--- loncom/interface/loncreateuser.pm 2007/12/21 14:05:40 1.214 +++ loncom/interface/loncreateuser.pm 2007/12/21 15:33:32 1.217 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Create a user # -# $Id: loncreateuser.pm,v 1.214 2007/12/21 14:05:40 raeburn Exp $ +# $Id: loncreateuser.pm,v 1.217 2007/12/21 15:33:32 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -493,9 +493,10 @@ sub print_user_query_page { } sub print_user_modification_page { - my ($r,$ccuname,$ccdomain,$srch,$response,$context) = @_; + my ($r,$ccuname,$ccdomain,$srch,$response,$context,$permission) = @_; if (($ccuname eq '') || ($ccdomain eq '')) { - my $usermsg = &mt('No username and/or domain provided.'); + my $usermsg = &mt('No username and/or domain provided.'); + $env{'form.phase'} = ''; &print_username_entry_form($r,$context,$usermsg); return; } @@ -512,6 +513,30 @@ sub print_user_modification_page { %alerts,%curr_rules,%got_rules); my $uhome=&Apache::lonnet::homeserver($ccuname,$ccdomain); if ($uhome eq 'no_host') { + my $usertype; + my ($rules,$ruleorder) = + &Apache::lonnet::inst_userrules($ccdomain,'username'); + $usertype = + &Apache::lonuserutils::check_usertype($ccdomain,$ccuname,$rules); + my $cancreate = + &Apache::lonuserutils::can_create_user($ccdomain,$context, + $usertype); + if (!$cancreate) { + my $helplink = ' href="javascript:helpMenu('."'display'".')"'; + my %usertypetext = ( + official => 'institutional', + unofficial => 'non-institutional', + ); + my $response; + if ($env{'form.origform'} eq 'crtusername') { + $response = ''.&mt('No match was found for the username ([_1]) in LON-CAPA domain: [_2]',$ccuname,$ccdomain). + '
'; + } + $response .= ''.&mt("You are not authorized to create new $usertypetext{$usertype} users in this domain.").' '.&mt('Contact the helpdesk for assistance.',$helplink).'

