--- loncom/interface/loncreateuser.pm 2002/02/11 21:25:07 1.26 +++ loncom/interface/loncreateuser.pm 2002/04/04 21:46:44 1.29 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Create a user # -# $Id: loncreateuser.pm,v 1.26 2002/02/11 21:25:07 matthew Exp $ +# $Id: loncreateuser.pm,v 1.29 2002/04/04 21:46:44 matthew Exp $ # # Copyright Michigan State University Board of Trustees # @@ -47,7 +47,7 @@ # 11/12,11/13,11/15 Scott Harrison # 02/11/02 Matthew Hall # -# $Id: loncreateuser.pm,v 1.26 2002/02/11 21:25:07 matthew Exp $ +# $Id: loncreateuser.pm,v 1.29 2002/04/04 21:46:44 matthew Exp $ ### package Apache::loncreateuser; @@ -70,7 +70,7 @@ BEGIN { $krbdefdom=~tr/a-z/A-Z/; $authformnop=(< - Do not change login data

@@ -260,12 +260,11 @@ ENDDOCHEAD - - ENDFORMINFO my $uhome=&Apache::lonnet::homeserver($ccuname,$ccdomain); my %incdomains; my %inccourses; + my %home_servers = &get_home_servers($ccdomain); foreach (%Apache::lonnet::hostdom) { $incdomains{$_}=1; } @@ -275,6 +274,13 @@ ENDFORMINFO } } if ($uhome eq 'no_host') { + my $home_server_list= + ''."\n"; + foreach (sort keys(%home_servers)) { + $home_server_list.= + '\n"; + } $r->print(<Create New User @@ -295,9 +301,8 @@ $loginscript ID/Student Number

- +Home Server:
-

Login Data

$generalrule $authformkrb @@ -312,69 +317,98 @@ $dochead $forminfo

User "$ccuname" in domain $ccdomain

ENDCHANGEUSER - my $rolesdump=&Apache::lonnet::reply( - "dump:$ccdomain:$ccuname:roles",$uhome); + # Get the users information + my %userenv = &Apache::lonnet::get('environment', + ['firstname','middlename','lastname','generation'], + $ccdomain,$ccuname); + my %rolesdump=&Apache::lonnet::dump('roles',$ccdomain,$ccuname); + $r->print(< + + + + + +END + foreach ('firstname','middlename','lastname','generation') { + if (&Apache::lonnet::allowed('mau',$ccdomain)) { + $r->print(<<"END"); + +END + } else { + $r->print(''); + } + } + $r->print(< +
first namemiddle namelast namegeneration
'.$userenv{$_}.'
+END # Build up table of user roles to allow revocation of a role. - unless ($rolesdump eq 'con_lost' || $rolesdump =~ m/^error/i) { + my ($tmp) = keys(%rolesdump); + unless ($tmp =~ /^(con_lost|error)/i) { my $now=time; $r->print('

