[LON-CAPA-cvs] cvs: loncom /interface domainprefs.pm

raeburn raeburn at source.lon-capa.org
Fri Apr 26 19:46:20 EDT 2019


raeburn		Fri Apr 26 23:46:20 2019 EDT

  Modified files:              
    /loncom/interface	domainprefs.pm 
  Log:
  - Domain configuration for availability of ("directory" and "non-directory" 
    user information) when a user from one domain is assigned role in another. 
  
  
-------------- next part --------------
Index: loncom/interface/domainprefs.pm
diff -u loncom/interface/domainprefs.pm:1.356 loncom/interface/domainprefs.pm:1.357
--- loncom/interface/domainprefs.pm:1.356	Fri Apr 26 20:22:18 2019
+++ loncom/interface/domainprefs.pm	Fri Apr 26 23:46:19 2019
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Handler to set domain-wide configuration settings
 #
-# $Id: domainprefs.pm,v 1.356 2019/04/26 20:22:18 raeburn Exp $
+# $Id: domainprefs.pm,v 1.357 2019/04/26 23:46:19 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -219,7 +219,7 @@
                 'serverstatuses','requestcourses','helpsettings',
                 'coursedefaults','usersessions','loadbalancing',
                 'requestauthor','selfenrollment','inststatus',
-                'ltitools','ssl','trust','lti','passwords'],$dom);
+                'ltitools','ssl','trust','lti','privacy','passwords'],$dom);
     my %encconfig =
         &Apache::lonnet::get_dom('encconfig',['ltitools','lti'],$dom);
     if (ref($domconfig{'ltitools'}) eq 'HASH') {
@@ -247,7 +247,7 @@
         }
     }
     my @prefs_order = ('rolecolors','login','defaults','passwords','quotas','autoenroll',
-                       'autoupdate','autocreate','directorysrch','contacts',
+                       'autoupdate','autocreate','directorysrch','contacts','privacy',
                        'usercreation','selfcreation','usermodification','scantron',
                        'requestcourses','requestauthor','coursecategories',
                        'serverstatuses','helpsettings','coursedefaults',
@@ -497,10 +497,16 @@
                   modify => \&modify_selfenrollment,
                  },
         'privacy' => 
-                 {text   => 'User Privacy',
+                 {text   => 'Availability of User Information',
                   help   => 'Domain_Configuration_User_Privacy',
-                  header => [{col1 => 'Setting',
-                              col2 => 'Value',}],
+                  header => [{col1 => 'Role assigned in different domain',
+                              col2 => 'Approval options'},
+                             {col1 => 'Role assigned in different domain to user of type',
+                              col2 => 'User information available in that domain'},
+                             {col1 => "Role assigned in user's domain",
+                              col2 => 'Information viewable by privileged user'},
+                             {col1 => "Role assigned in user's domain",
+                              col2 => 'Information viewable by unprivileged user'}],
                   print => \&print_privacy,
                   modify => \&modify_privacy,
                  },
@@ -771,6 +777,8 @@
         $output = &modify_trust($dom,$lastactref,%domconfig);
     } elsif ($action eq 'lti') {
         $output = &modify_lti($r,$dom,$action,$lastactref,%domconfig);
+    } elsif ($action eq 'privacy') {
+        $output = &modify_privacy($dom,%domconfig);
     } elsif ($action eq 'passwords') {
         $output = &modify_passwords($r,$dom,$confname,$lastactref,%domconfig);
     }
@@ -844,7 +852,7 @@
             ($action eq 'usermodification') || ($action eq 'defaults') || ($action eq 'coursedefaults') ||
             ($action eq 'selfenrollment') || ($action eq 'usersessions') || ($action eq 'ssl') ||
