[LON-CAPA-cvs] cvs: loncom /interface domainprefs.pm
raeburn
raeburn at source.lon-capa.org
Fri Apr 26 19:46:20 EDT 2019
raeburn Fri Apr 26 23:46:20 2019 EDT
Modified files:
/loncom/interface domainprefs.pm
Log:
- Domain configuration for availability of ("directory" and "non-directory"
user information) when a user from one domain is assigned role in another.
-------------- next part --------------
Index: loncom/interface/domainprefs.pm
diff -u loncom/interface/domainprefs.pm:1.356 loncom/interface/domainprefs.pm:1.357
--- loncom/interface/domainprefs.pm:1.356 Fri Apr 26 20:22:18 2019
+++ loncom/interface/domainprefs.pm Fri Apr 26 23:46:19 2019
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Handler to set domain-wide configuration settings
#
-# $Id: domainprefs.pm,v 1.356 2019/04/26 20:22:18 raeburn Exp $
+# $Id: domainprefs.pm,v 1.357 2019/04/26 23:46:19 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -219,7 +219,7 @@
'serverstatuses','requestcourses','helpsettings',
'coursedefaults','usersessions','loadbalancing',
'requestauthor','selfenrollment','inststatus',
- 'ltitools','ssl','trust','lti','passwords'],$dom);
+ 'ltitools','ssl','trust','lti','privacy','passwords'],$dom);
my %encconfig =
&Apache::lonnet::get_dom('encconfig',['ltitools','lti'],$dom);
if (ref($domconfig{'ltitools'}) eq 'HASH') {
@@ -247,7 +247,7 @@
}
}
my @prefs_order = ('rolecolors','login','defaults','passwords','quotas','autoenroll',
- 'autoupdate','autocreate','directorysrch','contacts',
+ 'autoupdate','autocreate','directorysrch','contacts','privacy',
'usercreation','selfcreation','usermodification','scantron',
'requestcourses','requestauthor','coursecategories',
'serverstatuses','helpsettings','coursedefaults',
@@ -497,10 +497,16 @@
modify => \&modify_selfenrollment,
},
'privacy' =>
- {text => 'User Privacy',
+ {text => 'Availability of User Information',
help => 'Domain_Configuration_User_Privacy',
- header => [{col1 => 'Setting',
- col2 => 'Value',}],
+ header => [{col1 => 'Role assigned in different domain',
+ col2 => 'Approval options'},
+ {col1 => 'Role assigned in different domain to user of type',
+ col2 => 'User information available in that domain'},
+ {col1 => "Role assigned in user's domain",
+ col2 => 'Information viewable by privileged user'},
+ {col1 => "Role assigned in user's domain",
+ col2 => 'Information viewable by unprivileged user'}],
print => \&print_privacy,
modify => \&modify_privacy,
},
@@ -771,6 +777,8 @@
$output = &modify_trust($dom,$lastactref,%domconfig);
} elsif ($action eq 'lti') {
$output = &modify_lti($r,$dom,$action,$lastactref,%domconfig);
+ } elsif ($action eq 'privacy') {
+ $output = &modify_privacy($dom,%domconfig);
} elsif ($action eq 'passwords') {
$output = &modify_passwords($r,$dom,$confname,$lastactref,%domconfig);
}
@@ -844,7 +852,7 @@
($action eq 'usermodification') || ($action eq 'defaults') || ($action eq 'coursedefaults') ||
($action eq 'selfenrollment') || ($action eq 'usersessions') || ($action eq 'ssl') ||
($action eq 'directorysrch') || ($action eq 'trust') || ($action eq 'helpsettings') ||
- ($action eq 'contacts')) {
+ ($action eq 'contacts') || ($action eq 'privacy')) {
$output .= $item->{'print'}->('top',$dom,$settings,\$rowtotal);
} elsif ($action eq 'passwords') {
$output .= $item->{'print'}->('top',$dom,$confname,$settings,\$rowtotal);
@@ -879,7 +887,8 @@
if (($action eq 'autoupdate') || ($action eq 'usercreation') ||
($action eq 'selfcreation') || ($action eq 'selfenrollment') ||
($action eq 'usersessions') || ($action eq 'coursecategories') ||