Revoke Existing Roles

'. ''. ''); - foreach (split(/&/,$rolesdump)) { - if ($_!~/^rolesdef\&/) { - my ($area,$role)=split(/=/,$_); - my $thisrole=$area; - $area=~s/\_\w\w$//; - my ($role_code,$role_end_time,$role_start_time)=split(/_/,$role); - my $bgcol='ffffff'; - my $allows=0; - if ($area=~/^\/(\w+)\/(\d\w+)/) { - my %coursedata=&Apache::lonnet::coursedescription($1.'_'.$2); - my $carea='Course: '.$coursedata{'description'}; - $inccourses{$1.'_'.$2}=1; - if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) { - $allows=1; - } - # Compute the background color based on $area - $bgcol=$1.'_'.$2; - $bgcol=~s/[^8-9b-e]//g; - $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6); - if ($area=~/^\/(\w+)\/(\d\w+)\/(\w+)/) { - $carea.='
Section/Group: '.$3; - } - $area=$carea; - } else { - if ($area=~/^\/(\w+)\//) { - if (&Apache::lonnet::allowed('c'.$role_code,$1)) { - $allows=1; - } + foreach my $area (keys(%rolesdump)) { + if ($area!~/^rolesdef/) { + my $role = $rolesdump{$area}; + my $thisrole=$area; + $area=~s/\_\w\w$//; + my ($role_code,$role_end_time,$role_start_time) = + split(/_/,$role); + my $bgcol='ffffff'; + my $allows=0; + if ($area=~/^\/(\w+)\/(\d\w+)/) { + my %coursedata= + &Apache::lonnet::coursedescription($1.'_'.$2); + my $carea='Course: '.$coursedata{'description'}; + $inccourses{$1.'_'.$2}=1; + if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) { + $allows=1; + } + # Compute the background color based on $area + $bgcol=$1.'_'.$2; + $bgcol=~s/[^8-9b-e]//g; + $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6); + if ($area=~/^\/(\w+)\/(\d\w+)\/(\w+)/) { + $carea.='
Section/Group: '.$3; + } + $area=$carea; } else { - if (&Apache::lonnet::allowed('c'.$role_code,'/')) { - $allows=1; + # Determine if current user is able to revoke privileges + if ($area=~/^\/(\w+)\//) { + if (&Apache::lonnet::allowed('c'.$role_code,$1)) { + $allows=1; + } + } else { + if (&Apache::lonnet::allowed('c'.$role_code,'/')) { + $allows=1; + } } } - } - - $r->print('\n"); } - $r->print('\n"); - } - } + } # end of foreach (table building loop) $r->print('
RevokeRoleExtentStartEnd
'); - my $active=1; - if (($role_end_time) && ($now>$role_end_time)) { $active=0; } - if (!($active) && ($allows)) { - $r->print(''); - } else { - $r->print(' '); + $r->print('
'); + my $active=1; + $active=0 if (($role_end_time) && ($now>$role_end_time)); + if (($active) && ($allows)) { + $r->print(''); + } else { + $r->print(' '); + } + $r->print(''. + &Apache::lonnet::plaintext($role_code). + ''.$area.''. + ($role_start_time ? localtime($role_start_time) + : ' ' ) + .''. + ($role_end_time ? localtime($role_end_time) + : ' ' ) + ."
'.&Apache::lonnet::plaintext($role_code). - ''.$area.''. - ($role_start_time ? localtime($role_start_time) - : ' ' ) - .''. - ($role_end_time ? localtime($role_end_time) - : ' ' ) - ."
'); - } + } # End of unless my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain); if ($currentauth=~/^krb4:/) { $currentauth=~/^krb4:(.*)/; @@ -543,150 +577,269 @@ ENDDROW # ================================================================= Phase Three sub phase_three { my $r=shift; + my $uhome=&Apache::lonnet::homeserver($ENV{'form.ccuname'}, + $ENV{'form.ccdomain'}); + # Error messages + my $error = 'Error:'; + my $end = ''; + # Print header $r->print(< The LearningOnline Network with CAPA - -

Create User, Change User Privileges

+ ENDTHREEHEAD - $r->print('

'.$ENV{'form.cuname'}.' at '.$ENV{'form.cdomain'}.'

'); - if ($ENV{'form.makeuser'}) { - $r->print('

