation'} = $ENV{'form.cgeneration'};
my $putresult = &Apache::lonnet::put
('environment',\%changeHash,
- $ENV{'form.cdomain'},$ENV{'form.cuname'});
+ $ENV{'form.ccdomain'},$ENV{'form.ccuname'});
if ($putresult eq 'ok') {
# Tell the user we changed the name
$r->print(<<"END");
@@ -718,14 +690,14 @@ ENDMODIFYUSERHEAD
END
} else { # error occurred
$r->print("<h2>Unable to successfully change environment for ".
- $ENV{'form.cuname'}." in domain ".
- $ENV{'form.cdomain'}."</h2>");
+ $ENV{'form.ccuname'}." in domain ".
+ $ENV{'form.ccdomain'}."</h2>");
}
} else { # End of if ($ENV ... ) logic
# They did not want to change the users name but we can
# still tell them what the name is
$r->print(<<"END");
-<h2>User "$ENV{'form.cuname'}" in domain "$ENV{'form.cdomain'}"</h2>
+<h2>User "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h2>
<h4>$userenv{'firstname'} $userenv{'middlename'} $userenv{'lastname'} </h4>
<h4>Generation: $userenv{'generation'}</h4>
END
@@ -740,8 +712,8 @@ END
if ($_=~/^form\.rev/) {
if ($_=~/^form\.rev\:([^\_]+)\_([^\_]+)$/) {
$r->print('Revoking '.$2.' in '.$1.': '.
- &Apache::lonnet::assignrole($ENV{'form.cdomain'},
- $ENV{'form.cuname'},$1,$2,$now).'<br>');
+ &Apache::lonnet::assignrole($ENV{'form.ccdomain'},
+ $ENV{'form.ccuname'},$1,$2,$now).'<br>');
if ($2 eq 'st') {
$1=~/^\/(\w+)\/(\w+)/;
my $cid=$1.'_'.$2;
@@ -749,8 +721,8 @@ END
&Apache::lonnet::critical('put:'.
$ENV{'course.'.$cid.'.domain'}.':'.
$ENV{'course.'.$cid.'.num'}.':classlist:'.
- &Apache::lonnet::escape($ENV{'form.cuname'}.':'.
- $ENV{'form.cdomain'}).'='.
+ &Apache::lonnet::escape($ENV{'form.ccuname'}.':'.
+ $ENV{'form.ccdomain'}).'='.
&Apache::lonnet::escape($now.':'),
$ENV{'course.'.$cid.'.home'}).'<br>');
}
@@ -772,7 +744,7 @@ END
# Assign the role and report it
$r->print('Assigning: '.$3.' in '.$url.': '.
&Apache::lonnet::assignrole(
- $ENV{'form.cdomain'},$ENV{'form.cuname'},
+ $ENV{'form.ccdomain'},$ENV{'form.ccuname'},
$url,$3,$end,$start).
'<br>');
# Handle students differently
@@ -784,8 +756,8 @@ END
'put:'.$ENV{'course.'.$cid.'.domain'}.':'.
$ENV{'course.'.$cid.'.num'}.':classlist:'.
&Apache::lonnet::escape(
- $ENV{'form.cuname'}.':'.
- $ENV{'form.cdomain'} ).'='.
+ $ENV{'form.ccuname'}.':'.
+ $ENV{'form.ccdomain'} ).'='.
&Apache::lonnet::escape($end.':'.$start),
$ENV{'course.'.$cid.'.home'})
.'<br>');
@@ -803,7 +775,7 @@ END
# Assign the role and report it.
$r->print('Assigning: '.$2.' in '.$url.': '.
&Apache::lonnet::assignrole(
- $ENV{'form.cdomain'},$ENV{'form.cuname'},
+ $ENV{'form.ccdomain'},$ENV{'form.ccuname'},
$url,$2,$end,$start)
.'<br>');
}
@@ -826,17 +798,17 @@ sub handler {
(&Apache::lonnet::allowed('cin',$ENV{'request.course.id'})) ||
(&Apache::lonnet::allowed('ccr',$ENV{'request.course.id'})) ||
(&Apache::lonnet::allowed('cep',$ENV{'request.course.id'})) ||
- (&Apache::lonnet::allowed('cca',$ENV{'user.domain'})) ||
- (&Apache::lonnet::allowed('mau',$ENV{'user.domain'}))) {
+ (&Apache::lonnet::allowed('cca',$ENV{'request.role.domain'})) ||
+ (&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'}))) {
$r->content_type('text/html');
$r->send_http_header;
unless ($ENV{'form.phase'}) {
- &phase_one($r);
+ &print_username_entry_form($r);
}
- if ($ENV{'form.phase'} eq 'two') {
- &phase_two($r);
- } elsif ($ENV{'form.phase'} eq 'three') {
- &phase_three($r);
+ if ($ENV{'form.phase'} eq 'get_user_info') {
+ &print_user_modification_page($r);
+ } elsif ($ENV{'form.phase'} eq 'update_user_data') {
+ &update_user_data($r);
}
} else {
$ENV{'user.error.msg'}=
@@ -902,6 +874,10 @@ ENDTABLE
}
#---------------------------------------------- end functions for &phase_two
+#--------------------------------- functions for &phase_two and &phase_three
+
+#--------------------------end of functions for &phase_two and &phase_three
+
1;
__END__