[LON-CAPA-cvs] cvs: loncom /interface loncreateuser.pm
raeburn
lon-capa-cvs-allow@mail.lon-capa.org
Fri, 21 Dec 2007 15:33:32 -0000
This is a MIME encoded message
--raeburn1198251212
Content-Type: text/plain
raeburn Fri Dec 21 10:33:32 2007 EDT
Modified files:
/loncom/interface loncreateuser.pm
Log:
- Display of existing roles on user modification screen (action is "singleuser" moved to subroutine: &display_existing_roles()
- No longer displayed when action is "singlestudent"
- Section-specific roles with 'cst' priv only show existing roles for section of current viewer's role.
--raeburn1198251212
Content-Type: text/plain
Content-Disposition: attachment; filename="raeburn-20071221103332.txt"
Index: loncom/interface/loncreateuser.pm
diff -u loncom/interface/loncreateuser.pm:1.216 loncom/interface/loncreateuser.pm:1.217
--- loncom/interface/loncreateuser.pm:1.216 Fri Dec 21 10:22:01 2007
+++ loncom/interface/loncreateuser.pm Fri Dec 21 10:33:32 2007
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Create a user
#
-# $Id: loncreateuser.pm,v 1.216 2007/12/21 15:22:01 raeburn Exp $
+# $Id: loncreateuser.pm,v 1.217 2007/12/21 15:33:32 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -805,196 +805,9 @@
}
}
$r->print('</div><div class="LC_clear_float_footer"></div>');
- my %rolesdump=&Apache::lonnet::dump('roles',$ccdomain,$ccuname);
- # Build up table of user roles to allow revocation of a role.
- my ($tmp) = keys(%rolesdump);
- unless ($tmp =~ /^(con_lost|error)/i) {
- my $now=time;
- my %lt=&Apache::lonlocal::texthash(
- 'rer' => "Existing Roles",
- 'rev' => "Revoke",
- 'del' => "Delete",
- 'ren' => "Re-Enable",
- 'rol' => "Role",
- 'ext' => "Extent",
- 'sta' => "Start",
- 'end' => "End"
- );
- my (%roletext,%sortrole,%roleclass,%rolepriv);
- foreach my $area (sort { my $a1=join('_',(split('_',$a))[1,0]);
- my $b1=join('_',(split('_',$b))[1,0]);
- return $a1 cmp $b1;
- } keys(%rolesdump)) {
- next if ($area =~ /^rolesdef/);
- my $envkey=$area;
- my $role = $rolesdump{$area};
- my $thisrole=$area;
- $area =~ s/\_\w\w$//;
- my ($role_code,$role_end_time,$role_start_time) =
- split(/_/,$role);
-# Is this a custom role? Get role owner and title.
- my ($croleudom,$croleuname,$croletitle)=
- ($role_code=~m{^cr/($match_domain)/($match_username)/(\w+)$});
- my $allowed=0;
- my $delallowed=0;
- my $sortkey=$role_code;
- my $class='Unknown';
- if ($area =~ m{^/($match_domain)/($match_courseid)} ) {
- $class='Course';
- my ($coursedom,$coursedir) = ($1,$2);
- $sortkey.="\0$coursedom";
- # $1.'_'.$2 is the course id (eg. 103_12345abcef103l3).
- my %coursedata=
- &Apache::lonnet::coursedescription($1.'_'.$2);
- my $carea;
- if (defined($coursedata{'description'})) {
- $carea=$coursedata{'description'}.
- '<br />'.&mt('Domain').': '.$coursedom.(' 'x8).