Creating User

'); - if (($ENV{'form.cuname'})&&($ENV{'form.cuname'}!~/\W/)&& - ($ENV{'form.cdomain'})&&($ENV{'form.cdomain'}!~/\W/)) { - my $amode=''; - my $genpwd=''; - if ($ENV{'form.login'} eq 'krb') { - $amode='krb4'; - $genpwd=$ENV{'form.krbdom'}; - } elsif ($ENV{'form.login'} eq 'int') { - $amode='internal'; - $genpwd=$ENV{'form.intpwd'}; - } elsif ($ENV{'form.login'} eq 'fsys') { - $amode='unix'; - $genpwd=$ENV{'form.fsyspwd'}; - } elsif ($ENV{'form.login'} eq 'loc') { - $amode='localauth'; - $genpwd=$ENV{'form.locarg'}; - if (!$genpwd) { $genpwd=" "; } - } - if (($amode) && ($genpwd)) { - $r->print('Generating user: '.&Apache::lonnet::modifyuser( - $ENV{'form.cdomain'},$ENV{'form.cuname'}, - $ENV{'form.cstid'},$amode,$genpwd, - $ENV{'form.cfirst'},$ENV{'form.cmiddle'}, - $ENV{'form.clast'},$ENV{'form.cgen'})); - $r->print('
Home server: '.&Apache::lonnet::homeserver - ($ENV{'form.cuname'},$ENV{'form.cdomain'})); - - } else { - $r->print('Invalid login mode or password'); - } - } else { - $r->print('Invalid username or domain'); + # Check Inputs + if (! $ENV{'form.ccuname'} ) { + $r->print($error.'No login name specified.'.$end); + return; + } + if ( $ENV{'form.ccuname'} =~/\W/) { + $r->print($error.'Invalid login name. '. + 'Only letters, numbers, and underscores are valid.'. + $end); + return; + } + if (! $ENV{'form.ccdomain'} ) { + $r->print($error.'No domain specified.'.$end); + return; + } + if ( $ENV{'form.ccdomain'} =~/\W/) { + $r->print($error.'Invalid domain name. '. + 'Only letters, numbers, and underscores are valid.'. + $end); + return; + } + if (! exists($ENV{'form.makeuser'})) { + # Modifying an existing user, so check the validity of the name + if ($uhome eq 'no_host') { + $r->print($error.'Unable to determine home server for '. + $ENV{'form.ccuname'}.' in domain '. + $ENV{'form.ccdomain'}.'.'); + return; + } } - } - if (!$ENV{'form.makeuser'} and $ENV{'form.login'} ne 'nop') { - $r->print('

Changing User Login Data

'); - if (($ENV{'form.cuname'})&&($ENV{'form.cuname'}!~/\W/)&& - ($ENV{'form.cdomain'})&&($ENV{'form.cdomain'}!~/\W/)) { - my $amode=''; - my $genpwd=''; - if ($ENV{'form.login'} eq 'krb') { - $amode='krb4'; - $genpwd=$ENV{'form.krbdom'}; - } elsif ($ENV{'form.login'} eq 'int') { - $amode='internal'; - $genpwd=$ENV{'form.intpwd'}; - } elsif ($ENV{'form.login'} eq 'fsys') { - $amode='unix'; - $genpwd=$ENV{'form.fsyspwd'}; - } elsif ($ENV{'form.login'} eq 'loc') { - $amode='localauth'; - $genpwd=$ENV{'form.locarg'}; - if (!$genpwd) { $genpwd=" "; } + # Determine authentication method and password for the user being modified + my $amode=''; + my $genpwd=''; + if ($ENV{'form.login'} eq 'krb') { + $amode='krb4'; + $genpwd=$ENV{'form.krbdom'}; + } elsif ($ENV{'form.login'} eq 'int') { + $amode='internal'; + $genpwd=$ENV{'form.intpwd'}; + } elsif ($ENV{'form.login'} eq 'fsys') { + $amode='unix'; + $genpwd=$ENV{'form.fsyspwd'}; + } elsif ($ENV{'form.login'} eq 'loc') { + $amode='localauth'; + $genpwd=$ENV{'form.locarg'}; + $genpwd=" " if (!$genpwd); + } + if ($ENV{'form.makeuser'}) { + # Create a new user + $r->print(<Create User +

Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"

