--- loncom/interface/loncreateuser.pm 2002/08/23 19:43:11 1.42
+++ loncom/interface/loncreateuser.pm 2003/04/30 15:49:45 1.52
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Create a user
#
-# $Id: loncreateuser.pm,v 1.42 2002/08/23 19:43:11 matthew Exp $
+# $Id: loncreateuser.pm,v 1.52 2003/04/30 15:49:45 matthew Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -44,10 +44,9 @@
# 2/14,2/17,2/19,2/20,2/21,2/22,2/23,3/2,3/17,3/24,04/12 Gerd Kortemeyer
# April Guy Albertelli
# 05/10,10/16 Gerd Kortemeyer
-# 11/12,11/13,11/15 Scott Harrison
# 02/11/02 Matthew Hall
#
-# $Id: loncreateuser.pm,v 1.42 2002/08/23 19:43:11 matthew Exp $
+# $Id: loncreateuser.pm,v 1.52 2003/04/30 15:49:45 matthew Exp $
###
package Apache::loncreateuser;
@@ -71,15 +70,30 @@ BEGIN {
my %param = ( formname => 'document.cu',
kerb_def_dom => $krbdefdom
);
- $loginscript = &Apache::loncommon::authform_header(%param);
+# no longer static due to configurable kerberos defaults
+# $loginscript = &Apache::loncommon::authform_header(%param);
$generalrule = &Apache::loncommon::authform_authorwarning(%param);
$authformnop = &Apache::loncommon::authform_nochange(%param);
- $authformkrb = &Apache::loncommon::authform_kerberos(%param);
+# no longer static due to configurable kerberos defaults
+# $authformkrb = &Apache::loncommon::authform_kerberos(%param);
$authformint = &Apache::loncommon::authform_internal(%param);
$authformfsys = &Apache::loncommon::authform_filesystem(%param);
$authformloc = &Apache::loncommon::authform_local(%param);
}
+
+
+# ==================================================== Figure out author access
+
+sub authorpriv {
+ my ($auname,$audom)=@_;
+ if (($auname ne $ENV{'user.name'}) ||
+ (($audom ne $ENV{'user.domain'}) &&
+ ($audom ne $ENV{'request.role.domain'}))) { return ''; }
+ unless (&Apache::lonnet::allowed('cca',$audom)) { return ''; }
+ return 1;
+}
+
# =================================================================== Phase one
sub print_username_entry_form {
@@ -89,17 +103,24 @@ sub print_username_entry_form {
my $domform = &Apache::loncommon::select_dom_form($defdom,'ccdomain');
my $bodytag =&Apache::loncommon::bodytag(
'Create Users, Change User Privileges');
+ my $selscript=&Apache::loncommon::studentbrowser_javascript();
+ my $sellink=&Apache::loncommon::selectstudent_link
+ ('crtuser','ccuname','ccdomain');
$r->print(<<"ENDDOCUMENT");
The LearningOnline Network with CAPA
+$selscript
$bodytag
-
@@ -114,18 +135,21 @@ sub print_user_modification_page {
my $ccuname=$ENV{'form.ccuname'};
my $ccdomain=$ENV{'form.ccdomain'};
- $ENV{'SERVER_NAME'}=~/(\w+\.\w+)$/;
- my $krbdefdom=$1;
- $krbdefdom=~tr/a-z/A-Z/;
+ my $defdom=$ENV{'request.role.domain'};
+
+ my ($krbdef,$krbdefdom) =
+ &Apache::loncommon::get_kerberos_defaults($defdom);
+
my %param = ( formname => 'document.cu',
- kerb_def_dom => $krbdefdom
+ kerb_def_dom => $krbdefdom,
+ kerb_def_auth => $krbdef
);
$loginscript = &Apache::loncommon::authform_header(%param);
-
- my $defdom=$ENV{'request.role.domain'};
+ $authformkrb = &Apache::loncommon::authform_kerberos(%param);
$ccuname=~s/\W//g;
$ccdomain=~s/\W//g;
+ my $pjump_def = &Apache::lonhtmlcommon::pjump_javascript_definition();
my $dochead =<<"ENDDOCHEAD";
@@ -138,14 +162,7 @@ sub print_user_modification_page {
parmwin.close();
}
- function pjump(type,dis,value,marker,ret,call) {
- parmwin=window.open("/adm/rat/parameter.html?type="+escape(type)
- +"&value="+escape(value)+"&marker="+escape(marker)
- +"&return="+escape(ret)
- +"&call="+escape(call)+"&name="+escape(dis),"LONCAPAparms",
- "height=350,width=350,scrollbars=no,menubar=no");
-
- }
+ $pjump_def
function dateset() {
eval("document.cu."+document.cu.pres_marker.value+
@@ -170,7 +187,7 @@ ENDFORMINFO
my $uhome=&Apache::lonnet::homeserver($ccuname,$ccdomain);
my %incdomains;
my %inccourses;
- foreach (%Apache::lonnet::hostdom) {
+ foreach (values(%Apache::lonnet::hostdom)) {
$incdomains{$_}=1;
}
foreach (keys(%ENV)) {
@@ -269,7 +286,12 @@ END
if ($area =~ /^\/(\w+)\/(\d\w+)/ ) {
my %coursedata=
&Apache::lonnet::coursedescription($1.'_'.$2);
- my $carea='Course: '.$coursedata{'description'};
+ my $carea;
+ if (defined($coursedata{'description'})) {
+ $carea='Course: '.$coursedata{'description'};
+ } else {
+ $carea='Unavailable course: '.$area;
+ }
$inccourses{$1.'_'.$2}=1;
if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) {
$allowed=1;
@@ -294,18 +316,12 @@ END
}
}
}
- # I have no idea what the hell the above code does
- # So the following is a check:
- if ($allowed) {
- # If we are looking at a co-author role, make sure it is
- # for the current users construction space before we let
- # them revoke it.
- if (($role_code eq 'ca') &&
- ($ENV{'request.role'} !~ /^dc/)) {
- if ($area !~
- /^\/$ENV{'request.role.domain'}\/$ENV{'user.name'}/) {
- $allowed = 0;
- }
+ if ($role_code eq 'ca') {
+ $area=~/\/(\w+)\/(\w+)/;
+ if (&authorpriv($2,$1)) {
+ $allowed=1;
+ } else {
+ $allowed=0;
}
}
my $row = '';
@@ -331,7 +347,7 @@ END
my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain);
if ($currentauth=~/^krb(4|5):/) {
$currentauth=~/^krb(4|5):(.*)/;
- my $krbdefdom2=$1;
+ my $krbdefdom=$1;
my %param = ( formname => 'document.cu',
kerb_def_dom => $krbdefdom
);
@@ -427,7 +443,9 @@ ENDOTHERAUTHS
#
# Co-Author
#
- if (&Apache::lonnet::allowed('cca',$ENV{'request.role.domain'})) {
+ if (&authorpriv($ENV{'user.name'},$ENV{'request.role.domain'}) &&
+ ($ENV{'user.name'} ne $ccuname || $ENV{'user.domain'} ne $ccdomain)) {
+ # No sense in assigning co-author role to yourself
my $cuname=$ENV{'user.name'};
my $cudom=$ENV{'request.role.domain'};
$r->print(<