'; + $env{'form.phase'} = ''; + &print_username_entry_form($r,$context,$response); + return; + } $newuser = 1; my $checkhash; my $checks = { 'username' => 1 }; @@ -532,9 +557,10 @@ sub print_user_modification_page { $domdesc,$curr_rules{$ccdomain}{'username'}, 'username'); } + $env{'form.phase'} = ''; &print_username_entry_form($r,$context,$userchkmsg); return; - } + } } } } else { @@ -549,7 +575,7 @@ sub print_user_modification_page { } } if ($response) { - $response = '
'.$response + $response = '
'.$response; } my $defdom=$env{'request.role.domain'}; @@ -569,165 +595,35 @@ sub print_user_modification_page { my $pjump_def = &Apache::lonhtmlcommon::pjump_javascript_definition(); my $dc_setcourse_code = ''; my $nondc_setsection_code = ''; - my %loaditem; - my $groupslist; - my %curr_groups = &Apache::longroup::coursegroups(); - if (%curr_groups) { - $groupslist = join('","',sort(keys(%curr_groups))); - $groupslist = '"'.$groupslist.'"'; - } - - if ($env{'request.role'} =~ m-^dc\./($match_domain)/$-) { - my $dcdom = $1; - $loaditem{'onload'} = "document.cu.coursedesc.value='';"; - my @rolevals = ('st','ta','ep','in','cc'); - my (@crsroles,@grproles); - for (my $i=0; $i<@rolevals; $i++) { - $crsroles[$i]=&Apache::lonnet::plaintext($rolevals[$i],'Course'); - $grproles[$i]=&Apache::lonnet::plaintext($rolevals[$i],'Group'); - } - my $rolevalslist = join('","',@rolevals); - my $crsrolenameslist = join('","',@crsroles); - my $grprolenameslist = join('","',@grproles); - my $pickcrsfirst = '<--'.&mt('Pick course first'); - my $pickgrpfirst = '<--'.&mt('Pick group first'); - $dc_setcourse_code = <<"ENDSCRIPT"; - function setCourse() { - var course = document.cu.dccourse.value; - if (course != "") { - if (document.cu.dcdomain.value != document.cu.origdom.value) { - alert("You must select a course in the current domain"); - return; - } - var userrole = document.cu.role.options[document.cu.role.selectedIndex].value - var section=""; - var numsections = 0; - var newsecs = new Array(); - for (var i=0; i 1)) { - alert("In each course, each user may only have one student role at a time. You had selected "+numsections+" sections.\\nPlease modify your selections so they include no more than one section.") - return; - } - for (var j=0; j 0)) { - alert("Section designations do not apply to Course Coordinator roles.\\nA course coordinator role will be added with access to all sections."); - section = ""; - } - var coursename = "_$dcdom"+"_"+course+"_"+userrole - var numcourse = getIndex(document.cu.dccourse); - if (numcourse == "-1") { - alert("There was a problem with your course selection"); - return - } - else { - document.cu.elements[numcourse].name = "act"+coursename; - var numnewsec = getIndex(document.cu.newsec); - if (numnewsec != "-1") { - document.cu.elements[numnewsec].name = "sec"+coursename; - document.cu.elements[numnewsec].value = section; - } - var numstart = getIndex(document.cu.start); - if (numstart != "-1") { - document.cu.elements[numstart].name = "start"+coursename; - } - var numend = getIndex(document.cu.end); - if (numend != "-1") { - document.cu.elements[numend].name = "end"+coursename - } - } - } - document.cu.submit(); - } - - function getIndex(caller) { - for (var i=0;i'."\n".$jsback."\n". - $javascript_validations.''; + my $js = &validation_javascript($context,$ccdomain,$pjump_def, + $groupslist,$newuser,$formname,\%loaditem); my $start_page = &Apache::loncommon::start_page('User Management', $js,{'add_entries' => \%loaditem,}); + my %breadcrumb_text = &singleuser_breadcrumb(); &Apache::lonhtmlcommon::add_breadcrumb - ({href=>"javascript:backPage(document.cu)", - text=>"Create/modify user", + ({href=>"javascript:backPage($form)", + text=>$breadcrumb_text{'search'}, faq=>282,bug=>'Instructor Interface',}); if ($env{'form.phase'} eq 'userpicked') { &Apache::lonhtmlcommon::add_breadcrumb - ({href=>"javascript:backPage(document.cu,'get_user_info','select')", - text=>"Select a user", + ({href=>"javascript:backPage($form,'get_user_info','select')", + text=>$breadcrumb_text{'userpicked'}, faq=>282,bug=>'Instructor Interface',}); } &Apache::lonhtmlcommon::add_breadcrumb - ({href=>"javascript:backPage(document.cu,'$env{'form.phase'}','modify')", - text=>"Set user role", + ({href=>"javascript:backPage($form,'$env{'form.phase'}','modify')", + text=>$breadcrumb_text{'modify'}, faq=>282,bug=>'Instructor Interface',}); my $crumbs = &Apache::lonhtmlcommon::breadcrumbs('User Management'); my $forminfo =<<"ENDFORMINFO"; -
+ @@ -741,7 +637,7 @@ ENDFORMINFO $inccourses{$1.'_'.$2}=1; } } - if ($uhome eq 'no_host') { + if ($newuser) { my $portfolioform; if (&Apache::lonnet::allowed('mpq',$env{'request.role.domain'})) { # Current user has quota modification privileges @@ -764,7 +660,7 @@ $forminfo $loginscript -

$lt{'cnu'} "$ccuname" $lt{'ind'} $ccdomain

+

$lt{'cnu'} "$ccuname" $lt{'ind'} $ccdomain ENDTITLE if ($env{'form.action'} eq 'singlestudent') { $r->print(' ('.$lt{'ast'}.')'); @@ -835,8 +731,13 @@ ENDAUTH } else { $r->print(&Apache::lonuserutils::set_login($ccdomain,$authformkrb,$authformint,$authformloc)); } - $r->print('

