--- loncom/interface/loncreateuser.pm 2024/09/03 09:26:06 1.406.2.20.2.8 +++ loncom/interface/loncreateuser.pm 2025/01/13 01:00:58 1.483 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Create a user # -# $Id: loncreateuser.pm,v 1.406.2.20.2.8 2024/09/03 09:26:06 raeburn Exp $ +# $Id: loncreateuser.pm,v 1.483 2025/01/13 01:00:58 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -80,6 +80,7 @@ my $authformkrb; my $authformint; my $authformfsys; my $authformloc; +my $authformlti; sub initialize_authen_forms { my ($dom,$formname,$curr_authtype,$mode,$readonly) = @_; @@ -90,7 +91,7 @@ sub initialize_authen_forms { domain => $dom, ); my %abv_auth = &auth_abbrev(); - if ($curr_authtype =~ /^(krb4|krb5|internal|localauth|unix):(.*)$/) { + if ($curr_authtype =~ /^(krb4|krb5|internal|localauth|unix|lti):(.*)$/) { my $long_auth = $1; my $curr_autharg = $2; my %abv_auth = &auth_abbrev(); @@ -112,6 +113,7 @@ sub initialize_authen_forms { $authformint = &Apache::loncommon::authform_internal(%param); $authformfsys = &Apache::loncommon::authform_filesystem(%param); $authformloc = &Apache::loncommon::authform_local(%param); + $authformlti = &Apache::loncommon::authform_lti(%param); } sub auth_abbrev { @@ -121,6 +123,7 @@ sub auth_abbrev { internal => 'int', localauth => 'loc', unix => 'fsys', + lti => 'lti', ); return %abv_auth; } @@ -141,7 +144,7 @@ sub user_quotas { ); my ($currquota,$quotatype,$inststatus,$defquota) = &Apache::loncommon::get_user_quota($ccuname,$ccdomain,$name); - if ($longinsttype eq '') { + if ($longinsttype eq '') { if ($inststatus ne '') { if ($usertypes->{$inststatus} ne '') { $longinsttype = $usertypes->{$inststatus}; @@ -171,7 +174,7 @@ sub user_quotas { } else { $defaultinfo = &mt("For this user, the default quota of [_1]". " MB,[_2]is determined by the user's institutional". - " affiliation ([_3]).",$defquota,'
',$longinsttype); + " affiliation ([_3]).",$defquota,'
'.$longinsttype); } } @@ -295,6 +298,8 @@ sub build_tools_display { 'unofficial' => 'Can request creation of unofficial courses', 'community' => 'Can request creation of communities', 'textbook' => 'Can request creation of textbook courses', + 'placement' => 'Can request creation of placement tests', + 'lti' => 'Can request creation of LTI courses', 'requestauthor' => 'Can request author space', 'edit' => 'Standard editor (Edit)', 'xml' => 'Text editor (EditXML)', @@ -304,8 +309,9 @@ sub build_tools_display { if ($context eq 'requestcourses') { %userenv = &Apache::lonnet::userenvironment($ccdomain,$ccuname, 'requestcourses.official','requestcourses.unofficial', - 'requestcourses.community','requestcourses.textbook'); - @usertools = ('official','unofficial','community','textbook'); + 'requestcourses.community','requestcourses.textbook', + 'requestcourses.placement','requestcourses.lti'); + @usertools = ('official','unofficial','community','textbook','placement','lti'); @options =('norequest','approval','autolimit','validate'); %validations = &Apache::lonnet::auto_courserequest_checks($ccdomain); %reqtitles = &courserequest_titles(); @@ -675,12 +681,14 @@ sub coursereq_externaluser { 'unofficial' => 'Can request creation of unofficial courses', 'community' => 'Can request creation of communities', 'textbook' => 'Can request creation of textbook courses', + 'placement' => 'Can request creation of placement tests', ); %userenv = &Apache::lonnet::userenvironment($ccdomain,$ccuname, 'reqcrsotherdom.official','reqcrsotherdom.unofficial', - 'reqcrsotherdom.community','reqcrsotherdom.textbook'); - @usertools = ('official','unofficial','community','textbook'); + 'reqcrsotherdom.community','reqcrsotherdom.textbook', + 'reqcrsotherdom.placement'); + @usertools = ('official','unofficial','community','textbook','placement'); @options = ('approval','validate','autolimit'); %validations = &Apache::lonnet::auto_courserequest_checks($cdom); my $optregex = join('|',@options); @@ -773,6 +781,8 @@ sub courserequest_titles { unofficial => 'Unofficial', community => 'Communities', textbook => 'Textbook', + placement => 'Placement Tests', + lti => 'LTI Provider', norequest => 'Not allowed', approval => 'Approval by Dom. Coord.', validate => 'With validation', @@ -1116,7 +1126,15 @@ ENDBLOCK (!