loncom/interface/loncreateuser.pm - view

Return to loncreateuser.pm CVS log

Up to [LON-CAPA] / loncom / interface

File: [LON-CAPA] / loncom / interface / loncreateuser.pm
Revision 1.104: download - view: text, annotated - select for diffs
Fri Jun 17 21:04:40 2005 UTC (18 years, 11 months ago) by albertel
Branches: MAIN
CVS tags: HEAD

- bug #4073, DC can revoke CA roles of the same domain of the DC role
  (it has been tested so that it continues that AU can't revoke other CA roles (BUG#599))

    1: # The LearningOnline Network with CAPA
    2: # Create a user
    3: #
    4: # $Id: loncreateuser.pm,v 1.104 2005/06/17 21:04:40 albertel Exp $
    5: #
    6: # Copyright Michigan State University Board of Trustees
    7: #
    8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
    9: #
   10: # LON-CAPA is free software; you can redistribute it and/or modify
   11: # it under the terms of the GNU General Public License as published by
   12: # the Free Software Foundation; either version 2 of the License, or
   13: # (at your option) any later version.
   14: #
   15: # LON-CAPA is distributed in the hope that it will be useful,
   16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
   17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   18: # GNU General Public License for more details.
   19: #
   20: # You should have received a copy of the GNU General Public License
   21: # along with LON-CAPA; if not, write to the Free Software
   22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   23: #
   24: # /home/httpd/html/adm/gpl.txt
   25: #
   26: # http://www.lon-capa.org/
   27: #
   28: ###
   29: 
   30: package Apache::loncreateuser;
   31: 
   32: =pod
   33: 
   34: =head1 NAME
   35: 
   36: Apache::loncreateuser - handler to create users and custom roles
   37: 
   38: =head1 SYNOPSIS
   39: 
   40: Apache::loncreateuser provides an Apache handler for creating users,
   41:     editing their login parameters, roles, and removing roles, and
   42:     also creating and assigning custom roles.
   43: 
   44: =head1 OVERVIEW
   45: 
   46: =head2 Custom Roles
   47: 
   48: In LON-CAPA, roles are actually collections of privileges. "Teaching
   49: Assistant", "Course Coordinator", and other such roles are really just
   50: collection of privileges that are useful in many circumstances.
   51: 
   52: Creating custom roles can be done by the Domain Coordinator through
   53: the Create User functionality. That screen will show all privileges
   54: that can be assigned to users. For a complete list of privileges,
   55: please see C</home/httpd/lonTabs/rolesplain.tab>.
   56: 
   57: Custom role definitions are stored in the C<roles.db> file of the role
   58: author.
   59: 
   60: =cut
   61: 
   62: use strict;
   63: use Apache::Constants qw(:common :http);
   64: use Apache::lonnet;
   65: use Apache::loncommon;
   66: use Apache::lonlocal;
   67: 
   68: my $loginscript; # piece of javascript used in two separate instances
   69: my $generalrule;
   70: my $authformnop;
   71: my $authformkrb;
   72: my $authformint;
   73: my $authformfsys;
   74: my $authformloc;
   75: 
   76: sub initialize_authen_forms {
   77:     my ($krbdefdom)=( $ENV{'SERVER_NAME'}=~/(\w+\.\w+)$/);
   78:     $krbdefdom= uc($krbdefdom);
   79:     my %param = ( formname => 'document.cu',
   80:                   kerb_def_dom => $krbdefdom 
   81:                   );
   82: # no longer static due to configurable kerberos defaults
   83: #    $loginscript  = &Apache::loncommon::authform_header(%param);
   84:     $generalrule  = &Apache::loncommon::authform_authorwarning(%param);
   85:     $authformnop  = &Apache::loncommon::authform_nochange(%param);
   86: # no longer static due to configurable kerberos defaults
   87: #    $authformkrb  = &Apache::loncommon::authform_kerberos(%param);
   88:     $authformint  = &Apache::loncommon::authform_internal(%param);
   89:     $authformfsys = &Apache::loncommon::authform_filesystem(%param);
   90:     $authformloc  = &Apache::loncommon::authform_local(%param);
   91: }
   92: 
   93: 
   94: # ======================================================= Existing Custom Roles
   95: 
   96: sub my_custom_roles {
   97:     my %returnhash=();
   98:     my %rolehash=&Apache::lonnet::dump('roles');
   99:     foreach (keys %rolehash) {
  100: 	if ($_=~/^rolesdef\_(\w+)$/) {
  101: 	    $returnhash{$1}=$1;
  102: 	}
  103:     }
  104:     return %returnhash;
  105: }
  106: 
  107: # ==================================================== Figure out author access
  108: 
  109: sub authorpriv {
  110:     my ($auname,$audom)=@_;
  111:     unless (&Apache::lonnet::allowed('cca',$audom.'/'.$auname)) { return ''; }
  112:     return 1;
  113: }
  114: 
  115: # =================================================================== Phase one
  116: 
  117: sub print_username_entry_form {
  118:     my $r=shift;
  119:     my $defdom=$env{'request.role.domain'};
  120:     my @domains = &Apache::loncommon::get_domains();
  121:     my $domform = &Apache::loncommon::select_dom_form($defdom,'ccdomain');
  122:     my $html=&Apache::lonxml::xmlbegin();
  123:     my $bodytag =&Apache::loncommon::bodytag('Create Users, Change User Privileges').&Apache::loncommon::help_open_menu('',undef,undef,'',282,'Instructor Interface');
  124:     my $selscript=&Apache::loncommon::studentbrowser_javascript();
  125:     my $sellink=&Apache::loncommon::selectstudent_link
  126:                                         ('crtuser','ccuname','ccdomain');
  127:     my %existingroles=&my_custom_roles();
  128:     my $choice=&Apache::loncommon::select_form('make new role','rolename',
  129: 		('make new role' => 'Generate new role ...',%existingroles));
  130:     my %lt=&Apache::lonlocal::texthash(
  131: 		    'siur'   => "Set Individual User Roles",
  132: 		    'usr'  => "Username",
  133:                     'dom'  => "Domain",
  134:                     'usrr' => "User Roles",
  135:                     'ecrp' => "Edit Custom Role Privileges",
  136:                     'nr'   => "Name of Role",
  137:                     'cre'  => "Custom Role Editor"
  138: 				       );
  139:     my $helpsiur=&Apache::loncommon::help_open_topic('Course_Change_Privileges');
  140:     my $helpecpr=&Apache::loncommon::help_open_topic('Course_Editing_Custom_Roles');
  141:     $r->print(<<"ENDDOCUMENT");
  142: $html
  143: <head>
  144: <title>The LearningOnline Network with CAPA</title>
  145: $selscript
  146: </head>
  147: $bodytag
  148: <form action="/adm/createuser" method="post" name="crtuser">
  149: <input type="hidden" name="phase" value="get_user_info">
  150: <h2>$lt{siur}$helpsiur</h2>
  151: <table>
  152: <tr><td>$lt{usr}:</td><td><input type="text" size="15" name="ccuname">
  153: </td><td rowspan="2">$sellink</td></tr><tr><td>
  154: $lt{'dom'}:</td><td>$domform</td></tr>
  155: </table>
  156: <input name="userrole" type="submit" value="$lt{usrr}" />
  157: </form>
  158: <form action="/adm/createuser" method="post" name="docustom">
  159: <input type="hidden" name="phase" value="selected_custom_edit">
  160: <h2>$lt{'ecrp'}$helpecpr</h2>
  161: $lt{'nr'}: $choice <input type="text" size="15" name="newrolename" /><br />
  162: <input name="customeditor" type="submit" value="$lt{'cre'}" />
  163: </body>
  164: </html>
  165: ENDDOCUMENT
  166: }
  167: 
  168: # =================================================================== Phase two
  169: sub print_user_modification_page {
  170:     my $r=shift;
  171:     my $ccuname=$env{'form.ccuname'};
  172:     my $ccdomain=$env{'form.ccdomain'};
  173: 
  174:     $ccuname=~s/\W//g;
  175:     $ccdomain=~s/\W//g;
  176: 
  177:     unless (($ccuname) && ($ccdomain)) {
  178: 	&print_username_entry_form($r);
  179:         return;
  180:     }
  181: 
  182:     my $defdom=$env{'request.role.domain'};
  183: 
  184:     my ($krbdef,$krbdefdom) =
  185:        &Apache::loncommon::get_kerberos_defaults($defdom);
  186: 
  187:     my %param = ( formname => 'document.cu',
  188:                   kerb_def_dom => $krbdefdom,
  189:                   kerb_def_auth => $krbdef
  190:                   );
  191:     $loginscript  = &Apache::loncommon::authform_header(%param);
  192:     $authformkrb  = &Apache::loncommon::authform_kerberos(%param);
  193: 
  194:     $ccuname=~s/\W//g;
  195:     $ccdomain=~s/\W//g;
  196:     my $pjump_def = &Apache::lonhtmlcommon::pjump_javascript_definition();
  197:     my $dc_setcourse_code = '';
  198:     my $loaditem;
  199:     if ($env{'request.role'} =~ m-^dc\./(\w+)/$-) {
  200:         my $dcdom = $1;
  201:         $loaditem = qq|OnLoad="document.cu.coursedesc.value=''"|;
  202:         $dc_setcourse_code = <<"ENDSCRIPT";
  203:     function setCourse() {
  204:         var course = document.cu.dccourse.value;
  205:         if (course != "") {
  206:             if (document.cu.dcdomain.value != document.cu.origdom.value) {
  207:                 alert("You must select a course in the current domain");
  208:                 return;
  209:             } 
  210:             var userrole = document.cu.role.options[document.cu.role.selectedIndex].value
  211:             var section="";
  212:             var numsections = 0;
  213:             for (var i=0; i<document.cu.currsec.length; i++) {
  214:                 if (document.cu.currsec.options[i].selected == true ) {
  215:                     if (document.cu.currsec.options[i].value != "" && document.cu.currsec.options[i].value != null) { 
  216:                         if (numsections == 0) {
  217:                             section = document.cu.currsec.options[i].value
  218:                             numsections = 1;
  219:                         }
  220:                         else {
  221:                             section = section + "," +  document.cu.currsec.options[i].value
  222:                             numsections ++;
  223:                         }
  224:                     }
  225:                 }
  226:             }
  227:             if (document.cu.newsec.value != "" && document.cu.newsec.value != null) {
  228:                 if (numsections == 0) {
  229:                     section = document.cu.newsec.value
  230:                 }
  231:                 else {
  232:                     section = section + "," +  document.cu.newsec.value
  233:                 }
  234:                 var numsplit = document.cu.newsec.value.split(/,/g);
  235:                 numsections = numsections + numsplit.length;
  236:             }
  237:             if ((userrole == 'st') && (numsections > 1)) {
  238:                 alert("In each course, each user may only have one student role at a time. You had selected "+numsections+" sections.\\nPlease modify your selections so they include no more than one section.")
