[LON-CAPA-cvs] cvs: loncom /interface lonuserutils.pm

raeburn lon-capa-cvs-allow@mail.lon-capa.org
Sat, 22 Dec 2007 17:33:27 -0000


This is a MIME encoded message

--raeburn1198344807
Content-Type: text/plain

raeburn		Sat Dec 22 12:33:27 2007 EDT

  Modified files:              
    /loncom/interface	lonuserutils.pm 
  Log:
  Uploading a file of users in domain context
  - default sections for course stored in "sections" form element
  - validation of courseID for selected course to confirm it is valid
  Uploading a file of users in author or course context
  - if users already exist, use user modification rules set by DC to check which user information fields can be updated
  - aggregate any existing roles in current context with intended added role to evaluate user modification rules.
  - validate proposed new section name for conflicts with group names and reserved names (none and all).
  - for courses roles can be assigned for multiple sections (cc and st) excluded, unless uploader has section-specific 'cst' priv.
  - role specified for each user in upload file can be custom role available to uploader.
  - validate proposed role from field in uploaded file with permitted roles uploader can assign
  &roles_on_upload() routine added - returns scalar (true is custom roles allowed, and array of permitted roles uploader can assign.
  
  
--raeburn1198344807
Content-Type: text/plain
Content-Disposition: attachment; filename="raeburn-20071222123327.txt"

