--- loncom/interface/loncreateuser.pm 2003/04/30 15:49:45 1.52
+++ loncom/interface/loncreateuser.pm 2003/07/18 19:50:28 1.61
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Create a user
#
-# $Id: loncreateuser.pm,v 1.52 2003/04/30 15:49:45 matthew Exp $
+# $Id: loncreateuser.pm,v 1.61 2003/07/18 19:50:28 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -25,28 +25,6 @@
#
# http://www.lon-capa.org/
#
-# (Create a course
-# (My Desk
-#
-# (Internal Server Error Handler
-#
-# (Login Screen
-# 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14,
-# 1/14/00,5/29,5/30,6/1,6/29,7/1,11/9 Gerd Kortemeyer)
-#
-# YEAR=2001
-# 3/1/1 Gerd Kortemeyer)
-#
-# 3/1 Gerd Kortemeyer)
-#
-# 2/14 Gerd Kortemeyer)
-#
-# 2/14,2/17,2/19,2/20,2/21,2/22,2/23,3/2,3/17,3/24,04/12 Gerd Kortemeyer
-# April Guy Albertelli
-# 05/10,10/16 Gerd Kortemeyer
-# 02/11/02 Matthew Hall
-#
-# $Id: loncreateuser.pm,v 1.52 2003/04/30 15:49:45 matthew Exp $
###
package Apache::loncreateuser;
@@ -54,6 +32,7 @@ package Apache::loncreateuser;
use strict;
use Apache::Constants qw(:common :http);
use Apache::lonnet;
+use Apache::loncommon;
my $loginscript; # piece of javascript used in two separate instances
my $generalrule;
@@ -82,6 +61,18 @@ BEGIN {
}
+# ======================================================= Existing Custom Roles
+
+sub my_custom_roles {
+ my %returnhash=();
+ my %rolehash=&Apache::lonnet::dump('roles');
+ foreach (keys %rolehash) {
+ if ($_=~/^rolesdef\_(\w+)$/) {
+ $returnhash{$1}=$1;
+ }
+ }
+ return %returnhash;
+}
# ==================================================== Figure out author access
@@ -106,6 +97,9 @@ sub print_username_entry_form {
my $selscript=&Apache::loncommon::studentbrowser_javascript();
my $sellink=&Apache::loncommon::selectstudent_link
('crtuser','ccuname','ccdomain');
+ my %existingroles=&my_custom_roles();
+ my $choice=&Apache::loncommon::select_form('make new role','rolename',
+ ('make new role' => 'Generate new role ...',%existingroles));
$r->print(<<"ENDDOCUMENT");
<html>
<head>
@@ -115,15 +109,19 @@ $selscript
$bodytag
<form action="/adm/createuser" method="post" name="crtuser">
<input type="hidden" name="phase" value="get_user_info">
-<p>
+<h2>Set Individual User Roles</h2>
<table>
<tr><td>Username:</td><td><input type="text" size="15" name="ccuname">
</td><td rowspan="2">$sellink</td></tr><tr><td>
Domain:</td><td>$domform</td></tr>
-</table>
-</p>
-<input type="submit" value="Continue">
+</table>
+<input name="userrole" type="submit" value="User Roles" />
</form>
+<form action="/adm/createuser" method="post" name="docustom">
+<input type="hidden" name="phase" value="selected_custom_edit">
+<h2>Edit Custom Role Privileges</h2>
+Name of Role: $choice <input type="text" size="15" name="newrolename" /><br />
+<input name="customeditor" type="submit" value="Custom Role Editor" />
</body>
</html>
ENDDOCUMENT
@@ -135,6 +133,14 @@ sub print_user_modification_page {
my $ccuname=$ENV{'form.ccuname'};
my $ccdomain=$ENV{'form.ccdomain'};
+ $ccuname=~s/\W//gs;
+ $ccdomain=~s/\W//gs;
+
+ unless (($ccuname) && ($ccdomain)) {