(($env{'form.action'} eq 'singleuser') && ($context eq 'domain') && (!&Apache::lonnet::allowed('mau',$env{'request.role.domain'}))))) { my $defdom=$env{'request.role.domain'}; - my $domform = &Apache::loncommon::select_dom_form($defdom,'srchdomain'); + my ($trusted,$untrusted); + if ($context eq 'course') { + ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('enroll',$defdom); + } elsif ($context eq 'author') { + ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('othcoau',$defdom); + } elsif ($context eq 'domain') { + ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('domroles',$defdom); + } + my $domform = &Apache::loncommon::select_dom_form($defdom,'srchdomain',undef,undef,undef,$trusted,$untrusted); my %lt=&Apache::lonlocal::texthash( 'enro' => 'Enroll one student', 'enrm' => 'Enroll one member', @@ -1529,7 +1547,7 @@ sub print_user_modification_page { push(@toggles,('aboutme','blog','portfolio','portaccess','timezone')); } if (&Apache::lonnet::allowed('ccc',$env{'request.role.domain'})) { - push(@toggles,('official','unofficial','community','textbook')); + push(@toggles,('official','unofficial','community','textbook','placement','lti')); } if (@toggles) { my $onload; @@ -1748,15 +1766,21 @@ ENDAUTH $inst_results{$ccuname.':'.$ccdomain})); if ((&Apache::lonnet::allowed('ccc',$env{'request.role.domain'})) || (&Apache::lonnet::allowed('udp',$env{'request.role.domain'}))) { - $r->print('

'.&mt('Can Request Creation of Courses/Communities in this Domain?').'

'."\n". - &Apache::loncommon::start_data_table()); - if ($env{'request.role.domain'} eq $ccdomain) { - $r->print(&build_tools_display($ccuname,$ccdomain,'requestcourses')); + $r->print('

'.&mt('Can Request Creation of Courses/Communities in this Domain?').'

'."\n"); + if (($env{'request.role.domain'} eq $ccdomain) || + (&Apache::lonnet::will_trust('reqcrs',$ccdomain,$env{'request.role.domain'}))) { + $r->print(&Apache::loncommon::start_data_table()); + if ($env{'request.role.domain'} eq $ccdomain) { + $r->print(&build_tools_display($ccuname,$ccdomain,'requestcourses')); + } else { + $r->print(&coursereq_externaluser($ccuname,$ccdomain, + $env{'request.role.domain'})); + } + $r->print(&Apache::loncommon::end_data_table()); } else { - $r->print(&coursereq_externaluser($ccuname,$ccdomain, - $env{'request.role.domain'})); + $r->print(&mt('Domain configuration for this domain prohibits course creation by users from domain: "[_1]"', + &Apache::lonnet::domain($ccdomain,'description'))); } - $r->print(&Apache::loncommon::end_data_table()); } $r->print(''); my @order = ('auth','quota','tools','requestauthor','authordefaults'); @@ -1975,7 +1999,7 @@ sub validation_javascript { if ((ref($permission) eq 'HASH') && ($permission->{'cusr'})) { my $dcdom = $env{'request.role.domain'}; $loaditem->{'onload'} = "document.cu.coursedesc.value='';"; - $dc_setcourse_code = + $dc_setcourse_code = &Apache::lonuserutils::dc_setcourse_js('cu','singleuser',$context); } } else { @@ -2466,11 +2490,20 @@ sub new_domain_roles { ''.&mt('Start').''.&mt('End').''. &Apache::loncommon::end_data_table_header_row(); my @allroles = &Apache::lonuserutils::roles_by_context('domain'); + my $uprimary = &Apache::lonnet::domain($env{'request.role.domain'},'primary'); + my $uintdom = &Apache::lonnet::internet_dom($uprimary); foreach my $thisdomain (sort(&Apache::lonnet::all_domains())) { foreach my $role (@allroles) { next if ($role eq 'ad'); next if (($role eq 'au') && ($ccdomain ne $thisdomain)); if (&Apache::lonnet::allowed('c'.$role,$thisdomain)) { + if ($role eq 'dc') { + unless ($thisdomain eq $env{'request.role.domain'}) { + my $domprim = &Apache::lonnet::domain($thisdomain,'primary'); + my $intdom = &Apache::lonnet::internet_dom($domprim); + next unless ($uintdom eq $intdom); + } + } my $plrole=&Apache::lonnet::plaintext($role); my %lt=&Apache::lonlocal::texthash( 'ssd' => "Set Start Date", @@ -2512,7 +2545,7 @@ sub user_authentication { 'ld' => "Login Data" ); # Check for a bad authentication type - if ($currentauth !