loncom/interface/loncreateuser.pm - diff

Return to loncreateuser.pm CVS log

Up to [LON-CAPA] / loncom / interface

Diff for /loncom/interface/loncreateuser.pm between versions 1.34 and 1.48

version 1.34, 2002/04/29 14:32:11	version 1.48, 2003/02/13 21:35:50
Line 44	Line 44
# 2/14,2/17,2/19,2/20,2/21,2/22,2/23,3/2,3/17,3/24,04/12 Gerd Kortemeyer	# 2/14,2/17,2/19,2/20,2/21,2/22,2/23,3/2,3/17,3/24,04/12 Gerd Kortemeyer
# April Guy Albertelli	# April Guy Albertelli
# 05/10,10/16 Gerd Kortemeyer	# 05/10,10/16 Gerd Kortemeyer
# 11/12,11/13,11/15 Scott Harrison
# 02/11/02 Matthew Hall	# 02/11/02 Matthew Hall
#	#
# $Id$	# $Id$
Line 71 BEGIN {	Line 70 BEGIN {
my %param = ( formname => 'document.cu',	my %param = ( formname => 'document.cu',
kerb_def_dom => $krbdefdom	kerb_def_dom => $krbdefdom
);	);
$loginscript = &Apache::loncommon::authform_header(%param);	# no longer static due to configurable kerberos defaults
	# $loginscript = &Apache::loncommon::authform_header(%param);
$generalrule = &Apache::loncommon::authform_authorwarning(%param);	$generalrule = &Apache::loncommon::authform_authorwarning(%param);
$authformnop = &Apache::loncommon::authform_nochange(%param);	$authformnop = &Apache::loncommon::authform_nochange(%param);
$authformkrb = &Apache::loncommon::authform_kerberos(%param);	# no longer static due to configurable kerberos defaults
	# $authformkrb = &Apache::loncommon::authform_kerberos(%param);
$authformint = &Apache::loncommon::authform_internal(%param);	$authformint = &Apache::loncommon::authform_internal(%param);
$authformfsys = &Apache::loncommon::authform_filesystem(%param);	$authformfsys = &Apache::loncommon::authform_filesystem(%param);
$authformloc = &Apache::loncommon::authform_local(%param);	$authformloc = &Apache::loncommon::authform_local(%param);
}	}



	# ==================================================== Figure out author access

	sub authorpriv {
	my ($auname,$audom)=@_;
	if (($auname ne $ENV{'user.name'}) \|\|
	(($audom ne $ENV{'user.domain'}) &&
	($audom ne $ENV{'request.role.domain'}))) { return ''; }
	unless (&Apache::lonnet::allowed('cca',$audom)) { return ''; }
	return 1;
	}

# =================================================================== Phase one	# =================================================================== Phase one

sub phase_one {	sub print_username_entry_form {
my $r=shift;	my $r=shift;
my $defdom=$ENV{'user.domain'};	my $defdom=$ENV{'request.role.domain'};
my @domains = &Apache::loncommon::get_domains();	my @domains = &Apache::loncommon::get_domains();
my $domform = &Apache::loncommon::select_dom_form($defdom,'ccdomain');	my $domform = &Apache::loncommon::select_dom_form($defdom,'ccdomain');
	my $bodytag =&Apache::loncommon::bodytag(
	'Create Users, Change User Privileges');
	my $selscript=&Apache::loncommon::studentbrowser_javascript();
	my $sellink=&Apache::loncommon::selectstudent_link
	('crtuser','ccuname','ccdomain');
$r->print(<<"ENDDOCUMENT");	$r->print(<<"ENDDOCUMENT");
<html>	<html>
<head>	<head>
<title>The LearningOnline Network with CAPA</title>	<title>The LearningOnline Network with CAPA</title>
	$selscript
</head>	</head>
<body bgcolor="#FFFFFF">	$bodytag
<h1>Create User, Change User Privileges</h1>	<form action="/adm/createuser" method="post" name="crtuser">
<form action=/adm/createuser method=post>	<input type="hidden" name="phase" value="get_user_info">
<input type=hidden name=phase value=two>
<p>	<p>
Username: <input type=text size=15 name=ccuname><br>	<table>
Domain: $domform	<tr><td>Username:</td><td><input type="text" size="15" name="ccuname">
	</td><td rowspan="2">$sellink</td></tr><tr><td>
	Domain:</td><td>$domform</td></tr>
	</table>
</p>	</p>
<input type=submit value="Continue">	<input type="submit" value="Continue">
</form>	</form>
</body>	</body>
</html>	</html>
Line 108 ENDDOCUMENT	Line 130 ENDDOCUMENT
}	}