- ($action eq 'trust') || ($action eq 'contacts') || ($action eq 'passwords')) {
+ ($action eq 'trust') || ($action eq 'contacts') ||
+ ($action eq 'privacy') || ($action eq 'passwords')) {
if ($action eq 'coursecategories') {
$output .= &print_coursecategories('middle',$dom,$item,$settings,\$rowtotal);
$colspan = ' colspan="2"';
@@ -932,7 +941,7 @@
</tr>'."\n";
if ($action eq 'coursecategories') {
$output .= &print_coursecategories('bottom',$dom,$item,$settings,\$rowtotal);
- } elsif (($action eq 'contacts') || ($action eq 'passwords')) {
+ } elsif (($action eq 'contacts') || ($action eq 'privacy') || ($action eq 'passwords')) {
if ($action eq 'passwords') {
$output .= $item->{'print'}->('lower',$dom,$confname,$settings,\$rowtotal);
} else {
@@ -5800,6 +5809,124 @@
return $datatable;
}
+sub print_privacy {
+ my ($position,$dom,$settings,$rowtotal) = @_;
+ my ($datatable,$css_class,$numinrow, at items,%names,$othertitle,$usertypes,$types);
+ my $itemcount = 0;
+ unless ($position eq 'top') {
+ @items = ('domain','author','course','community');
+ %names = &Apache::lonlocal::texthash (
+ domain => 'Assigned domain role(s)',
+ author => 'Assigned co-author role(s)',
+ course => 'Assigned course role(s)',
+ community => 'Assigned community role',
+ );
+ $numinrow = 4;
+ ($othertitle,$usertypes,$types) =
+ &Apache::loncommon::sorted_inst_types($dom);
+ }
+ if (($position eq 'top') || ($position eq 'middle')) {
+ my (%by_ip,%by_location, at intdoms, at instdoms);
+ &build_location_hashes(\@intdoms,\%by_ip,\%by_location,\@instdoms);
+ if ($position eq 'top') {
+ my %curr;
+ my @options = ('none','user','domain','auto');
+ my %titles = &Apache::lonlocal::texthash (
+ none => 'Not allowed',
+ user => 'User authorizes',
+ domain => 'DC authorizes',
+ auto => 'Unrestricted',
+ instdom => 'Other domain shares institution/provider',
+ extdom => 'Other domain has different institution/provider',
+ );
+ my %names = &Apache::lonlocal::texthash (
+ domain => 'Domain role',
+ author => 'Co-author role',
+ course => 'Course role',
+ community => 'Community role',
+ );
+ my $primary_id = &Apache::lonnet::domain($dom,'primary');
+ my $intdom = &Apache::lonnet::internet_dom($primary_id);
+ foreach my $domtype ('instdom','extdom') {
+ my (%checked,$skip);
+ $css_class = $itemcount%2?' class="LC_odd_row"':'';
+ $datatable .= '<tr'.$css_class.'><td>'.$titles{$domtype}.'</td>'.
+ '<td class="LC_left_item">';
+ if ($domtype eq 'instdom') {
+ unless (@instdoms > 1) {
+ $datatable .= &mt('Nothing to set, as no domains besides [_1] are hosted by [_2]',$dom,$intdom);
+ $skip = 1;
+ }
+ } elsif ($domtype eq 'extdom') {
+ if (keys(%by_location) == 0) {
+ $datatable .= &mt('Nothing to set, as no other hosts besides [_1]',$intdom);
+ $skip = 1;
+ }
+ }
+ unless ($skip) {
+ foreach my $roletype ('domain','author','course','community') {
+ $checked{'auto'} = ' checked="checked"';
+ if (ref($settings) eq 'HASH') {
+ if (ref($settings->{approval}) eq 'HASH') {
+ if (ref($settings->{approval}->{$domtype}) eq 'HASH') {
+ if ($settings->{approval}->{$domtype}->{$roletype}=~ /^(none|user|domain)$/) {
+ $checked{$1} = ' checked="checked"';
+ $checked{'auto'} = '';
+ }
+ }
+ }
+ }
+ $datatable .= '<fieldset><legend>'.$names{$roletype}.'</legend>';
+ foreach my $option (@options) {
+ $datatable .= '<span class="LC_nobreak"><label>'.
+ '<input type="radio" name="privacy_approval_'.$domtype.'_'.$roletype.'" '.
+ 'value="'.$option.'"'.$checked{$option}.' />'.$titles{$option}.
