--- loncom/interface/loncreateuser.pm 2002/02/08 19:40:42 1.24 +++ loncom/interface/loncreateuser.pm 2002/02/12 21:42:18 1.27 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Create a user # -# $Id: loncreateuser.pm,v 1.24 2002/02/08 19:40:42 matthew Exp $ +# $Id: loncreateuser.pm,v 1.27 2002/02/12 21:42:18 matthew Exp $ # # Copyright Michigan State University Board of Trustees # @@ -45,8 +45,9 @@ # April Guy Albertelli # 05/10,10/16 Gerd Kortemeyer # 11/12,11/13,11/15 Scott Harrison +# 02/11/02 Matthew Hall # -# $Id: loncreateuser.pm,v 1.24 2002/02/08 19:40:42 matthew Exp $ +# $Id: loncreateuser.pm,v 1.27 2002/02/12 21:42:18 matthew Exp $ ### package Apache::loncreateuser; @@ -69,7 +70,7 @@ BEGIN { $krbdefdom=~tr/a-z/A-Z/; $authformnop=(< - Do not change login data

@@ -206,7 +207,6 @@ ENDDOCUMENT } # =================================================================== Phase two - sub phase_two { my $r=shift; my $ccuname=$ENV{'form.ccuname'}; @@ -220,7 +220,7 @@ sub phase_two { $ccuname=~s/\W//g; $ccdomain=~s/\W//g; - $r->print(< The LearningOnline Network with CAPA @@ -250,19 +250,19 @@ sub phase_two { - -

Create User, Change User Privileges

-
- - - - - - - - - -ENDENHEAD + +ENDDOCHEAD + my $forminfo =<<"ENDFORMINFO"; + + + + + + + + + +ENDFORMINFO my $uhome=&Apache::lonnet::homeserver($ccuname,$ccdomain); my %incdomains; my %inccourses; @@ -275,19 +275,28 @@ ENDENHEAD } } if ($uhome eq 'no_host') { - $r->print(<New user $ccuname at $ccdomain -ENDNUSER - $r->print(<print(<Create New User +$forminfo +

New user "$ccuname" in domain $ccdomain

$loginscript

Personal Data

-First Name:
-Middle Name:
-Last Name:
-Generation:

+

+ + + + + + + + + +
First Name
Middle Name
Last Name
Generation
+ID/Student Number

-ID/Student Number:

+

Login Data

$generalrule @@ -295,33 +304,38 @@ $authformkrb $authformint $authformfsys $authformloc -ENDNUSER - } else { - $r->print('

Existing user '.$ccuname.' at '.$ccdomain.'

'); - +ENDNEWUSER + } else { # user already exists + $r->print(<Change User Privileges +$forminfo +

User "$ccuname" in domain $ccdomain

+ENDCHANGEUSER my $rolesdump=&Apache::lonnet::reply( "dump:$ccdomain:$ccuname:roles",$uhome); - unless ($rolesdump eq 'con_lost') { + # Build up table of user roles to allow revocation of a role. + unless ($rolesdump eq 'con_lost' || $rolesdump =~ m/^error/i) { my $now=time; - $r->print('

Revoke Existing Roles

'. + $r->print('

