[LON-CAPA-cvs] cvs: loncom /interface loncreateuser.pm
matthew
lon-capa-cvs@mail.lon-capa.org
Wed, 07 Aug 2002 18:04:35 -0000
matthew Wed Aug 7 14:04:35 2002 EDT
Modified files:
/loncom/interface loncreateuser.pm
Log:
Bug 565 - user is no longer able to revoke co-author roles for construction
spaces other than their own.
Minor code simplification in places. Actual comments added to explain
new code.
Index: loncom/interface/loncreateuser.pm
diff -u loncom/interface/loncreateuser.pm:1.36 loncom/interface/loncreateuser.pm:1.37
--- loncom/interface/loncreateuser.pm:1.36 Wed Jun 5 14:11:15 2002
+++ loncom/interface/loncreateuser.pm Wed Aug 7 14:04:35 2002
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Create a user
#
-# $Id: loncreateuser.pm,v 1.36 2002/06/05 18:11:15 matthew Exp $
+# $Id: loncreateuser.pm,v 1.37 2002/08/07 18:04:35 matthew Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -47,7 +47,7 @@
# 11/12,11/13,11/15 Scott Harrison
# 02/11/02 Matthew Hall
#
-# $Id: loncreateuser.pm,v 1.36 2002/06/05 18:11:15 matthew Exp $
+# $Id: loncreateuser.pm,v 1.37 2002/08/07 18:04:35 matthew Exp $
###
package Apache::loncreateuser;
@@ -234,6 +234,8 @@
<tr>
END
foreach ('firstname','middlename','lastname','generation') {
+ my $result = &Apache::lonnet::allowed('mau',$ccdomain);
+ &Apache::lonnet::logthis("allowed: mau, $ccdomain = $result");
if (&Apache::lonnet::allowed('mau',$ccdomain)) {
$r->print(<<"END");
<td><input type="text" name="c$_" value="$userenv{$_}" size="15"/></td>
@@ -250,65 +252,80 @@
my ($tmp) = keys(%rolesdump);
unless ($tmp =~ /^(con_lost|error)/i) {
my $now=time;
- $r->print('<hr /><h3>Revoke Existing Roles</h3>'.
- '<table border=2><tr><th>Revoke</th><th>Role</th><th>Extent</th>'.
- '<th>Start</th><th>End</th>');
+ $r->print(<<END);
+<hr />
+<h3>Revoke Existing Roles</h3>
+<table border=2>
+<tr><th>Revoke</th><th>Role</th><th>Extent</th><th>Start</th><th>End</th>
+END
foreach my $area (keys(%rolesdump)) {
- if ($area!~/^rolesdef/) {
- my $role = $rolesdump{$area};
- my $thisrole=$area;
- $area=~s/\_\w\w$//;
- my ($role_code,$role_end_time,$role_start_time) =
- split(/_/,$role);
- my $bgcol='ffffff';
- my $allows=0;
- if ($area=~/^\/(\w+)\/(\d\w+)/) {
- my %coursedata=
- &Apache::lonnet::coursedescription($1.'_'.$2);
- my $carea='Course: '.$coursedata{'description'};
- $inccourses{$1.'_'.$2}=1;
- if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) {
- $allows=1;
- }
- # Compute the background color based on $area
- $bgcol=$1.'_'.$2;
- $bgcol=~s/[^8-9b-e]//g;
- $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6);
- if ($area=~/^\/(\w+)\/(\d\w+)\/(\w+)/) {
+ next if ($area =~ /^rolesdef/);
+ my $role = $rolesdump{$area};
+ my $thisrole=$area;
+ $area =~ s/\_\w\w$//;
+ my ($role_code,$role_end_time,$role_start_time) =
+ split(/_/,$role);
+ my $bgcol='ffffff';
+ my $allowed=0;
+ if ($area =~ /^\/(\w+)\/(\d\w+)/ ) {
+ my %coursedata=
+ &Apache::lonnet::coursedescription($1.'_'.$2);
+ my $carea='Course: '.$coursedata{'description'};
+ $inccourses{$1.'_'.$2}=1;
+ if (&Apache::lonnet::allowed('c'.$role_code,$1.'/'.$2)) {
+ $allowed=1;
+ }
+ # Compute the background color based on $area
+ $bgcol=$1.'_'.$2;
+ $bgcol=~s/[^8-9b-e]//g;
+ $bgcol=substr($bgcol.$bgcol.$bgcol.'ffffff',0,6);
+ if ($area=~/^\/(\w+)\/(\d\w+)\/(\w+)/) {
$carea.='<br>Section/Group: '.$3;
- }
- $area=$carea;
- } else {
- # Determine if current user is able to revoke privileges
- if ($area=~/^\/(\w+)\//) {
- if (&Apache::lonnet::allowed('c'.$role_code,$1)) {
- $allows=1;
- }
- } else {
- if (&Apache::lonnet::allowed('c'.$role_code,'/')) {
- $allows=1;
- }
- }
- }
- $r->print('<tr bgcolor=#"'.$bgcol.'"><td>');
- my $active=1;
- $active=0 if (($role_end_time) && ($now>$role_end_time));
- if (($active) && ($allows)) {
- $r->print('<input type="checkbox" name="rev:'
- .$thisrole.'">');
- } else {
- $r->print(' ');
- }
- $r->print('</td><td>'.
- &Apache::lonnet::plaintext($role_code).
- '</td><td>'.$area.'</td><td>'.
- ($role_start_time ? localtime($role_start_time)
- : ' ' )
- .'</td><td>'.
- ($role_end_time ? localtime($role_end_time)
- : ' ' )
- ."</td></tr>\n");
- }
+ }
+ $area=$carea;
+ } else {
+ # Determine if current user is able to revoke privileges
+ if ($area=~ /^\/(\w+)\//) {
+ if (&Apache::lonnet::allowed('c'.$role_code,$1)) {
+ $allowed=1;
+ }
+ } else {
+ if (&Apache::lonnet::allowed('c'.$role_code,'/')) {
+ $allowed=1;
+ }
+ }
+ }
+ # I have no idea what the hell the above code does
+ # So the following is a check:
+ if ($allowed) {
+ # If we are looking at a co-author role, make sure it is
+ # for the current users construction space before we let
+ # them revoke it.
+ if (($role_code eq 'ca') &&
+ ($ENV{'request.role'} !~ /^dc/)) {
+ if ($area !~
+ /^\/$ENV{'user.domain'}\/$ENV{'user.name'}/) {
+ $allowed = 0;
+ }
+ }
+ }
+ my $row = '';
+ $row.='<tr bgcolor=#"'.$bgcol.'"><td>';
+ my $active=1;
+ $active=0 if (($role_end_time) && ($now>$role_end_time));
+ if (($active) && ($allowed)) {
+ $row.= '<input type="checkbox" name="rev:'.$thisrole.'">';
+ } else {
+ $row.=' ';
+ }
+ $row.= '</td><td>'.&Apache::lonnet::plaintext($role_code).
+ '</td><td>'.$area.
+ '</td><td>'.($role_start_time?localtime($role_start_time)
+ : ' ' ).
+ '</td><td>'.($role_end_time ?localtime($role_end_time)
+ : ' ' )
+ ."</td></tr>\n";
+ $r->print($row);
} # end of foreach (table building loop)
$r->print('</table>');
} # End of unless