# =================================================================== Phase two	# =================================================================== Phase two
sub phase_two {	sub print_user_modification_page {
my $r=shift;	my $r=shift;
my $ccuname=$ENV{'form.ccuname'};	my $ccuname=$ENV{'form.ccuname'};
my $ccdomain=$ENV{'form.ccdomain'};	my $ccdomain=$ENV{'form.ccdomain'};

$ENV{'SERVER_NAME'}=~/(\w+\.\w+)$/;	my $defdom=$ENV{'request.role.domain'};
my $krbdefdom=$1;
$krbdefdom=~tr/a-z/A-Z/;	my ($krbdef,$krbdefdom) =
	&Apache::loncommon::get_kerberos_defaults($defdom);

my %param = ( formname => 'document.cu',	my %param = ( formname => 'document.cu',
kerb_def_dom => $krbdefdom	kerb_def_dom => $krbdefdom,
	kerb_def_auth => $krbdef
);	);
$loginscript = &Apache::loncommon::authform_header(%param);	$loginscript = &Apache::loncommon::authform_header(%param);
	$authformkrb = &Apache::loncommon::authform_kerberos(%param);
my $defdom=$ENV{'user.domain'};

$ccuname=~s/\W//g;	$ccuname=~s/\W//g;
$ccdomain=~s/\W//g;	$ccdomain=~s/\W//g;
Line 154 sub phase_two {	Line 178 sub phase_two {