+ &print_username_entry_form($r);
+ return;
+ }
+
my $defdom=$ENV{'request.role.domain'};
my ($krbdef,$krbdefdom) =
@@ -236,7 +242,7 @@ ENDNEWUSER
$dochead
<h1>Change User Privileges</h1>
$forminfo
-<h2>User "$ccuname" in domain $ccdomain </h2>
+<h2>User "$ccuname" in domain "$ccdomain"</h2>
ENDCHANGEUSER
# Get the users information
my %userenv = &Apache::lonnet::get('environment',
@@ -254,7 +260,7 @@ END
foreach ('firstname','middlename','lastname','generation') {
if (&Apache::lonnet::allowed('mau',$ccdomain)) {
$r->print(<<"END");
-<td><input type="text" name="c$_" value="$userenv{$_}" size="15"/></td>
+<td><input type="text" name="c$_" value="$userenv{$_}" size="15" /></td>
END
} else {
$r->print('<td>'.$userenv{$_}.'</td>');
@@ -272,7 +278,7 @@ END
<hr />
<h3>Revoke Existing Roles</h3>
<table border=2>
-<tr><th>Revoke</th><th>Role</th><th>Extent</th><th>Start</th><th>End</th>
+<tr><th>Revoke</th><th>Delete</th><th>Role</th><th>Extent</th><th>Start</th><th>End</th>
END
foreach my $area (keys(%rolesdump)) {
next if ($area =~ /^rolesdef/);
@@ -283,19 +289,29 @@ END
split(/_/,$role);
my $bgcol='ffffff';
my $allowed=0;
+ my $delallowed=0;
if ($area =~ /^\/(\w+)\/(\d\w+)/ ) {
+ my ($coursedom,$coursedir) = ($1,$2);
+ # $1.'_'.$2 is the course id (eg. 103_12345abcef103l3).
my %coursedata=
&Apache::lonnet::coursedescription($1.'_'.$2);
my $carea;
if (defined($coursedata{'description'})) {
- $carea='Course: '.$coursedata{'description'};
+ $carea='Course: '.$coursedata{'description'}.
+ '<br />Domain: '.$coursedom.(' 'x8).
+ &Apache::loncommon::syllabuswrapper('Syllabus',$coursedir,$coursedom);
} else {
$carea='Unavailable course: '.$area;
}
$inccourses{$1.'_'.$2}=1;
- if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) {
+ if ((&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) ||
+ (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) {
$allowed=1;
}
+ if ((&Apache::lonnet::allowed('dro',$1)) ||
+ (&Apache::lonnet::allowed('dro',$ccdomain))) {
+ $delallowed=1;
+ }
# Compute the background color based on $area
$bgcol=$1.'_'.$2;
$bgcol=~s/[^8-9b-e]//g;
@@ -307,9 +323,15 @@ END
} else {
# Determine if current user is able to revoke privileges
if ($area=~ /^\/(\w+)\//) {
- if (&Apache::lonnet::allowed('c'.$role_code,$1)) {
+ if ((&Apache::lonnet::allowed('c'.$role_code,$1)) ||
+ (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) {
$allowed=1;
}
+ if (((&Apache::lonnet::allowed('dro',$1)) ||
+ (&Apache::lonnet::allowed('dro',$ccdomain))) &&
+ ($role_code ne 'dc')) {
+ $delallowed=1;
+ }
} else {
if (&Apache::lonnet::allowed('c'.$role_code,'/')) {
$allowed=1;
@@ -331,6 +353,16 @@ END
if (($active) && ($allowed)) {
$row.= '<input type="checkbox" name="rev:'.$thisrole.'">';
} else {
+ if ($active) {
+ $row.=' ';
+ } else {
+ $row.='expired or revoked';
+ }
+ }
+ $row.='</td><td>';
+ if ($delallowed) {
+ $row.= '<input type="checkbox" name="del:'.$thisrole.'">';
+ } else {
$row.=' ';
}
$row.= '</td><td>'.&Apache::lonnet::plaintext($role_code).
@@ -412,16 +444,7 @@ ENDBADAUTH
$authform_other="<p>$authformkrb</p>".