Revoke Existing Roles

'. ''. - ''); + ''); foreach (split(/&/,$rolesdump)) { if ($_!~/^rolesdef\&/) { - my ($area,$role)=split(/=/,$_); my $thisrole=$area; $area=~s/\_\w\w$//; - my ($trole,$tend,$tstart)=split(/_/,$role); + my ($role_code,$role_end_time,$role_start_time)=split(/_/,$role); my $bgcol='ffffff'; my $allows=0; if ($area=~/^\/(\w+)\/(\d\w+)/) { my %coursedata=&Apache::lonnet::coursedescription($1.'_'.$2); my $carea='Course: '.$coursedata{'description'}; $inccourses{$1.'_'.$2}=1; - if (&Apache::lonnet::allowed('c'.$trole,$1.'/'.$2)) { + if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) { $allows=1; } + # Compute the background color based on $area $bgcol=$1.'_'.$2; $bgcol=~s/[^8-9b-e]//g; $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6); @@ -330,35 +344,35 @@ ENDNUSER } $area=$carea; } else { + # Determine if current user is able to revoke privileges if ($area=~/^\/(\w+)\//) { - if (&Apache::lonnet::allowed('c'.$trole,$1)) { + if (&Apache::lonnet::allowed('c'.$role_code,$1)) { $allows=1; } } else { - if (&Apache::lonnet::allowed('c'.$trole,'/')) { + if (&Apache::lonnet::allowed('c'.$role_code,'/')) { $allows=1; } } } + $r->print('\n"); + ($role_start_time ? localtime($role_start_time) + : ' ' ) + .'\n"); } } $r->print('
RevokeRoleExtentStartEndStartEnd
'); my $active=1; - if (($tend) && ($now>$tend)) { $active=0; } - - $r->print('
'); - if ($active) { - if ($allows) { - $r->print( - ''); - } else { - $r->print(' '); - } + if (($role_end_time) && ($now>$role_end_time)) { $active=0; } + if (($active) && ($allows)) { + $r->print(''); } else { $r->print(' '); } - $r->print(''.&Apache::lonnet::plaintext($trole). + $r->print(''.&Apache::lonnet::plaintext($role_code). ''.$area.''. - ($tstart?localtime($tstart):' ').''. - ($tend?localtime($tend):' ')."
'. + ($role_end_time ? localtime($role_end_time) + : ' ' ) + ."
'); @@ -369,18 +383,14 @@ ENDNUSER my $krbdefdom2=$1; $loginscript=~s/vf\.krbdom\.value='.*?';/vf.krbdom.value='$krbdefdom2';/; } - # minor script hack here -# $loginscript=~s/login\[3\]/login\[4\]/; # loc -# $loginscript=~s/login\[2\]/login\[3\]/; # fsys -# $loginscript=~s/login\[1\]/login\[2\]/; # int -# $loginscript=~s/login\[0\]/login\[1\]/; # krb4 - + # Check for a bad authentication type unless ($currentauth=~/^krb4:/ or $currentauth=~/^unix:/ or $currentauth=~/^internal:/ or $currentauth=~/^localauth:/ - ) { - $r->print(<print(< $loginscript ERROR: @@ -392,14 +402,25 @@ $authformkrb $authformint $authformfsys $authformloc -END - } - else { +ENDBADAUTH + } else { + # This user is not allowed to modify the users + # authentication scheme, so just notify them of the problem + $r->print(< +$loginscript + ERROR: +This user has an unrecognized authentication scheme ($currentauth). +Please alert a domain coordinator of this situation. +
+ENDBADAUTH + } + } else { # Authentication type is valid my $authformcurrent=''; - my $authformother=''; + my $authform_other=''; if ($currentauth=~/^krb4:/) { $authformcurrent=$authformkrb; - $authformother=$authformint.$authformfsys.$authformloc; + $authform_other=$authformint.$authformfsys.$authformloc; # embarrassing script hack here $loginscript=~s/login\[3\]/login\[4\]/; # loc $loginscript=~s/login\[2\]/login\[3\]/; # fsys @@ -408,7 +429,7 @@ END } elsif ($currentauth=~/^internal:/) { $authformcurrent=$authformint; - $authformother=$authformkrb.$authformfsys.$authformloc; + $authform_other=$authformkrb.$authformfsys.$authformloc; # embarrassing script hack here $loginscript=~s/login\[3\]/login\[4\]/; # loc $loginscript=~s/login\[2\]/login\[3\]/; # fsys @@ -417,7 +438,7 @@ END } elsif ($currentauth=~/^unix:/) { $authformcurrent=$authformfsys; - $authformother=$authformkrb.$authformint.$authformloc; + $authform_other=$authformkrb.$authformint.$authformloc; # embarrassing script hack here $loginscript=~s/login\[3\]/login\[4\]/; # loc $loginscript=~s/login\[1\]/login\[3\]/; # int @@ -426,7 +447,7 @@ END } elsif ($currentauth=~/^localauth:/) { $authformcurrent=$authformloc; - $authformother=$authformkrb.$authformint.$authformfsys; + $authform_other=$authformkrb.$authformint.$authformfsys; # embarrassing script hack here $loginscript=~s/login\[3\]/login\[loc\]/; # loc $loginscript=~s/login\[2\]/login\[4\]/; # fsys @@ -434,7 +455,7 @@ END $loginscript=~s/login\[0\]/login\[2\]/; # krb4 $loginscript=~s/login\[loc\]/login\[1\]/; # loc } - $authformcurrent=< * * * WARNING * * * @@ -443,8 +464,10 @@ END $authformcurrent Changing this value will overwrite existing authentication for the user; you should notify the user of this change. -END - $r->print(<print(< $loginscript