  239:                 return;
  240:             }
  241:             if ((userrole == 'cc') && (numsections > 0)) {
  242:                 alert("Section designations do not apply to Course Coordinator roles.\\nA course coordinator role will be added with access to all sections.");
  243:                 section = "";
  244:             }
  245:             var numcourse = getIndex(document.cu.dccourse);
  246:             if (numcourse == "-1") {
  247:                 alert("There was a problem with your course selection");
  248:                 return
  249:             }
  250:             else { 
  251:                 var coursename = "_$dcdom"+"_"+course+"_"+userrole
  252:                 document.cu.elements[numcourse].name = "act"+coursename
  253:                 document.cu.elements[numcourse+4].name = "sec"+coursename
  254:                 document.cu.elements[numcourse+4].value = section
  255:                 document.cu.elements[numcourse+5].name = "start"+coursename
  256:                 document.cu.elements[numcourse+6].name = "end"+coursename
  257:             }
  258:         }
  259:         document.cu.submit();
  260:     }
  261: 
  262:     function getIndex(caller) {
  263:         for (var i=0;i<document.cu.elements.length;i++) {
  264:             if (document.cu.elements[i] == caller) {
  265:                 return i;
  266:             }
  267:         }
  268:         return -1;
  269:     }
  270: ENDSCRIPT
  271:     }
  272:     my $html=&Apache::lonxml::xmlbegin();
  273:     my $dochead =<<"ENDDOCHEAD";
  274: $html
  275: <head>
  276: <title>The LearningOnline Network with CAPA</title>
  277: <script type="text/javascript" language="Javascript">
  278: 
  279:     function pclose() {
  280:         parmwin=window.open("/adm/rat/empty.html","LONCAPAparms",
  281:                  "height=350,width=350,scrollbars=no,menubar=no");
  282:         parmwin.close();
  283:     }
  284: 
  285:     $pjump_def
  286:     $dc_setcourse_code
  287: 
  288:     function dateset() {
  289:         eval("document.cu."+document.cu.pres_marker.value+
  290:             ".value=document.cu.pres_value.value");
  291:         pclose();
  292:     }
  293: 
  294:     function setSections() {
  295:         var re1 = /^currsec_/;
  296:         for (var i=0;i<document.cu.elements.length;i++) {
  297:             var str = document.cu.elements[i].name;
  298:             var checkcurr = str.match(re1);
  299:             if (checkcurr != null) {
  300:                 var re2 = /^currsec_[a-zA-Z0-9]+_[a-zA-Z0-9]+_(\\w+)\$/;
  301:                 if (document.cu.elements[i-1].checked == true) {
  302:                     var re2 = /^currsec_[a-zA-Z0-9]+_[a-zA-Z0-9]+_(\\w+)\$/;
  303:                     match = re2.exec(str);
  304:                     var role = match[1];
  305:                     if (role == 'cc') {
  306:                         alert("Section designations do not apply to Course Coordinator roles.\\nA course coordinator role will be added with access to all sections.");
  307:                     }
  308:                     else {
  309:                         var sections = '';
  310:                         var numsec = 0;
  311:                         var sections;
  312:                         for (var j=0; j<document.cu.elements[i].length; j++) {
  313:                             if (document.cu.elements[i].options[j].selected == true ) {
  314:                                 if (document.cu.elements[i].options[j].value != "") {
  315:                                     if (numsec == 0) {
  316:                                         if (document.cu.elements[i].options[j].value != "") {
  317:                                             sections = document.cu.elements[i].options[j].value;
  318:                                             numsec ++;
  319:                                         }
  320:                                     }
  321:                                     else {
  322:                                         sections = sections + "," +  document.cu.elements[i].options[j].value
  323:                                         numsec ++;
  324:                                     }
  325:                                 }
  326:                             }
  327:                         }
  328:                         if (numsec > 0) {
  329:                             if (document.cu.elements[i+1].value != "" && document.cu.elements[i+1].value != null) {
  330:                                 sections = sections + "," +  document.cu.elements[i+1].value;
  331:                             } 
  332:                         }
  333:                         else {
  334:                             sections = document.cu.elements[i+1].value;    
  335:                         }
  336:                         var newsecs = document.cu.elements[i+1].value;
  337:                         if (newsecs != null && newsecs != "") {
  338:                             var numsplit = newsecs.split(/,/g);
  339:                             numsec = numsec + numsplit.length;
  340:                         }
  341:                         if ((role == 'st') && (numsec > 1)) {
  342:                             alert("In each course, each user may only have one student role at a time. You had selected "+numsec+" sections.\\nPlease modify your selections so they include no more than one section.")  
  343:                             return;
  344:                         }
  345:                         else { 
  346:                             document.cu.elements[i+2].value = sections;
  347:                         }
  348:                     }
  349:                 }
  350:             }
  351:         }
  352:         document.cu.submit();
  353:     }
  354: </script>
  355: </head>
  356: ENDDOCHEAD
  357:     $r->print(&Apache::loncommon::bodytag(
  358:                                      'Create Users, Change User Privileges',undef,$loaditem));
  359:     my $forminfo =<<"ENDFORMINFO";
  360: <form action="/adm/createuser" method="post" name="cu">
  361: <input type="hidden" name="phase"       value="update_user_data">
  362: <input type="hidden" name="ccuname"     value="$ccuname">
  363: <input type="hidden" name="ccdomain"    value="$ccdomain">
  364: <input type="hidden" name="pres_value"  value="" >
  365: <input type="hidden" name="pres_type"   value="" >
  366: <input type="hidden" name="pres_marker" value="" >
  367: ENDFORMINFO
  368:     my $uhome=&Apache::lonnet::homeserver($ccuname,$ccdomain);
  369:     my %incdomains; 
  370:     my %inccourses;
  371:     foreach (values(%Apache::lonnet::hostdom)) {
  372:        $incdomains{$_}=1;
  373:     }
  374:     foreach (keys(%env)) {
  375: 	if ($_=~/^user\.priv\.cm\.\/(\w+)\/(\w+)/) {
  376: 	    $inccourses{$1.'_'.$2}=1;
  377:         }
  378:     }
  379:     if ($uhome eq 'no_host') {
  380:         my $home_server_list=
  381:             '<option value="default" selected>default</option>'."\n".
  382:                 &Apache::loncommon::home_server_option_list($ccdomain);
  383:         
  384: 	my %lt=&Apache::lonlocal::texthash(
  385:                     'cnu'  => "Create New User",
  386:                     'nu'   => "New User",
  387:                     'id'   => "in domain",
  388:                     'pd'   => "Personal Data",
  389:                     'fn'   => "First Name",
  390:                     'mn'   => "Middle Name",
  391:                     'ln'   => "Last Name",
  392:                     'gen'  => "Generation",
  393:                     'idsn' => "ID/Student Number",
  394:                     'hs'   => "Home Server",
  395:                     'lg'   => "Login Data"
  396: 				       );
  397: 	my $genhelp=&Apache::loncommon::help_open_topic('Generation');
  398:         &initialize_authen_forms();
  399: 	$r->print(<<ENDNEWUSER);
  400: $dochead
  401: <h1>$lt{'cnu'}</h1>
  402: $forminfo
  403: <h2>$lt{'nu'} "$ccuname" $lt{'id'} $ccdomain</h2>
  404: <script type="text/javascript" language="Javascript">
  405: $loginscript
  406: </script>
  407: <input type='hidden' name='makeuser' value='1' />
  408: <h3>$lt{'pd'}</h3>
  409: <p>
  410: <table>
  411: <tr><td>$lt{'fn'}  </td>
  412:     <td><input type='text' name='cfirst'  size='15' /></td></tr>
  413: <tr><td>$lt{'mn'} </td> 
  414:     <td><input type='text' name='cmiddle' size='15' /></td></tr>
  415: <tr><td>$lt{'ln'}   </td>
  416:     <td><input type='text' name='clast'   size='15' /></td></tr>
  417: <tr><td>$lt{'gen'}$genhelp</td>
  418:     <td><input type='text' name='cgen'    size='5'  /></td></tr>
  419: </table>
  420: $lt{'idsn'} <input type='text' name='cstid'   size='15' /></p>
  421: $lt{'hs'}: <select name="hserver" size="1"> $home_server_list </select>
  422: <hr />
  423: <h3>$lt{'lg'}</h3>
  424: <p>$generalrule </p>
  425: <p>$authformkrb </p>
  426: <p>$authformint </p>
  427: <p>$authformfsys</p>
  428: <p>$authformloc </p>
  429: ENDNEWUSER
  430:     } else { # user already exists
  431: 	my %lt=&Apache::lonlocal::texthash(
  432:                     'cup'  => "Change User Privileges",
  433:                     'usr'  => "User",                    
  434:                     'id'   => "in domain",
  435:                     'fn'   => "first name",
  436:                     'mn'   => "middle name",
  437:                     'ln'   => "last name",
  438:                     'gen'  => "generation"
  439: 				       );
  440: 	$r->print(<<ENDCHANGEUSER);
  441: $dochead
  442: <h1>$lt{'cup'}</h1>
  443: $forminfo
  444: <h2>$lt{'usr'} "$ccuname" $lt{'id'} "$ccdomain"</h2>
  445: ENDCHANGEUSER
  446:         # Get the users information
  447:         my %userenv = &Apache::lonnet::get('environment',
  448:                           ['firstname','middlename','lastname','generation'],
  449:                           $ccdomain,$ccuname);
  450:         my %rolesdump=&Apache::lonnet::dump('roles',$ccdomain,$ccuname);
  451:         $r->print(<<END);
  452: <hr />
  453: <table border="2">
  454: <tr>
  455: <th>$lt{'fn'}</th><th>$lt{'mn'}</th><th>$lt{'ln'}</th><th>$lt{'gen'}</th>
  456: </tr>
  457: <tr>
  458: END
  459:         foreach ('firstname','middlename','lastname','generation') {
  460:            if (&Apache::lonnet::allowed('mau',$ccdomain)) {
  461:               $r->print(<<"END");            
  462: <td><input type="text" name="c$_" value="$userenv{$_}" size="15" /></td>
  463: END
  464:            } else {
  465:                $r->print('<td>'.$userenv{$_}.'</td>');
  466:            }
  467:         }
  468:       $r->print(<<END);
  469: </tr>
  470: </table>
  471: END
  472:         # Build up table of user roles to allow revocation of a role.
  473:         my ($tmp) = keys(%rolesdump);
  474:         unless ($tmp =~ /^(con_lost|error)/i) {
  475:            my $now=time;
  476: 	   my %lt=&Apache::lonlocal::texthash(
  477: 		    'rer'  => "Revoke Existing Roles",
  478:                     'rev'  => "Revoke",                    
  479:                     'del'  => "Delete",
  480: 		    'ren'  => "Re-Enable",
  481:                     'rol'  => "Role",
  482:                     'ext'  => "Extent",
  483:                     'sta'  => "Start",
  484:                     'end'  => "End"
  485: 				       );
  486:            my (%roletext,%sortrole,%roleclass,%rolepriv);
  487: 	   foreach my $area (sort { my $a1=join('_',(split('_',$a))[1,0]);
  488: 				    my $b1=join('_',(split('_',$b))[1,0]);
  489: 				    return $a1 cmp $b1;
  490: 				} keys(%rolesdump)) {
  491:                next if ($area =~ /^rolesdef/);
  492: 	       my $envkey=$area;
  493:                my $role = $rolesdump{$area};
  494:                my $thisrole=$area;
  495:                $area =~ s/\_\w\w$//;
  496:                my ($role_code,$role_end_time,$role_start_time) = 
  497:                    split(/_/,$role);
  498: # Is this a custom role? Get role owner and title.