             ($action eq 'directorysrch') || ($action eq 'trust') || ($action eq 'helpsettings') ||
-            ($action eq 'contacts')) {
+            ($action eq 'contacts') || ($action eq 'privacy')) {
             $output .= $item->{'print'}->('top',$dom,$settings,\$rowtotal);
         } elsif ($action eq 'passwords') {
             $output .= $item->{'print'}->('top',$dom,$confname,$settings,\$rowtotal);
@@ -879,7 +887,8 @@
         if (($action eq 'autoupdate') || ($action eq 'usercreation') ||
             ($action eq 'selfcreation') || ($action eq 'selfenrollment') ||
             ($action eq 'usersessions') || ($action eq 'coursecategories') || 
-            ($action eq 'trust') || ($action eq 'contacts') || ($action eq 'passwords')) {
+            ($action eq 'trust') || ($action eq 'contacts') ||
+            ($action eq 'privacy') || ($action eq 'passwords')) {
             if ($action eq 'coursecategories') {
                 $output .= &print_coursecategories('middle',$dom,$item,$settings,\$rowtotal);
                 $colspan = ' colspan="2"';
@@ -932,7 +941,7 @@
              </tr>'."\n";
                 if ($action eq 'coursecategories') {
                     $output .= &print_coursecategories('bottom',$dom,$item,$settings,\$rowtotal);
-                } elsif (($action eq 'contacts') || ($action eq 'passwords')) {
+                } elsif (($action eq 'contacts') || ($action eq 'privacy') || ($action eq 'passwords')) {
                     if ($action eq 'passwords') {
                         $output .= $item->{'print'}->('lower',$dom,$confname,$settings,\$rowtotal);
                     } else {
@@ -5800,6 +5809,124 @@
     return $datatable;
 }
 
+sub print_privacy {
+    my ($position,$dom,$settings,$rowtotal) = @_;
+    my ($datatable,$css_class,$numinrow, at items,%names,$othertitle,$usertypes,$types);
+    my $itemcount = 0;
+    unless ($position eq 'top') {
+        @items = ('domain','author','course','community');
+        %names = &Apache::lonlocal::texthash (
+                     domain => 'Assigned domain role(s)',
+                     author => 'Assigned co-author role(s)',
+                     course => 'Assigned course role(s)',
+                     community => 'Assigned community role',
+                 );
+        $numinrow = 4;
+        ($othertitle,$usertypes,$types) =
+            &Apache::loncommon::sorted_inst_types($dom);
+    }
+    if (($position eq 'top') || ($position eq 'middle')) {
+        my (%by_ip,%by_location, at intdoms, at instdoms);
+        &build_location_hashes(\@intdoms,\%by_ip,\%by_location,\@instdoms);
+        if ($position eq 'top') {
+            my %curr;
+            my @options = ('none','user','domain','auto');
+            my %titles = &Apache::lonlocal::texthash (
+                none   => 'Not allowed',
+                user   => 'User authorizes',
+                domain => 'DC authorizes',
+                auto   => 'Unrestricted',
+                instdom => 'Other domain shares institution/provider',
+                extdom => 'Other domain has different institution/provider',
+            );
+            my %names = &Apache::lonlocal::texthash (
+                domain => 'Domain role',
+                author => 'Co-author role',
+                course => 'Course role',
+                community => 'Community role',
+            );
+            my $primary_id = &Apache::lonnet::domain($dom,'primary');
+            my $intdom = &Apache::lonnet::internet_dom($primary_id);
+            foreach my $domtype ('instdom','extdom') {
+                my (%checked,$skip);
+                $css_class = $itemcount%2?' class="LC_odd_row"':'';
+                $datatable .= '<tr'.$css_class.'><td>'.$titles{$domtype}.'</td>'.