- &Apache::loncommon::syllabuswrapper('Syllabus',$coursedir,$coursedom);
- $sortkey.="\0".$coursedata{'description'};
- $class=$coursedata{'type'};
- } else {
- $carea=&mt('Unavailable course').': '.$area;
- $sortkey.="\0".&mt('Unavailable course').': '.$area;
- }
- $sortkey.="\0$coursedir";
- $inccourses{$1.'_'.$2}=1;
- if ((&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) ||
- (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) {
- $allowed=1;
- }
- if ((&Apache::lonnet::allowed('dro',$1)) ||
- (&Apache::lonnet::allowed('dro',$ccdomain))) {
- $delallowed=1;
- }
-# - custom role. Needs more info, too
- if ($croletitle) {
- if (&Apache::lonnet::allowed('ccr',$1.'/'.$2)) {
- $allowed=1;
- $thisrole.='.'.$role_code;
- }
- }
- # Compute the background color based on $area
- if ($area=~m{^/($match_domain)/($match_courseid)/(\w+)}) {
- $carea.='<br />Section: '.$3;
- $sortkey.="\0$3";
- }
- $area=$carea;
- } else {
- $sortkey.="\0".$area;
- # Determine if current user is able to revoke privileges
- if ($area=~m{^/($match_domain)/}) {
- if ((&Apache::lonnet::allowed('c'.$role_code,$1)) ||
- (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) {
- $allowed=1;
- }
- if (((&Apache::lonnet::allowed('dro',$1)) ||
- (&Apache::lonnet::allowed('dro',$ccdomain))) &&
- ($role_code ne 'dc')) {
- $delallowed=1;
- }
- } else {
- if (&Apache::lonnet::allowed('c'.$role_code,'/')) {
- $allowed=1;
- }
- }
- if ($role_code eq 'ca' || $role_code eq 'au') {
- $class='Construction Space';
- } elsif ($role_code eq 'su') {
- $class='System';
- } else {
- $class='Domain';
- }
- }
- if (($role_code eq 'ca') || ($role_code eq 'aa')) {
- $area=~m{/($match_domain)/($match_username)};
- if (&Apache::lonuserutils::authorpriv($2,$1)) {
- $allowed=1;
- } else {
- $allowed=0;
- }
- }
- my $row = '';
- $row.= '<td>';
- my $active=1;
- $active=0 if (($role_end_time) && ($now>$role_end_time));
- if (($active) && ($allowed)) {
- $row.= '<input type="checkbox" name="rev:'.$thisrole.'" />';
- } else {
- if ($active) {
- $row.=' ';
- } else {
- $row.=&mt('expired or revoked');
- }
- }
- $row.='</td><td>';
- if ($allowed && !$active) {
- $row.= '<input type="checkbox" name="ren:'.$thisrole.'" />';
- } else {
- $row.=' ';
- }
- $row.='</td><td>';
- if ($delallowed) {
- $row.= '<input type="checkbox" name="del:'.$thisrole.'" />';
- } else {
- $row.=' ';
- }
- my $plaintext='';
- if (!$croletitle) {
- $plaintext=&Apache::lonnet::plaintext($role_code,$class)
- } else {
- $plaintext=
- "Customrole '$croletitle'<br />defined by $croleuname\@$croleudom";
- }
- $row.= '</td><td>'.$plaintext.
- '</td><td>'.$area.
- '</td><td>'.($role_start_time?localtime($role_start_time)
- : ' ' ).
- '</td><td>'.($role_end_time ?localtime($role_end_time)
- : ' ' )
- ."</td>";
- $sortrole{$sortkey}=$envkey;
- $roletext{$envkey}=$row;
- $roleclass{$envkey}=$class;
- $rolepriv{$envkey}=$allowed;
- #$r->print($row);
- } # end of foreach (table building loop)
- my $rolesdisplay = 0;
- my %output = ();
- foreach my $type ('Construction Space','Course','Group','Domain','System','Unknown') {
- $output{$type} = '';
- foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
- if ( ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/ ) && ($rolepriv{$sortrole{$which}}) ) {
- $output{$type}.=
- &Apache::loncommon::start_data_table_row().
- $roletext{$sortrole{$which}}.
- &Apache::loncommon::end_data_table_row();
- }
- }
- unless($output{$type} eq '') {
- $output{$type} = '<tr class="LC_info_row">'.
- "<td align='center' colspan='7'>".&mt($type)."</td></tr>".
- $output{$type};
- $rolesdisplay = 1;
- }
- }
- if ($rolesdisplay == 1) {
- $r->print('
-<h3>'.$lt{'rer'}.'</h3>'.
-&Apache::loncommon::start_data_table("LC_createuser").
-&Apache::loncommon::start_data_table_header_row().
-'<th>'.$lt{'rev'}.'</th><th>'.$lt{'ren'}.'</th><th>'.$lt{'del'}.
-'</th><th>'.$lt{'rol'}.'</th><th>'.$lt{'ext'}.
-'</th><th>'.$lt{'sta'}.'</th><th>'.$lt{'end'}.'</th>'.