  499: 	       my ($croleudom,$croleuname,$croletitle)=
  500: 	           ($role_code=~/^cr\/(\w+)\/(\w+)\/(\w+)$/);
  501:                my $bgcol='ffffff';
  502:                my $allowed=0;
  503:                my $delallowed=0;
  504: 	       my $sortkey=$role_code;
  505: 	       my $class='Unknown';
  506:                if ($area =~ /^\/(\w+)\/(\d\w+)/ ) {
  507: 		   $class='Course';
  508:                    my ($coursedom,$coursedir) = ($1,$2);
  509: 		   $sortkey.="\0$1";
  510:                    # $1.'_'.$2 is the course id (eg. 103_12345abcef103l3).
  511:                    my %coursedata=
  512:                        &Apache::lonnet::coursedescription($1.'_'.$2);
  513: 		   my $carea;
  514: 		   if (defined($coursedata{'description'})) {
  515: 		       $carea=$coursedata{'description'}.
  516:                            '<br />'.&mt('Domain').': '.$coursedom.('&nbsp;'x8).
  517:      &Apache::loncommon::syllabuswrapper('Syllabus',$coursedir,$coursedom);
  518: 		       $sortkey.="\0".$coursedata{'description'};
  519: 		   } else {
  520: 		       $carea=&mt('Unavailable course').': '.$area;
  521: 		       $sortkey.="\0".&mt('Unavailable course').': '.$area;
  522: 		   }
  523:                    $inccourses{$1.'_'.$2}=1;
  524:                    if ((&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) ||
  525:                        (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) {
  526:                        $allowed=1;
  527:                    }
  528:                    if ((&Apache::lonnet::allowed('dro',$1)) ||
  529:                        (&Apache::lonnet::allowed('dro',$ccdomain))) {
  530:                        $delallowed=1;
  531:                    }
  532: # - custom role. Needs more info, too
  533: 		   if ($croletitle) {
  534: 		       if (&Apache::lonnet::allowed('ccr',$1.'/'.$2)) {
  535: 			   $allowed=1;
  536: 			   $thisrole.='.'.$role_code;
  537: 		       }
  538: 		   }
  539:                    # Compute the background color based on $area
  540:                    $bgcol=$1.'_'.$2;
  541:                    $bgcol=~s/[^7-9a-e]//g;
  542:                    $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',2,6);
  543:                    if ($area=~/^\/(\w+)\/(\d\w+)\/(\w+)/) {
  544:                        $carea.='<br />Section/Group: '.$3;
  545: 		       $sortkey.="\0$3";
  546:                    }
  547:                    $area=$carea;
  548:                } else {
  549: 		   $sortkey.="\0".$area;
  550:                    # Determine if current user is able to revoke privileges
  551:                    if ($area=~ /^\/(\w+)\//) {
  552:                        if ((&Apache::lonnet::allowed('c'.$role_code,$1)) ||
  553:                        (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) {
  554:                            $allowed=1;
  555:                        }
  556:                        if (((&Apache::lonnet::allowed('dro',$1))  ||
  557:                             (&Apache::lonnet::allowed('dro',$ccdomain))) &&
  558:                            ($role_code ne 'dc')) {
  559:                            $delallowed=1;
  560:                        }
  561:                    } else {
  562:                        if (&Apache::lonnet::allowed('c'.$role_code,'/')) {
  563:                            $allowed=1;
  564:                        }
  565:                    }
  566: 		   if ($role_code eq 'ca' || $role_code eq 'au') {
  567: 		       $class='Construction Space';
  568: 		   } elsif ($role_code eq 'su') {
  569: 		       $class='System';
  570: 		   } else {
  571: 		       $class='Domain';
  572: 		   }
  573:                }
  574:                if ($role_code eq 'ca') {
  575:                    $area=~/\/(\w+)\/(\w+)/;
  576: 		   if (&authorpriv($2,$1)) {
  577: 		       $allowed=1;
  578:                    } else {
  579:                        $allowed=0;
  580:                    }
  581:                }
  582: 	       $bgcol='77FF77';
  583:                my $row = '';
  584:                $row.='<tr bgcolor="#'.$bgcol.'"><td>';
  585:                my $active=1;
  586:                $active=0 if (($role_end_time) && ($now>$role_end_time));
  587:                if (($active) && ($allowed)) {
  588:                    $row.= '<input type="checkbox" name="rev:'.$thisrole.'">';
  589:                } else {
  590:                    if ($active) {
  591:                       $row.='&nbsp;';
  592: 		   } else {
  593:                       $row.=&mt('expired or revoked');
  594: 		   }
  595:                }
  596: 	       $row.='</td><td>';
  597:                if ($allowed && !$active) {
  598:                    $row.= '<input type="checkbox" name="ren:'.$thisrole.'">';
  599:                } else {
  600:                    $row.='&nbsp;';
  601:                }
  602: 	       $row.='</td><td>';
  603:                if ($delallowed) {
  604:                    $row.= '<input type="checkbox" name="del:'.$thisrole.'">';
  605:                } else {
  606:                    $row.='&nbsp;';
  607:                }
  608: 	       my $plaintext='';
  609: 	       unless ($croletitle) {
  610: 		   $plaintext=&Apache::lonnet::plaintext($role_code);
  611: 	       } else {
  612: 	           $plaintext=
  613: 		"Customrole '$croletitle' defined by $croleuname\@$croleudom";
  614: 	       }
  615:                $row.= '</td><td>'.$plaintext.
  616:                       '</td><td>'.$area.
  617:                       '</td><td>'.($role_start_time?localtime($role_start_time)
  618:                                                    : '&nbsp;' ).
  619:                       '</td><td>'.($role_end_time  ?localtime($role_end_time)
  620:                                                    : '&nbsp;' )
  621:                       ."</td></tr>\n";
  622: 	       $sortrole{$sortkey}=$envkey;
  623: 	       $roletext{$envkey}=$row;
  624: 	       $roleclass{$envkey}=$class;
  625:                $rolepriv{$envkey}=$allowed;
  626:                #$r->print($row);
  627:            } # end of foreach        (table building loop)
  628:            my $rolesdisplay = 0;
  629:            my %output = ();
  630: 	   foreach my $type ('Construction Space','Course','Domain','System','Unknown') {
  631: 	       $output{$type} = '';
  632: 	       foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
  633: 		   if ( ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/ ) && ($rolepriv{$sortrole{$which}}) ) { 
  634: 		       $output{$type}.=$roletext{$sortrole{$which}};
  635: 		   }
  636: 	       }
  637: 	       unless($output{$type} eq '') {
  638: 		   $output{$type} = "<tr bgcolor='#BBffBB'>".
  639: 			     "<td align='center' colspan='7'>".&mt($type)."</td>".
  640:                               $output{$type};
  641:                    $rolesdisplay = 1;
  642: 	       }
  643: 	   }
  644:            if ($rolesdisplay == 1) {
  645:                $r->print(<<END);
  646: <hr />
  647: <h3>$lt{'rer'}</h3>
  648: <table>
  649: <tr><th>$lt{'rev'}</th><th>$lt{'ren'}</th><th>$lt{'del'}</th><th>$lt{'rol'}</th><th>$lt{'e
  650: xt'}</th><th>$lt{'sta'}</th><th>$lt{'end'}</th>
  651: END
  652:                foreach my $type ('Construction Space','Course','Domain','System','Unknown') {
  653:                    if ($output{$type}) {
  654:                        $r->print($output{$type}."\n");
  655:                    }
  656:                }
  657: 	       $r->print('</table>');
  658:            }
  659:         }  # End of unless
  660: 	my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain);
  661: 	if ($currentauth=~/^krb(4|5):/) {
  662: 	    $currentauth=~/^krb(4|5):(.*)/;
  663: 	    my $krbdefdom=$1;
  664:             my %param = ( formname => 'document.cu',
  665:                           kerb_def_dom => $krbdefdom 
  666:                           );
  667:             $loginscript  = &Apache::loncommon::authform_header(%param);
  668: 	}
  669: 	# Check for a bad authentication type
  670:         unless ($currentauth=~/^krb(4|5):/ or
  671: 		$currentauth=~/^unix:/ or
  672: 		$currentauth=~/^internal:/ or
  673: 		$currentauth=~/^localauth:/
  674: 		) { # bad authentication scheme
  675: 	    if (&Apache::lonnet::allowed('mau',$env{'request.role.domain'})) {
  676:                 &initialize_authen_forms();
  677: 		my %lt=&Apache::lonlocal::texthash(
  678:                                'err'   => "ERROR",
  679: 			       'uuas'  => "This user has an unrecognized authentication scheme",
  680:                                'sldb'  => "Please specify login data below",
  681:                                'ld'    => "Login Data"
  682: 						   );
  683: 		$r->print(<<ENDBADAUTH);
  684: <hr />
  685: <script type="text/javascript" language="Javascript">
  686: $loginscript
  687: </script>
  688: <font color='#ff0000'>$lt{'err'}:</font>
  689: $lt{'uuas'} ($currentauth). $lt{'sldb'}.
  690: <h3>$lt{'ld'}</h3>
  691: <p>$generalrule</p>
  692: <p>$authformkrb</p>
  693: <p>$authformint</p>
  694: <p>$authformfsys</p>
  695: <p>$authformloc</p>
  696: ENDBADAUTH
  697:             } else { 
  698:                 # This user is not allowed to modify the users 
  699:                 # authentication scheme, so just notify them of the problem
  700: 		my %lt=&Apache::lonlocal::texthash(
  701:                                'err'   => "ERROR",
  702: 			       'uuas'  => "This user has an unrecognized authentication scheme",
  703:                                'adcs'  => "Please alert a domain coordinator of this situation"
  704: 						   );
  705: 		$r->print(<<ENDBADAUTH);
  706: <hr />
  707: <script type="text/javascript" language="Javascript">
  708: $loginscript
  709: </script>
  710: <font color="#ff0000"> $lt{'err'}: </font>
  711: $lt{'uuas'} ($currentauth). $lt{'adcs'}.
  712: <hr />
  713: ENDBADAUTH
  714:             }
  715:         } else { # Authentication type is valid
  716: 	    my $authformcurrent='';
  717: 	    my $authform_other='';
  718:             &initialize_authen_forms();
  719: 	    if ($currentauth=~/^krb(4|5):/) {
  720: 		$authformcurrent=$authformkrb;
  721: 		$authform_other="<p>$authformint</p>\n".
  722:                     "<p>$authformfsys</p><p>$authformloc</p>";
  723: 	    }
  724: 	    elsif ($currentauth=~/^internal:/) {
  725: 		$authformcurrent=$authformint;
  726: 		$authform_other="<p>$authformkrb</p>".
  727:                     "<p>$authformfsys</p><p>$authformloc</p>";
  728: 	    }
  729: 	    elsif ($currentauth=~/^unix:/) {
  730: 		$authformcurrent=$authformfsys;
  731: 		$authform_other="<p>$authformkrb</p>".
  732:                     "<p>$authformint</p><p>$authformloc;</p>";
  733: 	    }
  734: 	    elsif ($currentauth=~/^localauth:/) {
  735: 		$authformcurrent=$authformloc;
  736: 		$authform_other="<p>$authformkrb</p>".