Index: loncom/interface/lonuserutils.pm
diff -u loncom/interface/lonuserutils.pm:1.26 loncom/interface/lonuserutils.pm:1.27
--- loncom/interface/lonuserutils.pm:1.26	Fri Dec 21 23:58:45 2007
+++ loncom/interface/lonuserutils.pm	Sat Dec 22 12:33:26 2007
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Utility functions for managing LON-CAPA user accounts
 #
-# $Id: lonuserutils.pm,v 1.26 2007/12/22 04:58:45 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.27 2007/12/22 17:33:26 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -3063,7 +3063,7 @@
     #
     my ($startdate,$enddate) = &get_dates_from_form();
     if ($env{'form.makedatesdefault'}) {
-        $r->print(&make_dates_default($startdate,$enddate));
+        $r->print(&make_dates_default($startdate,$enddate,$context));
     }
     # Determine domain and desired host (home server)
     my $domain=$env{'request.role.domain'};
@@ -3116,22 +3116,59 @@
             $defaultrole = $env{'form.defaultrole'};
         } elsif ($setting eq 'course') {
             $defaultrole = $env{'form.courserole'};
+            $defaultsec = $env{'form.sections'};
         }  
     } elsif ($context eq 'author') {
         $defaultrole = $env{'form.defaultrole'};
-    }
-    if ($context eq 'domain' && $setting eq 'course') { 
-        if ($env{'form.newsec'} ne '') {
-            $defaultsec = $env{'form.newsec'};
-        } elsif ($env{'form.defaultsec'} ne '') {
-            $defaultsec = $env{'form.defaultsec'}
-        }
+    } elsif ($context eq 'course') {
+        $defaultrole = $env{'form.defaultrole'};
+        $defaultsec = $env{'form.sections'};
     }
     if ($env{'request.course.id'} ne '') {
         $cid = $env{'request.course.id'};
-    } elsif ($env{'form.defaultdomain'} ne '' && $env{'form.defaultcourse'} ne '') {
-        $cid = $env{'form.defaultdomain'}.'_'.
-               $env{'form.defaultcourse'};
+    } elsif ($setting eq 'course') {
+        if (&Apache::lonnet::is_course($env{'form.dcdomain'},$env{'form.dccourse'})) {
+            $cid = $env{'form.dcdomain'}.'_'.$env{'form.dccourse'};
+        }
+    }
+    # Check to see if user information can be changed
+    my @userinfo = ('firstname','middlename','lastname','generation',
+                    'permanentemail','id');
+    my %canmodify;
+    if (&Apache::lonnet::allowed('mau',$domain)) {
+        foreach my $field (@userinfo) {
+            $canmodify{$field} = 1;
+        }
+    }
+    my (%userlist,%modifiable_fields,@poss_roles);
+    my $secidx = &Apache::loncoursedata::CL_SECTION();
+    my @courseroles = &roles_by_context('course',1);
+    if (!&Apache::lonnet::allowed('mau',$domain)) {
+        if ($context eq 'course' || $context eq 'author') {
+            @poss_roles =  &curr_role_permissions($context);
+            my @statuses = ('active','future');
+            my ($indexhash,$keylist) = &make_keylist_array();
+            my %info;
+            foreach my $role (@poss_roles) {
+                %{$modifiable_fields{$role}} = &can_modify_userinfo($context,$domain,
+                                                        \@userinfo,[$role]);
+            }
+            if ($context eq 'course') {
+                my ($cnum,$cdom) = &get_course_identity();
+                my $roster = &Apache::loncoursedata::get_classlist();
+                %userlist = %{$roster};
+                my %advrolehash = &Apache::lonnet::get_my_roles($cnum,$cdom,undef,
+                                                         \@statuses,\@poss_roles);
+                &gather_userinfo($context,'view',\%userlist,$indexhash,\%info,
+                                \%advrolehash,$permission);
+            } elsif ($context eq 'author') {
+                my %cstr_roles = &Apache::lonnet::get_my_roles(undef,undef,undef,
+                                                  \@statuses,\@poss_roles);
+                &gather_userinfo($context,'view',\%userlist,$indexhash,\%info,
+                             \%cstr_roles,$permission);
+
+            }
+        }
     }
     if ( $domain eq &LONCAPA::clean_domain($domain)
         && ($amode ne '')) {
@@ -3152,16 +3189,50 @@
                      );
         my $flushc=0;
         my %student=();
-        my %curr_groups;
+        my (%curr_groups,@sections,@cleansec,@secs,$defaultwarn,$groupwarn);
         my %userchg;
-        if ($context eq 'course') {
-            # Get information about course groups
-            %curr_groups = &Apache::longroup::coursegroups();
+        if ($context eq 'course' || $setting eq 'course') {
+            if ($context eq 'course') {
+                # Get information about course groups
+                %curr_groups = &Apache::longroup::coursegroups();
+            } elsif ($setting eq 'course') {
+                if ($cid) {
+                    %curr_groups =
+                        &Apache::longroup::coursegroups($env{'form.dcdomain'},
+                                                        $env{'form.dccourse'});
+                }
+            }
+            # determine section number
+            if ($defaultsec =~ /,/) {
+                push(@sections,split(/,/,$defaultsec));
+            } else {
+                push(@sections,$defaultsec);
+            }
+            # remove non alphanumeric values from section