"<p>$authformint</p><p>$authformfsys</p>";
}
- $authformcurrent=<<ENDCURRENTAUTH;
-<table border='1'>
-<tr>
-<td><font color='#ff0000'>* * * WARNING * * *</font></td>
-<td><font color='#ff0000'>* * * WARNING * * *</font></td>
-</tr>
-<tr><td bgcolor='#cbbcbb'>$authformcurrent</td>
-<td bgcolor='#cbbcbb'>Changing this value will overwrite existing authentication for the user; you should notify the user of this change.</td></tr>
-</table>
-ENDCURRENTAUTH
+ $authformcurrent.=' <i>(will override current values)</i><br />';
if (&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'})) {
# Current user has login modification privileges
$r->print(<<ENDOTHERAUTHS);
@@ -713,47 +736,68 @@ END
# Revoke roles
if ($_=~/^form\.rev/) {
if ($_=~/^form\.rev\:([^\_]+)\_([^\_]+)$/) {
- $r->print('Revoking '.$2.' in '.$1.': '.
+ $r->print('Revoking '.$2.' in '.$1.': <b>'.
&Apache::lonnet::assignrole($ENV{'form.ccdomain'},
- $ENV{'form.ccuname'},$1,$2,$now).'<br>');
+ $ENV{'form.ccuname'},$1,$2,$now).'</b><br>');
if ($2 eq 'st') {
$1=~/^\/(\w+)\/(\w+)/;
my $cid=$1.'_'.$2;
- $r->print('Drop from classlist: '.
+ $r->print('Drop from classlist: <b>'.
&Apache::lonnet::critical('put:'.
$ENV{'course.'.$cid.'.domain'}.':'.
$ENV{'course.'.$cid.'.num'}.':classlist:'.
&Apache::lonnet::escape($ENV{'form.ccuname'}.':'.
$ENV{'form.ccdomain'}).'='.
&Apache::lonnet::escape($now.':'),
- $ENV{'course.'.$cid.'.home'}).'<br>');
+ $ENV{'course.'.$cid.'.home'}).'</b><br>');
+ }
+ }
+ } elsif ($_=~/^form\.del/) {
+ if ($_=~/^form\.del\:([^\_]+)\_([^\_]+)$/) {
+ $r->print('Deleting '.$2.' in '.$1.': '.
+ &Apache::lonnet::assignrole($ENV{'form.ccdomain'},
+ $ENV{'form.ccuname'},$1,$2,$now,0,1).'<br>');
+ if ($2 eq 'st') {
+ $1=~/^\/(\w+)\/(\w+)/;
+ my $cid=$1.'_'.$2;
+ $r->print('Drop from classlist: <b>'.
+ &Apache::lonnet::critical('put:'.
+ $ENV{'course.'.$cid.'.domain'}.':'.
+ $ENV{'course.'.$cid.'.num'}.':classlist:'.
+ &Apache::lonnet::escape($ENV{'form.ccuname'}.':'.
+ $ENV{'form.ccdomain'}).'='.
+ &Apache::lonnet::escape($now.':'),
+ $ENV{'course.'.$cid.'.home'}).'</b><br>');
}
}
} elsif ($_=~/^form\.act/) {
if ($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_([^\_]+)$/) {
# Activate roles for sections with 3 id numbers
# set start, end times, and the url for the class
- my $start = ( $ENV{'form.start_'.$1.'_'.$2} ?
- $ENV{'form.start_'.$1.'_'.$2} :
+
+ my $start = ( $ENV{'form.start_'.$1.'_'.$2.'_'.$3} ?
+ $ENV{'form.start_'.$1.'_'.$2.'_'.$3} :
$now );
- my $end = ( $ENV{'form.end_'.$1.'_'.$2} ?
- $ENV{'form.end_'.$1.'_'.$2} :
+ my $end = ( $ENV{'form.end_'.$1.'_'.$2.'_'.$3} ?
+ $ENV{'form.end_'.$1.'_'.$2.'_'.$3} :
0 );
my $url='/'.$1.'/'.$2;
if ($ENV{'form.sec_'.$1.'_'.$2.'_'.$3}) {
$url.='/'.$ENV{'form.sec_'.$1.'_'.$2.'_'.$3};
}
# Assign the role and report it
- $r->print('Assigning: '.$3.' in '.$url.': '.
+ $r->print('Assigning: '.$3.' in '.$url.
+ ($start?', starting '.localtime($start):'').