  737:                     "<p>$authformint</p><p>$authformfsys</p>";
  738: 	    }
  739:             $authformcurrent.=' <i>(will override current values)</i><br />';
  740:             if (&Apache::lonnet::allowed('mau',$env{'request.role.domain'})) {
  741: 		# Current user has login modification privileges
  742: 		my %lt=&Apache::lonlocal::texthash(
  743:                                'ccld'  => "Change Current Login Data",
  744: 			       'enld'  => "Enter New Login Data"
  745: 						   );
  746: 		$r->print(<<ENDOTHERAUTHS);
  747: <hr />
  748: <script type="text/javascript" language="Javascript">
  749: $loginscript
  750: </script>
  751: <h3>$lt{'ccld'}</h3>
  752: <p>$generalrule</p>
  753: <p>$authformnop</p>
  754: <p>$authformcurrent</p>
  755: <h3>$lt{'enld'}</h3>
  756: $authform_other
  757: ENDOTHERAUTHS
  758:             }
  759:         }  ## End of "check for bad authentication type" logic
  760:     } ## End of new user/old user logic
  761:     $r->print('<hr /><h3>'.&mt('Add Roles').'</h3>');
  762: #
  763: # Co-Author
  764: # 
  765:     if (&authorpriv($env{'user.name'},$env{'request.role.domain'}) &&
  766:         ($env{'user.name'} ne $ccuname || $env{'user.domain'} ne $ccdomain)) {
  767:         # No sense in assigning co-author role to yourself
  768: 	my $cuname=$env{'user.name'};
  769:         my $cudom=$env{'request.role.domain'};
  770: 	   my %lt=&Apache::lonlocal::texthash(
  771: 		    'cs'   => "Construction Space",
  772:                     'act'  => "Activate",                    
  773:                     'rol'  => "Role",
  774:                     'ext'  => "Extent",
  775:                     'sta'  => "Start",
  776:                     'end'  => "End",
  777:                     'cau'  => "Co-Author",
  778:                     'ssd'  => "Set Start Date",
  779:                     'sed'  => "Set End Date"
  780: 				       );
  781:        $r->print(<<ENDCOAUTH);
  782: <h4>$lt{'cs'}</h4>
  783: <table border=2><tr><th>$lt{'act'}</th><th>$lt{'rol'}</th><th>$lt{'ext'}</th>
  784: <th>$lt{'sta'}</th><th>$lt{'end'}</th></tr>
  785: <tr>
  786: <td><input type=checkbox name="act_$cudom\_$cuname\_ca" /></td>
  787: <td>$lt{'cau'}</td>
  788: <td>$cudom\_$cuname</td>
  789: <td><input type=hidden name="start_$cudom\_$cuname\_ca" value='' />
  790: <a href=
  791: "javascript:pjump('date_start','Start Date Co-Author',document.cu.start_$cudom\_$cuname\_ca.value,'start_$cudom\_$cuname\_ca','cu.pres','dateset')">$lt{'ssd'}</a></td>
  792: <td><input type=hidden name="end_$cudom\_$cuname\_ca" value='' />
  793: <a href=
  794: "javascript:pjump('date_end','End Date Co-Author',document.cu.end_$cudom\_$cuname\_ca.value,'end_$cudom\_$cuname\_ca','cu.pres','dateset')">$lt{'sed'}</a></td>
  795: </tr>
  796: </table>
  797: ENDCOAUTH
  798:     }
  799: #
  800: # Domain level
  801: #
  802:     my $num_domain_level = 0;
  803:     my $domaintext = 
  804:     '<h4>'.&mt('Domain Level').'</h4>'.
  805:     '<table border=2><tr><th>'.&mt('Activate').'</th><th>'.&mt('Role').'</th><th>'.&mt('Extent').'</th>'.
  806:     '<th>'.&mt('Start').'</th><th>'.&mt('End').'</th></tr>';
  807:     foreach ( sort( keys(%incdomains))) {
  808: 	my $thisdomain=$_;
  809:         foreach ('dc','li','dg','au','sc') {
  810:             if (&Apache::lonnet::allowed('c'.$_,$thisdomain)) {
  811:                my $plrole=&Apache::lonnet::plaintext($_);
  812: 	       my %lt=&Apache::lonlocal::texthash(
  813:                     'ssd'  => "Set Start Date",
  814:                     'sed'  => "Set End Date"
  815: 				       );
  816:                $num_domain_level ++;
  817:                $domaintext .= <<"ENDDROW";
  818: <tr>
  819: <td><input type=checkbox name="act_$thisdomain\_$_"></td>
  820: <td>$plrole</td>
  821: <td>$thisdomain</td>
  822: <td><input type=hidden name="start_$thisdomain\_$_" value=''>
  823: <a href=
  824: "javascript:pjump('date_start','Start Date $plrole',document.cu.start_$thisdomain\_$_.value,'start_$thisdomain\_$_','cu.pres','dateset')">$lt{'ssd'}</a></td>
  825: <td><input type=hidden name="end_$thisdomain\_$_" value=''>
  826: <a href=
  827: "javascript:pjump('date_end','End Date $plrole',document.cu.end_$thisdomain\_$_.value,'end_$thisdomain\_$_','cu.pres','dateset')">$lt{'sed'}</a></td>
  828: </tr>
  829: ENDDROW
  830:             }
  831:         } 
  832:     }
  833:     $domaintext.='</table>';
  834:     if ($num_domain_level > 0) {
  835:         $r->print($domaintext);
  836:     }
  837: #
  838: # Course level
  839: #
  840:     my $num_sections;
  841: 
  842:     if ($env{'request.role'} =~ m-^dc\./(\w+)/$-) {
  843:         $r->print(&course_level_dc($1));
  844:         $r->print('<hr /><input type="button" value="'.&mt('Modify User').'" onClick="setCourse()">'."\n");
  845:     } else {
  846:         $r->print(&course_level_table(%inccourses));
  847:         $r->print('<hr /><input type="button" value="'.&mt('Modify User').'" onClick="setSections()">'."\n");
  848:     }
  849:     $r->print("</form></body></html>");
  850: }
  851: 
  852: # ================================================================= Phase Three
  853: sub update_user_data {
  854:     my $r=shift;
  855:     my $uhome=&Apache::lonnet::homeserver($env{'form.ccuname'},
  856:                                           $env{'form.ccdomain'});
  857:     # Error messages
  858:     my $error     = '<font color="#ff0000">'.&mt('Error').':</font>';
  859:     my $end       = '</body></html>';
  860:     # Print header
  861:     my $html=&Apache::lonxml::xmlbegin();
  862:     $r->print(<<ENDTHREEHEAD);
  863: $html
  864: <head>
  865: <title>The LearningOnline Network with CAPA</title>
  866: </head>
  867: ENDTHREEHEAD
  868:     my $title;
  869:     if (exists($env{'form.makeuser'})) {
  870: 	$title='Set Privileges for New User';
  871:     } else {
  872:         $title='Modify User Privileges';
  873:     }
  874:     $r->print(&Apache::loncommon::bodytag($title));
  875:     # Check Inputs
  876:     if (! $env{'form.ccuname'} ) {
  877: 	$r->print($error.&mt('No login name specified').'.'.$end);
  878: 	return;
  879:     }
  880:     if (  $env{'form.ccuname'}  =~/\W/) {
  881: 	$r->print($error.&mt('Invalid login name').'.  '.
  882: 		  &mt('Only letters, numbers, and underscores are valid').'.'.
  883: 		  $end);
  884: 	return;
  885:     }
  886:     if (! $env{'form.ccdomain'}       ) {
  887: 	$r->print($error.&mt('No domain specified').'.'.$end);
  888: 	return;
  889:     }
  890:     if (  $env{'form.ccdomain'} =~/\W/) {
  891: 	$r->print($error.&mt ('Invalid domain name').'.  '.
  892: 		  &mt('Only letters, numbers, and underscores are valid').'.'.
  893: 		  $end);
  894: 	return;
  895:     }
  896:     if (! exists($env{'form.makeuser'})) {
  897:         # Modifying an existing user, so check the validity of the name
  898:         if ($uhome eq 'no_host') {
  899:             $r->print($error.&mt('Unable to determine home server for ').
  900:                       $env{'form.ccuname'}.&mt(' in domain ').
  901:                       $env{'form.ccdomain'}.'.');
  902:             return;
  903:         }
  904:     }
  905:     # Determine authentication method and password for the user being modified
  906:     my $amode='';
  907:     my $genpwd='';
  908:     if ($env{'form.login'} eq 'krb') {
  909: 	$amode='krb';
  910: 	$amode.=$env{'form.krbver'};
  911: 	$genpwd=$env{'form.krbarg'};
  912:     } elsif ($env{'form.login'} eq 'int') {
  913: 	$amode='internal';
  914: 	$genpwd=$env{'form.intarg'};
  915:     } elsif ($env{'form.login'} eq 'fsys') {
  916: 	$amode='unix';
  917: 	$genpwd=$env{'form.fsysarg'};
  918:     } elsif ($env{'form.login'} eq 'loc') {
  919: 	$amode='localauth';
  920: 	$genpwd=$env{'form.locarg'};
  921: 	$genpwd=" " if (!$genpwd);
  922:     } elsif (($env{'form.login'} eq 'nochange') ||
  923:              ($env{'form.login'} eq ''        )) { 
  924:         # There is no need to tell the user we did not change what they
  925:         # did not ask us to change.
  926:         # If they are creating a new user but have not specified login
  927:         # information this will be caught below.
  928:     } else {
  929: 	    $r->print($error.&mt('Invalid login mode or password').$end);    
  930: 	    return;
  931:     }
  932:     if ($env{'form.makeuser'}) {
  933:         # Create a new user
  934: 	my %lt=&Apache::lonlocal::texthash(
  935:                     'cru'  => "Creating user",                    
  936:                     'id'   => "in domain"
  937: 					   );
  938: 	$r->print(<<ENDNEWUSERHEAD);
  939: <h3>$lt{'cru'} "$env{'form.ccuname'}" $lt{'id'} "$env{'form.ccdomain'}"</h3>
  940: ENDNEWUSERHEAD
  941:         # Check for the authentication mode and password
  942:         if (! $amode || ! $genpwd) {
  943: 	    $r->print($error.&mt('Invalid login mode or password').$end);    
  944: 	    return;
  945: 	}
  946:         # Determine desired host
  947:         my $desiredhost = $env{'form.hserver'};
  948:         if (lc($desiredhost) eq 'default') {
  949:             $desiredhost = undef;
  950:         } else {
  951:             my %home_servers = &Apache::loncommon::get_library_servers
  952:                 ($env{'form.ccdomain'});  
  953:             if (! exists($home_servers{$desiredhost})) {
  954:                 $r->print($error.&mt('Invalid home server specified'));
  955:                 return;
  956:             }
  957:         }
  958: 	# Call modifyuser
  959: 	my $result = &Apache::lonnet::modifyuser
  960: 	    ($env{'form.ccdomain'},$env{'form.ccuname'},$env{'form.cstid'},
  961:              $amode,$genpwd,$env{'form.cfirst'},
  962:              $env{'form.cmiddle'},$env{'form.clast'},$env{'form.cgen'},
  963:              undef,$desiredhost
  964: 	     );
  965: 	$r->print(&mt('Generating user').': '.$result);
  966:         my $home = &Apache::lonnet::homeserver($env{'form.ccuname'},
  967:                                                $env{'form.ccdomain'});
  968:         $r->print('<br />'.&mt('Home server').': '.$home.' '.