Change Current Login Data

@@ -452,10 +475,11 @@ $generalrule $authformnop $authformcurrent

Enter New Login Data

-$authformother -END - } - } +$authform_other +ENDOTHERAUTHS + } + } ## End of "check for bad authentication type" logic + } ## End of new user/old user logic $r->print('

Add Roles

'); # # Co-Author @@ -513,195 +537,187 @@ ENDDROW # # Course level # - $r->print('

Course Level

'. - ''. - ''); - foreach (sort( keys(%inccourses))) { - my $thiscourse=$_; - my $protectedcourse=$_; - $thiscourse=~s:_:/:g; - my %coursedata=&Apache::lonnet::coursedescription($thiscourse); - my $area=$coursedata{'description'}; - my $bgcol=$thiscourse; - $bgcol=~s/[^8-9b-e]//g; - $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6); - foreach ('st','ta','ep','ad','in','cc') { - if (&Apache::lonnet::allowed('c'.$_,$thiscourse)) { - my $plrole=&Apache::lonnet::plaintext($_); - $r->print(" - - - - - - - -ENDROW - } - } - } - $r->print('
ActivateRoleExtentGroup/SectionStartEnd
$plrole$area"); - if ($_ ne 'cc') { - $r->print(""); - } else { $r->print(" "); } - $r->print(< -Set Start Date -Set End Date
'); - $r->print(''); - $r->print(''); + $r->print(&course_level_table(%inccourses)); + $r->print("
\n"); + $r->print(""); } # ================================================================= Phase Three - sub phase_three { my $r=shift; + # Error messages + my $error = 'Error:'; + my $end = ''; + # Print header $r->print(< The LearningOnline Network with CAPA - -

Create User, Change User Privileges

+ ENDTHREEHEAD - $r->print('

'.$ENV{'form.cuname'}.' at '.$ENV{'form.cdomain'}.'

'); - if ($ENV{'form.makeuser'}) { - $r->print('

Creating User

'); - if (($ENV{'form.cuname'})&&($ENV{'form.cuname'}!~/\W/)&& - ($ENV{'form.cdomain'})&&($ENV{'form.cdomain'}!~/\W/)) { - my $amode=''; - my $genpwd=''; - if ($ENV{'form.login'} eq 'krb') { - $amode='krb4'; - $genpwd=$ENV{'form.krbdom'}; - } elsif ($ENV{'form.login'} eq 'int') { - $amode='internal'; - $genpwd=$ENV{'form.intpwd'}; - } elsif ($ENV{'form.login'} eq 'fsys') { - $amode='unix'; - $genpwd=$ENV{'form.fsyspwd'}; - } elsif ($ENV{'form.login'} eq 'loc') { - $amode='localauth'; - $genpwd=$ENV{'form.locarg'}; - if (!$genpwd) { $genpwd=" "; } + # Check Inputs + if (! $ENV{'form.cuname'} ) { + $r->print($error.'No login name specified.'.$end); + return; + } + if ( $ENV{'form.cuname'} =~/\W/) { + $r->print($error.'Invalid login name. '. + 'Only letters, numbers, and underscores are valid.'. + $end); + return; + } + if (! $ENV{'form.cdomain'} ) { + $r->print($error.'No domain specified.'.$end); + return; + } + if ( $ENV{'form.cdomain'} =~/\W/) { + $r->print($error.'Invalid domain name. '. + 'Only letters, numbers, and underscores are valid.'. + $end); + return; + } + # Determine authentication method and password for the user being modified + my $amode=''; + my $genpwd=''; + if ($ENV{'form.login'} eq 'krb') { + $amode='krb4'; + $genpwd=$ENV{'form.krbdom'}; + } elsif ($ENV{'form.login'} eq 'int') { + $amode='internal'; + $genpwd=$ENV{'form.intpwd'}; + } elsif ($ENV{'form.login'} eq 'fsys') { + $amode='unix'; + $genpwd=$ENV{'form.fsyspwd'}; + } elsif ($ENV{'form.login'} eq 'loc') { + $amode='localauth'; + $genpwd=$ENV{'form.locarg'}; + $genpwd=" " if (!$genpwd); + } + if ($ENV{'form.makeuser'}) { + # Create a new user + $r->print(<Create User +