</script>	</script>
</head>	</head>
<body bgcolor="#FFFFFF">
<img align="right" src="/adm/lonIcons/lonlogos.gif">
ENDDOCHEAD	ENDDOCHEAD
	$r->print(&Apache::loncommon::bodytag(
	'Create Users, Change User Privileges'));
my $forminfo =<<"ENDFORMINFO";	my $forminfo =<<"ENDFORMINFO";
<form action="/adm/createuser" method="post" name="cu">	<form action="/adm/createuser" method="post" name="cu">
<input type="hidden" name="phase" value="three">	<input type="hidden" name="phase" value="update_user_data">
<input type="hidden" name="ccuname" value="$ccuname">	<input type="hidden" name="ccuname" value="$ccuname">
<input type="hidden" name="ccdomain" value="$ccdomain">	<input type="hidden" name="ccdomain" value="$ccdomain">
<input type="hidden" name="pres_value" value="" >	<input type="hidden" name="pres_value" value="" >
Line 250 END	Line 274 END
my ($tmp) = keys(%rolesdump);	my ($tmp) = keys(%rolesdump);
unless ($tmp =~ /^(con_lost\|error)/i) {	unless ($tmp =~ /^(con_lost\|error)/i) {
my $now=time;	my $now=time;
$r->print('<hr /><h3>Revoke Existing Roles</h3>'.	$r->print(<<END);
'<table border=2><tr><th>Revoke</th><th>Role</th><th>Extent</th>'.	<hr />
'<th>Start</th><th>End</th>');	<h3>Revoke Existing Roles</h3>
	<table border=2>
	<tr><th>Revoke</th><th>Role</th><th>Extent</th><th>Start</th><th>End</th>
	END
foreach my $area (keys(%rolesdump)) {	foreach my $area (keys(%rolesdump)) {
if ($area!~/^rolesdef/) {	next if ($area =~ /^rolesdef/);
my $role = $rolesdump{$area};	my $role = $rolesdump{$area};
my $thisrole=$area;	my $thisrole=$area;
$area=~s/\_\w\w$//;	$area =~ s/\_\w\w$//;
my ($role_code,$role_end_time,$role_start_time) =	my ($role_code,$role_end_time,$role_start_time) =
split(/_/,$role);	split(/_/,$role);
my $bgcol='ffffff';	my $bgcol='ffffff';
my $allows=0;	my $allowed=0;
if ($area=~/^\/(\w+)\/(\d\w+)/) {	if ($area =~ /^\/(\w+)\/(\d\w+)/ ) {
my %coursedata=	my %coursedata=
&Apache::lonnet::coursedescription($1.'_'.$2);	&Apache::lonnet::coursedescription($1.'_'.$2);
my $carea='Course: '.$coursedata{'description'};	my $carea='Course: '.$coursedata{'description'};
$inccourses{$1.'_'.$2}=1;	$inccourses{$1.'_'.$2}=1;
if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) {	if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) {
$allows=1;	$allowed=1;
}	}
# Compute the background color based on $area	# Compute the background color based on $area
$bgcol=$1.'_'.$2;	$bgcol=$1.'_'.$2;
$bgcol=~s/[^8-9b-e]//g;	$bgcol=~s/[^8-9b-e]//g;
$bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6);	$bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6);
if ($area=~/^\/(\w+)\/(\d\w+)\/(\w+)/) {	if ($area=~/^\/(\w+)\/(\d\w+)\/(\w+)/) {
$carea.='<br>Section/Group: '.$3;	$carea.='<br>Section/Group: '.$3;
}	}
$area=$carea;	$area=$carea;
} else {	} else {
# Determine if current user is able to revoke privileges	# Determine if current user is able to revoke privileges
if ($area=~/^\/(\w+)\//) {	if ($area=~ /^\/(\w+)\//) {
if (&Apache::lonnet::allowed('c'.$role_code,$1)) {	if (&Apache::lonnet::allowed('c'.$role_code,$1)) {
$allows=1;	$allowed=1;
}	}
} else {	} else {
if (&Apache::lonnet::allowed('c'.$role_code,'/')) {	if (&Apache::lonnet::allowed('c'.$role_code,'/')) {
$allows=1;	$allowed=1;
}	}
}	}
}	}
$r->print('<tr bgcolor=#"'.$bgcol.'"><td>');	if ($role_code eq 'ca') {
my $active=1;	$area=~/\/(\w+)\/(\w+)/;
$active=0 if (($role_end_time) && ($now>$role_end_time));	if (&authorpriv($2,$1)) {
if (($active) && ($allows)) {	$allowed=1;
$r->print('<input type="checkbox" name="rev:'	} else {
.$thisrole.'">');	$allowed=0;
} else {	}
$r->print(' ');	}
}	my $row = '';
$r->print('</td><td>'.	$row.='<tr bgcolor=#"'.$bgcol.'"><td>';
&Apache::lonnet::plaintext($role_code).	my $active=1;
'</td><td>'.$area.'</td><td>'.	$active=0 if (($role_end_time) && ($now>$role_end_time));