'."\n".'
'); - } else { # user already exist- + $r->print($portfolioform); + if ($env{'form.action'} eq 'singlestudent') { + $r->print(&date_sections_select($context,$newuser,$formname, + $permission)); + } + $r->print('
'); + } else { # user already exists my %lt=&Apache::lonlocal::texthash( 'cup' => "Modify existing user: ", 'ens' => "Enroll one student: ", @@ -904,196 +805,9 @@ ENDNOPORTPRIV } } $r->print('
'); - my %rolesdump=&Apache::lonnet::dump('roles',$ccdomain,$ccuname); - # Build up table of user roles to allow revocation of a role. - my ($tmp) = keys(%rolesdump); - unless ($tmp =~ /^(con_lost|error)/i) { - my $now=time; - my %lt=&Apache::lonlocal::texthash( - 'rer' => "Existing Roles", - 'rev' => "Revoke", - 'del' => "Delete", - 'ren' => "Re-Enable", - 'rol' => "Role", - 'ext' => "Extent", - 'sta' => "Start", - 'end' => "End" - ); - my (%roletext,%sortrole,%roleclass,%rolepriv); - foreach my $area (sort { my $a1=join('_',(split('_',$a))[1,0]); - my $b1=join('_',(split('_',$b))[1,0]); - return $a1 cmp $b1; - } keys(%rolesdump)) { - next if ($area =~ /^rolesdef/); - my $envkey=$area; - my $role = $rolesdump{$area}; - my $thisrole=$area; - $area =~ s/\_\w\w$//; - my ($role_code,$role_end_time,$role_start_time) = - split(/_/,$role); -# Is this a custom role? Get role owner and title. - my ($croleudom,$croleuname,$croletitle)= - ($role_code=~m{^cr/($match_domain)/($match_username)/(\w+)$}); - my $allowed=0; - my $delallowed=0; - my $sortkey=$role_code; - my $class='Unknown'; - if ($area =~ m{^/($match_domain)/($match_courseid)} ) { - $class='Course'; - my ($coursedom,$coursedir) = ($1,$2); - $sortkey.="\0$coursedom"; - # $1.'_'.$2 is the course id (eg. 103_12345abcef103l3). - my %coursedata= - &Apache::lonnet::coursedescription($1.'_'.$2); - my $carea; - if (defined($coursedata{'description'})) { - $carea=$coursedata{'description'}. - '
'.&mt('Domain').': '.$coursedom.(' 'x8). - &Apache::loncommon::syllabuswrapper('Syllabus',$coursedir,$coursedom); - $sortkey.="\0".$coursedata{'description'}; - $class=$coursedata{'type'}; - } else { - $carea=&mt('Unavailable course').': '.$area; - $sortkey.="\0".&mt('Unavailable course').': '.$area; - } - $sortkey.="\0$coursedir"; - $inccourses{$1.'_'.$2}=1; - if ((&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) || - (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) { - $allowed=1; - } - if ((&Apache::lonnet::allowed('dro',$1)) || - (&Apache::lonnet::allowed('dro',$ccdomain))) { - $delallowed=1; - } -# - custom role. Needs more info, too - if ($croletitle) { - if (&Apache::lonnet::allowed('ccr',$1.'/'.$2)) { - $allowed=1; - $thisrole.='.'.$role_code; - } - } - # Compute the background color based on $area - if ($area=~m{^/($match_domain)/($match_courseid)/(\w+)}) { - $carea.='