+ENDNEWUSERHEAD + # Check for the authentication mode and password + if (! $amode || ! $genpwd) { + $r->print($error.'Invalid login mode or password'.$end); + return; } - if (($amode) && ($genpwd)) { + # Determine desired host + my $desiredhost = $ENV{'form.hserver'}; + if (lc($desiredhost) eq 'default') { + $desiredhost = undef; + } else { + my %home_servers = &get_home_servers($ENV{'form.ccdomain'}); + if (! exists($home_servers{$desiredhost})) { + $r->print($error.'Invalid home server specified'); + return; + } + } + # Call modifyuser + my $result = &Apache::lonnet::modifyuser + ($ENV{'form.ccdomain'},$ENV{'form.ccuname'},$ENV{'form.cstid'}, + $amode,$genpwd,$ENV{'form.cfirst'}, + $ENV{'form.cmiddle'},$ENV{'form.clast'},$ENV{'form.cgen'}, + undef,$desiredhost + ); + $r->print('Generating user: '.$result); + my $home = &Apache::lonnet::homeserver($ENV{'form.ccuname'}, + $ENV{'form.ccdomain'}); + $r->print('
Home server: '.$home.' '. + $Apache::lonnet::libserv{$home}); + } elsif ($ENV{'form.login'} ne '') { + # Modify user privileges + $r->print(<Change User Privileges +

User "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"

+ENDMODIFYUSERHEAD + if (! $amode || ! $genpwd) { + $r->print($error.'Invalid login mode or password'.$end); + return; + } + # Only allow authentification modification if the person has authority + if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) { $r->print('Modifying authentication: '. - &Apache::lonnet::modifyuserauth( - $ENV{'form.cdomain'},$ENV{'form.cuname'}, + &Apache::lonnet::modifyuserauth( + $ENV{'form.ccdomain'},$ENV{'form.ccuname'}, $amode,$genpwd)); $r->print('
Home server: '.&Apache::lonnet::homeserver - ($ENV{'form.cuname'},$ENV{'form.cdomain'})); - + ($ENV{'form.ccuname'},$ENV{'form.ccdomain'})); } else { - $r->print('Invalid login mode or password'); - } - } else { - $r->print('Invalid username or domain'); + # Okay, this is a non-fatal error. + $r->print($error.'You do not have the authority to modify '. + 'this users authentification information.'); + } } - } + ## + if (! $ENV{'form.makeuser'} ) { + # Check for need to change + my %userenv = &Apache::lonnet::get + ('environment',['firstname','middlename','lastname','generation'], + $ENV{'form.ccdomain'},$ENV{'form.ccuname'}); + my ($tmp) = keys(%userenv); + if ($tmp =~ /^(con_lost|error)/i) { + %userenv = (); + } + # Check to see if we need to change user information + foreach ('firstname','middlename','lastname','generation') { + # Strip leading and trailing whitespace + $ENV{'form.c'.$_} =~ s/(\s+$|^\s+)//g; + } + if (&Apache::lonnet::allowed('mau',$ENV{'form.ccdomain'}) && + ($ENV{'form.cfirstname'} ne $userenv{'firstname'} || + $ENV{'form.cmiddlename'} ne $userenv{'middlename'} || + $ENV{'form.clastname'} ne $userenv{'lastname'} || + $ENV{'form.cgeneration'} ne $userenv{'generation'} )) { + # Make the change + my %changeHash; + $changeHash{'firstname'} = $ENV{'form.cfirstname'}; + $changeHash{'middlename'} = $ENV{'form.cmiddlename'}; + $changeHash{'lastname'} = $ENV{'form.clastname'}; + $changeHash{'generation'} = $ENV{'form.cgeneration'}; + my $putresult = &Apache::lonnet::put + ('environment',\%changeHash, + $ENV{'form.ccdomain'},$ENV{'form.ccuname'}); + if ($putresult eq 'ok') { + # Tell the user we changed the name + $r->print(<<"END"); + + + + + + + + + + + + + + + + + +
User Information Changed
 firstmiddlelastgeneration
Previous$userenv{'firstname'} $userenv{'middlename'} $userenv{'lastname'} $userenv{'generation'}
Changed To$ENV{'form.cfirstname'} $ENV{'form.cmiddlename'} $ENV{'form.clastname'} $ENV{'form.cgeneration'}
+END + } else { # error occurred + $r->print("

Unable to successfully change environment for ". + $ENV{'form.ccuname'}." in domain ". + $ENV{'form.ccdomain'}."

