--- loncom/interface/loncreateuser.pm 2001/10/16 21:16:01 1.19 +++ loncom/interface/loncreateuser.pm 2001/11/16 06:23:11 1.20 @@ -1,4 +1,4 @@ -# The LearningOnline Network +# The LearningOnline Network with CAPA # Create a user # # (Create a course @@ -10,6 +10,7 @@ # 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14, # 1/14/00,5/29,5/30,6/1,6/29,7/1,11/9 Gerd Kortemeyer) # +# YEAR=2001 # 3/1/1 Gerd Kortemeyer) # # 3/1 Gerd Kortemeyer) @@ -19,13 +20,144 @@ # 2/14,2/17,2/19,2/20,2/21,2/22,2/23,3/2,3/17,3/24,04/12 Gerd Kortemeyer # April Guy Albertelli # 05/10,10/16 Gerd Kortemeyer +# 11/12,11/13,11/15 Scott Harrison # +# $Id: loncreateuser.pm,v 1.20 2001/11/16 06:23:11 harris41 Exp $ +### + package Apache::loncreateuser; use strict; use Apache::Constants qw(:common :http); use Apache::lonnet; +my $loginscript; # piece of javascript used in two separate instances +my $generalrule; +my $authformnop; +my $authformkrb; +my $authformint; +my $authformfsys; +my $authformloc; + +sub BEGIN { + $ENV{'SERVER_NAME'}=~/(\w+\.\w+)$/; + my $krbdefdom=$1; + $krbdefdom=~tr/a-z/A-Z/; + $authformnop=(< + +Do not change login data +

+END + $authformkrb=(< + +Kerberos authenticated with domain + +

+END + $authformint=(< + +Internally authenticated (with initial password +) +

+END + $authformfsys=(< + +Filesystem authenticated (with initial password +) +

+END + $authformloc=(< + +Local Authentication with argument + +

+END + $loginscript=(< +function setkrb(vf) { + if (vf.krbdom.value!='') { + vf.login[0].checked=true; + vf.krbdom.value=vf.krbdom.value.toUpperCase(); + vf.intpwd.value=''; + vf.fsyspwd.value=''; + vf.locarg.value=''; + } +} + +function setint(vf) { + if (vf.intpwd.value!='') { + vf.login[1].checked=true; + vf.krbdom.value=''; + vf.fsyspwd.value=''; + vf.locarg.value=''; + } +} + +function setfsys(vf) { + if (vf.fsyspwd.value!='') { + vf.login[2].checked=true; + vf.krbdom.value=''; + vf.intpwd.value=''; + vf.locarg.value=''; + } +} + +function setloc(vf) { + if (vf.locarg.value!='') { + vf.login[3].checked=true; + vf.krbdom.value=''; + vf.intpwd.value=''; + vf.fsyspwd.value=''; + } +} + +function clicknop(vf) { + vf.krbdom.value=''; + vf.intpwd.value=''; + vf.fsyspwd.value=''; + vf.locarg.value=''; +} + +function clickkrb(vf) { + vf.krbdom.value='$krbdefdom'; + vf.intpwd.value=''; + vf.fsyspwd.value=''; + vf.locarg.value=''; +} + +function clickint(vf) { + vf.krbdom.value=''; + vf.fsyspwd.value=''; + vf.locarg.value=''; +} + +function clickfsys(vf) { + vf.krbdom.value=''; + vf.intpwd.value=''; + vf.locarg.value=''; +} + +function clickloc(vf) { + vf.krbdom.value=''; + vf.intpwd.value=''; + vf.fsyspwd.value=''; +} + +ENDLOGINSCRIPT + $generalrule=< +As a general rule, only authors or co-authors should be filesystem +authenticated (which allows access to the server filesystem). +

+END +} + # =================================================================== Phase one sub phase_one { @@ -121,69 +253,24 @@ ENDENHEAD if ($uhome eq 'no_host') { $r->print(<New user $ccuname at $ccdomain - - +ENDNUSER + $r->print(<

Personal Data

-First Name:
-Middle Name:
-Last Name:
-Generation:

+First Name:
+Middle Name:
+Last Name:
+Generation:

-ID/Student Number:

+ID/Student Number:

Login Data

- -Kerberos authenticated with domain -

- -Internally authenticated (with initial password -) -

- -Local Authentication with argument - -

+$generalrule +$authformkrb +$authformint +$authformfsys +$authformloc ENDNUSER } else { $r->print('

Existing user '.$ccuname.' at '.$ccdomain.'