+            foreach my $item (@sections) {
+                $item =~ s/\W//g;
+                if ($item eq "none" || $item eq 'all') {
+                    $defaultwarn = &mt('Default section name [_1] could not be used as it is a reserved word.',$item);
+                } elsif ($item ne ''  && exists($curr_groups{$item})) {
+                    $groupwarn = &mt('Default section name "[_1]" is the name of a course group. Section names and group names must be distinct.',$item);
+                } elsif ($item ne '') {
+                    push(@cleansec,$item);
+                }
+            }
+            if ($defaultwarn) {
+                $r->print($defaultwarn.'<br />');
+            }
+            if ($groupwarn) {
+                $r->print($groupwarn.'<br />');
+            }
         }
         my (%curr_rules,%got_rules,%alerts);
+        my %customroles = &my_custom_roles();
+        my ($custom_ok,@permitted_roles) =
+            &roles_on_upload($context,%customroles);
         # Get new users list
-        foreach (@userdata) {
-            my %entries=&Apache::loncommon::record_sep($_);
+        foreach my $line (@userdata) {
+            my %entries=&Apache::loncommon::record_sep($line);
             # Determine user name
             unless (($entries{$fields{'username'}} eq '') ||
                     (!defined($entries{$fields{'username'}}))) {
@@ -3189,30 +3260,43 @@
       &mt('<b>[_1]</b>: Unacceptable username for user [_2] [_3] [_4] [_5]',
           $entries{$fields{'username'}},$fname,$mname,$lname,$gen).
                               '</b>');
+                    next;
                 } else {
                     my $username = $entries{$fields{'username'}};
-                    my $sec;
-                    if ($context eq 'course' || $setting eq 'course') {
-                        # determine section number
-                        if (defined($fields{'sec'})) {
-                            if (defined($entries{$fields{'sec'}})) {
-                                $sec=$entries{$fields{'sec'}};
+                    if (defined($fields{'sec'})) {
+                        if (defined($entries{$fields{'sec'}})) {
+                            my $item = $entries{$fields{'sec'}};
+                            $item =~ s/(\s+$|^\s+)//g;
+                            if ($item eq "none" || $item eq 'all') {
+                                $r->print('<br />'.&mt('<b>[_1]</b>: Unable to enroll user [_2] [_3] [_4] [_5] in a section named "[_6]" - this is a reserved word.',$username,$fname,$mname,$lname,$gen,$item));
+                                next;
+                            } elsif (exists($curr_groups{$item})) {
+                                $r->print('<br />'.&mt('<b>[_1]</b>: Unable to enroll user [_2] [_3] [_4] [_5] in a section named "[_6]" - this is a course group.',$username,$fname,$mname,$lname,$gen,$item).' '.&mt('Section names and group names must be distinct.'));
+                                next;
+                            } else {
+                                push(@secs,$item);
                             }
-                        } else {
-                            $sec = $defaultsec;
                         }
-                        # remove non alphanumeric values from section
-                        $sec =~ s/\W//g;
-                        if ($sec eq "none" || $sec eq 'all') {
-                            $r->print('<br />'.
-      &mt('<b>[_1]</b>: Unable to enroll: section name "[_2]" for user [_3] [_4] [_5] [_6] is a reserved word.',
-                                      $username,$sec,$fname,$mname,$lname,$gen));
-                            next;
-                        } elsif (($sec ne '') && (exists($curr_groups{$sec}))) {
-                            $r->print('<br />'.
-      &mt('<b>[_1]</b>: Unable to enroll: section name "[_2]" for user [_3] [_4] [_5] [_6] is a course group. Section names and group names must be distinct.',
-                                      $username,$sec,$fname,$mname,$lname,$gen));
-                            next;
+                    }
+                    if ($env{'request.course.sec'} ne '') {
+                        @secs = ($env{'request.course.sec'});
+                        if (ref($userlist{$username.':'.$domain}) eq 'ARRAY') {
+                            my $currsec = $userlist{$username.':'.$domain}[$secidx];
+                            if ($currsec ne $env{'request.course.sec'}) {
+                                $r->print('<br />'.&mt('<b>[_1]</b>: Unable to enroll user [_2] [_3] [_4] [_5] in a section named "[_6]".',$username,$fname,$mname,$lname,$gen,$secs[0]).'<br />');
+                                if ($currsec eq '') {
+                                    $r->print(&mt('This user already has an active/future student role in the course, unaffiliated to any section.'));
+
+                                } else {
+                                    $r->print(&mt('This user already has an active/future role in section "[_1]" of the course.',$currsec));
+                                }
+                                $r->print('<br />'.&mt('Although your current role has privileges to add students to section "[_1]", you do not have privileges to modify existing enrollments in other sections.',$secs[0]).'<br />');