($role_start_time ? localtime($role_start_time)	if (($active) && ($allowed)) {
: ' ' )	$row.= '<input type="checkbox" name="rev:'.$thisrole.'">';
.'</td><td>'.	} else {
($role_end_time ? localtime($role_end_time)	$row.=' ';
: ' ' )	}
."</td></tr>\n");	$row.= '</td><td>'.&Apache::lonnet::plaintext($role_code).
}	'</td><td>'.$area.
	'</td><td>'.($role_start_time?localtime($role_start_time)
	: ' ' ).
	'</td><td>'.($role_end_time ?localtime($role_end_time)
	: ' ' )
	."</td></tr>\n";
	$r->print($row);
} # end of foreach (table building loop)	} # end of foreach (table building loop)
$r->print('</table>');	$r->print('</table>');
} # End of unless	} # End of unless
my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain);	my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain);
if ($currentauth=~/^krb4:/) {	if ($currentauth=~/^krb(4\|5):/) {
$currentauth=~/^krb4:(.*)/;	$currentauth=~/^krb(4\|5):(.*)/;
my $krbdefdom2=$1;	my $krbdefdom=$1;
my %param = ( formname => 'document.cu',	my %param = ( formname => 'document.cu',
kerb_def_dom => $krbdefdom	kerb_def_dom => $krbdefdom
);	);
$loginscript = &Apache::loncommon::authform_header(%param);	$loginscript = &Apache::loncommon::authform_header(%param);
}	}
# Check for a bad authentication type	# Check for a bad authentication type
unless ($currentauth=~/^krb4:/ or	unless ($currentauth=~/^krb(4\|5):/ or
$currentauth=~/^unix:/ or	$currentauth=~/^unix:/ or
$currentauth=~/^internal:/ or	$currentauth=~/^internal:/ or
$currentauth=~/^localauth:/	$currentauth=~/^localauth:/
) { # bad authentication scheme	) { # bad authentication scheme
if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) {	if (&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'})) {
$r->print(<<ENDBADAUTH);	$r->print(<<ENDBADAUTH);
<hr />	<hr />
<script type="text/javascript" language="Javascript">	<script type="text/javascript" language="Javascript">
Line 360 ENDBADAUTH	Line 393 ENDBADAUTH
} else { # Authentication type is valid	} else { # Authentication type is valid
my $authformcurrent='';	my $authformcurrent='';
my $authform_other='';	my $authform_other='';
if ($currentauth=~/^krb4:/) {	if ($currentauth=~/^krb(4\|5):/) {
$authformcurrent=$authformkrb;	$authformcurrent=$authformkrb;
$authform_other="<p>$authformint</p>\n".	$authform_other="<p>$authformint</p>\n".
"<p>$authformfsys</p><p>$authformloc</p>";	"<p>$authformfsys</p><p>$authformloc</p>";
Line 390 ENDBADAUTH	Line 423 ENDBADAUTH
<td bgcolor='#cbbcbb'>Changing this value will overwrite existing authentication for the user; you should notify the user of this change.</td></tr>	<td bgcolor='#cbbcbb'>Changing this value will overwrite existing authentication for the user; you should notify the user of this change.</td></tr>
</table>	</table>
ENDCURRENTAUTH	ENDCURRENTAUTH
if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) {	if (&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'})) {
# Current user has login modification privileges	# Current user has login modification privileges
$r->print(<<ENDOTHERAUTHS);	$r->print(<<ENDOTHERAUTHS);
<hr />	<hr />
Line 411 ENDOTHERAUTHS	Line 444 ENDOTHERAUTHS
#	#
# Co-Author	# Co-Author
#	#
	if (&authorpriv($ENV{'user.name'},$ENV{'request.role.domain'}) &&
if (&Apache::lonnet::allowed('cca',$ENV{'user.domain'})) {	($ENV{'user.name'} ne $ccuname \|\| $ENV{'user.domain'} ne $ccdomain)) {
	# No sense in assigning co-author role to yourself
my $cuname=$ENV{'user.name'};	my $cuname=$ENV{'user.name'};
my $cudom=$ENV{'user.domain'};	my $cudom=$ENV{'request.role.domain'};
$r->print(<<ENDCOAUTH);	$r->print(<<ENDCOAUTH);
<h4>Construction Space</h4>	<h4>Construction Space</h4>
<table border=2><tr><th>Activate</th><th>Role</th><th>Extent</th>	<table border=2><tr><th>Activate</th><th>Role</th><th>Extent</th>
Line 470 ENDDROW	Line 504 ENDDROW
}	}