~ /^(krb4|krb5|unix|internal|localauth):/) { + if ($currentauth !~ /^(krb4|krb5|unix|internal|localauth|lti):/) { # bad authentication scheme if (&Apache::lonnet::allowed('mau',$ccdomain)) { &initialize_authen_forms($ccdomain,$formname); @@ -2539,6 +2572,7 @@ $lt{'uuas'} ($currentauth). $lt{'adcs'}. ENDBADAUTH } } else { # Authentication type is valid + &initialize_authen_forms($ccdomain,$formname,$currentauth,'modifyuser'); my ($authformcurrent,$can_modify,@authform_others) = &modify_login_block($ccdomain,$currentauth); @@ -2627,6 +2661,8 @@ ENDJS $result = &mt('Currently using local (institutional) authentication.'); } elsif ($currentauth =~ /^unix:/) { $result = &mt('Currently Filesystem Authenticated.'); + } elsif ($currentauth =~ /^lti:/) { + $result = &mt('Currently LTI authenticated.'); } $outcome = '

'.$lt{'ld'}.'

'. &Apache::loncommon::start_data_table(). @@ -2665,6 +2701,9 @@ sub modify_login_block { if ($can_assign{'loc'}) { push(@authform_others,$authformloc); } + if ($can_assign{'lti'}) { + push(@authform_others,$authformlti); + } if (($can_assign{'krb4'}) || ($can_assign{'krb5'})) { $show_override_msg = 1; } @@ -2676,6 +2715,9 @@ sub modify_login_block { if ($can_assign{'loc'}) { push(@authform_others,$authformloc); } + if ($can_assign{'lti'}) { + push(@authform_others,$authformlti); + } if ($can_assign{'int'}) { $show_override_msg = 1; } @@ -2690,6 +2732,9 @@ sub modify_login_block { if ($can_assign{'loc'}) { push(@authform_others,$authformloc); } + if ($can_assign{'lti'}) { + push(@authform_others,$authformlti); + } if ($can_assign{'fsys'}) { $show_override_msg = 1; } @@ -2701,9 +2746,23 @@ sub modify_login_block { if ($can_assign{'int'}) { push(@authform_others,$authformint); } + if ($can_assign{'lti'}) { + push(@authform_others,$authformlti); + } if ($can_assign{'loc'}) { $show_override_msg = 1; } + } elsif ($currentauth=~/^lti:/) { + $authformcurrent=$authformlti; + if (($can_assign{'krb4'}) || ($can_assign{'krb5'})) { + push(@authform_others,$authformkrb); + } + if ($can_assign{'int'}) { + push(@authform_others,$authformint); + } + if ($can_assign{'loc'}) { + push(@authform_others,$authformloc); + } } if ($show_override_msg) { $authformcurrent = ''.&Apache::loncommon::end_data_table_row() .&Apache::loncommon::end_data_table(); @@ -7471,7 +7784,7 @@ sub get_noedit_fields { } } return %noedit; -} +} sub visible_in_stdcat { my ($cdom,$cnum,$domconf) = @_; @@ -7790,12 +8103,13 @@ ENDSCRIPT chgcontext => 'any', rolelog_start_date => $defstart, rolelog_end_date => $now, + approvals => 'any', ); my $more_records = 0; # set current my %curr; - foreach my $item ('show','page','role','chgcontext') { + foreach my $item ('show','page','role','chgcontext','approvals') { $curr{$item} = $env{'form.'.$item}; } my ($startdate,$enddate) = @@ -7869,6 +8183,11 @@ ENDSCRIPT if (($context eq 'course') && ($viewablesec ne '')) { next if ($roleslog{$id}{'logentry'}{'section'} ne $viewablesec); } + if ($curr{'approvals'} eq 'none') { + next if ($roleslog{$id}{'logentry'}{'approval'}); + } elsif ($curr{'approvals'} ne 'any') { + next if ($roleslog{$id}{'logentry'}{'approval'} ne $curr{'approvals'}); + } $count ++; next if ($count < $minshown); unless ($showntableheader) { @@ -7915,11 +8234,30 @@ ENDSCRIPT if ($chgcontext ne '' && $lt{$chgcontext} ne '') { $chgcontext = $lt{$chgcontext}; } + my ($showreqby,%reqby); + if (($roleslog{$id}{'logentry'}{'approval'}) && + ($roleslog{$id}{'logentry'}{'requester'})) { + if ($reqby{$roleslog{$id}{'logentry'}{'requester'}} eq '') { + my ($requname,$requdom) = split(/:/,$roleslog{$id}{'logentry'}{'requester'}); + $reqby{$roleslog{$id}{'logentry'}{'requester'}} = + &Apache::loncommon::plainname($requname,$requdom); + } + $showreqby = &mt('Requester').': '.$reqby{$roleslog{$id}{'logentry'}{'requester'}}.'