Creating user "$ENV{'form.cuname'}" in domain "$ENV{'form.cdomain'}"

+ENDNEWUSERHEAD + # Check for the authentication mode and password + if (! $amode || ! $genpwd) { + $r->print($error.'Invalid login mode or password'.$end); + return; } - if (($amode) && ($genpwd)) { - $r->print('Generating user: '.&Apache::lonnet::modifyuser( - $ENV{'form.cdomain'},$ENV{'form.cuname'}, - $ENV{'form.cstid'},$amode,$genpwd, - $ENV{'form.cfirst'},$ENV{'form.cmiddle'}, - $ENV{'form.clast'},$ENV{'form.cgen'})); - $r->print('
Home server: '.&Apache::lonnet::homeserver - ($ENV{'form.cuname'},$ENV{'form.cdomain'})); - - } else { - $r->print('Invalid login mode or password'); - } - } else { - $r->print('Invalid username or domain'); - } - } - if (!$ENV{'form.makeuser'} and $ENV{'form.login'} ne 'nop') { - $r->print('

Changing User Login Data

'); - if (($ENV{'form.cuname'})&&($ENV{'form.cuname'}!~/\W/)&& - ($ENV{'form.cdomain'})&&($ENV{'form.cdomain'}!~/\W/)) { - my $amode=''; - my $genpwd=''; - if ($ENV{'form.login'} eq 'krb') { - $amode='krb4'; - $genpwd=$ENV{'form.krbdom'}; - } elsif ($ENV{'form.login'} eq 'int') { - $amode='internal'; - $genpwd=$ENV{'form.intpwd'}; - } elsif ($ENV{'form.login'} eq 'fsys') { - $amode='unix'; - $genpwd=$ENV{'form.fsyspwd'}; - } elsif ($ENV{'form.login'} eq 'loc') { - $amode='localauth'; - $genpwd=$ENV{'form.locarg'}; - if (!$genpwd) { $genpwd=" "; } + # Call modifyuser + my $result = &Apache::lonnet::modifyuser + ($ENV{'form.cdomain'},$ENV{'form.cuname'}, + $ENV{'form.cstid'},$amode,$genpwd, + $ENV{'form.cfirst'},$ENV{'form.cmiddle'}, + $ENV{'form.clast'},$ENV{'form.cgen'} + ); + $r->print('Generating user: '.$result); + $r->print('
Home server: '.&Apache::lonnet::homeserver + ($ENV{'form.cuname'},$ENV{'form.cdomain'})); + } elsif ($ENV{'form.login'} ne '') { + # Modify user privileges + $r->print(<Change User Privileges +

User "$ENV{'form.cuname'}" in domain "$ENV{'form.cdomain'}"

+ENDMODIFYUSERHEAD + if (! $amode || ! $genpwd) { + $r->print($error.'Invalid login mode or password'.$end); + return; } - if (($amode) && ($genpwd)) { + # Only allow authentification modification if the person has authority + if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) { $r->print('Modifying authentication: '. - &Apache::lonnet::modifyuserauth( + &Apache::lonnet::modifyuserauth( $ENV{'form.cdomain'},$ENV{'form.cuname'}, $amode,$genpwd)); $r->print('
Home server: '.&Apache::lonnet::homeserver - ($ENV{'form.cuname'},$ENV{'form.cdomain'})); - + ($ENV{'form.cuname'},$ENV{'form.cdomain'})); } else { - $r->print('Invalid login mode or password'); - } - } else { - $r->print('Invalid username or domain'); + # Okay, this is a non-fatal error. + $r->print($error.'You do not have the authority to modify '. + 'this users authentification information.'); + } } - } + ## my $now=time; $r->print('