# ================================================================= Phase Three	# ================================================================= Phase Three
sub phase_three {	sub update_user_data {
my $r=shift;	my $r=shift;
my $uhome=&Apache::lonnet::homeserver($ENV{'form.ccuname'},	my $uhome=&Apache::lonnet::homeserver($ENV{'form.ccuname'},
$ENV{'form.ccdomain'});	$ENV{'form.ccdomain'});
Line 483 sub phase_three {	Line 517 sub phase_three {
<head>	<head>
<title>The LearningOnline Network with CAPA</title>	<title>The LearningOnline Network with CAPA</title>
</head>	</head>
<body bgcolor="#FFFFFF">
<img align="right" src="/adm/lonIcons/lonlogos.gif">
ENDTHREEHEAD	ENDTHREEHEAD
	my $title;
	if (exists($ENV{'form.makeuser'})) {
	$title='Set Privileges for New User';
	} else {
	$title='Modify User Privileges';
	}
	$r->print(&Apache::loncommon::bodytag($title));
# Check Inputs	# Check Inputs
if (! $ENV{'form.ccuname'} ) {	if (! $ENV{'form.ccuname'} ) {
$r->print($error.'No login name specified.'.$end);	$r->print($error.'No login name specified.'.$end);
Line 520 ENDTHREEHEAD	Line 559 ENDTHREEHEAD
my $amode='';	my $amode='';
my $genpwd='';	my $genpwd='';
if ($ENV{'form.login'} eq 'krb') {	if ($ENV{'form.login'} eq 'krb') {
$amode='krb4';	$amode='krb';
	$amode.=$ENV{'form.krbver'};
$genpwd=$ENV{'form.krbarg'};	$genpwd=$ENV{'form.krbarg'};
} elsif ($ENV{'form.login'} eq 'int') {	} elsif ($ENV{'form.login'} eq 'int') {
$amode='internal';	$amode='internal';
Line 532 ENDTHREEHEAD	Line 572 ENDTHREEHEAD
$amode='localauth';	$amode='localauth';
$genpwd=$ENV{'form.locarg'};	$genpwd=$ENV{'form.locarg'};
$genpwd=" " if (!$genpwd);	$genpwd=" " if (!$genpwd);
} elsif (($ENV{'form.login'} eq 'nochange')) {	} elsif (($ENV{'form.login'} eq 'nochange') \|\|
	($ENV{'form.login'} eq '' )) {
# There is no need to tell the user we did not change what they	# There is no need to tell the user we did not change what they
# did not ask us to change.	# did not ask us to change.
	# If they are creating a new user but have not specified login
	# information this will be caught below.
} else {	} else {
$r->print($error.'Invalid login mode or password'.$end);	$r->print($error.'Invalid login mode or password'.$end);
return;	return;
Line 542 ENDTHREEHEAD	Line 585 ENDTHREEHEAD
if ($ENV{'form.makeuser'}) {	if ($ENV{'form.makeuser'}) {
# Create a new user	# Create a new user
$r->print(<<ENDNEWUSERHEAD);	$r->print(<<ENDNEWUSERHEAD);
<h1>Create User</h1>
<h3>Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h2>	<h3>Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h2>
ENDNEWUSERHEAD	ENDNEWUSERHEAD
# Check for the authentication mode and password	# Check for the authentication mode and password
Line 555 ENDNEWUSERHEAD	Line 597 ENDNEWUSERHEAD
if (lc($desiredhost) eq 'default') {	if (lc($desiredhost) eq 'default') {
$desiredhost = undef;	$desiredhost = undef;
} else {	} else {
my %home_servers = &Apache::loncommon::get_home_servers	my %home_servers = &Apache::loncommon::get_library_servers
($ENV{'form.ccdomain'});	($ENV{'form.ccdomain'});
if (! exists($home_servers{$desiredhost})) {	if (! exists($home_servers{$desiredhost})) {
$r->print($error.'Invalid home server specified');	$r->print($error.'Invalid home server specified');
Line 574 ENDNEWUSERHEAD	Line 616 ENDNEWUSERHEAD
$ENV{'form.ccdomain'});	$ENV{'form.ccdomain'});
$r->print('<br>Home server: '.$home.' '.	$r->print('<br>Home server: '.$home.' '.
$Apache::lonnet::libserv{$home});	$Apache::lonnet::libserv{$home});
} elsif ($ENV{'form.login'} ne 'nochange') {	} elsif (($ENV{'form.login'} ne 'nochange') &&
	($ENV{'form.login'} ne '' )) {
# Modify user privileges	# Modify user privileges
$r->print(<<ENDMODIFYUSERHEAD);	$r->print(<<ENDMODIFYUSERHEAD);
<h1>Change User Privileges</h1>
<h2>User "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h2>	<h2>User "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"</h2>
ENDMODIFYUSERHEAD	ENDMODIFYUSERHEAD
if (! $amode \|\| ! $genpwd) {	if (! $amode \|\| ! $genpwd) {
Line 585 ENDMODIFYUSERHEAD	Line 627 ENDMODIFYUSERHEAD
return;	return;
}	}
# Only allow authentification modification if the person has authority	# Only allow authentification modification if the person has authority
if (&Apache::lonnet::allowed('mau',$ENV{'user.domain'})) {	if (&Apache::lonnet::allowed('mau',$ENV{'form.ccdomain'})) {
$r->print('Modifying authentication: '.	$r->print('Modifying authentication: '.
&Apache::lonnet::modifyuserauth(	&Apache::lonnet::modifyuserauth(
$ENV{'form.ccdomain'},$ENV{'form.ccuname'},	$ENV{'form.ccdomain'},$ENV{'form.ccuname'},
Line 759 sub handler {	Line 801 sub handler {
(&Apache::lonnet::allowed('cin',$ENV{'request.course.id'})) \|\|	(&Apache::lonnet::allowed('cin',$ENV{'request.course.id'})) \|\|
(&Apache::lonnet::allowed('ccr',$ENV{'request.course.id'})) \|\|	(&Apache::lonnet::allowed('ccr',$ENV{'request.course.id'})) \|\|
(&Apache::lonnet::allowed('cep',$ENV{'request.course.id'})) \|\|	(&Apache::lonnet::allowed('cep',$ENV{'request.course.id'})) \|\|
(&Apache::lonnet::allowed('cca',$ENV{'user.domain'})) \|\|	(&Apache::lonnet::allowed('cca',$ENV{'request.role.domain'})) \|\|
(&Apache::lonnet::allowed('mau',$ENV{'user.domain'}))) {	(&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'}))) {
$r->content_type('text/html');	$r->content_type('text/html');
$r->send_http_header;	$r->send_http_header;
unless ($ENV{'form.phase'}) {	unless ($ENV{'form.phase'}) {
&phase_one($r);	&print_username_entry_form($r);
}	}
if ($ENV{'form.phase'} eq 'two') {	if ($ENV{'form.phase'} eq 'get_user_info') {
&phase_two($r);	&print_user_modification_page($r);
} elsif ($ENV{'form.phase'} eq 'three') {	} elsif ($ENV{'form.phase'} eq 'update_user_data') {
&phase_three($r);	&update_user_data($r);
}	}
} else {	} else {
$ENV{'user.error.msg'}=	$ENV{'user.error.msg'}=

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.34
changed lines
	Added in v.1.48