"); + } + } else { # End of if ($ENV ... ) logic + # They did not want to change the users name but we can + # still tell them what the name is + $r->print(<<"END"); +

User "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"

+

$userenv{'firstname'} $userenv{'middlename'} $userenv{'lastname'}

+

Generation: $userenv{'generation'}

+END + } + } + ## my $now=time; $r->print('

Modifying Roles

'); foreach (keys (%ENV)) { - if (($_=~/^form\.rev\:([^\_]+)\_([^\_]+)$/) && ($ENV{$_})) { - $r->print('Revoking '.$2.' in '.$1.': '. - &Apache::lonnet::assignrole($ENV{'form.cdomain'},$ENV{'form.cuname'}, - $1,$2,$now).'
'); - if ($2 eq 'st') { - $1=~/^\/(\w+)\/(\w+)/; - my $cid=$1.'_'.$2; - $r->print('Drop from classlist: '. - &Apache::lonnet::critical('put:'.$ENV{'course.'.$cid.'.domain'}.':'. - $ENV{'course.'.$cid.'.num'}.':classlist:'. - &Apache::lonnet::escape($ENV{'form.cuname'}.':'. - $ENV{'form.cdomain'}).'='. - &Apache::lonnet::escape($now.':'), - $ENV{'course.'.$cid.'.home'}).'
'); - } - } - } - foreach (keys(%ENV)) { - if (($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_([^\_]+)$/) && ($ENV{$_})) { - my $url='/'.$1.'/'.$2; - if ($ENV{'form.sec_'.$1.'_'.$2.'_'.$3}) { - $url.='/'.$ENV{'form.sec_'.$1.'_'.$2.'_'.$3}; - } - my $start=$now; - if ($ENV{'form.start_'.$1.'_'.$2.'_'.$3}) { - $start=$ENV{'form.start_'.$1.'_'.$2.'_'.$3}; - } - my $end=0; - if ($ENV{'form.end_'.$1.'_'.$2.'_'.$3}) { - $end=$ENV{'form.end_'.$1.'_'.$2.'_'.$3}; - } - $r->print('Assigning: '.$3.' in '.$url.': '. - &Apache::lonnet::assignrole($ENV{'form.cdomain'},$ENV{'form.cuname'}, - $url,$3,$end,$start).'
'); - if ($3 eq 'st') { - $url=~/^\/(\w+)\/(\w+)/; - my $cid=$1.'_'.$2; - $r->print('Add to classlist: '. - &Apache::lonnet::critical('put:'.$ENV{'course.'.$cid.'.domain'}.':'. - $ENV{'course.'.$cid.'.num'}.':classlist:'. - &Apache::lonnet::escape($ENV{'form.cuname'}.':'. - $ENV{'form.cdomain'}).'='. - &Apache::lonnet::escape($end.':'.$start), - $ENV{'course.'.$cid.'.home'}).'
'); + next if (! $ENV{$_}); + # Revoke roles + if ($_=~/^form\.rev/) { + if ($_=~/^form\.rev\:([^\_]+)\_([^\_]+)$/) { + $r->print('Revoking '.$2.' in '.$1.': '. + &Apache::lonnet::assignrole($ENV{'form.ccdomain'}, + $ENV{'form.ccuname'},$1,$2,$now).'
'); + if ($2 eq 'st') { + $1=~/^\/(\w+)\/(\w+)/; + my $cid=$1.'_'.$2; + $r->print('Drop from classlist: '. + &Apache::lonnet::critical('put:'. + $ENV{'course.'.$cid.'.domain'}.':'. + $ENV{'course.'.$cid.'.num'}.':classlist:'. + &Apache::lonnet::escape($ENV{'form.ccuname'}.':'. + $ENV{'form.ccdomain'}).'='. + &Apache::lonnet::escape($now.':'), + $ENV{'course.'.$cid.'.home'}).'