'; + if ($roleslog{$id}{'logentry'}{'approval'} eq 'domain') { + $showreqby .= &mt('Adjudicator').': '. + $whodunit{$roleslog{$id}{'exe_uname'}.':'.$roleslog{$id}{'exe_udom'}}. + ''; + } else { + $showreqby .= ''.&mt('User approved').''; + } + } else { + $showreqby = $whodunit{$roleslog{$id}{'exe_uname'}.':'.$roleslog{$id}{'exe_udom'}}; + } $r->print( &Apache::loncommon::start_data_table_row() .'' .'' - .'' + .'' .'' .''); if ($context eq 'course') { @@ -8273,7 +8611,7 @@ sub activity_display_filter { my $nolink = 1; my $output = '
'.$authformcurrent. @@ -2804,7 +2863,7 @@ sub personal_data_display { } else { undef($condition); } - } + } if ($excluded) { unless ($excluded =~ /^\@[^\@]+$/) { undef($condition); @@ -2844,7 +2903,7 @@ sub personal_data_display { $upasstwo. &Apache::lonhtmlcommon::row_closure()."\n"; if ($usernameset eq 'free') { - my $onclick = "toggleUsernameDisp(this,'selfcreateusername');"; + my $onclick = "toggleUsernameDisp(this,'selfcreateusername');"; $output .= &Apache::lonhtmlcommon::row_title($lt{'username'},undef,'LC_oddrow_value')."\n". ''.&mt('Use e-mail address: '). ''.$add_domtitle.'
' .&Apache::loncommon::select_dom_form('','selfenroll_newdom', - $includeempty,$showdomdesc,'','','',$readonly) + $includeempty,$showdomdesc,'',$trusted,$untrusted,$readonly) .'' .'		'.$count.''.&Apache::lonlocal::locallocaltime($roleslog{$id}{'exe_time'}).''.$whodunit{$roleslog{$id}{'exe_uname'}.':'.$roleslog{$id}{'exe_udom'}}.''.$showreqby.''.$changed{$roleslog{$id}{'uname'}.':'.$roleslog{$id}{'udom'}}.''.&Apache::lonnet::plaintext($roleslog{$id}{'logentry'}{'role'},$crstype).'
'; my $startform = @@ -8360,14 +8698,10 @@ sub userlogdisplay_navlinks { sub role_display_filter { my ($context,$formname,$cdom,$cnum,$curr,$version,$crstype) = @_; - my $lctype; - if ($context eq 'course') { - $lctype = lc($crstype); - } my $nolink = 1; my $output = '
'. ''.&mt('Actions/page:').'
'. - &Apache::lonmeta::selectbox('show',$curr->{'show'},undef, + &Apache::lonmeta::selectbox('show',$curr->{'show'},'',undef, (&mt('all'),5,10,20,50,100,1000,10000)). '		  
'; my $startform = @@ -8391,7 +8725,7 @@ sub role_display_filter { if ($curr->{'role'} eq 'any') { $output .= ' selected="selected"'; } - $output .= '>'.&mt('Any').''."\n"; + $output .= '>'.&mt('Any').''."\n"; my @roles = &Apache::lonuserutils::roles_by_context($context,1,$crstype); foreach my $role (@roles) { my $plrole; @@ -8412,7 +8746,7 @@ sub role_display_filter { &mt('Context:').'
' - .'
'. ''.&mt('Changes/page:').'
'. - &Apache::lonmeta::selectbox('show',$curr->{'show'},undef, + &Apache::lonmeta::selectbox('show',$curr->{'show'},'',undef, (&mt('all'),5,10,20,50,100,1000,10000)). '		  
'; + my @possapprovals = ('any','none','domain','user'); + my %apptxt = &approval_types(); + $output .= ''. + '  '. + ''. + &mt('Approvals:').'