Section: '.$3; - $sortkey.="\0$3"; - } - $area=$carea; - } else { - $sortkey.="\0".$area; - # Determine if current user is able to revoke privileges - if ($area=~m{^/($match_domain)/}) { - if ((&Apache::lonnet::allowed('c'.$role_code,$1)) || - (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) { - $allowed=1; - } - if (((&Apache::lonnet::allowed('dro',$1)) || - (&Apache::lonnet::allowed('dro',$ccdomain))) && - ($role_code ne 'dc')) { - $delallowed=1; - } - } else { - if (&Apache::lonnet::allowed('c'.$role_code,'/')) { - $allowed=1; - } - } - if ($role_code eq 'ca' || $role_code eq 'au') { - $class='Construction Space'; - } elsif ($role_code eq 'su') { - $class='System'; - } else { - $class='Domain'; - } - } - if (($role_code eq 'ca') || ($role_code eq 'aa')) { - $area=~m{/($match_domain)/($match_username)}; - if (&Apache::lonuserutils::authorpriv($2,$1)) { - $allowed=1; - } else { - $allowed=0; - } - } - my $row = ''; - $row.= ''; - my $active=1; - $active=0 if (($role_end_time) && ($now>$role_end_time)); - if (($active) && ($allowed)) { - $row.= ''; - } else { - if ($active) { - $row.=' '; - } else { - $row.=&mt('expired or revoked'); - } - } - $row.=''; - if ($allowed && !$active) { - $row.= ''; - } else { - $row.=' '; - } - $row.=''; - if ($delallowed) { - $row.= ''; - } else { - $row.=' '; - } - my $plaintext=''; - if (!$croletitle) { - $plaintext=&Apache::lonnet::plaintext($role_code,$class) - } else { - $plaintext= - "Customrole '$croletitle'
defined by $croleuname\@$croleudom"; - } - $row.= ''.$plaintext. - ''.$area. - ''.($role_start_time?localtime($role_start_time) - : ' ' ). - ''.($role_end_time ?localtime($role_end_time) - : ' ' ) - .""; - $sortrole{$sortkey}=$envkey; - $roletext{$envkey}=$row; - $roleclass{$envkey}=$class; - $rolepriv{$envkey}=$allowed; - #$r->print($row); - } # end of foreach (table building loop) - my $rolesdisplay = 0; - my %output = (); - foreach my $type ('Construction Space','Course','Group','Domain','System','Unknown') { - $output{$type} = ''; - foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { - if ( ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/ ) && ($rolepriv{$sortrole{$which}}) ) { - $output{$type}.= - &Apache::loncommon::start_data_table_row(). - $roletext{$sortrole{$which}}. - &Apache::loncommon::end_data_table_row(); - } - } - unless($output{$type} eq '') { - $output{$type} = ''. - "".&mt($type)."". - $output{$type}; - $rolesdisplay = 1; - } - } - if ($rolesdisplay == 1) { - $r->print(' -