+                              '<td class="LC_left_item">';
+                if ($domtype eq 'instdom') {
+                    unless (@instdoms > 1) {
+                        $datatable .= &mt('Nothing to set, as no domains besides [_1] are hosted by [_2]',$dom,$intdom);
+                        $skip = 1;
+                    }
+                } elsif ($domtype eq 'extdom') {
+                    if (keys(%by_location) == 0) {
+                        $datatable .= &mt('Nothing to set, as no other hosts besides [_1]',$intdom);
+                        $skip = 1;
+                    }
+                }
+                unless ($skip) {
+                    foreach my $roletype ('domain','author','course','community') {
+                        $checked{'auto'} = ' checked="checked"';
+                        if (ref($settings) eq 'HASH') {
+                            if (ref($settings->{approval}) eq 'HASH') {
+                                if (ref($settings->{approval}->{$domtype}) eq 'HASH') {
+                                    if ($settings->{approval}->{$domtype}->{$roletype}=~ /^(none|user|domain)$/) {
+                                        $checked{$1} = ' checked="checked"';
+                                        $checked{'auto'} = '';
+                                    }
+                                }
+                            }
+                        }
+                        $datatable .= '<fieldset><legend>'.$names{$roletype}.'</legend>';
+                        foreach my $option (@options) {
+                            $datatable .= '<span class="LC_nobreak"><label>'.
+                                          '<input type="radio" name="privacy_approval_'.$domtype.'_'.$roletype.'" '.
+                                          'value="'.$option.'"'.$checked{$option}.' />'.$titles{$option}.
+                                          '</label></span>  ';
+                        }
+                        $datatable .= '</fieldset>';
+                    }
+                }
+                $datatable .= '</td></tr>';
+                $itemcount ++;
+            }
+        } elsif ($position eq 'middle') {
+            if ((@instdoms > 1) || (keys(%by_location) > 0)) {
+                if ((ref($types) eq 'ARRAY') && (ref($usertypes) eq 'HASH')) {
+                    foreach my $item (@{$types}) {
+                        $datatable .= &modifiable_userdata_row('privacy','othdom_'.$item,$settings,
+                                                               $numinrow,$itemcount,'','','','','',
+                                                               '',$usertypes->{$item});
+                        $itemcount ++;
+                    }
+                }
+                $datatable .= &modifiable_userdata_row('privacy','othdom_default',$settings,
+                                                       $numinrow,$itemcount,'','','','','',
+                                                       '',$othertitle);
+                $itemcount ++;
+            } else {
+                $datatable .= &mt('Nothing to set here, as there are no other domains');
+            }
+        }
+    } else {
+        my $prefix;
+        if ($position eq 'lower') {
+            $prefix = 'priv';
+        } else {
+            $prefix = 'unpriv';
+        }
+        foreach my $item (@items) {
+            $datatable .= &modifiable_userdata_row('privacy',$prefix.'_'.$item,$settings,
+                                                   $numinrow,$itemcount,'','','','','',
+                                                   '',$names{$item});
+            $itemcount ++;
+        }
+    }
+    if (ref($rowtotal)) {
+        $$rowtotal += $itemcount;
+    }
+    return $datatable;
+}
+
 sub print_passwords {
     my ($position,$dom,$confname,$settings,$rowtotal) = @_;
     my ($datatable,$css_class);
@@ -9366,7 +9493,7 @@
 
 sub modifiable_userdata_row {
     my ($context,$item,$settings,$numinrow,$rowcount,$usertypes,$fieldsref,$titlesref,
-        $rowid,$customcss,$rowstyle) = @_;
+        $rowid,$customcss,$rowstyle,$itemdesc) = @_;
     my ($role,$rolename,$statustype);
     $role = $item;
     if ($context eq 'cancreate') {
@@ -9389,6 +9516,8 @@
         }
     } elsif ($context eq 'lti') {
         $rolename = &mt('Institutional data used (if available)');
+    } elsif ($context eq 'privacy') {
+        $rolename = $itemdesc;
     } else {