+                                next;
+                            }
+                        }
+                    } elsif ($context eq 'course' || $setting eq 'course') {
+                        if (@secs == 0) {
+                            @secs = @cleansec;
                         }
                     }
                     # determine id number
@@ -3241,12 +3325,17 @@
                     my $role = '';
                     if (defined($fields{'role'})) {
                         if ($entries{$fields{'role'}}) {
-                            my @poss_roles = 
-                                 &curr_role_permissions($context,$setting);
-                            if (grep(/^\Q$entries{$fields{'role'}}\E/,@poss_roles)) {
+                            if (grep(/^\Q$entries{$fields{'role'}}\E$/,@permitted_roles)) {
                                 $role=$entries{$fields{'role'}};
-                            } else {
-                                my $rolestr = join(', ',@poss_roles);
+                                $role =~ s/(\s+$|^\s+)//g;
+                            }
+                            if ($custom_ok) {
+                                if ($customroles{$role}) {
+                                    $role = 'cr_'.$env{'user.domain'}.'_'.$env{'user.name'}.'_'.$entries{$fields{'role'}};
+                                }
+                            }
+                            if ($role eq '') {
+                                my $rolestr = join(', ',@permitted_roles);
                                 $r->print('<br />'.
       &mt('<b>[_1]</b>: You do not have permission to add the requested role [_2] for the user.',$entries{$fields{'username'}},$entries{$fields{'role'}}).'<br />'.&mt('Allowable role(s) is/are: [_1].',$rolestr)."\n");
                                 next;
@@ -3258,7 +3347,7 @@
                     }
                     # Clean up whitespace
                     foreach (\$domain,\$username,\$id,\$fname,\$mname,
-                             \$lname,\$gen,\$sec,\$role) {
+                             \$lname,\$gen) {
                         $$_ =~ s/(\s+$|^\s+)//g;
                     }
                     # check against rules
@@ -3281,7 +3370,35 @@
                             }
                         }
                     } else {
-# FIXME check if user info can be updated.   
+                        if ($context eq 'course' || $context eq 'author') {
+                            if ($role eq '') {
+                                my @checkroles;
+                                foreach my $role (@poss_roles) {
+                                    my $endkey;
+                                    if ($role ne 'st') {
+                                        $endkey = ':'.$role;
+                                    }
+                                    if (exists($userlist{$username.':'.$domain.$endkey})) {
+                                        if (!grep(/^\Q$role\E$/,@checkroles)) {
+                                            push(@checkroles,$role);
+                                        }
+                                    }
+                                }
+                                if (@checkroles > 0) {
+                                    %canmodify = &can_modify_userinfo($context,$domain,\@userinfo,\@checkroles);
+                                }
+                            } elsif (ref($modifiable_fields{$role}) eq 'HASH') {
+                                %canmodify = %{$modifiable_fields{$role}};
+                            }
+                        }
+                        my @newinfo = (\$fname,\$mname,\$lname,\$gen,\$email,\$id);
+                        for (my $i=0; $i<@userinfo; $i++) {
+                            if (${$newinfo[$i]} ne '') {
+                                if (!$canmodify{$userinfo[$i]}) {
+                                    ${$newinfo[$i]} = '';
+                                }
+                            }
+                        }
                     }
                     if ($id ne '') {
                         if (!$newuser) {
@@ -3306,29 +3423,73 @@
                         }
                     }
                     if ($password || $env{'form.login'} eq 'loc') {
-                        my ($userresult,$authresult,$roleresult);
+                        my $multiple = 0;
+                        my ($userresult,$authresult,$roleresult,$idresult);
+                        my (%userres,%authres,%roleres,%idres);
                         if ($role eq 'st') {
-                            &modifystudent($domain,$username,$cid,$sec,
-                                           $desiredhost);
-                            $roleresult = 
-                                &Apache::lonnet::modifystudent
-                                    ($domain,$username,$id,$amode,$password,
-                                     $fname,$mname,$lname,$gen,$sec,$enddate,
-                                     $startdate,$env{'form.forceid'},
-                                     $desiredhost,$email);
+                            my $sec;
+                            if ($cid) {
+                                if (@secs > 0) {
+                                    $sec = $secs[0];
+                                }
