--- loncom/interface/loncreateuser.pm 2003/07/17 19:40:39 1.59 +++ loncom/interface/loncreateuser.pm 2003/10/18 16:06:47 1.70 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Create a user # -# $Id: loncreateuser.pm,v 1.59 2003/07/17 19:40:39 www Exp $ +# $Id: loncreateuser.pm,v 1.70 2003/10/18 16:06:47 www Exp $ # # Copyright Michigan State University Board of Trustees # @@ -25,36 +25,45 @@ # # http://www.lon-capa.org/ # -# (Create a course -# (My Desk -# -# (Internal Server Error Handler -# -# (Login Screen -# 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14, -# 1/14/00,5/29,5/30,6/1,6/29,7/1,11/9 Gerd Kortemeyer) -# -# YEAR=2001 -# 3/1/1 Gerd Kortemeyer) -# -# 3/1 Gerd Kortemeyer) -# -# 2/14 Gerd Kortemeyer) -# -# 2/14,2/17,2/19,2/20,2/21,2/22,2/23,3/2,3/17,3/24,04/12 Gerd Kortemeyer -# April Guy Albertelli -# 05/10,10/16 Gerd Kortemeyer -# 02/11/02 Matthew Hall -# -# $Id: loncreateuser.pm,v 1.59 2003/07/17 19:40:39 www Exp $ ### package Apache::loncreateuser; +=pod + +=head1 NAME + +Apache::loncreateuser - handler to create users and custom roles + +=head1 SYNOPSIS + +Apache::loncreateuser provides an Apache handler for creating users, + editing their login parameters, roles, and removing roles, and + also creating and assigning custom roles. + +=head1 OVERVIEW + +=head2 Custom Roles + +In LON-CAPA, roles are actually collections of privileges. "Teaching +Assistant", "Course Coordinator", and other such roles are really just +collection of privileges that are useful in many circumstances. + +Creating custom roles can be done by the Domain Coordinator through +the Create User functionality. That screen will show all privileges +that can be assigned to users. For a complete list of privileges, +please see C. + +Custom role definitions are stored in the C file of the role +author. + +=cut + use strict; use Apache::Constants qw(:common :http); use Apache::lonnet; use Apache::loncommon; +use Apache::lonlocal; my $loginscript; # piece of javascript used in two separate instances my $generalrule; @@ -90,7 +99,7 @@ sub my_custom_roles { my %rolehash=&Apache::lonnet::dump('roles'); foreach (keys %rolehash) { if ($_=~/^rolesdef\_(\w+)$/) { - $returnhash{$_}=$_; + $returnhash{$1}=$1; } } return %returnhash; @@ -264,7 +273,7 @@ ENDNEWUSER $dochead

Change User Privileges

$forminfo -

User "$ccuname" in domain $ccdomain

+

User "$ccuname" in domain "$ccdomain"

ENDCHANGEUSER # Get the users information my %userenv = &Apache::lonnet::get('environment', @@ -302,13 +311,19 @@ END END - foreach my $area (keys(%rolesdump)) { + foreach my $area (sort { my $a1=join('_',(split('_',$a))[1,0]); + my $b1=join('_',(split('_',$b))[1,0]); + return $a1 cmp $b1; + } keys(%rolesdump)) { next if ($area =~ /^rolesdef/); my $role = $rolesdump{$area}; my $thisrole=$area; $area =~ s/\_\w\w$//; my ($role_code,$role_end_time,$role_start_time) = split(/_/,$role); +# Is this a custom role? Get role owner and title. + my ($croleudom,$croleuname,$croletitle)= + ($role_code=~/^cr\/(\w+)\/(\w+)\/(\w+)$/); my $bgcol='ffffff'; my $allowed=0; my $delallowed=0; @@ -334,10 +349,17 @@ END (&Apache::lonnet::allowed('dro',$ccdomain))) { $delallowed=1; } +# - custom role. Needs more info, too + if ($croletitle) { + if (&Apache::lonnet::allowed('ccr',$1.'/'.$2)) { + $allowed=1; + $thisrole.='.'.$role_code; + } + } # Compute the background color based on $area $bgcol=$1.'_'.$2; - $bgcol=~s/[^8-9b-e]//g; - $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6); + $bgcol=~s/[^7-9a-e]//g; + $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',2,6); if ($area=~/^\/(\w+)\/(\d\w+)\/(\w+)/) { $carea.='
Section/Group: '.$3; } @@ -369,7 +391,7 @@ END } } my $row = ''; - $row.=''); foreach ( sort( keys(%incdomains))) { my $thisdomain=$_; - foreach ('dc','li','dg','au') { + foreach ('dc','li','dg','au','sc') { if (&Apache::lonnet::allowed('c'.$_,$thisdomain)) { my $plrole=&Apache::lonnet::plaintext($_); $r->print(<print(<Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}" +