         if ($role eq 'cr') {
             $rolename = &mt('Custom role');
@@ -9438,6 +9567,13 @@
             if (ref($settings) eq 'HASH') {
                 $hashref = $settings->{'instdata'};
             }
+        } elsif ($context eq 'privacy') {
+            my ($key,$inner) = split(/_/,$role);
+            if (ref($settings) eq 'HASH') {
+                if (ref($settings->{$key}) eq 'HASH') {
+                    $hashref = $settings->{$key}->{$inner};
+                }
+            }
         } elsif (ref($settings->{$context}) eq 'HASH') {
             if (ref($settings->{$context}->{$role}) eq 'HASH') {
                 $hashref = $settings->{'lti_instdata'};
@@ -9476,6 +9612,24 @@
         unless ($role eq 'emailusername') {
             if (exists($checks{$fields[$i]})) {
                 $check = $checks{$fields[$i]};
+            } elsif ($context eq 'privacy') {
+                if ($role =~ /^priv_(domain|course)$/) {
+                    if (ref($settings) ne 'HASH') {
+                        $check = ' checked="checked" ';
+                    }
+                } elsif ($role =~ /^priv_(author|community)$/) {
+                    if (ref($settings) ne 'HASH') {
+                        unless ($fields[$i] eq 'id') {
+                            $check = ' checked="checked" ';
+                        }
+                    }
+                } elsif ($role =~ /^(unpriv|othdom)_/) {
+                    if (ref($settings) ne 'HASH') {
+                        if (($fields[$i] eq 'lastname') || ($fields[$i] eq 'firstname')) {
+                            $check = ' checked="checked" ';
+                        }
+                    }
+                }
             } elsif ($context ne 'lti') {
                 if ($role eq 'st') {
                     if (ref($settings) ne 'HASH') {
@@ -9504,6 +9658,8 @@
         } else {
             if ($context eq 'lti') {
                 $prefix = 'lti';
+            } elsif ($context eq 'privacy') {
+                $prefix = 'privacy';
             }
             $output .= '<label>'.
                        '<input type="checkbox" name="'.$prefix.'_'.$role.'" '.
@@ -13969,6 +14125,230 @@
     return $resulttext;
 }
 
+sub modify_privacy {
+    my ($dom,%domconfig) = @_;
+    my ($resulttext,%current,%changes);
+    if (ref($domconfig{'privacy'}) eq 'HASH') {
+        %current = %{$domconfig{'privacy'}};
+    }
+    my @fields = ('lastname','firstname','middlename','generation','permanentemail','id');
+    my @items = ('domain','author','course','community');
+    my %names = &Apache::lonlocal::texthash (
+                   domain => 'Assigned domain role(s)',
+                   author => 'Assigned co-author role(s)',
+                   course => 'Assigned course role(s)',
+                   community => 'Assigned community role',
+                );
+    my %roles = &Apache::lonlocal::texthash (
+                   domain => 'Domain role',
+                   author => 'Co-author role',
+                   course => 'Course role',
+                   community => 'Community role',
+                );
+    my %titles = &Apache::lonlocal::texthash (
+                  approval => 'Approval for role in different domain',
+                  othdom   => 'User information available in other domain',
+                  priv     => 'Information viewable by privileged user in same domain',
+                  unpriv   => 'Information viewable by unprivileged user in same domain',
+                  instdom  => 'Other domain shares institution/provider',
+                  extdom   => 'Other domain has different institution/provider',
+                  none     => 'Not allowed',
+                  user     => 'User authorizes',
+                  domain   => 'Domain Coordinator authorizes',
+                  auto     => 'Unrestricted',
+    );
+    my %fieldnames = &Apache::lonlocal::texthash (
+                        id => 'Student/Employee ID',
+                        permanentemail => 'E-mail address',
+                        lastname => 'Last Name',
+                        firstname => 'First Name',
+                        middlename => 'Middle Name',
+                        generation => 'Generation',
+    );
+    my ($othertitle,$usertypes,$types) =
+        &Apache::loncommon::sorted_inst_types($dom);
+    my (%by_ip,%by_location, at intdoms, at instdoms);