'.$lt{'rer'}.'

'. -&Apache::loncommon::start_data_table("LC_createuser"). -&Apache::loncommon::start_data_table_header_row(). -''.$lt{'rev'}.''.$lt{'ren'}.''.$lt{'del'}. -''.$lt{'rol'}.''.$lt{'ext'}. -''.$lt{'sta'}.''.$lt{'end'}.''. -&Apache::loncommon::end_data_table_header_row()); - foreach my $type ('Construction Space','Course','Group','Domain','System','Unknown') { - if ($output{$type}) { - $r->print($output{$type}."\n"); - } - } - $r->print(&Apache::loncommon::end_data_table()); - } - } # End of unless + if ($env{'form.action'} ne 'singlestudent') { + &display_existing_roles($r,$ccuname,$ccdomain,\%inccourses); + } } ## End of new user/old user logic my $addrolesdisplay = 0; $r->print('

'.&mt('Add Roles').'

'); @@ -1261,6 +975,239 @@ sub date_sections_select { return $output; } +sub validation_javascript { + my ($context,$ccdomain,$pjump_def,$groupslist,$newuser,$formname, + $loaditem) = @_; + my $dc_setcourse_code = ''; + my $nondc_setsection_code = ''; + if ($context eq 'domain') { + my $dcdom = $env{'request.role.domain'}; + $loaditem->{'onload'} = "document.cu.coursedesc.value='';"; + $dc_setcourse_code = &Apache::lonuserutils::dc_setcourse_js('cu','singleuser'); + } else { + $nondc_setsection_code = + &Apache::lonuserutils::setsections_javascript($formname,$groupslist); + } + my $js = &user_modification_js($pjump_def,$dc_setcourse_code, + $nondc_setsection_code,$groupslist); + + my ($jsback,$elements) = &crumb_utilities(); + my $javascript_validations; + if ((&Apache::lonnet::allowed('mau',$ccdomain)) || ($newuser)) { + my ($krbdef,$krbdefdom) = + &Apache::loncommon::get_kerberos_defaults($ccdomain); + $javascript_validations = + &Apache::lonuserutils::javascript_validations('createuser',$krbdefdom,undef, + undef,$ccdomain); + } + $js .= "\n". + ''; + return $js; +} + +sub display_existing_roles { + my ($r,$ccuname,$ccdomain,$inccourses) = @_; + my %rolesdump=&Apache::lonnet::dump('roles',$ccdomain,$ccuname); + # Build up table of user roles to allow revocation and re-enabling of roles. + my ($tmp) = keys(%rolesdump); + if ($tmp !~ /^(con_lost|error)/i) { + my $now=time; + my %lt=&Apache::lonlocal::texthash( + 'rer' => "Existing Roles", + 'rev' => "Revoke", + 'del' => "Delete", + 'ren' => "Re-Enable", + 'rol' => "Role", + 'ext' => "Extent", + 'sta' => "Start", + 'end' => "End", + ); + my (%roletext,%sortrole,%roleclass,%rolepriv); + foreach my $area (sort { my $a1=join('_',(split('_',$a))[1,0]); + my $b1=join('_',(split('_',$b))[1,0]); + return $a1 cmp $b1; + } keys(%rolesdump)) { + next if ($area =~ /^rolesdef/); + my $envkey=$area; + my $role = $rolesdump{$area}; + my $thisrole=$area; + $area =~ s/\_\w\w$//; + my ($role_code,$role_end_time,$role_start_time) = + split(/_/,$role); +# Is this a custom role? Get role owner and title. + my ($croleudom,$croleuname,$croletitle)= + ($role_code=~m{^cr/($match_domain)/($match_username)/(\w+)$}); + my $allowed=0; + my $delallowed=0; + my $sortkey=$role_code; + my $class='Unknown'; + if ($area =~ m{^/($match_domain)/($match_courseid)} ) { + $class='Course'; + my ($coursedom,$coursedir) = ($1,$2); + $sortkey.="\0$coursedom"; + # $1.'_'.$2 is the course id (eg. 103_12345abcef103l3). + my %coursedata= + &Apache::lonnet::coursedescription($1.'_'.$2); + my $carea; + if (defined($coursedata{'description'})) { + $carea=$coursedata{'description'}. + '