Creating user "$ENV{'form.ccuname'}" in domain "$ENV{'form.ccdomain'}"

ENDNEWUSERHEAD # Check for the authentication mode and password if (! $amode || ! $genpwd) { @@ -658,7 +687,7 @@ ENDNEWUSERHEAD $r->print('Generating user: '.$result); my $home = &Apache::lonnet::homeserver($ENV{'form.ccuname'}, $ENV{'form.ccdomain'}); - $r->print('
Home server: '.$home.' '. + $r->print('
Home server: '.$home.' '. $Apache::lonnet::libserv{$home}); } elsif (($ENV{'form.login'} ne 'nochange') && ($ENV{'form.login'} ne '' )) { @@ -757,10 +786,11 @@ END next if (! $ENV{$_}); # Revoke roles if ($_=~/^form\.rev/) { - if ($_=~/^form\.rev\:([^\_]+)\_([^\_]+)$/) { + if ($_=~/^form\.rev\:([^\_]+)\_([^\_\.]+)$/) { +# Revoke standard role $r->print('Revoking '.$2.' in '.$1.': '. - &Apache::lonnet::assignrole($ENV{'form.ccdomain'}, - $ENV{'form.ccuname'},$1,$2,$now).'
'); + &Apache::lonnet::revokerole($ENV{'form.ccdomain'}, + $ENV{'form.ccuname'},$1,$2).'
'); if ($2 eq 'st') { $1=~/^\/(\w+)\/(\w+)/; my $cid=$1.'_'.$2; @@ -774,6 +804,14 @@ END $ENV{'course.'.$cid.'.home'}).'
'); } } + if ($_=~/^form\.rev\:([^\_]+)\_cr\.cr\/(\w+)\/(\w+)\/(\w+)$/) { +# Revoke custom role + $r->print( + 'Revoking custom role '.$4.' by '.$3.'@'.$2.' in '.$1.': '. +&Apache::lonnet::revokecustomrole($ENV{'form.ccdomain'}, + $ENV{'form.ccuname'},$1,$2,$3,$4). + '
'); + } } elsif ($_=~/^form\.del/) { if ($_=~/^form\.del\:([^\_]+)\_([^\_]+)$/) { $r->print('Deleting '.$2.' in '.$1.': '. @@ -793,7 +831,29 @@ END } } } elsif ($_=~/^form\.act/) { - if ($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_([^\_]+)$/) { + if +($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_cr_cr_([^\_]+)_(\w+)_([^\_]+)$/) { + # Activate a custom role + my $url='/'.$1.'/'.$2; + my $full=$1.'_'.$2.'_cr_cr_'.$3.'_'.$4.'_'.$5; + if ($ENV{'form.sec_'.$full}) { + $url.='/'.$ENV{'form.sec_'.$full}; + } + + my $start = ( $ENV{'form.start_'.$full} ? + $ENV{'form.start_'.$full} : + $now ); + my $end = ( $ENV{'form.end_'.$full} ? + $ENV{'form.end_'.$full} : + 0 ); + + $r->print('Assigning custom role "'.$5.'" by '.$4.'@'.$3.' in '.$url. + ($start?', starting '.localtime($start):''). + ($end?', ending '.localtime($end):'').': '. + &Apache::lonnet::assigncustomrole( + $ENV{'form.ccdomain'},$ENV{'form.ccuname'},$url,$3,$4,$5,$end,$start). + '
'); + } elsif ($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_([^\_]+)$/) { # Activate roles for sections with 3 id numbers # set start, end times, and the url for the class @@ -808,7 +868,7 @@ END $url.='/'.$ENV{'form.sec_'.$1.'_'.$2.'_'.$3}; } # Assign the role and report it - $r->print('Assigning: '.$3.' in '.$url. + $r->print('Assigning '.$3.' in '.$url. ($start?', starting '.localtime($start):''). ($end?', ending '.localtime($end):'').': '. &Apache::lonnet::assignrole( @@ -841,14 +901,16 @@ END 0 ); my $url='/'.$1.'/'; # Assign the role and report it. - $r->print('Assigning: '.$2.' in '.$url.': '. + $r->print('Assigning '.$2.' in '.$url.': '. ($start?', starting '.localtime($start):''). ($end?', ending '.localtime($end):'').': '. &Apache::lonnet::assignrole( $ENV{'form.ccdomain'},$ENV{'form.ccuname'}, $url,$2,$end,$start) .'
'); - } + } else { + $r->print('

ERROR: Unknown command '.$_.'