  969:                   $Apache::lonnet::libserv{$home});
  970:     } elsif (($env{'form.login'} ne 'nochange') &&
  971:              ($env{'form.login'} ne ''        )) {
  972: 	# Modify user privileges
  973:     my %lt=&Apache::lonlocal::texthash(
  974:                     'usr'  => "User",                    
  975:                     'id'   => "in domain"
  976: 				       );
  977: 	$r->print(<<ENDMODIFYUSERHEAD);
  978: <h2>$lt{'usr'} "$env{'form.ccuname'}" $lt{'id'} "$env{'form.ccdomain'}"</h2>
  979: ENDMODIFYUSERHEAD
  980:         if (! $amode || ! $genpwd) {
  981: 	    $r->print($error.'Invalid login mode or password'.$end);    
  982: 	    return;
  983: 	}
  984: 	# Only allow authentification modification if the person has authority
  985: 	if (&Apache::lonnet::allowed('mau',$env{'form.ccdomain'})) {
  986: 	    $r->print('Modifying authentication: '.
  987:                       &Apache::lonnet::modifyuserauth(
  988: 		       $env{'form.ccdomain'},$env{'form.ccuname'},
  989:                        $amode,$genpwd));
  990:             $r->print('<br />'.&mt('Home server').': '.&Apache::lonnet::homeserver
  991: 		  ($env{'form.ccuname'},$env{'form.ccdomain'}));
  992: 	} else {
  993: 	    # Okay, this is a non-fatal error.
  994: 	    $r->print($error.&mt('You do not have the authority to modify this users authentification information').'.');    
  995: 	}
  996:     }
  997:     ##
  998:     if (! $env{'form.makeuser'} ) {
  999:         # Check for need to change
 1000:         my %userenv = &Apache::lonnet::get
 1001:             ('environment',['firstname','middlename','lastname','generation'],
 1002:              $env{'form.ccdomain'},$env{'form.ccuname'});
 1003:         my ($tmp) = keys(%userenv);
 1004:         if ($tmp =~ /^(con_lost|error)/i) { 
 1005:             %userenv = ();
 1006:         }
 1007:         # Check to see if we need to change user information
 1008:         foreach ('firstname','middlename','lastname','generation') {
 1009:             # Strip leading and trailing whitespace
 1010:             $env{'form.c'.$_} =~ s/(\s+$|^\s+)//g; 
 1011:         }
 1012:         if (&Apache::lonnet::allowed('mau',$env{'form.ccdomain'}) && 
 1013:             ($env{'form.cfirstname'}  ne $userenv{'firstname'}  ||
 1014:              $env{'form.cmiddlename'} ne $userenv{'middlename'} ||
 1015:              $env{'form.clastname'}   ne $userenv{'lastname'}   ||
 1016:              $env{'form.cgeneration'} ne $userenv{'generation'} )) {
 1017:             # Make the change
 1018:             my %changeHash;
 1019:             $changeHash{'firstname'}  = $env{'form.cfirstname'};
 1020:             $changeHash{'middlename'} = $env{'form.cmiddlename'};
 1021:             $changeHash{'lastname'}   = $env{'form.clastname'};
 1022:             $changeHash{'generation'} = $env{'form.cgeneration'};
 1023:             my $putresult = &Apache::lonnet::put
 1024:                 ('environment',\%changeHash,
 1025:                  $env{'form.ccdomain'},$env{'form.ccuname'});
 1026:             if ($putresult eq 'ok') {
 1027:             # Tell the user we changed the name
 1028: 		my %lt=&Apache::lonlocal::texthash(
 1029:                              'uic'  => "User Information Changed",             
 1030:                              'frst' => "first",
 1031:                              'mddl' => "middle",
 1032:                              'lst'  => "last",
 1033: 			     'gen'  => "generation",
 1034:                              'prvs' => "Previous",
 1035:                              'chto' => "Changed To"
 1036: 						   );
 1037:                 $r->print(<<"END");
 1038: <table border="2">
 1039: <caption>$lt{'uic'}</caption>
 1040: <tr><th>&nbsp;</th>
 1041:     <th>$lt{'frst'}</th>
 1042:     <th>$lt{'mddl'}</th>
 1043:     <th>$lt{'lst'}</th>
 1044:     <th>$lt{'gen'}</th></tr>
 1045: <tr><td>$lt{'prvs'}</td>
 1046:     <td>$userenv{'firstname'}  </td>
 1047:     <td>$userenv{'middlename'} </td>
 1048:     <td>$userenv{'lastname'}   </td>
 1049:     <td>$userenv{'generation'} </td></tr>
 1050: <tr><td>$lt{'chto'}</td>
 1051:     <td>$env{'form.cfirstname'}  </td>
 1052:     <td>$env{'form.cmiddlename'} </td>
 1053:     <td>$env{'form.clastname'}   </td>
 1054:     <td>$env{'form.cgeneration'} </td></tr>
 1055: </table>
 1056: END
 1057:             } else { # error occurred
 1058:                 $r->print("<h2>".&mt('Unable to successfully change environment for')." ".
 1059:                       $env{'form.ccuname'}." ".&mt('in domain')." ".
 1060:                       $env{'form.ccdomain'}."</h2>");
 1061:             }
 1062:         }  else { # End of if ($env ... ) logic
 1063:             # They did not want to change the users name but we can
 1064:             # still tell them what the name is
 1065: 	    my %lt=&Apache::lonlocal::texthash(
 1066:                            'usr'  => "User",                    
 1067:                            'id'   => "in domain",
 1068:                            'gen'  => "Generation"
 1069: 					       );
 1070:                 $r->print(<<"END");
 1071: <h2>$lt{'usr'} "$env{'form.ccuname'}" $lt{'id'} "$env{'form.ccdomain'}"</h2>
 1072: <h4>$userenv{'firstname'} $userenv{'middlename'} $userenv{'lastname'} </h4>
 1073: <h4>$lt{'gen'}: $userenv{'generation'}</h4>
 1074: END
 1075:         }
 1076:     }
 1077:     ##
 1078:     my $now=time;
 1079:     $r->print('<h3>'.&mt('Modifying Roles').'</h3>');
 1080:     foreach (keys (%env)) {
 1081: 	next if (! $env{$_});
 1082: 	# Revoke roles
 1083: 	if ($_=~/^form\.rev/) {
 1084: 	    if ($_=~/^form\.rev\:([^\_]+)\_([^\_\.]+)$/) {
 1085: # Revoke standard role
 1086: 	        $r->print(&mt('Revoking').' '.$2.' in '.$1.': <b>'.
 1087:                      &Apache::lonnet::revokerole($env{'form.ccdomain'},
 1088:                      $env{'form.ccuname'},$1,$2).'</b><br />');
 1089: 		if ($2 eq 'st') {
 1090: 		    $1=~/^\/(\w+)\/(\w+)/;
 1091: 		    my $cid=$1.'_'.$2;
 1092: 		    $r->print(&mt('Drop from classlist').': <b>'.
 1093: 			 &Apache::lonnet::critical('put:'.
 1094:                              $env{'course.'.$cid.'.domain'}.':'.
 1095: 	                     $env{'course.'.$cid.'.num'}.':classlist:'.
 1096:                          &Apache::lonnet::escape($env{'form.ccuname'}.':'.
 1097:                              $env{'form.ccdomain'}).'='.
 1098:                          &Apache::lonnet::escape($now.':'),
 1099: 	                     $env{'course.'.$cid.'.home'}).'</b><br />');
 1100: 		}
 1101: 	    } 
 1102: 	    if ($_=~/^form\.rev\:([^\_]+)\_cr\.cr\/(\w+)\/(\w+)\/(\w+)$/) {
 1103: # Revoke custom role
 1104: 		$r->print(&mt('Revoking custom role').
 1105:                       ' '.$4.' by '.$3.'@'.$2.' in '.$1.': <b>'.
 1106:                       &Apache::lonnet::revokecustomrole($env{'form.ccdomain'},
 1107: 				  $env{'form.ccuname'},$1,$2,$3,$4).
 1108: 		'</b><br />');
 1109: 	    }
 1110: 	} elsif ($_=~/^form\.del/) {
 1111: 	    if ($_=~/^form\.del\:([^\_]+)\_([^\_]+)$/) {
 1112: 	        $r->print(&mt('Deleting').' '.$2.' in '.$1.': '.
 1113:                      &Apache::lonnet::assignrole($env{'form.ccdomain'},
 1114:                      $env{'form.ccuname'},$1,$2,$now,0,1).'<br />');
 1115: 		if ($2 eq 'st') {
 1116: 		    $1=~/^\/(\w+)\/(\w+)/;
 1117: 		    my $cid=$1.'_'.$2;
 1118: 		    $r->print(&mt('Drop from classlist').': <b>'.
 1119: 			 &Apache::lonnet::critical('put:'.
 1120:                              $env{'course.'.$cid.'.domain'}.':'.
 1121: 	                     $env{'course.'.$cid.'.num'}.':classlist:'.
 1122:                          &Apache::lonnet::escape($env{'form.ccuname'}.':'.
 1123:                              $env{'form.ccdomain'}).'='.
 1124:                          &Apache::lonnet::escape($now.':'),
 1125: 	                     $env{'course.'.$cid.'.home'}).'</b><br />');
 1126: 		}
 1127: 	    } 
 1128: 	} elsif ($_=~/^form\.ren/) {
 1129:             my $udom = $env{'form.ccdomain'};
 1130:             my $uname = $env{'form.ccuname'};
 1131: 	    if ($_=~/^form\.ren\:([^\_]+)\_([^\_]+)$/) {
 1132:                 my $url = $1;
 1133:                 my $role = $2;
 1134:                 my $logmsg;
 1135:                 my $output;
 1136:                 if ($role eq 'st') {
 1137:                     if ($url =~ m-^/(\w+)/(\w+)/?(\w*)$-) {
 1138:                         my $result = &commit_studentrole(\$logmsg,$udom,$uname,$url,$role,$now,0,$1,$2,$3);
 1139:                         if (($result =~ /^error/) || ($result eq 'not_in_class') || ($result eq 'unknown_course')) {
 1140:                             $output = "Error: $result\n";
 1141:                         } else {
 1142:                             $output = &mt('Assigning').' '.$role.' in '.$url.
 1143:                                       &mt('starting').' '.localtime($now).
 1144:                                       ': <br />'.$logmsg.'<br />'.
 1145:                                       &mt('Add to classlist').': <b>ok</b><br />';
 1146:                         }
 1147:                     }
 1148:                 } else {
 1149: 		    my $result=&Apache::lonnet::assignrole($env{'form.ccdomain'},
 1150:                                $env{'form.ccuname'},$url,$role,0,$now);
 1151: 		    $output = &mt('Re-Enabling [_1] in [_2]: [_3]',
 1152: 			      $role,$url,$result).'<br />';
 1153: 		}
 1154:                 $r->print($output);
 1155: 	    } 
 1156: 	} elsif ($_=~/^form\.act/) {
 1157:             my $udom = $env{'form.ccdomain'};
 1158:             my $uname = $env{'form.ccuname'};
 1159: 	    if ($_=~/^form\.act\_([^\_]+)\_([^\_]+)\_cr_cr_([^\_]+)_(\w+)_([^\_]+)$/) {
 1160:                 # Activate a custom role
 1161: 		my ($one,$two,$three,$four,$five)=($1,$2,$3,$4,$5);
 1162: 		my $url='/'.$one.'/'.$two;
 1163: 		my $full=$one.'_'.$two.'_cr_cr_'.$three.'_'.$four.'_'.$five;
 1164: 
 1165:                 my $start = ( $env{'form.start_'.$full} ?