+    &build_location_hashes(\@intdoms,\%by_ip,\%by_location,\@instdoms);
+
+    my %privacyhash = (
+                       'approval' => {
+                                       instdom => {},
+                                       extdom  => {},
+                                     },
+                       'othdom'   => {},
+                       'priv'     => {},
+                       'unpriv'   => {},
+                      );
+    foreach my $item (@items) {
+        if (@instdoms > 1) {
+            if ($env{'form.privacy_approval_instdom'.$item} =~ /^(none|user|domain|auto)$/) {
+                $privacyhash{'approval'}{'instdom'}{$item} = $env{'form.privacy_approval_instdom_'.$item};
+            }
+            if (ref($current{'approval'}) eq 'HASH') {
+                if (ref($current{'approval'}{'instdom'}) eq 'HASH') {
+                    unless ($privacyhash{'approval'}{'instdom'}{$item} eq $current{'approval'}{'instdom'}{$item}) {
+                        $changes{'approval'} = 1;
+                    }
+                }
+            } elsif ($privacyhash{'approval'}{'instdom'}{$item} ne 'auto') {
+                $changes{'approval'} = 1;
+            }
+        }
+        if (keys(%by_location) > 0) {
+            if ($env{'form.privacy_approval_extdom_'.$item} =~ /^(none|user|domain|auto)$/) {
+                $privacyhash{'approval'}{'extdom'}{$item} = $env{'form.privacy_approval_extdom_'.$item};
+            }
+            if (ref($current{'approval'}) eq 'HASH') {
+                if (ref($current{'approval'}{'extdom'}) eq 'HASH') {
+                    unless ($privacyhash{'approval'}{'extdom'}{$item} eq $current{'approval'}{'extdom'}{$item}) {
+                        $changes{'approval'} = 1;
+                    }
+                }
+            } elsif ($privacyhash{'approval'}{'extdom'}{$item} ne 'auto') {
+                $changes{'approval'} = 1;
+            }
+        }
+        foreach my $status ('priv','unpriv') {
+            my @possibles = sort(&Apache::loncommon::get_env_multiple('form.privacy_'.$status.'_'.$item));
+            my @newvalues;
+            foreach my $field (@possibles) {
+                if (grep(/^\Q$field\E$/, at fields)) {
+                    $privacyhash{$status}{$item}{$field} = 1;
+                    push(@newvalues,$field);
+                }
+            }
+            @newvalues = sort(@newvalues);
+            if (ref($current{$status}) eq 'HASH') {
+                if (ref($current{$status}{$item}) eq 'HASH') {
+                    my @currvalues = sort(keys(%{$current{$status}{$item}}));
+                    my @diffs = &Apache::loncommon::compare_arrays(\@currvalues,\@newvalues);
+                    if (@diffs > 0) {
+                        $changes{$status} = 1;
+                    }
+                }
+            } else {
+                my @stdfields;
+                foreach my $field (@fields) {
+                    if ($field eq 'id') {
+                        next if ($status eq 'unpriv');
+                        next if (($status eq 'priv') && ($item eq 'community'));
+                    }
+                    push(@stdfields,$field);
+                }
+                my @diffs = &Apache::loncommon::compare_arrays(\@stdfields,\@newvalues);
+                if (@diffs > 0) {
+                    $changes{$status} = 1;
+                }
+            }
+        }
+    }
+    if ((@instdoms > 1) || (keys(%by_location) > 0)) {
+        my @statuses;
+        if (ref($types) eq 'ARRAY') {
+            @statuses = @{$types};
+        }
+        foreach my $type (@statuses,'default') {
+            my @possfields = &Apache::loncommon::get_env_multiple('form.privacy_othdom_'.$type);
+            my @newvalues;
+            foreach my $field (sort(@possfields)) {
+                if (grep(/^\Q$field\E$/, at fields)) {
+                    $privacyhash{'othdom'}{$type}{$field} = 1;
+                    push(@newvalues,$field);
+                }
+            }
+            @newvalues = sort(@newvalues);
+            if (ref($current{'othdom'}) eq 'HASH') {
+                if (ref($current{'othdom'}{$type}) eq 'HASH') {
+                    my @currvalues = sort(keys(%{$current{'othdom'}{$type}}));
+                    my @diffs = &Apache::loncommon::compare_arrays(\@currvalues,\@newvalues);
+                    if (@diffs > 0) {
+                        $changes{'othdom'} = 1;
+                    }