+ ($end?', ending '.localtime($end):'').': <b>'.
&Apache::lonnet::assignrole(
$ENV{'form.ccdomain'},$ENV{'form.ccuname'},
$url,$3,$end,$start).
- '<br>');
+ '</b><br>');
# Handle students differently
if ($3 eq 'st') {
$url=~/^\/(\w+)\/(\w+)/;
my $cid=$1.'_'.$2;
- $r->print('Add to classlist: '.
+ $r->print('Add to classlist: <b>'.
&Apache::lonnet::critical(
'put:'.$ENV{'course.'.$cid.'.domain'}.':'.
$ENV{'course.'.$cid.'.num'}.':classlist:'.
@@ -762,7 +806,7 @@ END
$ENV{'form.ccdomain'} ).'='.
&Apache::lonnet::escape($end.':'.$start),
$ENV{'course.'.$cid.'.home'})
- .'<br>');
+ .'</b><br>');
}
} elsif ($_=~/^form\.act\_([^\_]+)\_([^\_]+)$/) {
# Activate roles for sections with two id numbers
@@ -776,16 +820,170 @@ END
my $url='/'.$1.'/';
# Assign the role and report it.
$r->print('Assigning: '.$2.' in '.$url.': '.
+ ($start?', starting '.localtime($start):'').
+ ($end?', ending '.localtime($end):'').': <b>'.
&Apache::lonnet::assignrole(
$ENV{'form.ccdomain'},$ENV{'form.ccuname'},
$url,$2,$end,$start)
- .'<br>');
+ .'</b><br>');
}
}
} # End of foreach (keys(%ENV))
$r->print('</body></html>');
}
+# ========================================================== Custom Role Editor
+
+sub custom_role_editor {
+ my $r=shift;
+ my $rolename=$ENV{'form.rolename'};
+
+ if ($rolename eq 'make new role') {
+ $rolename=$ENV{'form.newrolename'};
+ }
+
+ $rolename=~s/\W//gs;
+
+ unless ($rolename) {
+ &print_username_entry_form($r);
+ return;
+ }
+
+ $r->print(&Apache::loncommon::bodytag(
+ 'Create Users, Change User Privileges').'<h2>');
+ my $syspriv='';
+ my $dompriv='';
+ my $coursepriv='';
+ my ($rdummy,$roledef)=
+ &Apache::lonnet::get('roles',["rolesdef_$rolename"]);
+# ------------------------------------------------------- Does this role exist?
+ if (($rdummy ne 'con_lost') && ($roledef ne '')) {
+ $r->print('Existing Role "');
+# ------------------------------------------------- Get current role privileges
+ ($syspriv,$dompriv,$coursepriv)=split(/\_/,$roledef);
+ $r->print($syspriv.' '.$dompriv.' '.$coursepriv);
+ } else {
+ $r->print('New Role "');
+ $roledef='';
+ }
+ $r->print($rolename.'"</h2>');
+# ------------------------------------------------------- What can be assigned?
+ my %full=();
+ my %courselevel=();
+ my %courselevelcurrent=();
+ foreach (split(/\:/,$Apache::lonnet::pr{'cr:c'})) {
+ my ($priv,$restrict)=split(/\&/,$_);
+ unless ($restrict) { $restrict='F'; }
+ $courselevel{$priv}=$restrict;
+ if ($coursepriv=~/\:$priv/) {
+ $courselevelcurrent{$priv}=1;
+ }
+ $full{$priv}=1;
+ }
+ my %domainlevel=();
+ my %domainlevelcurrent=();
+ foreach (split(/\:/,$Apache::lonnet::pr{'cr:d'})) {
+ my ($priv,$restrict)=split(/\&/,$_);
+ unless ($restrict) { $restrict='F'; }
+ $domainlevel{$priv}=$restrict;
+ if ($dompriv=~/\:$priv/) {
+ $domainlevelcurrent{$priv}=1;
+ }
+ $full{$priv}=1;
+ }
+ my %systemlevel=();
+ my %systemlevelcurrent=();
+ foreach (split(/\:/,$Apache::lonnet::pr{'cr:s'})) {
+ my ($priv,$restrict)=split(/\&/,$_);
+ unless ($restrict) { $restrict='F'; }
+ $systemlevel{$priv}=$restrict;
+ if ($syspriv=~/\:$priv/) {
+ $systemlevelcurrent{$priv}=1;
+ }
+ $full{$priv}=1;
+ }
+ $r->print(<<ENDCCF);
+<form method="post">
+<input type="hidden" name="phase" value="set_custom_roles" />
+<input type="hidden" name="rolename" value="$rolename" />
+<table border="2">
+<tr><th>Privilege</th><th>Course Level</th><th>Domain Level</th>
+<th>System Level</th></tr>
+ENDCCF
+ foreach (sort keys %full) {
+ $r->print('<tr><td>'.&Apache::lonnet::plaintext($_).'</td><td>'.