 1166:                               $env{'form.start_'.$full} :
 1167:                               $now );
 1168:                 my $end   = ( $env{'form.end_'.$full} ?
 1169:                               $env{'form.end_'.$full} :
 1170:                               0 );
 1171:                                                                                      
 1172:                 # split multiple sections
 1173:                 my %sections = ();
 1174:                 my $num_sections = &build_roles($env{'form.sec_'.$full},\%sections,$5);
 1175:                 if ($num_sections == 0) {
 1176:                     $r->print(&commit_customrole($udom,$uname,$url,$three,$four,$five,$start,$end));
 1177:                 } else {
 1178:                     foreach (sort {$a cmp $b} keys %sections) {
 1179:                         my $securl = $url.'/'.$_;
 1180: 		        $r->print(&commit_customrole($udom,$uname,$securl,$three,$four,$five,$start,$end));
 1181:                     }
 1182:                 }
 1183: 	    } elsif ($_=~/^form\.act\_([^\_]+)\_(\w+)\_([^\_]+)$/) {
 1184: 		# Activate roles for sections with 3 id numbers
 1185: 		# set start, end times, and the url for the class
 1186: 		my ($one,$two,$three)=($1,$2,$3);
 1187: 		my $start = ( $env{'form.start_'.$one.'_'.$two.'_'.$three} ? 
 1188: 			      $env{'form.start_'.$one.'_'.$two.'_'.$three} : 
 1189: 			      $now );
 1190: 		my $end   = ( $env{'form.end_'.$one.'_'.$two.'_'.$three} ? 
 1191: 			      $env{'form.end_'.$one.'_'.$two.'_'.$three} :
 1192: 			      0 );
 1193: 		my $url='/'.$one.'/'.$two;
 1194:                 my $type = 'three';
 1195:                 # split multiple sections
 1196:                 my %sections = ();
 1197:                 my $num_sections = &build_roles($env{'form.sec_'.$one.'_'.$two.'_'.$three},\%sections,$three);
 1198:                 if ($num_sections == 0) {
 1199:                     $r->print(&commit_standardrole($udom,$uname,$url,$three,$start,$end,$one,$two,''));
 1200:                 } else {
 1201:                     my $emptysec = 0;
 1202:                     foreach my $sec (sort {$a cmp $b} keys %sections) {
 1203:                         $sec =~ s/\W//g;
 1204:                         if ($sec ne '') {  
 1205:                             my $securl = $url.'/'.$sec;
 1206:                             $r->print(&commit_standardrole($udom,$uname,$securl,$three,$start,$end,$one,$two,$sec));
 1207:                         } else {
 1208:                             $emptysec = 1;
 1209:                         }
 1210:                     }
 1211:                     if ($emptysec) {
 1212:                         $r->print(&commit_standardrole($udom,$uname,$url,$three,$start,$end,$one,$two,''));
 1213:                     }
 1214:                 } 
 1215: 	    } elsif ($_=~/^form\.act\_([^\_]+)\_([^\_]+)$/) {
 1216: 		# Activate roles for sections with two id numbers
 1217: 		# set start, end times, and the url for the class
 1218: 		my $start = ( $env{'form.start_'.$1.'_'.$2} ? 
 1219: 			      $env{'form.start_'.$1.'_'.$2} : 
 1220: 			      $now );
 1221: 		my $end   = ( $env{'form.end_'.$1.'_'.$2} ? 
 1222: 			      $env{'form.end_'.$1.'_'.$2} :
 1223: 			      0 );
 1224: 		my $url='/'.$1.'/';
 1225:                 # split multiple sections
 1226:                 my %sections = ();
 1227:                 my $num_sections = &build_roles($env{'form.sec_'.$1.'_'.$2},\%sections,$2);
 1228:                 if ($num_sections == 0) {
 1229:                     $r->print(&commit_standardrole($udom,$uname,$url,$2,$start,$end,$1,undef,''));
 1230:                 } else {
 1231:                     my $emptysec = 0;
 1232:                     foreach my $sec (sort {$a cmp $b} keys %sections) {
 1233:                         if ($sec ne '') {
 1234:                             my $securl = $url.'/'.$sec;
 1235:                             $r->print(&commit_standardrole($udom,$uname,$securl,$2,$start,$end,$1,undef,$sec));
 1236:                         } else {
 1237:                             $emptysec = 1;
 1238:                         }
 1239:                     }
 1240:                     if ($emptysec) {
 1241:                         $r->print(&commit_standardrole($udom,$uname,$url,$2,$start,$end,$1,undef,''));
 1242:                     }
 1243:                 }
 1244: 	    } else {
 1245: 		$r->print('<p>'.&mt('ERROR').': '.&mt('Unknown command').' <tt>'.$_.'</tt></p><br />');
 1246:             }
 1247: 	} 
 1248:     } # End of foreach (keys(%env))
 1249: # Flush the course logs so reverse user roles immediately updated
 1250:     &Apache::lonnet::flushcourselogs();
 1251:     $r->print('<p><a href="/adm/createuser">Create/Modify Another User</a></p>');
 1252:     $r->print('</body></html>');
 1253: }
 1254: 
 1255: sub commit_customrole {
 1256:     my ($udom,$uname,$url,$three,$four,$five,$start,$end) = @_;
 1257:     my $output = &mt('Assigning custom role').' "'.$five.'" by '.$four.'@'.$three.' in '.$url.
 1258:                          ($start?', '.&mt('starting').' '.localtime($start):'').
 1259:                          ($end?', ending '.localtime($end):'').': <b>'.
 1260:               &Apache::lonnet::assigncustomrole(
 1261:                  $udom,$uname,$url,$three,$four,$five,$end,$start).
 1262:                  '</b><br />';
 1263:     return $output;
 1264: }
 1265: 
 1266: sub commit_standardrole {
 1267:     my ($udom,$uname,$url,$three,$start,$end,$one,$two,$sec) = @_;
 1268:     my $output;
 1269:     my $logmsg;
 1270:     if ($three eq 'st') {
 1271:         my $result = &commit_studentrole(\$logmsg,$udom,$uname,$url,$three,$start,$end,$one,$two,$sec);
 1272:         if (($result =~ /^error/) || ($result eq 'not_in_class') || ($result eq 'unknown_course')) {
 1273:             $output = "Error: $result\n"; 
 1274:         } else {
 1275:             $output = &mt('Assigning').' '.$three.' in '.$url.
 1276:                ($start?', '.&mt('starting').' '.localtime($start):'').
 1277:                ($end?', '.&mt('ending').' '.localtime($end):'').
 1278:                ': <b>'.$result.'</b><br />'.
 1279:                &mt('Add to classlist').': <b>ok</b><br />';
 1280:         }
 1281:     } else {
 1282:         $output = &mt('Assigning').' '.$three.' in '.$url.
 1283:                ($start?', '.&mt('starting').' '.localtime($start):'').
 1284:                ($end?', '.&mt('ending').' '.localtime($end):'').': <b>'.
 1285:                &Apache::lonnet::assignrole(
 1286:                    $udom,$uname,$url,$three,$end,$start).
 1287:                    '</b><br />';
 1288:     }
 1289:     return $output;
 1290: }
 1291: 
 1292: sub commit_studentrole {
 1293:     my ($logmsg,$udom,$uname,$url,$three,$start,$end,$one,$two,$sec) = @_;
 1294:     my $linefeed =  '<br />'."\n";
 1295:     my $result;
 1296:     if (defined($one) && defined($two)) {
 1297:         my $cid=$one.'_'.$two;
 1298:         my $oldsec=&Apache::lonnet::getsection($udom,$uname,$cid);
 1299:         my $secchange = 0;
 1300:         my $expire_role_result;
 1301:         my $modify_section_result;
 1302:         unless ($oldsec eq '-1') {
 1303:             unless ($sec eq $oldsec) {
 1304:                 $secchange = 1;
 1305:                 my $uurl='/'.$cid;
 1306:                 $uurl=~s/\_/\//g;
 1307:                 if ($oldsec) {
 1308:                     $uurl.='/'.$oldsec;
 1309:                 }
 1310:                 $expire_role_result = &Apache::lonnet::assignrole($udom,$uname,$uurl,'st',time);
 1311:                 $result = $expire_role_result;
 1312:             }
 1313:         }
 1314:         if (($expire_role_result eq 'ok') || ($secchange == 0)) {
 1315:             $modify_section_result = &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,'','',$cid);
 1316:             if ($modify_section_result =~ /^ok/) {
 1317:                 if ($secchange == 1) {
 1318:                     $$logmsg .= "Section for $uname switched from old section: $oldsec to new section: $sec".$linefeed;
 1319:                 } elsif ($oldsec eq '-1') {
 1320:                     $$logmsg .= "New student role for $uname in section $sec in course $cid".$linefeed;
 1321:                 } else {
 1322:                     $$logmsg .= "Student $uname assigned to unchanged section $sec in course $cid".$linefeed;
 1323:                 }
 1324:             } else {
 1325:                 $$logmsg .= "Error when attempting section change for $uname from old section $oldsec to new section: $sec in course $cid -error: $modify_section_result".$linefeed;
 1326:             }
 1327:             $result = $modify_section_result;
 1328:         } elsif ($secchange == 1) {
 1329:             $$logmsg .= "Error when attempting to expire role for $uname in old section $oldsec in course $cid -error: $expire_role_result".$linefeed;
 1330:         }
 1331:     } else {
 1332:         $$logmsg .= "Incomplete course id defined.  Addition of user $uname from domain $udom to course $one\_$two, section $sec not completed.$linefeed";
 1333:         $result = "Error: incomplete course id\n";
 1334:     }
 1335:     return $result;
 1336: }
 1337: 
 1338: sub build_roles {
 1339:     my ($sectionstr,$sections,$role) = @_;
 1340:     my $num_sections = 0;
 1341:     if ($sectionstr=~ /,/) {
 1342:         my @secnums = split/,/,$sectionstr;
 1343:         if ($role eq 'st') {
 1344:             $secnums[0] =~ s/\W//g;
 1345:             $$sections{$secnums[0]} = 1;
 1346:             $num_sections = 1;
 1347:         } else {
 1348:             foreach my $sec (@secnums) {
 1349:                 $sec =~ ~s/\W//g;
 1350:                 unless ($sec eq "") {
 1351:                     if (exists($$sections{$sec})) {
 1352:                         $$sections{$sec} ++;
 1353:                     } else {
 1354:                         $$sections{$sec} = 1;
 1355:                         $num_sections ++;
 1356:                     }
 1357:                 }
 1358:             }
 1359:         }
 1360:     } else {
 1361:         $sectionstr=~s/\W//g;
 1362:         unless ($sectionstr eq '') {
 1363:             $$sections{$sectionstr} = 1;
 1364:             $num_sections ++;
 1365:         }
 1366:     }
 1367:                                                                                      
 1368:     return $num_sections;
 1369: }
 1370: 
 1371: # ========================================================== Custom Role Editor
 1372: 
 1373: sub custom_role_editor {
 1374:     my $r=shift;
 1375:     my $rolename=$env{'form.rolename'};
 1376: 
 1377:     if ($rolename eq 'make new role') {
 1378: 	$rolename=$env{'form.newrolename'};
 1379:     }
 1380: 
 1381:     $rolename=~s/[^A-Za-z0-9]//gs;
 1382: 
 1383:     unless ($rolename) {
 1384: 	&print_username_entry_form($r);
 1385:         return;
 1386:     }
 1387: 
 1388:     $r->print(&Apache::loncommon::bodytag(
 1389:                      'Create Users, Change User Privileges').'<h2>');
 1390:     my $syspriv='';
 1391:     my $dompriv='';
 1392:     my $coursepriv='';
 1393:     my ($rdummy,$roledef)=
 1394: 			 &Apache::lonnet::get('roles',["rolesdef_$rolename"]);
 1395: # ------------------------------------------------------- Does this role exist?