-&Apache::loncommon::end_data_table_header_row());
- foreach my $type ('Construction Space','Course','Group','Domain','System','Unknown') {
- if ($output{$type}) {
- $r->print($output{$type}."\n");
- }
- }
- $r->print(&Apache::loncommon::end_data_table());
- }
- } # End of unless
+ if ($env{'form.action'} ne 'singlestudent') {
+ &display_existing_roles($r,$ccuname,$ccdomain,\%inccourses);
+ }
} ## End of new user/old user logic
my $addrolesdisplay = 0;
$r->print('<h3>'.&mt('Add Roles').'</h3>');
@@ -1193,6 +1006,208 @@
return $js;
}
+sub display_existing_roles {
+ my ($r,$ccuname,$ccdomain,$inccourses) = @_;
+ my %rolesdump=&Apache::lonnet::dump('roles',$ccdomain,$ccuname);
+ # Build up table of user roles to allow revocation and re-enabling of roles.
+ my ($tmp) = keys(%rolesdump);
+ if ($tmp !~ /^(con_lost|error)/i) {
+ my $now=time;
+ my %lt=&Apache::lonlocal::texthash(
+ 'rer' => "Existing Roles",
+ 'rev' => "Revoke",
+ 'del' => "Delete",
+ 'ren' => "Re-Enable",
+ 'rol' => "Role",
+ 'ext' => "Extent",
+ 'sta' => "Start",
+ 'end' => "End",
+ );
+ my (%roletext,%sortrole,%roleclass,%rolepriv);
+ foreach my $area (sort { my $a1=join('_',(split('_',$a))[1,0]);
+ my $b1=join('_',(split('_',$b))[1,0]);
+ return $a1 cmp $b1;
+ } keys(%rolesdump)) {
+ next if ($area =~ /^rolesdef/);
+ my $envkey=$area;
+ my $role = $rolesdump{$area};
+ my $thisrole=$area;
+ $area =~ s/\_\w\w$//;
+ my ($role_code,$role_end_time,$role_start_time) =
+ split(/_/,$role);
+# Is this a custom role? Get role owner and title.
+ my ($croleudom,$croleuname,$croletitle)=
+ ($role_code=~m{^cr/($match_domain)/($match_username)/(\w+)$});
+ my $allowed=0;
+ my $delallowed=0;
+ my $sortkey=$role_code;
+ my $class='Unknown';
+ if ($area =~ m{^/($match_domain)/($match_courseid)} ) {
+ $class='Course';
+ my ($coursedom,$coursedir) = ($1,$2);
+ $sortkey.="\0$coursedom";
+ # $1.'_'.$2 is the course id (eg. 103_12345abcef103l3).
+ my %coursedata=
+ &Apache::lonnet::coursedescription($1.'_'.$2);
+ my $carea;
+ if (defined($coursedata{'description'})) {
+ $carea=$coursedata{'description'}.
+ '<br />'.&mt('Domain').': '.$coursedom.(' 'x8).
+ &Apache::loncommon::syllabuswrapper('Syllabus',$coursedir,$coursedom);
+ $sortkey.="\0".$coursedata{'description'};
+ $class=$coursedata{'type'};
+ } else {
+ $carea=&mt('Unavailable course').': '.$area;
+ $sortkey.="\0".&mt('Unavailable course').': '.$area;
+ }
+ $sortkey.="\0$coursedir";
+ $inccourses->{$1.'_'.$2}=1;
+ if ((&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) ||
+ (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) {
+ $allowed=1;
+ }
+ if ((&Apache::lonnet::allowed('dro',$1)) ||
+ (&Apache::lonnet::allowed('dro',$ccdomain))) {
+ $delallowed=1;
+ }
+# - custom role. Needs more info, too
+ if ($croletitle) {
+ if (&Apache::lonnet::allowed('ccr',$1.'/'.$2)) {
+ $allowed=1;
+ $thisrole.='.'.$role_code;
+ }
+ }
+ # Compute the background color based on $area
+ if ($area=~m{^/($match_domain)/($match_courseid)/(\w+)}) {
+ $carea.='<br />Section: '.$3;
+ $sortkey.="\0$3";
+ if (!$allowed) {
+ if ($env{'request.course.sec'} eq $3) {
+ if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2.'/'.$3)) {
+ $allowed = 1;
+ }
+ }
+ }
+ }
+ $area=$carea;
+ } else {
+ $sortkey.="\0".$area;
+ # Determine if current user is able to revoke privileges
+ if ($area=~m{^/($match_domain)/}) {
