--- loncom/interface/loncreateuser.pm 2002/09/05 16:44:22 1.39.6.1 +++ loncom/interface/loncreateuser.pm 2002/12/30 14:10:58 1.46 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Create a user # -# $Id: loncreateuser.pm,v 1.39.6.1 2002/09/05 16:44:22 albertel Exp $ +# $Id: loncreateuser.pm,v 1.46 2002/12/30 14:10:58 www Exp $ # # Copyright Michigan State University Board of Trustees # @@ -47,7 +47,7 @@ # 11/12,11/13,11/15 Scott Harrison # 02/11/02 Matthew Hall # -# $Id: loncreateuser.pm,v 1.39.6.1 2002/09/05 16:44:22 albertel Exp $ +# $Id: loncreateuser.pm,v 1.46 2002/12/30 14:10:58 www Exp $ ### package Apache::loncreateuser; @@ -80,6 +80,19 @@ BEGIN { $authformloc = &Apache::loncommon::authform_local(%param); } + + +# ==================================================== Figure out author access + +sub authorpriv { + my ($auname,$audom)=@_; + if (($auname ne $ENV{'user.name'}) || + (($audom ne $ENV{'user.domain'}) && + ($audom ne $ENV{'request.role.domain'}))) { return ''; } + unless (&Apache::lonnet::allowed('cca',$audom)) { return ''; } + return 1; +} + # =================================================================== Phase one sub print_username_entry_form { @@ -87,18 +100,26 @@ sub print_username_entry_form { my $defdom=$ENV{'request.role.domain'}; my @domains = &Apache::loncommon::get_domains(); my $domform = &Apache::loncommon::select_dom_form($defdom,'ccdomain'); + my $bodytag =&Apache::loncommon::bodytag( + 'Create Users, Change User Privileges'); + my $selscript=&Apache::loncommon::studentbrowser_javascript(); + my $sellink=&Apache::loncommon::selectstudent_link + ('crtuser','ccuname','ccdomain'); $r->print(<<"ENDDOCUMENT"); The LearningOnline Network with CAPA +$selscript - -

Create User, Change User Privileges

-
+$bodytag +

-Username:
-Domain: $domform + + +
Username: +$sellink
+Domain:$domform

@@ -154,9 +175,9 @@ sub print_user_modification_page { - - ENDDOCHEAD + $r->print(&Apache::loncommon::bodytag( + 'Create Users, Change User Privileges')); my $forminfo =<<"ENDFORMINFO";
@@ -293,18 +314,12 @@ END } } } - # I have no idea what the hell the above code does - # So the following is a check: - if ($allowed) { - # If we are looking at a co-author role, make sure it is - # for the current users construction space before we let - # them revoke it. - if (($role_code eq 'ca') && - ($ENV{'request.role'} !~ /^dc/)) { - if ($area !~ - /^\/$ENV{'request.role.domain'}\/$ENV{'user.name'}/) { - $allowed = 0; - } + if ($role_code eq 'ca') { + $area=~/\/(\w+)\/(\w+)/; + if (&authorpriv($2,$1)) { + $allowed=1; + } else { + $allowed=0; } } my $row = ''; @@ -330,7 +345,7 @@ END my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain); if ($currentauth=~/^krb(4|5):/) { $currentauth=~/^krb(4|5):(.*)/; - my $krbdefdom2=$1; + my $krbdefdom=$1; my %param = ( formname => 'document.cu', kerb_def_dom => $krbdefdom ); @@ -426,7 +441,9 @@ ENDOTHERAUTHS # # Co-Author # - if (&Apache::lonnet::allowed('cca',$ENV{'request.role.domain'})) { + if (&authorpriv($ENV{'user.name'},$ENV{'request.role.domain'}) && + ($ENV{'user.name'} ne $ccuname || $ENV{'user.domain'} ne $ccdomain)) { + # No sense in assigning co-author role to yourself my $cuname=$ENV{'user.name'}; my $cudom=$ENV{'request.role.domain'}; $r->print(< The LearningOnline Network with CAPA - - ENDTHREEHEAD + my $title; + if (exists($ENV{'form.makeuser'})) { + $title='Set Privileges for New User'; + } else { + $title='Modify User Privileges'; + } + $r->print(&Apache::loncommon::bodytag($title)); # Check Inputs if (! $ENV{'form.ccuname'} ) { $r->print($error.'No login name specified.'.$end); @@ -560,7 +582,6 @@ ENDTHREEHEAD if ($ENV{'form.makeuser'}) { # Create a new user $r->print(<Create User

Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"

ENDNEWUSERHEAD # Check for the authentication mode and password @@ -596,7 +617,6 @@ ENDNEWUSERHEAD ($ENV{'form.login'} ne '' )) { # Modify user privileges $r->print(<Change User Privileges

User "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"

ENDMODIFYUSERHEAD if (! $amode || ! $genpwd) {