'); + } } } # End of foreach (keys(%ENV)) $r->print(''); @@ -864,7 +926,7 @@ sub custom_role_editor { $rolename=$ENV{'form.newrolename'}; } - $rolename=~s/\W//gs; + $rolename=~s/[^A-Za-z0-9]//gs; unless ($rolename) { &print_username_entry_form($r); @@ -873,16 +935,147 @@ sub custom_role_editor { $r->print(&Apache::loncommon::bodytag( 'Create Users, Change User Privileges').'

'); + my $syspriv=''; + my $dompriv=''; + my $coursepriv=''; my ($rdummy,$roledef)= &Apache::lonnet::get('roles',["rolesdef_$rolename"]); +# ------------------------------------------------------- Does this role exist? if (($rdummy ne 'con_lost') && ($roledef ne '')) { $r->print('Existing Role "'); +# ------------------------------------------------- Get current role privileges + ($syspriv,$dompriv,$coursepriv)=split(/\_/,$roledef); } else { $r->print('New Role "'); $roledef=''; } $r->print($rolename.'"

'); - $r->print('Not yet implemented.'); +# ------------------------------------------------------- What can be assigned? + my %full=(); + my %courselevel=(); + my %courselevelcurrent=(); + foreach (split(/\:/,$Apache::lonnet::pr{'cr:c'})) { + my ($priv,$restrict)=split(/\&/,$_); + unless ($restrict) { $restrict='F'; } + $courselevel{$priv}=$restrict; + if ($coursepriv=~/\:$priv/) { + $courselevelcurrent{$priv}=1; + } + $full{$priv}=1; + } + my %domainlevel=(); + my %domainlevelcurrent=(); + foreach (split(/\:/,$Apache::lonnet::pr{'cr:d'})) { + my ($priv,$restrict)=split(/\&/,$_); + unless ($restrict) { $restrict='F'; } + $domainlevel{$priv}=$restrict; + if ($dompriv=~/\:$priv/) { + $domainlevelcurrent{$priv}=1; + } + $full{$priv}=1; + } + my %systemlevel=(); + my %systemlevelcurrent=(); + foreach (split(/\:/,$Apache::lonnet::pr{'cr:s'})) { + my ($priv,$restrict)=split(/\&/,$_); + unless ($restrict) { $restrict='F'; } + $systemlevel{$priv}=$restrict; + if ($syspriv=~/\:$priv/) { + $systemlevelcurrent{$priv}=1; + } + $full{$priv}=1; + } + $r->print(< + + +
RevokeDeleteRoleExtentStartEnd
'; + $row.='
'; my $active=1; $active=0 if (($role_end_time) && ($now>$role_end_time)); if (($active) && ($allowed)) { @@ -387,7 +409,14 @@ END } else { $row.=' '; } - $row.= ''.&Apache::lonnet::plaintext($role_code). + my $plaintext=''; + unless ($croletitle) { + $plaintext=&Apache::lonnet::plaintext($role_code); + } else { + $plaintext= + "Customrole '$croletitle' defined by $croleuname\@$croleudom"; + } + $row.= ''.$plaintext. ''.$area. ''.($role_start_time?localtime($role_start_time) : ' ' ). @@ -519,7 +548,7 @@ ENDCOAUTH 'StartEnd
+ + +ENDCCF + foreach (sort keys %full) { + $r->print(''); + } + $r->print( + '
PrivilegeCourse LevelDomain LevelSystem Level
'.&Apache::lonnet::plaintext($_).''. + ($courselevel{$_}?'':' '). + ''. + ($domainlevel{$_}?'':' '). + ''. + ($systemlevel{$_}?'':' '). + '
'); +} + +# ---------------------------------------------------------- Call to definerole +sub set_custom_role { + my $r=shift; + + my $rolename=$ENV{'form.rolename'}; + + $rolename=~s/[^A-Za-z0-9]//gs; + + unless ($rolename) { + &print_username_entry_form($r); + return; + } + + $r->print(&Apache::loncommon::bodytag( + 'Create Users, Change User Privileges').'