'); + } + } + } elsif ($_=~/^form\.act/) { + if ($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_([^\_]+)$/) { + # Activate roles for sections with 3 id numbers + # set start, end times, and the url for the class + my $start = ( $ENV{'form.start_'.$1.'_'.$2} ? + $ENV{'form.start_'.$1.'_'.$2} : + $now ); + my $end = ( $ENV{'form.end_'.$1.'_'.$2} ? + $ENV{'form.end_'.$1.'_'.$2} : + 0 ); + my $url='/'.$1.'/'.$2; + if ($ENV{'form.sec_'.$1.'_'.$2.'_'.$3}) { + $url.='/'.$ENV{'form.sec_'.$1.'_'.$2.'_'.$3}; + } + # Assign the role and report it + $r->print('Assigning: '.$3.' in '.$url.': '. + &Apache::lonnet::assignrole( + $ENV{'form.ccdomain'},$ENV{'form.ccuname'}, + $url,$3,$end,$start). + '
'); + # Handle students differently + if ($3 eq 'st') { + $url=~/^\/(\w+)\/(\w+)/; + my $cid=$1.'_'.$2; + $r->print('Add to classlist: '. + &Apache::lonnet::critical( + 'put:'.$ENV{'course.'.$cid.'.domain'}.':'. + $ENV{'course.'.$cid.'.num'}.':classlist:'. + &Apache::lonnet::escape( + $ENV{'form.ccuname'}.':'. + $ENV{'form.ccdomain'} ).'='. + &Apache::lonnet::escape($end.':'.$start), + $ENV{'course.'.$cid.'.home'}) + .'
'); + } + } elsif ($_=~/^form\.act\_([^\_]+)\_([^\_]+)$/) { + # Activate roles for sections with two id numbers + # set start, end times, and the url for the class + my $start = ( $ENV{'form.start_'.$1.'_'.$2} ? + $ENV{'form.start_'.$1.'_'.$2} : + $now ); + my $end = ( $ENV{'form.end_'.$1.'_'.$2} ? + $ENV{'form.end_'.$1.'_'.$2} : + 0 ); + my $url='/'.$1.'/'; + # Assign the role and report it. + $r->print('Assigning: '.$2.' in '.$url.': '. + &Apache::lonnet::assignrole( + $ENV{'form.ccdomain'},$ENV{'form.ccuname'}, + $url,$2,$end,$start) + .'
'); } - } elsif (($_=~/^form\.act\_([^\_]+)\_([^\_]+)$/) && ($ENV{$_})) { - my $url='/'.$1.'/'; - my $start=$now; - if ($ENV{'form.start_'.$1.'_'.$2}) { - $start=$ENV{'form.start_'.$1.'_'.$2}; - } - my $end=0; - if ($ENV{'form.end_'.$1.'_'.$2}) { - $end=$ENV{'form.end_'.$1.'_'.$2}; - } - $r->print('Assigning: '.$2.' in '.$url.': '. - &Apache::lonnet::assignrole($ENV{'form.cdomain'},$ENV{'form.cuname'}, - $url,$2,$end,$start).'
'); - } - } + } + } # End of foreach (keys(%ENV)) $r->print(''); } @@ -724,7 +877,7 @@ sub handler { return OK; } - +#-------------------------------------------------- functions for &phase_two sub course_level_table { my %inccourses = @_; my $table = ''; @@ -778,6 +931,21 @@ $table ENDTABLE return $result; } +#---------------------------------------------- end functions for &phase_two + +#--------------------------------- functions for &phase_two and &phase_three +sub get_home_servers { + my $domain = shift; + my %home_servers; + foreach (keys(%Apache::lonnet::libserv)) { + if ($Apache::lonnet::hostdom{$_} eq $domain) { + $home_servers{$_} = $Apache::lonnet::hostname{$_}; + } + } + return %home_servers; +} + +#--------------------------end of functions for &phase_two and &phase_three 1; __END__