Modifying Roles

'); foreach (keys (%ENV)) { - if (($_=~/^form\.rev\:([^\_]+)\_([^\_]+)$/) && ($ENV{$_})) { - $r->print('Revoking '.$2.' in '.$1.': '. - &Apache::lonnet::assignrole($ENV{'form.cdomain'},$ENV{'form.cuname'}, - $1,$2,$now).'
'); - if ($2 eq 'st') { - $1=~/^\/(\w+)\/(\w+)/; - my $cid=$1.'_'.$2; - $r->print('Drop from classlist: '. - &Apache::lonnet::critical('put:'.$ENV{'course.'.$cid.'.domain'}.':'. - $ENV{'course.'.$cid.'.num'}.':classlist:'. - &Apache::lonnet::escape($ENV{'form.cuname'}.':'. - $ENV{'form.cdomain'}).'='. - &Apache::lonnet::escape($now.':'), - $ENV{'course.'.$cid.'.home'}).'
'); - } - } - } - foreach (keys(%ENV)) { - if (($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_([^\_]+)$/) && ($ENV{$_})) { - my $url='/'.$1.'/'.$2; - if ($ENV{'form.sec_'.$1.'_'.$2.'_'.$3}) { - $url.='/'.$ENV{'form.sec_'.$1.'_'.$2.'_'.$3}; - } - my $start=$now; - if ($ENV{'form.start_'.$1.'_'.$2.'_'.$3}) { - $start=$ENV{'form.start_'.$1.'_'.$2.'_'.$3}; - } - my $end=0; - if ($ENV{'form.end_'.$1.'_'.$2.'_'.$3}) { - $end=$ENV{'form.end_'.$1.'_'.$2.'_'.$3}; - } - $r->print('Assigning: '.$3.' in '.$url.': '. - &Apache::lonnet::assignrole($ENV{'form.cdomain'},$ENV{'form.cuname'}, - $url,$3,$end,$start).'
'); - if ($3 eq 'st') { - $url=~/^\/(\w+)\/(\w+)/; - my $cid=$1.'_'.$2; - $r->print('Add to classlist: '. - &Apache::lonnet::critical('put:'.$ENV{'course.'.$cid.'.domain'}.':'. - $ENV{'course.'.$cid.'.num'}.':classlist:'. - &Apache::lonnet::escape($ENV{'form.cuname'}.':'. - $ENV{'form.cdomain'}).'='. - &Apache::lonnet::escape($end.':'.$start), - $ENV{'course.'.$cid.'.home'}).'
'); + next if (! $ENV{$_}); + # Revoke roles + if ($_=~/^form\.rev/) { + if ($_=~/^form\.rev\:([^\_]+)\_([^\_]+)$/) { + $r->print('Revoking '.$2.' in '.$1.': '. + &Apache::lonnet::assignrole($ENV{'form.cdomain'}, + $ENV{'form.cuname'},$1,$2,$now).'
'); + if ($2 eq 'st') { + $1=~/^\/(\w+)\/(\w+)/; + my $cid=$1.'_'.$2; + $r->print('Drop from classlist: '. + &Apache::lonnet::critical('put:'. + $ENV{'course.'.$cid.'.domain'}.':'. + $ENV{'course.'.$cid.'.num'}.':classlist:'. + &Apache::lonnet::escape($ENV{'form.cuname'}.':'. + $ENV{'form.cdomain'}).'='. + &Apache::lonnet::escape($now.':'), + $ENV{'course.'.$cid.'.home'}).'
'); + } + } + } elsif ($_=~/^form\.act/) { + if ($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_([^\_]+)$/) { + # Activate roles for sections with 3 id numbers + # set start, end times, and the url for the class + my $start = ( $ENV{'form.start_'.$1.'_'.$2} ? + $ENV{'form.start_'.$1.'_'.$2} : + $now ); + my $end = ( $ENV{'form.end_'.$1.'_'.$2} ? + $ENV{'form.end_'.$1.'_'.$2} : + 0 ); + my $url='/'.$1.'/'.$2; + if ($ENV{'form.sec_'.$1.'_'.$2.'_'.$3}) { + $url.='/'.$ENV{'form.sec_'.$1.'_'.$2.'_'.$3}; + } + # Assign the role and report it + $r->print('Assigning: '.$3.' in '.$url.': '. + &Apache::lonnet::assignrole( + $ENV{'form.cdomain'},$ENV{'form.cuname'}, + $url,$3,$end,$start). + '