+ ($courselevel{$_}?'<input type="checkbox" name="'.$_.':c" '.
+ ($courselevelcurrent{$_}?'checked="1"':'').' />':' ').
+ '</td><td>'.
+ ($domainlevel{$_}?'<input type="checkbox" name="'.$_.':d" '.
+ ($domainlevelcurrent{$_}?'checked="1"':'').' />':' ').
+ '</td><td>'.
+ ($systemlevel{$_}?'<input type="checkbox" name="'.$_.':s" '.
+ ($systemlevelcurrent{$_}?'checked="1"':'').' />':' ').
+ '</td></tr>');
+ }
+ $r->print(
+ '<table><input type="submit" value="Define Role" /></form></body></html>');
+}
+
+# ---------------------------------------------------------- Call to definerole
+sub set_custom_role {
+ my $r=shift;
+
+ my $rolename=$ENV{'form.rolename'};
+
+ $rolename=~s/\W//gs;
+
+ unless ($rolename) {
+ &print_username_entry_form($r);
+ return;
+ }
+
+ $r->print(&Apache::loncommon::bodytag(
+ 'Create Users, Change User Privileges').'<h2>');
+ my ($rdummy,$roledef)=
+ &Apache::lonnet::get('roles',["rolesdef_$rolename"]);
+# ------------------------------------------------------- Does this role exist?
+ if (($rdummy ne 'con_lost') && ($roledef ne '')) {
+ $r->print('Existing Role "');
+ } else {
+ $r->print('New Role "');
+ $roledef='';
+ }
+ $r->print($rolename.'"</h2>');
+# ------------------------------------------------------- What can be assigned?
+ my $sysrole='';
+ my $domrole='';
+ my $courole='';
+
+ foreach (split(/\:/,$Apache::lonnet::pr{'cr:c'})) {
+ my ($priv,$restrict)=split(/\&/,$_);
+ unless ($restrict) { $restrict=''; }
+ if ($ENV{'form.'.$priv.':c'}) {
+ $courole.=':'.$_;
+ }
+ }
+
+ foreach (split(/\:/,$Apache::lonnet::pr{'cr:d'})) {
+ my ($priv,$restrict)=split(/\&/,$_);
+ unless ($restrict) { $restrict=''; }
+ if ($ENV{'form.'.$priv.':d'}) {
+ $domrole.=':'.$_;
+ }
+ }
+
+ foreach (split(/\:/,$Apache::lonnet::pr{'cr:s'})) {
+ my ($priv,$restrict)=split(/\&/,$_);
+ unless ($restrict) { $restrict=''; }
+ if ($ENV{'form.'.$priv.':s'}) {
+ $sysrole.=':'.$_;
+ }
+ }
+ $r->print('Defining Role: '.
+ &Apache::lonnet::definerole($rolename,$sysrole,$domrole,$courole));
+ $r->print('</body></html>');
+}
+
# ================================================================ Main Handler
sub handler {
my $r = shift;
@@ -811,6 +1009,10 @@ sub handler {
&print_user_modification_page($r);
} elsif ($ENV{'form.phase'} eq 'update_user_data') {
&update_user_data($r);
+ } elsif ($ENV{'form.phase'} eq 'selected_custom_edit') {
+ &custom_role_editor($r);
+ } elsif ($ENV{'form.phase'} eq 'set_custom_roles') {
+ &set_custom_role($r);
}
} else {
$ENV{'user.error.msg'}=