 1396:     if (($rdummy ne 'con_lost') && ($roledef ne '')) {
 1397: 	$r->print(&mt('Existing Role').' "');
 1398: # ------------------------------------------------- Get current role privileges
 1399: 	($syspriv,$dompriv,$coursepriv)=split(/\_/,$roledef);
 1400:     } else {
 1401: 	$r->print(&mt('New Role').' "');
 1402: 	$roledef='';
 1403:     }
 1404:     $r->print($rolename.'"</h2>');
 1405: # ------------------------------------------------------- What can be assigned?
 1406:     my %full=();
 1407:     my %courselevel=();
 1408:     my %courselevelcurrent=();
 1409:     foreach (split(/\:/,$Apache::lonnet::pr{'cr:c'})) {
 1410: 	my ($priv,$restrict)=split(/\&/,$_);
 1411:         unless ($restrict) { $restrict='F'; }
 1412:         $courselevel{$priv}=$restrict;
 1413:         if ($coursepriv=~/\:$priv/) {
 1414: 	    $courselevelcurrent{$priv}=1;
 1415: 	}
 1416: 	$full{$priv}=1;
 1417:     }
 1418:     my %domainlevel=();
 1419:     my %domainlevelcurrent=();
 1420:     foreach (split(/\:/,$Apache::lonnet::pr{'cr:d'})) {
 1421: 	my ($priv,$restrict)=split(/\&/,$_);
 1422:         unless ($restrict) { $restrict='F'; }
 1423:         $domainlevel{$priv}=$restrict;
 1424:         if ($dompriv=~/\:$priv/) {
 1425: 	    $domainlevelcurrent{$priv}=1;
 1426: 	}
 1427: 	$full{$priv}=1;
 1428:     }
 1429:     my %systemlevel=();
 1430:     my %systemlevelcurrent=();
 1431:     foreach (split(/\:/,$Apache::lonnet::pr{'cr:s'})) {
 1432: 	my ($priv,$restrict)=split(/\&/,$_);
 1433:         unless ($restrict) { $restrict='F'; }
 1434:         $systemlevel{$priv}=$restrict;
 1435:         if ($syspriv=~/\:$priv/) {
 1436: 	    $systemlevelcurrent{$priv}=1;
 1437: 	}
 1438: 	$full{$priv}=1;
 1439:     }
 1440:     my %lt=&Apache::lonlocal::texthash(
 1441: 		    'prv'  => "Privilege",
 1442: 		    'crl'  => "Course Level",
 1443:                     'dml'  => "Domain Level",
 1444:                     'ssl'  => "System Level"
 1445: 				       );
 1446:     $r->print(<<ENDCCF);
 1447: <form method="post">
 1448: <input type="hidden" name="phase" value="set_custom_roles" />
 1449: <input type="hidden" name="rolename" value="$rolename" />
 1450: <table border="2">
 1451: <tr><th>$lt{'prv'}</th><th>$lt{'crl'}</th><th>$lt{'dml'}</th>
 1452: <th>$lt{'ssl'}</th></tr>
 1453: ENDCCF
 1454:     foreach (sort keys %full) {
 1455: 	$r->print('<tr><td>'.&Apache::lonnet::plaintext($_).'</td><td>'.
 1456:     ($courselevel{$_}?'<input type="checkbox" name="'.$_.':c" '.
 1457:     ($courselevelcurrent{$_}?'checked="1"':'').' />':'&nbsp;').
 1458:     '</td><td>'.
 1459:     ($domainlevel{$_}?'<input type="checkbox" name="'.$_.':d" '.
 1460:     ($domainlevelcurrent{$_}?'checked="1"':'').' />':'&nbsp;').
 1461:     '</td><td>'.
 1462:     ($systemlevel{$_}?'<input type="checkbox" name="'.$_.':s" '.
 1463:     ($systemlevelcurrent{$_}?'checked="1"':'').' />':'&nbsp;').
 1464:     '</td></tr>');
 1465:     }
 1466:     $r->print(
 1467:    '<table><input type="submit" value="'.&mt('Define Role').'" /></form></body></html>');
 1468: }
 1469: 
 1470: # ---------------------------------------------------------- Call to definerole
 1471: sub set_custom_role {
 1472:     my $r=shift;
 1473: 
 1474:     my $rolename=$env{'form.rolename'};
 1475: 
 1476:     $rolename=~s/[^A-Za-z0-9]//gs;
 1477: 
 1478:     unless ($rolename) {
 1479: 	&print_username_entry_form($r);
 1480:         return;
 1481:     }
 1482: 
 1483:     $r->print(&Apache::loncommon::bodytag(
 1484:                      'Create Users, Change User Privileges').'<h2>');
 1485:     my ($rdummy,$roledef)=
 1486: 			 &Apache::lonnet::get('roles',["rolesdef_$rolename"]);
 1487: # ------------------------------------------------------- Does this role exist?
 1488:     if (($rdummy ne 'con_lost') && ($roledef ne '')) {
 1489: 	$r->print(&mt('Existing Role').' "');
 1490:     } else {
 1491: 	$r->print(&mt('New Role').' "');
 1492: 	$roledef='';
 1493:     }
 1494:     $r->print($rolename.'"</h2>');
 1495: # ------------------------------------------------------- What can be assigned?
 1496:     my $sysrole='';
 1497:     my $domrole='';
 1498:     my $courole='';
 1499: 
 1500:     foreach (split(/\:/,$Apache::lonnet::pr{'cr:c'})) {
 1501: 	my ($priv,$restrict)=split(/\&/,$_);
 1502:         unless ($restrict) { $restrict=''; }
 1503:         if ($env{'form.'.$priv.':c'}) {
 1504: 	    $courole.=':'.$_;
 1505: 	}
 1506:     }
 1507: 
 1508:     foreach (split(/\:/,$Apache::lonnet::pr{'cr:d'})) {
 1509: 	my ($priv,$restrict)=split(/\&/,$_);
 1510:         unless ($restrict) { $restrict=''; }
 1511:         if ($env{'form.'.$priv.':d'}) {
 1512: 	    $domrole.=':'.$_;
 1513: 	}
 1514:     }
 1515: 
 1516:     foreach (split(/\:/,$Apache::lonnet::pr{'cr:s'})) {
 1517: 	my ($priv,$restrict)=split(/\&/,$_);
 1518:         unless ($restrict) { $restrict=''; }
 1519:         if ($env{'form.'.$priv.':s'}) {
 1520: 	    $sysrole.=':'.$_;
 1521: 	}
 1522:     }
 1523:     $r->print('<br />Defining Role: '.
 1524: 	   &Apache::lonnet::definerole($rolename,$sysrole,$domrole,$courole));
 1525:     if ($env{'request.course.id'}) {
 1526:         my $url='/'.$env{'request.course.id'};
 1527:         $url=~s/\_/\//g;
 1528: 	$r->print('<br />'.&mt('Assigning Role to Self').': '.
 1529: 	      &Apache::lonnet::assigncustomrole($env{'user.domain'},
 1530: 						$env{'user.name'},
 1531: 						$url,
 1532: 						$env{'user.domain'},
 1533: 						$env{'user.name'},
 1534: 						$rolename));
 1535:     }
 1536:     $r->print('</body></html>');
 1537: }
 1538: 
 1539: # ================================================================ Main Handler
 1540: sub handler {
 1541:     my $r = shift;
 1542: 
 1543:     if ($r->header_only) {
 1544:        &Apache::loncommon::content_type($r,'text/html');
 1545:        $r->send_http_header;
 1546:        return OK;
 1547:     }
 1548: 
 1549:     if ((&Apache::lonnet::allowed('cta',$env{'request.course.id'})) ||
 1550:         (&Apache::lonnet::allowed('cin',$env{'request.course.id'})) || 
 1551:         (&Apache::lonnet::allowed('ccr',$env{'request.course.id'})) || 
 1552:         (&Apache::lonnet::allowed('cep',$env{'request.course.id'})) ||
 1553: 	(&authorpriv($env{'user.name'},$env{'request.role.domain'})) ||
 1554:         (&Apache::lonnet::allowed('mau',$env{'request.role.domain'}))) {
 1555:        &Apache::loncommon::content_type($r,'text/html');
 1556:        $r->send_http_header;
 1557:        unless ($env{'form.phase'}) {
 1558: 	   &print_username_entry_form($r);
 1559:        }
 1560:        if ($env{'form.phase'} eq 'get_user_info') {
 1561:            &print_user_modification_page($r);
 1562:        } elsif ($env{'form.phase'} eq 'update_user_data') {
 1563:            &update_user_data($r);
 1564:        } elsif ($env{'form.phase'} eq 'selected_custom_edit') {
 1565:            &custom_role_editor($r);
 1566:        } elsif ($env{'form.phase'} eq 'set_custom_roles') {
 1567: 	   &set_custom_role($r);
 1568:        }
 1569:    } else {
 1570:       $env{'user.error.msg'}=
 1571:         "/adm/createuser:mau:0:0:Cannot modify user data";
 1572:       return HTTP_NOT_ACCEPTABLE; 
 1573:    }
 1574:    return OK;
 1575: } 
 1576: 
 1577: #-------------------------------------------------- functions for &phase_two
 1578: sub course_level_table {
 1579:     my (%inccourses) = @_;
 1580:     my $table = '';
 1581: # Custom Roles?