'; # Update Display button $output .= '

' @@ -8468,6 +8814,7 @@ sub rolechg_contexts { domain => 'User Management in domain', selfenroll => 'Self-enrolled', requestcourses => 'Course Request', + ltienroll => 'Enrollment via LTI', ); if ($crstype eq 'Community') { $lt{'createcourse'} = &mt('Community Creation'); @@ -8493,6 +8840,15 @@ sub rolechg_contexts { return %lt; } +sub approval_types { + return &Apache::lonlocal::texthash ( + any => 'Any', + none => 'No approval needed', + user => 'Role recipient approval', + domain => 'Domain coordinator approval', + ); +} + sub print_helpdeskaccess_display { my ($r,$permission,$brcrum) = @_; my $formname = 'helpdeskaccess'; @@ -8899,6 +9255,67 @@ ENDJS return; } +sub print_queued_roles { + my ($r,$context,$permission,$brcrum) = @_; + push (@{$brcrum}, + {href => '/adm/createuser?action=rolerequests', + text => 'Role Requests (other domains)', + help => ''}); + my $bread_crumbs_component = 'Role Requests'; + my $args = { bread_crumbs => $brcrum, + bread_crumbs_component => $bread_crumbs_component}; + # print page header + $r->print(&header('',$args)); + my ($dom,$cnum); + $dom = $env{'request.role.domain'}; + if ($context eq 'course') { + if ($env{'request.course.id'}) { + if (&Apache::loncommon::course_type() eq 'Community') { + $context = 'community'; + } + $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; + } + } elsif ($context eq 'author') { + $cnum = $env{'user.name'}; + } + $r->print(&Apache::loncoursequeueadmin::display_queued_requests('othdomqueue',$dom,$cnum,$context)); + return; +} + +sub print_pendingroles { + my ($r,$context,$permission,$brcrum) = @_; + push (@{$brcrum}, + {href => '/adm/createuser?action=queuedroles', + text => 'Queued Role Assignments (users in this domain)', + help => ''}); + my $bread_crumbs_component = 'Queued Role Assignments'; + my $args = { bread_crumbs => $brcrum, + bread_crumbs_component => $bread_crumbs_component}; + # print page header + $r->print(&header('',$args)); + $r->print(&Apache::loncoursequeueadmin::display_queued_requests('othdomaction',$env{'request.role.domain'},'','domain')); + return; +} + +sub process_pendingroles { + my ($r,$context,$permission,$brcrum) = @_; + push (@{$brcrum}, + {href => '/adm/createuser?action=queuedroles', + text => 'Queued Role Assignments (users in this domain)', + help => ''}, + {href => '/adm/createuser?action=processrolereq', + text => 'Process Queue', + help => ''}); + my $bread_crumbs_component = 'Queued Role Assignments'; + my $args = { bread_crumbs => $brcrum, + bread_crumbs_component => $bread_crumbs_component}; + # print page header + $r->print(&header('',$args)); + $r->print(&Apache::loncoursequeueadmin::update_request_queue('othdombydc', + $env{'request.role.domain'})); + return; +} + sub domain_adhoc_access { my ($roles,$domcurrent,$accesstypes,$usertypes,$othertitle) = @_; my %domusage; @@ -9527,7 +9944,7 @@ sub user_search_result { my $domd_chk = &domdirectorysrch_check($srch); $response .= ''.$instd_chk.'
'; if ($domd_chk eq 'ok') { - $response .= &mt('You may want to search in the LON-CAPA domain instead of the institutional directory.'); + $response .= &mt('You may want to search in the LON-CAPA domain instead of in the institutional directory.'); } $response .= '
'; } @@ -9538,7 +9955,7 @@ sub user_search_result { my $instd_chk = &instdirectorysrch_check($srch); $response .= ''.$domd_chk.'
'; if ($instd_chk eq 'ok') { - $response .= &mt('You may want to search in the institutional directory instead of the LON-CAPA domain.'); + $response .= &mt('You may want to search in the institutional directory instead of in the LON-CAPA domain.'); } $response .= '
'; } @@ -9639,7 +10056,7 @@ sub user_search_result { $response = ''. &mt('Institutional directory search is not available in domain: [_1]',$showdom). '
'. - &mt('You may want to search in the LON-CAPA domain instead of the institutional directory.'). + &mt('You may want to search in the LON-CAPA domain instead of in the institutional directory.'). '
'; } } @@ -9712,7 +10129,7 @@ sub user_search_result { $response = ''. &mt('Institutional directory search is not available in domain: [_1]',$showdom). '
'. - &mt('You may want to search in the LON-CAPA domain instead of the institutional directory.'). + &mt('You may want to search in the LON-CAPA domain instead of in the institutional directory.'). '
'; } }