'); + # Handle students differently + if ($3 eq 'st') { + $url=~/^\/(\w+)\/(\w+)/; + my $cid=$1.'_'.$2; + $r->print('Add to classlist: '. + &Apache::lonnet::critical( + 'put:'.$ENV{'course.'.$cid.'.domain'}.':'. + $ENV{'course.'.$cid.'.num'}.':classlist:'. + &Apache::lonnet::escape( + $ENV{'form.cuname'}.':'. + $ENV{'form.cdomain'} ).'='. + &Apache::lonnet::escape($end.':'.$start), + $ENV{'course.'.$cid.'.home'}) + .'
'); + } + } elsif ($_=~/^form\.act\_([^\_]+)\_([^\_]+)$/) { + # Activate roles for sections with two id numbers + # set start, end times, and the url for the class + my $start = ( $ENV{'form.start_'.$1.'_'.$2} ? + $ENV{'form.start_'.$1.'_'.$2} : + $now ); + my $end = ( $ENV{'form.end_'.$1.'_'.$2} ? + $ENV{'form.end_'.$1.'_'.$2} : + 0 ); + my $url='/'.$1.'/'; + # Assign the role and report it. + $r->print('Assigning: '.$2.' in '.$url.': '. + &Apache::lonnet::assignrole( + $ENV{'form.cdomain'},$ENV{'form.cuname'}, + $url,$2,$end,$start) + .'
'); } - } elsif (($_=~/^form\.act\_([^\_]+)\_([^\_]+)$/) && ($ENV{$_})) { - my $url='/'.$1.'/'; - my $start=$now; - if ($ENV{'form.start_'.$1.'_'.$2}) { - $start=$ENV{'form.start_'.$1.'_'.$2}; - } - my $end=0; - if ($ENV{'form.end_'.$1.'_'.$2}) { - $end=$ENV{'form.end_'.$1.'_'.$2}; - } - $r->print('Assigning: '.$2.' in '.$url.': '. - &Apache::lonnet::assignrole($ENV{'form.cdomain'},$ENV{'form.cuname'}, - $url,$2,$end,$start).'
'); - } - } + } + } # End of foreach (keys(%ENV)) $r->print(''); } @@ -739,6 +755,62 @@ sub handler { return OK; } +#-------------------------------------------------- functions for &phase_two +sub course_level_table { + my %inccourses = @_; + my $table = ''; + foreach (sort( keys(%inccourses))) { + my $thiscourse=$_; + my $protectedcourse=$_; + $thiscourse=~s:_:/:g; + my %coursedata=&Apache::lonnet::coursedescription($thiscourse); + my $area=$coursedata{'description'}; + my $bgcol=$thiscourse; + $bgcol=~s/[^8-9b-e]//g; + $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6); + foreach ('st','ta','ep','ad','in','cc') { + if (&Apache::lonnet::allowed('c'.$_,$thiscourse)) { + my $plrole=&Apache::lonnet::plaintext($_); + $table .= < + +$plrole +$area +ENDEXTENT + if ($_ ne 'cc') { + $table .= < +ENDSECTION + } else { + $table .= <  +ENDSECTION + } + $table .= < +Set Start Date + +Set End Date +ENDTIMEENTRY + $table.= "\n"; + } + } + } + return '' if ($table eq ''); # return nothing if there is nothing + # in the table + my $result = <Course Level + + +$table +
ActivateRoleExtentGroup/SectionStartEnd
+ENDTABLE + return $result; +} +#---------------------------------------------- end functions for &phase_two + 1; __END__