'); @@ -252,8 +339,79 @@ ENDNUSER } split(/&/,$rolesdump); $r->print(''); } + my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain); + if ($currentauth=~/^krb4:/) { + $currentauth=~/^krb4:(.*)/; + my $krbdefdom2=$1; + $loginscript=~s/vf\.krbdom\.value='.*?';/vf.krbdom.value='$krbdefdom2';/; + } + # minor script hack here + $loginscript=~s/login\[3\]/login\[4\]/; + $loginscript=~s/login\[2\]/login\[3\]/; + $loginscript=~s/login\[1\]/login\[2\]/; + $loginscript=~s/login\[0\]/login\[1\]/; + + $r->print(< +$loginscript +END + unless ($currentauth=~/^krb4:/ or + $currentauth=~/^unix:/ or + $currentauth=~/^internal:/ or + $currentauth=~/^localauth:/ + ) { + $r->print(<ERROR: +This user has an unrecognized authentication scheme ($currentauth). +Please specify login data below. +

Login Data

+$generalrule +$authformkrb +$authformint +$authformfsys +$authformloc +END + } + else { + my $authformcurrent=''; + my $authformother=''; + if ($currentauth=~/^krb4:/) { + $authformcurrent=$authformkrb; + $authformother=$authformint.$authformfsys.$authformloc; + } + elsif ($currentauth=~/^internal:/) { + $authformcurrent=$authformint; + $authformother=$authformkrb.$authformfsys.$authformloc; + } + elsif ($currentauth=~/^unix:/) { + $authformcurrent=$authformfsys; + $authformother=$authformkrb.$authformint.$authformloc; + } + elsif ($currentauth=~/^localauth:/) { + $authformcurrent=$authformloc; + $authformother=$authformkrb.$authformint.$authformfsys; + } + $authformcurrent=< + +* * * WARNING * * * +* * * WARNING * * * + +$authformcurrent +Changing this value will overwrite existing authentication for the user; you should notify the user of this change. + +END + $r->print(<Change Current Login Data +$generalrule +$authformnop +$authformcurrent +

Enter New Login Data

+$authformother +END + } } - $r->print('

Add Roles

'); + $r->print('

Add Roles

'); # # Co-Author # @@ -377,6 +535,9 @@ ENDTHREEHEAD } elsif ($ENV{'form.login'} eq 'int') { $amode='internal'; $genpwd=$ENV{'form.intpwd'}; + } elsif ($ENV{'form.login'} eq 'fsys') { + $amode='unix'; + $genpwd=$ENV{'form.fsyspwd'}; } elsif ($ENV{'form.login'} eq 'loc') { $amode='localauth'; $genpwd=$ENV{'form.locarg'}; @@ -392,6 +553,41 @@ ENDTHREEHEAD ($ENV{'form.cuname'},$ENV{'form.cdomain'})); } else { + $r->print('Invalid login mode or password'); + } + } else { + $r->print('Invalid username or domain'); + } + } + if (!$ENV{'form.makeuser'} and $ENV{'form.login'} ne 'nop') { + $r->print('

Changing User Login Data

'); + if (($ENV{'form.cuname'})&&($ENV{'form.cuname'}!~/\W/)&& + ($ENV{'form.cdomain'})&&($ENV{'form.cdomain'}!~/\W/)) { + my $amode=''; + my $genpwd=''; + if ($ENV{'form.login'} eq 'krb') { + $amode='krb4'; + $genpwd=$ENV{'form.krbdom'}; + } elsif ($ENV{'form.login'} eq 'int') { + $amode='internal'; + $genpwd=$ENV{'form.intpwd'}; + } elsif ($ENV{'form.login'} eq 'fsys') { + $amode='unix'; + $genpwd=$ENV{'form.fsyspwd'}; + } elsif ($ENV{'form.login'} eq 'loc') { + $amode='localauth'; + $genpwd=$ENV{'form.locarg'}; + if (!$genpwd) { $genpwd=" "; } + } + if (($amode) && ($genpwd)) { + $r->print('Modifying authentication: '. + &Apache::lonnet::modifyuserauth( + $ENV{'form.cdomain'},$ENV{'form.cuname'}, + $amode,$genpwd); + $r->print('
Home server: '.&Apache::lonnet::homeserver + ($ENV{'form.cuname'},$ENV{'form.cdomain'})); + + } else { $r->print('Invalid login mode or password'); } } else {