+ '</label></span> ';
+ }
+ $datatable .= '</fieldset>';
+ }
+ }
+ $datatable .= '</td></tr>';
+ $itemcount ++;
+ }
+ } elsif ($position eq 'middle') {
+ if ((@instdoms > 1) || (keys(%by_location) > 0)) {
+ if ((ref($types) eq 'ARRAY') && (ref($usertypes) eq 'HASH')) {
+ foreach my $item (@{$types}) {
+ $datatable .= &modifiable_userdata_row('privacy','othdom_'.$item,$settings,
+ $numinrow,$itemcount,'','','','','',
+ '',$usertypes->{$item});
+ $itemcount ++;
+ }
+ }
+ $datatable .= &modifiable_userdata_row('privacy','othdom_default',$settings,
+ $numinrow,$itemcount,'','','','','',
+ '',$othertitle);
+ $itemcount ++;
+ } else {
+ $datatable .= &mt('Nothing to set here, as there are no other domains');
+ }
+ }
+ } else {
+ my $prefix;
+ if ($position eq 'lower') {
+ $prefix = 'priv';
+ } else {
+ $prefix = 'unpriv';
+ }
+ foreach my $item (@items) {
+ $datatable .= &modifiable_userdata_row('privacy',$prefix.'_'.$item,$settings,
+ $numinrow,$itemcount,'','','','','',
+ '',$names{$item});
+ $itemcount ++;
+ }
+ }
+ if (ref($rowtotal)) {
+ $$rowtotal += $itemcount;
+ }
+ return $datatable;
+}
+
sub print_passwords {
my ($position,$dom,$confname,$settings,$rowtotal) = @_;
my ($datatable,$css_class);
@@ -9366,7 +9493,7 @@
sub modifiable_userdata_row {
my ($context,$item,$settings,$numinrow,$rowcount,$usertypes,$fieldsref,$titlesref,
- $rowid,$customcss,$rowstyle) = @_;
+ $rowid,$customcss,$rowstyle,$itemdesc) = @_;
my ($role,$rolename,$statustype);
$role = $item;
if ($context eq 'cancreate') {
@@ -9389,6 +9516,8 @@
}
} elsif ($context eq 'lti') {
$rolename = &mt('Institutional data used (if available)');
+ } elsif ($context eq 'privacy') {
+ $rolename = $itemdesc;
} else {
if ($role eq 'cr') {
$rolename = &mt('Custom role');
@@ -9438,6 +9567,13 @@
if (ref($settings) eq 'HASH') {
$hashref = $settings->{'instdata'};
}
+ } elsif ($context eq 'privacy') {
+ my ($key,$inner) = split(/_/,$role);
+ if (ref($settings) eq 'HASH') {
+ if (ref($settings->{$key}) eq 'HASH') {
+ $hashref = $settings->{$key}->{$inner};
+ }
+ }
} elsif (ref($settings->{$context}) eq 'HASH') {
if (ref($settings->{$context}->{$role}) eq 'HASH') {
$hashref = $settings->{'lti_instdata'};
@@ -9476,6 +9612,24 @@
unless ($role eq 'emailusername') {
if (exists($checks{$fields[$i]})) {
$check = $checks{$fields[$i]};
+ } elsif ($context eq 'privacy') {
+ if ($role =~ /^priv_(domain|course)$/) {
+ if (ref($settings) ne 'HASH') {
+ $check = ' checked="checked" ';
+ }
+ } elsif ($role =~ /^priv_(author|community)$/) {
+ if (ref($settings) ne 'HASH') {
+ unless ($fields[$i] eq 'id') {
+ $check = ' checked="checked" ';
+ }
+ }
+ } elsif ($role =~ /^(unpriv|othdom)_/) {
+ if (ref($settings) ne 'HASH') {
+ if (($fields[$i] eq 'lastname') || ($fields[$i] eq 'firstname')) {
+ $check = ' checked="checked" ';
+ }
+ }
+ }
} elsif ($context ne 'lti') {
if ($role eq 'st') {
if (ref($settings) ne 'HASH') {
@@ -9504,6 +9658,8 @@
} else {
if ($context eq 'lti') {
$prefix = 'lti';
+ } elsif ($context eq 'privacy') {
+ $prefix = 'privacy';
}
$output .= '<label>'.
'<input type="checkbox" name="'.$prefix.'_'.$role.'" '.