+                }
+            } else {
+                my @stdfields = ('lastname','firstname','middlename','generation','permanentemail');
+                my @diffs = &Apache::loncommon::compare_arrays(\@stdfields,\@newvalues);
+                if (@diffs > 0) {
+                    $changes{'othdom'} = 1;
+                }
+            }
+        }
+    }
+    my %confighash = (
+                        privacy => \%privacyhash,
+                     );
+    my $putresult = &Apache::lonnet::put_dom('configuration',\%confighash,$dom);
+    if ($putresult eq 'ok') {
+        if (keys(%changes) > 0) {
+            $resulttext = &mt('Changes made: ').'<ul>';
+            foreach my $key ('approval','othdom','priv','unpriv') {
+                if ($changes{$key}) {
+                    $resulttext .= '<li>'.$titles{$key}.':<ul>';
+                    if ($key eq 'approval') {
+                        if (keys(%{$privacyhash{$key}{instdom}})) {
+                            $resulttext .= '<li>'.$titles{'instdom'}.'<ul>';
+                            foreach my $item (@items) {
+                                $resulttext .=  '<li>'.$roles{$item}.': '.$titles{$privacyhash{$key}{instdom}{$item}}.'</li>';
+                            }
+                            $resulttext .= '</ul></li>';
+                        }
+                        if (keys(%{$privacyhash{$key}{extdom}})) {
+                            $resulttext .= '<li>'.$titles{'extdom'}.'<ul>';
+                            foreach my $item (@items) {
+                                $resulttext .=  '<li>'.$roles{$item}.': '.$titles{$privacyhash{$key}{extdom}{$item}}.'</li>';
+                            }
+                            $resulttext .= '</ul></li>';
+                        }
+                    } elsif ($key eq 'othdom') {
+                        my @statuses;
+                        if (ref($types) eq 'ARRAY') {
+                            @statuses = @{$types};
+                        }
+                        if (ref($privacyhash{$key}) eq 'HASH') {
+                            foreach my $status (@statuses,'default') {
+                                if ($status eq 'default') {
+                                    $resulttext .= '<li>'.$othertitle.': ';
+                                } elsif (ref($usertypes) eq 'HASH') {
+                                    $resulttext .= '<li>'.$usertypes->{$status}.': ';
+                                } else {
+                                    next;
+                                }
+                                if (ref($privacyhash{$key}{$status}) eq 'HASH') {
+                                    if (keys(%{$privacyhash{$key}{$status}})) {
+                                        $resulttext .= join(', ', map { $fieldnames{$_}; } (sort(keys(%{$privacyhash{$key}{$status}}))));
+                                    } else {
+                                        $resulttext .= &mt('none');
+                                    }
+                                }
+                                $resulttext .= '</li>';
+                            }
+                        }
+                    } else {
+                        foreach my $item (@items) {
+                            if (ref($privacyhash{$key}{$item}) eq 'HASH') {
+                                $resulttext .= '<li>'.$names{$item}.': ';
+                                if (keys(%{$privacyhash{$key}{$item}})) {
+                                    $resulttext .= join(', ', map { $fieldnames{$_}; } (sort(keys(%{$privacyhash{$key}{$item}}))));
+                                } else {
+                                    $resulttext .= &mt('none');
+                                }
+                                $resulttext .= '</li>';
+                            }
+                        }
+                    }
+                    $resulttext .= '</ul></li>';
+                }
+            }
+        } else {
+            $resulttext = &mt('No changes made to user information settings');
+        }
+    } else {
+        $resulttext = '<span class="LC_error">'.
+            &mt('An error occurred: [_1]',$putresult).'</span>';
+    }
+    return $resulttext;
+}
+
 sub modify_passwords {
     my ($r,$dom,$confname,$lastactref,%domconfig) = @_;
     my ($resulttext,%current,%changes,%newvalues, at oktypes,$errors,


More information about the LON-CAPA-cvs mailing list