 1582: 
 1583:     my %customroles=&my_custom_roles();
 1584:     my %lt=&Apache::lonlocal::texthash(
 1585:             'exs'  => "Existing sections",
 1586:             'new'  => "Define new section",
 1587:             'ssd'  => "Set Start Date",
 1588:             'sed'  => "Set End Date",
 1589:             'crl'  => "Course Level",
 1590:             'act'  => "Activate",
 1591:             'rol'  => "Role",
 1592:             'ext'  => "Extent",
 1593:             'grs'  => "Group/Section",
 1594:             'sta'  => "Start",
 1595:             'end'  => "End"
 1596:     );
 1597: 
 1598:     foreach (sort( keys(%inccourses))) {
 1599: 	my $thiscourse=$_;
 1600: 	my $protectedcourse=$_;
 1601: 	$thiscourse=~s:_:/:g;
 1602: 	my %coursedata=&Apache::lonnet::coursedescription($thiscourse);
 1603: 	my $area=$coursedata{'description'};
 1604: 	if (!defined($area)) { $area=&mt('Unavailable course').': '.$_; }
 1605: 	my $bgcol=$thiscourse;
 1606: 	$bgcol=~s/[^7-9a-e]//g;
 1607: 	$bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',2,6);
 1608: 	my ($domain,$cnum)=split(/\//,$thiscourse);
 1609:         my %sections_count = ();
 1610:         my $num_sections = 0;
 1611:         if (defined($env{'request.course.id'})) {
 1612:             if ($env{'request.course.id'} eq $domain.'_'.$cnum) {
 1613:                 $num_sections = &Apache::loncommon::get_sections($domain,$cnum,\%sections_count);
 1614:             }
 1615:         }
 1616: 	foreach  ('st','ta','ep','ad','in','cc') {
 1617: 	    if (&Apache::lonnet::allowed('c'.$_,$thiscourse)) {
 1618: 		my $plrole=&Apache::lonnet::plaintext($_);
 1619: 		$table .= <<ENDEXTENT;
 1620: <tr bgcolor="#$bgcol">
 1621: <td><input type="checkbox" name="act_$protectedcourse\_$_"></td>
 1622: <td>$plrole</td>
 1623: <td>$area<br />Domain: $domain</td>
 1624: ENDEXTENT
 1625: 	        if ($_ ne 'cc') {
 1626:                     if ($num_sections > 0) {
 1627:                         my $currsec = &course_sections($num_sections,\%sections_count,$protectedcourse.'_'.$_);
 1628:                         $table .= 
 1629:                     '<td><table border="0" cellspacing="0" cellpadding="0">'.
 1630:                      '<tr><td valign="top">'.$lt{'exs'}.'<br />'.
 1631:                         $currsec.'</td>'.
 1632:                      '<td>&nbsp;&nbsp;</td>'.
 1633:                      '<td valign="top">&nbsp;'.$lt{'new'}.'<br />'.
 1634:                      '<input type="text" name="newsec_'.$protectedcourse.'_'.$_.'" value="" /></td>'.
 1635:                      '<input type="hidden" '.
 1636:                      'name="sec_'.$protectedcourse.'_'.$_.'"></td>'.
 1637:                      '</tr></table></td>';
 1638:                     } else {
 1639:                         $table .= '<td><input type="text" size="10" '.
 1640:                      'name="sec_'.$protectedcourse.'_'.$_.'"></td>';
 1641:                     }
 1642:                 } else { 
 1643: 		    $table .= '<td>&nbsp</td>';
 1644:                 }
 1645: 		$table .= <<ENDTIMEENTRY;
 1646: <td><input type=hidden name="start_$protectedcourse\_$_" value=''>
 1647: <a href=
 1648: "javascript:pjump('date_start','Start Date $plrole',document.cu.start_$protectedcourse\_$_.value,'start_$protectedcourse\_$_','cu.pres','dateset')">$lt{'ssd'}</a></td>
 1649: <td><input type=hidden name="end_$protectedcourse\_$_" value=''>
 1650: <a href=
 1651: "javascript:pjump('date_end','End Date $plrole',document.cu.end_$protectedcourse\_$_.value,'end_$protectedcourse\_$_','cu.pres','dateset')">$lt{'sed'}</a></td>
 1652: ENDTIMEENTRY
 1653:                 $table.= "</tr>\n";
 1654:             }
 1655:         }
 1656:         foreach (sort keys %customroles) {
 1657: 	    if (&Apache::lonnet::allowed('ccr',$thiscourse)) {
 1658: 		my $plrole=$_;
 1659:                 my $customrole=$protectedcourse.'_cr_cr_'.$env{'user.domain'}.
 1660: 		    '_'.$env{'user.name'}.'_'.$plrole;
 1661: 		$table .= <<END;
 1662: <tr bgcolor="#$bgcol">
 1663: <td><input type="checkbox" name="act_$customrole"></td>
 1664: <td>$plrole</td>
 1665: <td>$area</td>
 1666: END
 1667:                 if ($num_sections > 0) {
 1668:                     my $currsec = &course_sections($num_sections,\%sections_count,$customrole);
 1669:                     $table.=
 1670:                    '<td><table border="0" cellspacing="0" cellpadding="0">'.
 1671:                    '<tr><td valign="top">'.$lt{'exs'}.'<br />'.
 1672:                      $currsec.'</td>'.
 1673:                    '<td>&nbsp;&nbsp;</td>'.
 1674:                    '<td valign="top">&nbsp;'.$lt{'new'}.'<br />'.
 1675:                    '<input type="text" name="newsec_'.$customrole.'" value="" /></td>'.
 1676:                    '<input type="hidden" '.
 1677:                    'name="sec_'.$customrole.'"></td>'.
 1678:                    '</tr></table></td>';
 1679:                 } else {
 1680:                     $table .= '<td><input type="text" size="10" '.
 1681:                      'name="sec_'.$customrole.'"></td>';
 1682:                 }
 1683:                 $table .= <<ENDENTRY;
 1684: <td><input type=hidden name="start_$customrole" value=''>
 1685: <a href=
 1686: "javascript:pjump('date_start','Start Date $plrole',document.cu.start_$customrole.value,'start_$customrole','cu.pres','dateset')">$lt{'ssd'}</a></td>
 1687: <td><input type=hidden name="end_$customrole" value=''>
 1688: <a href=
 1689: "javascript:pjump('date_end','End Date $plrole',document.cu.end_$customrole.value,'end_$customrole','cu.pres','dateset')">$lt{'sed'}</a></td></tr>
 1690: ENDENTRY
 1691:            }
 1692: 	}
 1693:     }
 1694:     return '' if ($table eq ''); # return nothing if there is nothing 
 1695:                                  # in the table
 1696:     my $result = <<ENDTABLE;
 1697: <h4>$lt{'crl'}</h4>
 1698: <table border=2><tr><th>$lt{'act'}</th><th>$lt{'rol'}</th><th>$lt{'ext'}</th>
 1699: <th>$lt{'grs'}</th><th>$lt{'sta'}</th><th>$lt{'end'}</th></tr>
 1700: $table
 1701: </table>
 1702: ENDTABLE
 1703:     return $result;
 1704: }
 1705: 
 1706: sub course_sections {
 1707:     my ($num_sections,$sections_count,$role) = @_;
 1708:     my $output = '';
 1709:     my @sections = (sort {$a <=> $b} keys %{$sections_count});
 1710:     if ($num_sections == 1) {
 1711:         $output = '<select name="currsec_'.$role.'" >'."\n".
 1712:                   '  <option value="">Select</option>'."\n".
 1713:                   '  <option value="">No section</option>'."\n".
 1714:                   '  <option value="'.$sections[0].'" >'.$sections[0].'</option>'."\n";
 1715:     } else {
 1716:         $output = '<select name="currsec_'.$role.'" ';
 1717:         my $multiple = 4;
 1718:         if ($num_sections <4) { $multiple = $num_sections; }
 1719:         $output .= '"multiple" size="'.$multiple.'">'."\n";
 1720:         foreach (@sections) {
 1721:             $output .= '<option value="'.$_.'">'.$_."</option>\n";
 1722:         }
 1723:     }
 1724:     $output .= '</select>'; 
 1725:     return $output;
 1726: }
 1727: 
 1728: sub course_level_dc {
 1729:     my ($dcdom) = @_;
 1730:     my %customroles=&my_custom_roles();
 1731:     my $hiddenitems = '<input type="hidden" name="dcdomain" value="'.$dcdom.'" />'.
 1732:                       '<input type="hidden" name="origdom" value="'.$dcdom.'" />'.
 1733:                       '<input type="hidden" name="dccourse" value="" />';
 1734:     my $courseform='<b>'.&Apache::loncommon::selectcourse_link
 1735:                      ('cu','dccourse','dcdomain','coursedesc').'</b>';
 1736:                                                                                       
 1737:     my $cb_jscript = &Apache::loncommon::coursebrowser_javascript($dcdom,$dcdom);
 1738:     my %lt=&Apache::lonlocal::texthash(
 1739:                     'crl'  => "Course Level",
 1740:                     'crt'  => "Course Title",
 1741:                     'rol'  => "Role",
 1742:                     'grs'  => "Group/Section",
 1743:                     'exs'  => "Existing sections",
 1744:                     'new'  => "Define new section", 
 1745:                     'sta'  => "Start",
 1746:                     'end'  => "End",
 1747:                     'ssd'  => "Set Start Date",
 1748:                     'sed'  => "Set End Date"
 1749:                   );
 1750:     my $header = '<h4>'.$lt{'crl'}.'</h4>'.
 1751:                  '<table border="2"><tr><th>'.$courseform.'</th><th>'.$lt{'rol'}.'</th><th>'.$lt{'grs'}.'</th><th>'.$lt{'sta'}.'</th><th>'.$lt{'end'}.'</th></tr>';
 1752:     my $otheritems = '<tr><td><input type="text" name="coursedesc" value="" onFocus="this.blur();opencrsbrowser('."'".'cu'."'".','."'".'dccourse'."'".','."'".'dcdomain'."'".','."'".'coursedesc'."',''".')" /></td>'.
 1753:                      '<td><select name="role">'."\n";
 1754:     foreach  ('st','ta','ep','ad','in','cc') {
 1755:         my $plrole=&Apache::lonnet::plaintext($_);
 1756:         $otheritems .= '  <option value="'.$_.'">'.$plrole;
 1757:     }
 1758:     if ( keys %customroles > 0) {
 1759:         foreach (sort keys %customroles) {
 1760:             my $custrole='cr_cr_'.$env{'user.domain'}.
 1761:                     '_'.$env{'user.name'}.'_'.$_;
 1762:             $otheritems .= '  <option value="'.$custrole.'">'.$_;
 1763:         }
 1764:     }
 1765:     $otheritems .= '</select></td><td>'.
 1766:                      '<table border="0" cellspacing="0" cellpadding="0">'.
 1767:                      '<tr><td valign="top"><b>'.$lt{'exs'}.'</b><br /><select name="currsec">'.
 1768:                      ' <option value=""><--'.&mt('Pick course first').'</select></td>'.
 1769:                      '<td>&nbsp;&nbsp;</td>'.
 1770:                      '<td valign="top">&nbsp;<b>'.$lt{'new'}.'</b><br />'.
 1771:                      '<input type="text" name="newsec" value="" /></td>'.
 1772:                      '</tr></table></td>';
 1773:     $otheritems .= <<ENDTIMEENTRY;
 1774: <td><input type=hidden name="start" value=''>
 1775: <a href=
 1776: "javascript:pjump('date_start','Start Date',document.cu.start.value,'start','cu.pres','dateset')">$lt{'ssd'}</a></td>
 1777: <td><input type=hidden name="end" value=''>
 1778: <a href=
 1779: "javascript:pjump('date_end','End Date',document.cu.end.value,'end','cu.pres','dateset')">$lt{'sed'}</a></td>
 1780: ENDTIMEENTRY
 1781:     $otheritems .= "</tr></table>\n";
 1782:     return $cb_jscript.$header.$hiddenitems.$otheritems;
 1783: }
 1784: 
 1785: #---------------------------------------------- end functions for &phase_two
 1786: 
 1787: #--------------------------------- functions for &phase_two and &phase_three
 1788: 
 1789: #--------------------------end of functions for &phase_two and &phase_three
 1790: 
 1791: 1;
 1792: __END__
 1793: 
 1794:

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>