@@ -13969,6 +14125,230 @@
return $resulttext;
}
+sub modify_privacy {
+ my ($dom,%domconfig) = @_;
+ my ($resulttext,%current,%changes);
+ if (ref($domconfig{'privacy'}) eq 'HASH') {
+ %current = %{$domconfig{'privacy'}};
+ }
+ my @fields = ('lastname','firstname','middlename','generation','permanentemail','id');
+ my @items = ('domain','author','course','community');
+ my %names = &Apache::lonlocal::texthash (
+ domain => 'Assigned domain role(s)',
+ author => 'Assigned co-author role(s)',
+ course => 'Assigned course role(s)',
+ community => 'Assigned community role',
+ );
+ my %roles = &Apache::lonlocal::texthash (
+ domain => 'Domain role',
+ author => 'Co-author role',
+ course => 'Course role',
+ community => 'Community role',
+ );
+ my %titles = &Apache::lonlocal::texthash (
+ approval => 'Approval for role in different domain',
+ othdom => 'User information available in other domain',
+ priv => 'Information viewable by privileged user in same domain',
+ unpriv => 'Information viewable by unprivileged user in same domain',
+ instdom => 'Other domain shares institution/provider',
+ extdom => 'Other domain has different institution/provider',
+ none => 'Not allowed',
+ user => 'User authorizes',
+ domain => 'Domain Coordinator authorizes',
+ auto => 'Unrestricted',
+ );
+ my %fieldnames = &Apache::lonlocal::texthash (
+ id => 'Student/Employee ID',
+ permanentemail => 'E-mail address',
+ lastname => 'Last Name',
+ firstname => 'First Name',
+ middlename => 'Middle Name',
+ generation => 'Generation',
+ );
+ my ($othertitle,$usertypes,$types) =
+ &Apache::loncommon::sorted_inst_types($dom);
+ my (%by_ip,%by_location, at intdoms, at instdoms);
+ &build_location_hashes(\@intdoms,\%by_ip,\%by_location,\@instdoms);
+
+ my %privacyhash = (
+ 'approval' => {
+ instdom => {},
+ extdom => {},
+ },
+ 'othdom' => {},
+ 'priv' => {},
+ 'unpriv' => {},
+ );
+ foreach my $item (@items) {
+ if (@instdoms > 1) {
+ if ($env{'form.privacy_approval_instdom'.$item} =~ /^(none|user|domain|auto)$/) {
+ $privacyhash{'approval'}{'instdom'}{$item} = $env{'form.privacy_approval_instdom_'.$item};
+ }
+ if (ref($current{'approval'}) eq 'HASH') {
+ if (ref($current{'approval'}{'instdom'}) eq 'HASH') {
+ unless ($privacyhash{'approval'}{'instdom'}{$item} eq $current{'approval'}{'instdom'}{$item}) {
+ $changes{'approval'} = 1;
+ }
+ }
+ } elsif ($privacyhash{'approval'}{'instdom'}{$item} ne 'auto') {
+ $changes{'approval'} = 1;
+ }
+ }
+ if (keys(%by_location) > 0) {
+ if ($env{'form.privacy_approval_extdom_'.$item} =~ /^(none|user|domain|auto)$/) {
+ $privacyhash{'approval'}{'extdom'}{$item} = $env{'form.privacy_approval_extdom_'.$item};
+ }
+ if (ref($current{'approval'}) eq 'HASH') {
+ if (ref($current{'approval'}{'extdom'}) eq 'HASH') {
+ unless ($privacyhash{'approval'}{'extdom'}{$item} eq $current{'approval'}{'extdom'}{$item}) {
+ $changes{'approval'} = 1;
+ }
+ }
+ } elsif ($privacyhash{'approval'}{'extdom'}{$item} ne 'auto') {
+ $changes{'approval'} = 1;
+ }
+ }
+ foreach my $status ('priv','unpriv') {
+ my @possibles = sort(&Apache::loncommon::get_env_multiple('form.privacy_'.$status.'_'.$item));
+ my @newvalues;
+ foreach my $field (@possibles) {
+ if (grep(/^\Q$field\E$/, at fields)) {
+ $privacyhash{$status}{$item}{$field} = 1;
+ push(@newvalues,$field);
+ }
+ }
+ @newvalues = sort(@newvalues);
+ if (ref($current{$status}) eq 'HASH') {
+ if (ref($current{$status}{$item}) eq 'HASH') {
+ my @currvalues = sort(keys(%{$current{$status}{$item}}));
+ my @diffs = &Apache::loncommon::compare_arrays(\@currvalues,\@newvalues);
+ if (@diffs > 0) {
+ $changes{$status} = 1;
+ }
+ }
+ } else {
+ my @stdfields;
+ foreach my $field (@fields) {