'); + my ($rdummy,$roledef)= + &Apache::lonnet::get('roles',["rolesdef_$rolename"]); +# ------------------------------------------------------- Does this role exist? + if (($rdummy ne 'con_lost') && ($roledef ne '')) { + $r->print('Existing Role "'); + } else { + $r->print('New Role "'); + $roledef=''; + } + $r->print($rolename.'"

'); +# ------------------------------------------------------- What can be assigned? + my $sysrole=''; + my $domrole=''; + my $courole=''; + + foreach (split(/\:/,$Apache::lonnet::pr{'cr:c'})) { + my ($priv,$restrict)=split(/\&/,$_); + unless ($restrict) { $restrict=''; } + if ($ENV{'form.'.$priv.':c'}) { + $courole.=':'.$_; + } + } + + foreach (split(/\:/,$Apache::lonnet::pr{'cr:d'})) { + my ($priv,$restrict)=split(/\&/,$_); + unless ($restrict) { $restrict=''; } + if ($ENV{'form.'.$priv.':d'}) { + $domrole.=':'.$_; + } + } + + foreach (split(/\:/,$Apache::lonnet::pr{'cr:s'})) { + my ($priv,$restrict)=split(/\&/,$_); + unless ($restrict) { $restrict=''; } + if ($ENV{'form.'.$priv.':s'}) { + $sysrole.=':'.$_; + } + } + $r->print('
Defining Role: '. + &Apache::lonnet::definerole($rolename,$sysrole,$domrole,$courole)); + if ($ENV{'request.course.id'}) { + my $url='/'.$ENV{'request.course.id'}; + $url=~s/\_/\//g; + $r->print('
Assigning Role to Self: '. + &Apache::lonnet::assigncustomrole($ENV{'user.domain'}, + $ENV{'user.name'}, + $url, + $ENV{'user.domain'}, + $ENV{'user.name'}, + $rolename)); + } + $r->print(''); } # ================================================================ Main Handler @@ -890,7 +1083,7 @@ sub handler { my $r = shift; if ($r->header_only) { - $r->content_type('text/html'); + &Apache::loncommon::content_type($r,'text/html'); $r->send_http_header; return OK; } @@ -901,7 +1094,7 @@ sub handler { (&Apache::lonnet::allowed('cep',$ENV{'request.course.id'})) || (&Apache::lonnet::allowed('cca',$ENV{'request.role.domain'})) || (&Apache::lonnet::allowed('mau',$ENV{'request.role.domain'}))) { - $r->content_type('text/html'); + &Apache::loncommon::content_type($r,'text/html'); $r->send_http_header; unless ($ENV{'form.phase'}) { &print_username_entry_form($r); @@ -912,6 +1105,8 @@ sub handler { &update_user_data($r); } elsif ($ENV{'form.phase'} eq 'selected_custom_edit') { &custom_role_editor($r); + } elsif ($ENV{'form.phase'} eq 'set_custom_roles') { + &set_custom_role($r); } } else { $ENV{'user.error.msg'}= @@ -925,6 +1120,10 @@ sub handler { sub course_level_table { my %inccourses = @_; my $table = ''; +# Custom Roles? + + my %customroles=&my_custom_roles(); + foreach (sort( keys(%inccourses))) { my $thiscourse=$_; my $protectedcourse=$_; @@ -933,8 +1132,8 @@ sub course_level_table { my $area=$coursedata{'description'}; if (!defined($area)) { $area='Unavailable course: '.$_; } my $bgcol=$thiscourse; - $bgcol=~s/[^8-9b-e]//g; - $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6); + $bgcol=~s/[^7-9a-e]//g; + $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',2,6); foreach ('st','ta','ep','ad','in','cc') { if (&Apache::lonnet::allowed('c'.$_,$thiscourse)) { my $plrole=&Apache::lonnet::plaintext($_); @@ -964,6 +1163,26 @@ ENDTIMEENTRY $table.= "\n"; } } + foreach (sort keys %customroles) { + if (&Apache::lonnet::allowed('ccr',$thiscourse)) { + my $plrole=$_; + my $customrole=$protectedcourse.'_cr_cr_'.$ENV{'user.domain'}. + '_'.$ENV{'user.name'}.'_'.$plrole; + $table .= < + + + + + + +ENDENTRY + } + } } return '' if ($table eq ''); # return nothing if there is nothing # in the table
$plrole$area +Set Start Date +Set End Date