+                                &modifystudent($domain,$username,$cid,$sec,
+                                               $desiredhost);
+                                $roleresult =
+                                    &Apache::lonnet::modifystudent
+                                        ($domain,$username,$id,$amode,$password,
+                                         $fname,$mname,$lname,$gen,$sec,$enddate,
+                                         $startdate,$env{'form.forceid'},
+                                         $desiredhost,$email,'manual','',$cid);
+                                $userresult = $roleresult;
+                            }
                         } else {
-                            ($userresult,$authresult,$roleresult) = 
-                                &modifyuserrole($context,$setting,
-                                    $changeauth,$cid,$domain,$username, 
-                                    $id,$amode,$password,$fname,
-                                    $mname,$lname,$gen,$sec,
-                                    $env{'form.forceid'},$desiredhost,
-                                    $email,$role,$enddate,$startdate,$checkid);
+                            if (($context eq 'course') || 
+                                (grep(/^\Q$role\E$/,@courseroles))) {
+                                if (!$cid) {
+                                    next;
+                                }
+                            }
+                            my $singlesec;
+                            if ((grep(/^\Q$role\E$/,@courseroles)) && ($role ne 'cc')) {
+                                if (@secs > 1) {
+                                    $multiple = 1;
+                                    foreach my $sec (@secs) {
+                                        ($userres{$sec},$authres{$sec},$roleres{$sec},$idres{$sec}) =
+                                            &modifyuserrole($context,$setting,
+                                                $changeauth,$cid,$domain,$username,
+                                                $id,$amode,$password,$fname,
+                                                $mname,$lname,$gen,$sec,
+                                                $env{'form.forceid'},$desiredhost,
+                                                $email,$role,$enddate,$startdate,$checkid);
+                                    }
+                                } elsif (@secs > 0) {
+                                    $singlesec = $secs[0];
+                                }
+                            }
+                            if (!$multiple) {
+                                ($userresult,$authresult,$roleresult) = 
+                                    &modifyuserrole($context,$setting,
+                                        $changeauth,$cid,$domain,$username, 
+                                        $id,$amode,$password,$fname,
+                                        $mname,$lname,$gen,$singlesec,
+                                        $env{'form.forceid'},$desiredhost,
+                                        $email,$role,$enddate,$startdate,$checkid);
+                            }
+                        }
+                        if ($multiple) {
+                            foreach my $sec (sort(keys(%userres))) {
+                               $flushc =
+                                &user_change_result($r,$userres{$sec},$authres{$sec},
+                                                    $roleres{$sec},$idres{$sec},\%counts,$flushc,
+                                                    $username,\%userchg);
+
+                            }
+                        } else {
+                            $flushc = 
+                                &user_change_result($r,$userresult,$authresult,
+                                                    $roleresult,\%counts,$flushc,
+                                                    $username,%userchg);
                         }
-                        $flushc = 
-                            &user_change_result($r,$userresult,$authresult,
-                                                $roleresult,\%counts,$flushc,
-                                                $username,%userchg);
                     } else {
                         if ($context eq 'course') {
                             $r->print('<br />'. 
@@ -4118,6 +4279,27 @@
          || (&Apache::lonnet::allowed('caa',$audom.'/'.$auname))) { return ''; }    return 1;
 }
 
+sub roles_on_upload {
+    my ($context,%customroles) = @_;
+    my (@possible_roles,@permitted_roles);
+    if ($context eq 'domain') {
+        @possible_roles = &curr_role_permissions($context,undef,1);
+        push(@possible_roles,&curr_role_permissions($context,'course',1));
+    } else {
+        @possible_roles = &curr_role_permissions($context,undef,1);
+    }
+    my $custom_ok = 0;
+    foreach my $role (@possible_roles) {
+        if ($role eq 'cr') {
+            $custom_ok = 1;
+            push(@permitted_roles,keys(%customroles));
+        } else {
+            push(@permitted_roles,$role);
+        }
+    }
+    return ($custom_ok,@permitted_roles);
+}
+
 sub get_course_identity {
     my ($cid) = @_;
     my ($cnum,$cdom,$cdesc);

--raeburn1198344807--