+ if ((&Apache::lonnet::allowed('c'.$role_code,$1)) ||
+ (&Apache::lonnet::allowed('c'.$role_code,$ccdomain))) {
+ $allowed=1;
+ }
+ if (((&Apache::lonnet::allowed('dro',$1)) ||
+ (&Apache::lonnet::allowed('dro',$ccdomain))) &&
+ ($role_code ne 'dc')) {
+ $delallowed=1;
+ }
+ } else {
+ if (&Apache::lonnet::allowed('c'.$role_code,'/')) {
+ $allowed=1;
+ }
+ }
+ if ($role_code eq 'ca' || $role_code eq 'au') {
+ $class='Construction Space';
+ } elsif ($role_code eq 'su') {
+ $class='System';
+ } else {
+ $class='Domain';
+ }
+ }
+ if (($role_code eq 'ca') || ($role_code eq 'aa')) {
+ $area=~m{/($match_domain)/($match_username)};
+ if (&Apache::lonuserutils::authorpriv($2,$1)) {
+ $allowed=1;
+ } else {
+ $allowed=0;
+ }
+ }
+ my $row = '';
+ $row.= '<td>';
+ my $active=1;
+ $active=0 if (($role_end_time) && ($now>$role_end_time));
+ if (($active) && ($allowed)) {
+ $row.= '<input type="checkbox" name="rev:'.$thisrole.'" />';
+ } else {
+ if ($active) {
+ $row.=' ';
+ } else {
+ $row.=&mt('expired or revoked');
+ }
+ }
+ $row.='</td><td>';
+ if ($allowed && !$active) {
+ $row.= '<input type="checkbox" name="ren:'.$thisrole.'" />';
+ } else {
+ $row.=' ';
+ }
+ $row.='</td><td>';
+ if ($delallowed) {
+ $row.= '<input type="checkbox" name="del:'.$thisrole.'" />';
+ } else {
+ $row.=' ';
+ }
+ my $plaintext='';
+ if (!$croletitle) {
+ $plaintext=&Apache::lonnet::plaintext($role_code,$class)
+ } else {
+ $plaintext=
+ "Customrole '$croletitle'<br />defined by $croleuname\@$croleudom";
+ }
+ $row.= '</td><td>'.$plaintext.
+ '</td><td>'.$area.
+ '</td><td>'.($role_start_time?localtime($role_start_time)
+ : ' ' ).
+ '</td><td>'.($role_end_time ?localtime($role_end_time)
+ : ' ' )
+ ."</td>";
+ $sortrole{$sortkey}=$envkey;
+ $roletext{$envkey}=$row;
+ $roleclass{$envkey}=$class;
+ $rolepriv{$envkey}=$allowed;
+ #$r->print($row);
+ } # end of foreach (table building loop)
+ my $rolesdisplay = 0;
+ my %output = ();
+ foreach my $type ('Construction Space','Course','Group','Domain','System','Unknown') {
+ $output{$type} = '';
+ foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
+ if ( ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/ ) && ($rolepriv{$sortrole{$which}}) ) {
+ $output{$type}.=
+ &Apache::loncommon::start_data_table_row().
+ $roletext{$sortrole{$which}}.
+ &Apache::loncommon::end_data_table_row();
+ }
+ }
+ unless($output{$type} eq '') {
+ $output{$type} = '<tr class="LC_info_row">'.
+ "<td align='center' colspan='7'>".&mt($type)."</td></tr>".
+ $output{$type};
+ $rolesdisplay = 1;
+ }
+ }
+ if ($rolesdisplay == 1) {
+ $r->print('
+<h3>'.$lt{'rer'}.'</h3>'.
+&Apache::loncommon::start_data_table("LC_createuser").
+&Apache::loncommon::start_data_table_header_row().
+'<th>'.$lt{'rev'}.'</th><th>'.$lt{'ren'}.'</th><th>'.$lt{'del'}.
+'</th><th>'.$lt{'rol'}.'</th><th>'.$lt{'ext'}.
+'</th><th>'.$lt{'sta'}.'</th><th>'.$lt{'end'}.'</th>'.
+&Apache::loncommon::end_data_table_header_row());
+ foreach my $type ('Construction Space','Course','Group','Domain','System','Unknown') {
+ if ($output{$type}) {
+ $r->print($output{$type}."\n");
+ }
+ }
+ $r->print(&Apache::loncommon::end_data_table());
+ }
+ } # End of check for keys in rolesdump
+ return;
+}
+
sub user_authentication {
my ($ccuname,$ccdomain,$krbdefdom,$abv_auth) = @_;
my $currentauth=&Apache::lonnet::queryauthenticate($ccuname,$ccdomain);
--raeburn1198251212--