+ if ($field eq 'id') {
+ next if ($status eq 'unpriv');
+ next if (($status eq 'priv') && ($item eq 'community'));
+ }
+ push(@stdfields,$field);
+ }
+ my @diffs = &Apache::loncommon::compare_arrays(\@stdfields,\@newvalues);
+ if (@diffs > 0) {
+ $changes{$status} = 1;
+ }
+ }
+ }
+ }
+ if ((@instdoms > 1) || (keys(%by_location) > 0)) {
+ my @statuses;
+ if (ref($types) eq 'ARRAY') {
+ @statuses = @{$types};
+ }
+ foreach my $type (@statuses,'default') {
+ my @possfields = &Apache::loncommon::get_env_multiple('form.privacy_othdom_'.$type);
+ my @newvalues;
+ foreach my $field (sort(@possfields)) {
+ if (grep(/^\Q$field\E$/, at fields)) {
+ $privacyhash{'othdom'}{$type}{$field} = 1;
+ push(@newvalues,$field);
+ }
+ }
+ @newvalues = sort(@newvalues);
+ if (ref($current{'othdom'}) eq 'HASH') {
+ if (ref($current{'othdom'}{$type}) eq 'HASH') {
+ my @currvalues = sort(keys(%{$current{'othdom'}{$type}}));
+ my @diffs = &Apache::loncommon::compare_arrays(\@currvalues,\@newvalues);
+ if (@diffs > 0) {
+ $changes{'othdom'} = 1;
+ }
+ }
+ } else {
+ my @stdfields = ('lastname','firstname','middlename','generation','permanentemail');
+ my @diffs = &Apache::loncommon::compare_arrays(\@stdfields,\@newvalues);
+ if (@diffs > 0) {
+ $changes{'othdom'} = 1;
+ }
+ }
+ }
+ }
+ my %confighash = (
+ privacy => \%privacyhash,
+ );
+ my $putresult = &Apache::lonnet::put_dom('configuration',\%confighash,$dom);
+ if ($putresult eq 'ok') {
+ if (keys(%changes) > 0) {
+ $resulttext = &mt('Changes made: ').'<ul>';
+ foreach my $key ('approval','othdom','priv','unpriv') {
+ if ($changes{$key}) {
+ $resulttext .= '<li>'.$titles{$key}.':<ul>';
+ if ($key eq 'approval') {
+ if (keys(%{$privacyhash{$key}{instdom}})) {
+ $resulttext .= '<li>'.$titles{'instdom'}.'<ul>';
+ foreach my $item (@items) {
+ $resulttext .= '<li>'.$roles{$item}.': '.$titles{$privacyhash{$key}{instdom}{$item}}.'</li>';
+ }
+ $resulttext .= '</ul></li>';
+ }
+ if (keys(%{$privacyhash{$key}{extdom}})) {
+ $resulttext .= '<li>'.$titles{'extdom'}.'<ul>';
+ foreach my $item (@items) {
+ $resulttext .= '<li>'.$roles{$item}.': '.$titles{$privacyhash{$key}{extdom}{$item}}.'</li>';
+ }
+ $resulttext .= '</ul></li>';
+ }
+ } elsif ($key eq 'othdom') {
+ my @statuses;
+ if (ref($types) eq 'ARRAY') {
+ @statuses = @{$types};
+ }
+ if (ref($privacyhash{$key}) eq 'HASH') {
+ foreach my $status (@statuses,'default') {
+ if ($status eq 'default') {
+ $resulttext .= '<li>'.$othertitle.': ';
+ } elsif (ref($usertypes) eq 'HASH') {
+ $resulttext .= '<li>'.$usertypes->{$status}.': ';
+ } else {
+ next;
+ }
+ if (ref($privacyhash{$key}{$status}) eq 'HASH') {
+ if (keys(%{$privacyhash{$key}{$status}})) {
+ $resulttext .= join(', ', map { $fieldnames{$_}; } (sort(keys(%{$privacyhash{$key}{$status}}))));
+ } else {
+ $resulttext .= &mt('none');
+ }
+ }
+ $resulttext .= '</li>';
+ }
+ }
+ } else {
+ foreach my $item (@items) {
+ if (ref($privacyhash{$key}{$item}) eq 'HASH') {
+ $resulttext .= '<li>'.$names{$item}.': ';
+ if (keys(%{$privacyhash{$key}{$item}})) {
+ $resulttext .= join(', ', map { $fieldnames{$_}; } (sort(keys(%{$privacyhash{$key}{$item}}))));
+ } else {
+ $resulttext .= &mt('none');
+ }
+ $resulttext .= '</li>';
+ }
+ }
+ }
+ $resulttext .= '</ul></li>';
+ }
+ }
+ } else {
+ $resulttext = &mt('No changes made to user information settings');
+ }
+ } else {
+ $resulttext = '<span class="LC_error">'.
+ &mt('An error occurred: [_1]',$putresult).'</span>';
+ }
+ return $resulttext;
+}
+
sub modify_passwords {
my ($r,$dom,$confname,$lastactref,%domconfig) = @_;
my ($resulttext,%current,%changes,%newvalues, at oktypes,$errors,
More information about the LON-CAPA-cvs
mailing list