'.&mt('Domain').': '.$coursedom.(' 'x8). + &Apache::loncommon::syllabuswrapper('Syllabus',$coursedir,$coursedom); + $sortkey.="\0".$coursedata{'description'}; + $class=$coursedata{'type'}; + } else { + $carea=&mt('Unavailable course').': '.$area; + $sortkey.="\0".&mt('Unavailable course').': '.$area; + } + $sortkey.="\0$coursedir"; + $inccourses->{$1.'_'.$2}=1; + if ((&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) || + (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) { + $allowed=1; + } + if ((&Apache::lonnet::allowed('dro',$1)) || + (&Apache::lonnet::allowed('dro',$ccdomain))) { + $delallowed=1; + } +# - custom role. Needs more info, too + if ($croletitle) { + if (&Apache::lonnet::allowed('ccr',$1.'/'.$2)) { + $allowed=1; + $thisrole.='.'.$role_code; + } + } + # Compute the background color based on $area + if ($area=~m{^/($match_domain)/($match_courseid)/(\w+)}) { + $carea.='
Section: '.$3; + $sortkey.="\0$3"; + if (!$allowed) { + if ($env{'request.course.sec'} eq $3) { + if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2.'/'.$3)) { + $allowed = 1; + } + } + } + } + $area=$carea; + } else { + $sortkey.="\0".$area; + # Determine if current user is able to revoke privileges + if ($area=~m{^/($match_domain)/}) { + if ((&Apache::lonnet::allowed('c'.$role_code,$1)) || + (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) { + $allowed=1; + } + if (((&Apache::lonnet::allowed('dro',$1)) || + (&Apache::lonnet::allowed('dro',$ccdomain))) && + ($role_code ne 'dc')) { + $delallowed=1; + } + } else { + if (&Apache::lonnet::allowed('c'.$role_code,'/')) { + $allowed=1; + } + } + if ($role_code eq 'ca' || $role_code eq 'au') { + $class='Construction Space'; + } elsif ($role_code eq 'su') { + $class='System'; + } else { + $class='Domain'; + } + } + if (($role_code eq 'ca') || ($role_code eq 'aa')) { + $area=~m{/($match_domain)/($match_username)}; + if (&Apache::lonuserutils::authorpriv($2,$1)) { + $allowed=1; + } else { + $allowed=0; + } + } + my $row = ''; + $row.= ''; + my $active=1; + $active=0 if (($role_end_time) && ($now>$role_end_time)); + if (($active) && ($allowed)) { + $row.= ''; + } else { + if ($active) { + $row.=' '; + } else { + $row.=&mt('expired or revoked'); + } + } + $row.=''; + if ($allowed && !$active) { + $row.= ''; + } else { + $row.=' '; + } + $row.=''; + if ($delallowed) { + $row.= ''; + } else { + $row.=' '; + } + my $plaintext=''; + if (!$croletitle) { + $plaintext=&Apache::lonnet::plaintext($role_code,$class) + } else { + $plaintext= + "Customrole '$croletitle'
defined by $croleuname\@$croleudom"; + } + $row.= ''.$plaintext. + ''.$area. + ''.($role_start_time?localtime($role_start_time) + : ' ' ). + ''.($role_end_time ?localtime($role_end_time) + : ' ' ) + .""; + $sortrole{$sortkey}=$envkey; + $roletext{$envkey}=$row; + $roleclass{$envkey}=$class; + $rolepriv{$envkey}=$allowed; + #$r->print($row); + } # end of foreach (table building loop) + my $rolesdisplay = 0; + my %output = (); + foreach my $type ('Construction Space','Course','Group','Domain','System','Unknown') { + $output{$type} = ''; + foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { + if ( ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/ ) && ($rolepriv{$sortrole{$which}}) ) { + $output{$type}.= + &Apache::loncommon::start_data_table_row(). + $roletext{$sortrole{$which}}. + &Apache::loncommon::end_data_table_row(); + } + } + unless($output{$type} eq '') { + $output{$type} = ''. + "".&mt($type)."". + $output{$type}; + $rolesdisplay = 1; + } + } + if ($rolesdisplay == 1) { + $r->print(' +

'.$lt{'rer'}.'

'. +&Apache::loncommon::start_data_table("LC_createuser"). +&Apache::loncommon::start_data_table_header_row(). +''.$lt{'rev'}.''.$lt{'ren'}.''.$lt{'del'}. +''.$lt{'rol'}.''.$lt{'ext'}. +''.$lt{'sta'}.''.$lt{'end'}.''. +&Apache::loncommon::end_data_table_header_row()); + foreach my $type ('Construction Space','Course','Group','Domain','System','Unknown') { + if ($output{$type}) { + $r->print($output{$type}."\n"); + } + } + $r->print(&Apache::loncommon::end_data_table()); + } + } # End of check for keys in rolesdump + return; +} + sub user_authentication { my ($ccuname,$ccdomain,$krbdefdom,$abv_auth) = @_; my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain);