[prev in list] [next in list] [prev in thread] [next in thread]
List: lon-capa-cvs
Subject: [LON-CAPA-cvs] cvs: loncom /interface loncoursequeueadmin.pm loncreateuser.pm lonuserutils.pm /lonne
From: raeburn via LON-CAPA-cvs <lon-capa-cvs () mail ! lon-capa ! org>
Date: 2022-11-23 2:55:37
Message-ID: cvsraeburn1669172137 () cvsserver
[Download RAW message or body]
This is a MIME encoded message
raeburn Wed Nov 23 02:55:37 2022 EDT
Modified files:
/loncom/interface loncoursequeueadmin.pm loncreateuser.pm
lonuserutils.pm
/loncom/lonnet/perl lonnet.pm
Log:
- Take into account domain configuration in user's domain for whether approval
(from user's DC or user) is needed to complete assignment of a role in a
domain, authoring space, or course that does not belog to the user's domain.
Work in progress.
["raeburn-20221123025537.txt" (text/plain)]
Index: loncom/interface/loncoursequeueadmin.pm
diff -u loncom/interface/loncoursequeueadmin.pm:1.62 \
loncom/interface/loncoursequeueadmin.pm:1.63
--- loncom/interface/loncoursequeueadmin.pm:1.62 Wed Nov 24 04:25:02 2021
+++ loncom/interface/loncoursequeueadmin.pm Wed Nov 23 02:55:37 2022
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Utilities to administer domain course requests and course self-enroll requests
#
-# $Id: loncoursequeueadmin.pm,v 1.62 2021/11/24 04:25:02 raeburn Exp $
+# $Id: loncoursequeueadmin.pm,v 1.63 2022/11/23 02:55:37 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -144,7 +144,6 @@
push(@rawmsg,{
mt => $msgtxt,
args => ["\n ".$contextdesc.",\n",$timestamp.",\n"],
-
});
if (ref($textstr) eq 'ARRAY') {
push(@rawmsg,@{$textstr});
@@ -270,6 +269,32 @@
if (ref($textstr) eq 'ARRAY') {
push(@rawmsg,@{$textstr});
}
+ } elsif ($context eq 'othdomroleuser') {
+ my $linktext = 'Roles';
+ if (&Apache::loncommon::show_course()) {
+ $linktext = 'Courses';
+ }
+ $rawsubj = 'Role Assignment Approval';
+ push(@rawmsg,{
+ mt => 'A domain different to your own LON-CAPA domain ([_1]) \
wants to assign you a role in their domain.', + args => \
["\n$contextdesc\n"], + },
+ {
+ mt =>"[_1]Click $linktext at top right, then click 'Manage \
Role Requests' in the gray Functions bar ". + "to display a \
list of pending role assignments in other domain(s), which you can either accept or \
reject.", + args => ["\n\n"],
+ });
+ } elsif ($context eq 'othdomroledc') {
+ $rawsubj = 'Role Assignment Authorization';
+ push(@rawmsg,{
+ mt => 'Another LON-CAPA domain wants to assign a role in \
their domain to a user from your domain.', + args => [],
+ },
+ {
+ mt =>'[_1]As Domain Coordinator, use: [_2]Main Menu -> Create \
users or modify the roles and privileges of users + -> Queued Role Assignments (this \
domain) [_3]to display a list of pending requests, which you can either approve or \
reject.', + args => ["\n","\n\n ","\n\n"],
+ });
}
my @to_notify = split(/,/,$notifylist);
my $numsent = 0;
@@ -371,7 +396,7 @@
}
sub display_queued_requests {
- my ($context,$dom,$cnum) = @_;
+ my ($context,$dom,$cnum,$secondary) = @_;
my ($namespace,$formaction,$nextelement,%requesthash);
if ($context eq 'course') {
$formaction = '/adm/createuser';
@@ -388,6 +413,34 @@
$namespace = 'usernamequeue';
%requesthash = &Apache::lonnet::dump_dom($namespace,$dom);
$nextelement = '<input type="hidden" name="state" value="done" />';
+ } elsif ($context eq 'othdomqueue') {
+ $formaction = '/adm/createuser';
+ $namespace = 'othdomqueued';
+ if ($secondary eq 'domain') {
+ %requesthash = &Apache::lonnet::dump_dom($namespace,$dom);
+ foreach my $key (keys(%requesthash)) {
+ delete($requesthash{$key}) if ($key =~ /:(ca|aa)$/);
+ }
+ } elsif ($secondary eq 'author') {
+ %requesthash = &Apache::lonnet::dump($namespace,$dom,$cnum);
+ if ($cnum eq &Apache::lonnet::get_domainconfiguser($dom)) {
+ foreach my $key (keys(%requesthash)) {
+ delete($requesthash{$key}) if ($key !~ /:(ca|aa)$/);
+ }
+ }
+ } else {
+ %requesthash = &Apache::lonnet::dump($namespace,$dom,$cnum);
+ }
+ } elsif ($context eq 'othdomaction') {
+ $formaction = '/adm/createuser';
+ $namespace = 'queuedrolereqs';
+ if ($secondary eq 'domain') {
+ my $confname = &Apache::lonnet::get_domainconfiguser($dom);
+ %requesthash = &Apache::lonnet::dump($namespace,$dom,$confname);
+ } else {
+ %requesthash = &Apache::lonnet::dump($namespace,$dom,$cnum);
+ }
+ $nextelement = '<input type="hidden" name="state" value="done" />';
} else {
$formaction = '/adm/createcourse';
$namespace = 'courserequestqueue';
@@ -418,9 +471,23 @@
} elsif ($context eq 'requestusername') {
$timestamp = $requesthash{$item};
($entry) = (&unescape($item) =~ /^($match_username)_approval$/);
+ } elsif ($context eq 'othdomqueue') {
+ if (ref($requesthash{$item}) eq 'HASH') {
+ my ($puname,$pudom,$prole,$psec) = split(/:/,$item);
+ $timestamp = $requesthash{$item}{'timestamp'};
+ my $adj = $requesthash{$item}{'adj'};
+ $entry = join(':',$puname,$pudom,$prole,$adj,
+ &escape($requesthash{$item}{'requester'}),
+ $psec);
+ }
+ } elsif ($context eq 'othdomaction') {
+ if (ref($requesthash{$item}) eq 'HASH') {
+ $timestamp = $requesthash{$item}{'timestamp'};
+ $entry = \
&escape($item).':'.&escape($requesthash{$item}{'requester'}); + }
} else {
- $timestamp = $requesthash{$item}{'timestamp'};
if (ref($requesthash{$item}) eq 'HASH') {
+ $timestamp = $requesthash{$item}{'timestamp'};
my ($cnum,$disposition) = split('_',$item);
$entry = $cnum.':'.$requesthash{$item}{'ownername'}.':'.
$requesthash{$item}{'ownerdom'}.':';
@@ -453,10 +520,26 @@
$output .= '<h3>'.&mt('Requests for Authoring Space queued pending \
approval by a Domain Coordinator').'</h3>'; } elsif ($context eq 'requestusername') \
{
$output .= '<h3>'.&mt('Requests for LON-CAPA accounts queued pending \
approval by a Domain Coordinator').'</h3>'; + } elsif ($context eq \
'othdomqueue') { + if ($secondary eq 'domain') {
+ $output .= '<h3>'.&mt('Domain role assignments for users from \
another domain, queued pending approval').'</h3>'; + } elsif \
($secondary eq 'author') { + $output .= '<h3>'.&mt('Co-author role \
assignments for users from another domain, queued pending approval').'</h3>'; + \
} elsif ($secondary eq 'course') { + $output .= '<h3>'.&mt('Course \
role assignments for users from another domain, queued pending approval').'</h3>'; + \
} elsif ($secondary eq 'community') { + $output .= \
'<h3>'.&mt('Community role assignments for users from another domain, queued pending \
approval').'</h3>'; + }
+ } elsif ($context eq 'othdomaction') {
+ if ($secondary eq 'user') {
+ $output .= '<h3>'.&mt('Role assignments for you in other \
domains, queued pending your acceptance of the role.').'</h3>'; + } \
elsif ($secondary eq 'domain') { + $output .= '<h3>'.&mt('Role \
assignments in other domains, queued pending domain coordinator approval in this \
domain.').'</h3>'; + }
} else {
$output .= '<h3>'.&mt('Course/Community requests queued pending \
approval by a Domain Coordinator').'</h3>'; }
- $output .= &build_queue_display($dom,$context,\%queue_by_date).
+ $output .= \
&build_queue_display($dom,$context,\%queue_by_date,$secondary).
'<input type="hidden" name="queue" value="approval" />';
} else {
$output .= '<div class="LC_info">';
@@ -470,15 +553,31 @@
$output .= &mt('There are currently no requests for LON-CAPA \
accounts awaiting approval.'); } elsif ($context eq 'domain') {
$output .= &mt('There are currently no course or community requests \
awaiting approval.'); + } elsif ($context eq 'othdomqueue') {
+ if ($secondary eq 'domain') {
+ $output .= &mt('There are currently no domain role assignment(s) \
for user(s) from another domain queued pending approval'); + } elsif \
($secondary eq 'author') { + $output .= &mt('There are currently \
no co-author role assignment(s) for user(s) from another domain queued pending \
approval'); + } elsif ($secondary eq 'course') {
+ $output .= &mt('There are currently no course role assignment(s) \
for user(s) from another domain queued pending approval'); + } elsif \
($secondary eq 'community') { + $output .= &mt('There are \
currently no community role assignment(s) for user(s) from another domain queued \
pending approval'); + }
+ } elsif ($context eq 'othdomaction') {
+ if ($secondary eq 'user') {
+ $output .= &mt('There are currently no pending role assignments \
for you in other domains, queued pending your acceptance of the role.'); + \
} elsif ($secondary eq 'domain') { + $output .= &mt('There are \
currently no pending role assignments in other domains, queued pending domain \
coordinator approval in this domain.'); + }
}
- $output .= '</div>';
+ $output .= '</div>';
}
if ($context eq 'pending') {
$output .= '<br /><input type="submit" name="validationcheck" value="'.
&mt('Validate').'" /><br />'."\n".
'<p>'.&mt('Any course/community requests which are \
successfully validated will be created immediately.').' '.
&mt('Unvalidated requests will be listed for manual \
approval/rejection.').'</p>';
- } elsif (($context ne 'helpdesk') && ($context ne 'displaypending')) {
+ } elsif (($context ne 'helpdesk') && ($context ne 'displaypending') && \
($context ne 'othdomqueue')) {
$output .= '<br /><input type="submit" name="processqueue" \
value="'.&mt('Save').'" />'; }
$output .= '</form>';
@@ -492,6 +591,22 @@
$output .= &mt('There are currently no requests for Authoring Space \
awaiting approval.'); } elsif ($context eq 'requestusername') {
$output .= &mt('There are currently no requests for LON-CAPA accounts \
awaiting approval.'); + } elsif ($context eq 'othdomqueue') {
+ if ($secondary eq 'domain') {
+ $output .= &mt('There are currently no domain role assignment(s) for \
user(s) from another domain queued pending approval'); + } elsif \
($secondary eq 'author') { + $output .= &mt('There are currently no \
co-author role assignment(s) for user(s) from another domain queued pending \
approval'); + } elsif ($secondary eq 'course') {
+ $output .= &mt('There are currently no course role assignment(s) for \
user(s) from another domain queued pending approval'); + } elsif \
($secondary eq 'community') { + $output .= &mt('There are currently no \
community role assignment(s) for user(s) from another domain queued pending \
approval'); + }
+ } elsif ($context eq 'othdomaction') {
+ if ($secondary eq 'user') {
+ $output .= &mt('There are currently no pending role assignments for \
you in other domains, queued pending your acceptance of the role.'); + } \
elsif ($secondary eq 'domain') { + $output .= &mt('There are currently \
no pending role assignments in other domains, queued pending domain coordinator \
approval in this domain.'); + }
} else {
$output .= &mt('There are currently no course or community requests \
awaiting approval.'); }
@@ -501,15 +616,18 @@
}
sub build_queue_display {
- my ($dom,$context,$queue) = @_;
+ my ($dom,$context,$queue,$secondary) = @_;
return unless (ref($queue) eq 'HASH');
- my %crstypes;
- my $output = &Apache::loncommon::start_data_table().
- &Apache::loncommon::start_data_table_header_row();
- unless (($context eq 'pending') || ($context eq 'displaypending') || ($context \
eq 'helpdesk')) { + my (%crstypes,%roles_by_context);
+ my $output = &Apache::loncommon::start_data_table().
+ &Apache::loncommon::start_data_table_header_row();
+ unless (($context eq 'pending') || ($context eq 'displaypending') ||
+ ($context eq 'helpdesk') || ($context eq 'othdomqueue')) {
$output .= '<th>'.&mt('Action').'</th>';
}
- $output .= '<th>'.&mt('Requestor').'</th>';
+ unless (($context eq 'othdomqueue') || (($context eq 'othdomaction') && \
($secondary eq 'user'))) { + $output .= '<th>'.&mt('Requestor').'</th>';
+ }
if ($context eq 'course') {
$output .= '<th>'.&mt('Section').'</th>'.
'<th>'.&mt('Date requested').'</th>';
@@ -518,6 +636,25 @@
} elsif ($context eq 'requestusername') {
$output .= '<th>'.&mt('Date requested').'</th>'.
'<th>'.&mt('Details').'</th>';
+ } elsif ($context eq 'othdomqueue') {
+ $output .= '<th>'.&mt('Date requested').'</th>'.
+ '<th>'.&mt('Role').'</th>';
+ if ($secondary eq 'course') {
+ $output .= '<th>'.&mt('Section').'</th>';
+ }
+ $output .= '<th>'.&mt('Requested for').'</th>'.
+ '<th>'.&mt('Approval needed from').'</th>';
+ } elsif ($context eq 'othdomaction') {
+ $output .= '<th>'.&mt('Date requested').'</th>'.
+ '<th>'.&mt('Role type').'</th>'.
+ '<th>'.&mt('Location').'</th>';
+ if ($secondary eq 'domain') {
+ $output .= '<th>'.&mt('Affected User').'</th>';
+ }
+ foreach my $type ('domain','course') {
+ my @possroles = &Apache::lonuserutils::roles_by_context($type);
+ $roles_by_context{$type} = \@possroles;
+ }
} elsif ($context eq 'pending' || $context eq 'displaypending' || $context eq \
'stillpending') { $output .= '<th>'.&mt('Institutional code').'</th>'.
'<th>'.&mt('Date requested').'</th>'.
@@ -541,7 +678,8 @@
if (ref($queue->{$item}) eq 'ARRAY') {
foreach my $request (sort(@{$queue->{$item}})) {
my ($row,$approve,$reject,$showtime,$showsec,$namelink,
- $detailslink,$crstype,$instcode);
+ $detailslink,$crstype,$instcode,$showrole,$adjudicator,
+ $location,$showrequester);
$showtime = &Apache::lonlocal::locallocaltime($item);
if ($context eq 'course') {
my ($puname,$pudom,$pusec) = split(/:/,$request);
@@ -557,7 +695,7 @@
} elsif ($context eq 'requestauthor') {
if (&Apache::lonnet::homeserver($request,$dom) ne 'no_host') {
$approve = $count.':'.$request;
- $reject = $request;
+ $reject = $request;
$namelink = &Apache::loncommon::aboutmewrapper(
&Apache::loncommon::plainname($request,$dom),
$request,$dom);
@@ -571,6 +709,102 @@
\
"'$dom','$request','$queued'".');">'.$request.'</a>'; $namelink = $request;
}
+ } elsif ($context eq 'othdomqueue') {
+ my ($uname,$udom,$role,$adj,$requester,$sec) = \
split(/:/,$request); + if ($adj eq 'user') {
+ $adjudicator = &mt('Role Assignee');
+ } elsif ($adj eq 'domain') {
+ $adjudicator = &mt("[_1] in user's domain",
+ &Apache::lonnet::plaintext('dc'));
+ }
+ my $crstype;
+ $showrole = &Apache::lonnet::plaintext($role,$crstype);
+ unless (&Apache::lonnet::homeserver($uname,$udom) eq 'no_host') \
{ + $namelink = &Apache::loncommon::plainname($uname,$udom)." \
($uname:$udom)"; + }
+ if ($secondary eq 'course') {
+ $showsec = $sec;
+ if ($showsec eq '') {
+ $showsec = &mt('none');
+ }
+ }
+ } elsif ($context eq 'othdomaction') {
+ my ($extent,$role,$crstype);
+ my ($info,$requester) = map { &unescape($_); } \
split(/:/,$request); + if ($secondary eq 'user') {
+ ($extent,$role) = split(/:/,$info);
+ $approve = $count.':'.$extent.':'.$role;
+ $reject = $extent.':'.$role;
+ } elsif ($secondary eq 'domain') {
+ (my $uname,$extent,$role) = split(/:/,$info);
+ $approve = $count.':'.$extent.':'.$role.':'.$uname.':'.$dom;
+ $reject = $extent.':'.$role.':'.$uname.':'.$dom;
+ unless (&Apache::lonnet::homeserver($uname,$dom) eq \
'no_host') { + $namelink = \
&Apache::loncommon::plainname($uname,$dom); + unless \
($namelink eq $uname.':'.$dom) { + $namelink .= ' \
('.$uname.':'.$dom.')'; + }
+ }
+ }
+ if (($role eq 'ca') || ($role eq 'aa')) {
+ my ($audom,$auname) = ($extent =~ \
m{^/($match_domain)/($match_username)$}); + $location = \
&mt('Author').': '.&Apache::loncommon::plainname($auname,$audom); + \
} elsif ($role eq 'co') { + my ($cdom,$cnum) = ($extent =~ \
m{^/($match_domain)/($match_courseid)}); + if \
(&Apache::lonnet::is_course($cdom,$cnum)) { + my %info = \
&Apache::lonnet::coursedescription("$cdom/$cnum",{'one_time' => 1}); + \
$crstype = $info{'type'}; + $location = \
&mt('Community').': '.$info{'description'}; + $showrole = \
&Apache::lonnet::plaintext($role,'Community'); + }
+ } elsif ($role =~ m{^cr/}) {
+ $showrole = &Apache::lonnet::plaintext($role,$crstype);
+ my ($cdom,$cnum,$csec) = ($extent =~ \
m{^/($match_domain)/($match_courseid)(?:|/(\w+))$}); + if \
(&Apache::lonnet::is_course($cdom,$cnum)) { + my %info = \
&Apache::lonnet::coursedescription("$cdom/$cnum",{'one_time' => 1}); + \
$crstype = $info{'type'}; + $location = &mt($crstype).': \
'.$info{'description'}; + if ($csec ne '') {
+ $location .= ' '.&mt('Section').': '.$csec;
+ }
+ }
+ } else {
+ foreach my $type ('course','domain') {
+ if (grep(/^\Q$role\E$/,@{$roles_by_context{$type}})) {
+ if ($type eq 'course') {
+ my ($cdom,$cnum,$csec) = ($extent =~ \
m{^/($match_domain)/($match_courseid)(?:|/(\w+))$}); + \
if (&Apache::lonnet::is_course($cdom,$cnum)) { + \
my %info = &Apache::lonnet::coursedescription("$cdom/$cnum",{'one_time' => 1}); + \
$crstype = $info{'type'}; + $location = \
&mt($crstype).': '.$info{'description'}; + if \
($csec ne '') { + $location .= ' \
'.&mt('Section').': '.$csec; + }
+ }
+ } else {
+ my ($domain) = ($extent =~ \
m{^/($match_domain)/}); + $location = \
&mt('Domain').': '.&Apache::lonnet::domain($domain,'description'); + \
} + last;
+ }
+ }
+ }
+ if ($role =~ m{^cr/($match_domain)/($match_username)/(\w+)$}) {
+ my ($crudom,$cruname,$rolename) = ($1,$2,$3);
+ my $creator = \
&Apache::loncommon::plainname($cruname,$crudom); + unless \
($creator eq $cruname.':'.$crudom) { + $creator .= ' \
('.$cruname.':'.$crudom.')'; + }
+ $showrole = &mt('Custom role').': '.$rolename.'<br />'.
+ &mt('Created by').' '.$creator;
+ } else {
+ $showrole = &Apache::lonnet::plaintext($role,$crstype);
+ }
+ my ($requname,$requdom) = split(/:/,$requester);
+ $showrequester = \
&Apache::loncommon::plainname($requname,$requdom); + unless \
($showrequester eq $requname.':'.$requdom) { + $showrequester \
.= ' ('.$requname.':'.$requdom.')'; + }
} else {
my ($cnum,$ownername,$ownerdom,$type,$cdesc);
my $queued = 'approval';
@@ -592,7 +826,8 @@
&Apache::loncommon::plainname($ownername,$ownerdom),
$ownername,$ownerdom);
}
- unless (($context eq 'pending') || ($context eq 'displaypending') || \
($context eq 'helpdesk')) { + unless (($context eq 'pending') || \
($context eq 'displaypending') || + ($context eq 'helpdesk') \
|| ($context eq 'othdomqueue')) { $row = '<td><span class="LC_nobreak"><label>'.
'<input type="radio" value="'.$approve.'" \
name="'.$count.'radioreq" />'.&mt('Approve').'</label>'. '<label>'.(' 'x2).
@@ -601,7 +836,9 @@
'<input type="radio" value="'."later:".$reject.'" \
name="'.$count.'radioreq" checked />'.&mt('Decide Later'). '</label></span><br \
/></td>'; }
- $row .= '<td>'.$namelink.'</td>'."\n";
+ unless (($context eq 'othdomqueue') || ($context eq 'othdomaction')) \
{ + $row .= '<td>'.$namelink.'</td>'."\n";
+ }
if ($context eq 'course') {
$row .= '<td>'.$showsec.'</td>'."\n".
'<td>'.$showtime.'</td>'."\n";
@@ -610,7 +847,25 @@
} elsif ($context eq 'requestusername') {
$row .= '<td>'.$showtime.'</td>'."\n".
'<td>'.$detailslink.'</td>'."\n";
- } else {
+ } elsif ($context eq 'othdomqueue') {
+ $row .= '<td>'.$showtime.'</td>'."\n".
+ '<td>'.$showrole.'</td>'."\n";
+ if ($secondary eq 'course') {
+ $row .= '<td>'.$showsec.'</td>'."\n";
+ }
+ $row .= '<td>'.$namelink.'</td>'."\n".
+ '<td>'.$adjudicator.'</td>'."\n";
+ } elsif ($context eq 'othdomaction') {
+ if ($secondary eq 'domain') {
+ $row .= '<td>'.$showrequester.'</td>'."\n";
+ }
+ $row .= '<td>'.$showtime.'</td>'."\n".
+ '<td>'.$showrole.'</td>'."\n".
+ '<td>'.$location.'</td>'."\n";
+ if ($secondary eq 'domain') {
+ $row .= '<td>'.$namelink.'</td>'."\n";
+ }
+ } else {
if ($context eq 'pending' || $context eq 'displaypending' || \
$context eq 'stillpending') { $row .= '<td>'.$instcode.'</td>'."\n";
} else {
@@ -639,7 +894,8 @@
@processing_errors,@warn_approves,@warn_rejects,@approvals,@warn_dels,
@rejections,@rejectionerrors,@nopermissions,%courseroles,@toremove,
%communityroles,%domdefs,%approvalmsg,%rejectionmsg,$crstype,$queue,
- $firsturl,$uniquecode,%codes);
+ $firsturl,$uniquecode,%codes,%roles_by_context,%requesteractive,
+ %gotroles);
my $count=0;
while (my $item = $env{'form.'.$count.'radioreq'}) {
if ($item =~ /^\d+:/) {
@@ -649,7 +905,6 @@
}
$count ++;
}
-
$now = time;
$sender = $env{'user.name'}.':'.$env{'user.domain'};
if ($context eq 'course') {
@@ -723,6 +978,32 @@
mt => 'Your request for a LON-CAPA account has not been \
approved.', }];
$domdesc = &Apache::lonnet::domain($cdom);
+ } elsif (($context eq 'othdombydc') || ($context eq 'othdombyuser')) {
+ $namespace = 'queuedrolereqs';
+ $beneficiary = 'requester';
+ foreach my $type ('domain','course') {
+ my @possroles = &Apache::lonuserutils::roles_by_context($type);
+ $roles_by_context{$type} = \@possroles;
+ }
+ if ($context eq 'othdombydc') {
+ my $confname = &Apache::lonnet::get_domainconfiguser($cdom);
+ %requesthash = &Apache::lonnet::dump($namespace,$cdom,$confname);
+ $approvedmsg = [{
+ mt => 'The role assignment you requested for a user \
from another domain has been approved and the role assigned.', + \
}]; + $rejectedmsg = [{
+ mt => 'The role assignment you requested for a user \
from another domain has not been approved.', + }];
+ } else {
+ %requesthash = &Apache::lonnet::dump($namespace,$cdom,$cnum);
+ $approvedmsg = [{
+ mt => 'The role assignment you requested for a user \
from another domain has been has been agreed to by the user.', + \
}]; + $rejectedmsg = [{
+ mt => 'The role assignment you requested for a user \
from another domain has not been agreed to by the user.', + \
}]; + }
+ $domdesc = &Apache::lonnet::domain($cdom);
} else {
$domdesc = &Apache::lonnet::domain($cdom);
$namespace = 'courserequestqueue';
@@ -948,6 +1229,146 @@
push(@invalidusers,$uname);
}
push(@toremove,@invalidusers);
+ } elsif (($context eq 'othdombydc') || ($context eq 'othdombyuser')) {
+ if ($context eq 'othdombydc') {
+ my ($num,$extent,$role,$uname,$udom) = split(/:/,$item);
+ my ($logmsg,$result);
+ if ($udom eq $cdom) {
+ my $key = $uname.':'.$extent.':'.$role;
+ if (exists($requesthash{$key})) {
+ if (ref($requesthash{$key}) eq 'HASH') {
+ my $requester = $requesthash{$key}->{'requester'};
+ my ($requname,$requdom) = split(/:/,$requester);
+ my $start = $requesthash{$key}->{'start'};
+ my $end = $requesthash{$key}->{'end'};
+ my $credits = $requesthash{$key}->{'credits'};
+ my $reqcontext = $requesthash{$key}->{'context'};
+ if ((&Apache::lonnet::homeserver($uname,$udom) ne \
'no_host') && + \
(&Apache::lonnet::homeserver($requname,$requdom) ne 'no_host')) { + \
if (($role eq 'ca') || ($role eq 'aa')) { + my \
($audom,$auname) = ($extent =~ m{^/($match_domain)/($match_username)$}); + \
if (&Apache::lonnet::homeserver($auname,$audom) ne 'no_host') { + \
if ($requester eq $auname.':'.$audom) { + \
unless ($gotroles{$requester}) { + \
&requester_roles($auname,$audom,\%requesteractive); + \
$gotroles{$requester} = 1; + }
+ if (ref($requesteractive{$requester}) eq \
'HASH') { + if \
($requesteractive{$requester}{':'.$audom.':au'}) { + \
$result = &Apache::lonnet::assignrole($udom,$uname,$extent,$role, + \
$end,$start,'','',$reqcontext); + }
+ }
+ }
+ }
+ } elsif (($role eq 'co') || ($role eq 'cc')) {
+ my ($crsdom,$crsnum) = ($extent =~ \
m{^/($match_domain)/($match_courseid)}); + if \
(&Apache::lonnet::is_course($crsdom,$crsnum)) { + \
my %info = &Apache::lonnet::coursedescription("$crsdom/$crsnum",{'one_time' => 1}); + \
if ((($role eq 'co') && ($info{'type'} eq 'Community')) || + \
(($role eq 'cc') && ($info{'type'} ne 'Community'))) { + \
if ($info{'internal.courseowner'} eq $requester) { + \
unless ($gotroles{$requester}) { + \
&requester_roles($requname,$requdom,\%requesteractive); + \
$gotroles{$requester} = 1; + }
+ if \
(ref($requesteractive{$requester}) eq 'HASH') { + \
if ($requesteractive{$requester}{"$crsnum:$crsdom:$role"}) { + \
$result = + \
&Apache::loncommon::commit_standardrole($udom,$uname,$extent,$role,$start, + \
$end,$crsdom,$crsnum,'', + \
$reqcontext); + }
+ }
+ }
+ }
+ }
+ } elsif ($role =~ \
m{^(cr)/($match_domain)/($match_username)/(\w+)$}) { + \
my ($mrole,$crudom,$cruname,$rolename) = ($1,$2,$3,$4); + \
my ($crsdom,$crsnum,$csec) = + ($extent =~ \
m{^/($match_domain)/($match_courseid)(?:|/(\w+))$}); + \
if (&Apache::lonnet::is_course($crsdom,$crsnum)) { + \
my ($rdummy,$roledef) = + \
&Apache::lonnet::get('roles',["rolesdef_$rolename"],$crudom,$cruname); + \
if (($rdummy ne 'con_lost') && ($roledef ne '')) { + \
unless ($gotroles{$requester}) { + \
&requester_roles($requname,$requdom,\%requesteractive); + \
$gotroles{$requester} = 1; + }
+ if (ref($requesteractive{$requester}) eq \
'HASH') { + if \
(&requester_has_perm($crsdom,$crsnum,$mrole,$requesteractive{$requester})) { + \
$result = &Apache::loncommon::commit_customrole($udom,$uname,$extent,$crudom,$cruname,
+ \
$rolename,$start,$end,$reqcontext); + \
} + }
+ }
+ }
+ } else {
+ my $process;
+ foreach my $type ('course','domain') {
+ if \
(grep(/^\Q$role\E$/,@{$roles_by_context{$type}})) { + \
if ($type eq 'course') { + my \
($crsdom,$crsnum,$csec) = ($extent =~ \
m{^/($match_domain)/($match_courseid)(?:|/(\w+))$}); + \
if (&Apache::lonnet::is_course($crsdom,$crsnum)) { + \
my $typeok; + if ($role eq 'cc') {
+ my %info = \
&Apache::lonnet::coursedescription("$crsdom/$crsnum",{'one_time' => 1}); + \
if ($info{'type'} eq 'Course') { + \
$typeok = 1; + }
+ } else {
+ $typeok = 1;
+ }
+ if ($typeok) {
+ unless \
($gotroles{$requester}) { + \
&requester_roles($requname,$requdom,\%requesteractive); + \
$gotroles{$requester} = 1; + }
+ if \
(ref($requesteractive{$requester}) eq 'HASH') { + \
if (&requester_has_perm($crsdom,$crsnum,$role,$requesteractive{$requester})) { + \
$result = + \
&Apache::loncommon::commit_standardrole($udom,$uname,$extent,$role,$start, + \
$end,$crsdom,$crsnum,$csec, + \
$reqcontext,$credits); + }
+ }
+ }
+ }
+ } else {
+ my ($domain) = ($extent =~ \
m{^/($match_domain)/}); + if \
(&Apache::lonnet::domain($domain) ne '') { + \
unless ($gotroles{$requester}) { + \
&requester_roles($requname,$requdom,\%requesteractive); + \
$gotroles{$requester} = 1; + }
+ if \
(&requester_has_perm($domain,'',$role,$requesteractive{$requester})) { + \
$result = &Apache::lonnet::assignrole($udom,$uname,$extent,$role, + \
$end,$start,'','',$reqcontext); + \
} + }
+ }
+ last;
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ if ($result eq 'ok') {
+ push(@completed,$item);
+ }
+ } else {
+ my ($num,$extent,$role) = split(/:/,$item);
+ if (exists($requesthash{$extent.':'.$role})) {
+ if (ref($requesthash{$extent.':'.$role}) eq 'HASH') {
+#FIXME
+#check if extent is valid
+#check if role is valid
+#check requester privs
+ }
+ }
+ }
} else {
my ($num,$cnum) = split(':',$item);
if (ref($requesthash{$cnum.'_'.$queue}) eq 'HASH') {
@@ -1093,6 +1514,8 @@
@changes = map {$_.'_approval'} (@changes);
} elsif ($context eq 'requestusername') {
@changes = map {&escape($_).'_approval'} (@changes);
+ } elsif (($context eq 'othdombydc') || ($context eq 'othdombyuser')) {
+ @changes = ();
}
if (@rejections) {
foreach my $item (@rejections) {
@@ -1147,6 +1570,8 @@
if ($userresult ne 'ok') {
push(@warn_rejects,$uname);
}
+ } elsif (($context eq 'othdombydc') || ($context eq 'othdombyuser')) {
+#FIXME
} else {
my $cnum = $item;
if (ref($requesthash{$cnum.'_'.$queue}) eq 'HASH') {
@@ -1329,6 +1754,8 @@
$now,'usernamemanagers',$sender,
$approvedlist,$rejectedlist);
}
+ } elsif (($context eq 'othdombydc') || ($context eq 'othdombyuser')) {
+#FIXME
} else {
$chgmsg = "'Action was taken on the following course and community \
requests by [_1].',$namelink"; if (@completed) {
@@ -1594,6 +2021,43 @@
return $output;
}
+sub requester_roles {
+ my ($requname,$requdom,$activeroles) = @_;
+ if (ref($activeroles) eq 'HASH') {
+ my %roleshash = \
&Apache::lonnet::get_my_roles($requname,$requdom,'userroles'); + \
$activeroles->{$requname.':'.$requdom} = \%roleshash; + }
+ return;
+}
+
+sub requester_has_perm {
+ my ($crsdom,$crsnum,$mrole,$requesterroles) = @_;
+ return unless (ref($requesterroles) eq 'HASH');
+ my $has_perm;
+ foreach my $key (keys(%{$requesterroles})) {
+ if ($crsnum eq '') {
+ next unless ($key =~ /^\Q:$crsdom:\E/);
+ } else {
+ next unless (($key =~ /^\Q$crsnum:$crsdom:\E/) || ($key =~ \
/^\Q:$crsdom:\E/)); + }
+ my ($keycrs,$keydom,$keyrole) = split(/:/,$key);
+ if (($keycrs ne '') && ($crsnum ne '')) {
+ if ($keycrs eq $crsnum) {
+ if ($Apache::lonnet::pr{$keyrole.':c'} =~ /(^|:)c\Q$mrole\E(&|:)/) {
+ $has_perm = 1;
+ last;
+ }
+ }
+ } else {
+ if ($Apache::lonnet::pr{$keyrole.':d'} =~ /(^|:)c\Q$mrole\E(&|:)/) {
+ $has_perm = 1;
+ last;
+ }
+ }
+ }
+ return $has_perm;
+}
+
sub get_student_counts {
my ($cdom,$cnum) = @_;
my (%idx,%stucounts);
Index: loncom/interface/loncreateuser.pm
diff -u loncom/interface/loncreateuser.pm:1.464 \
loncom/interface/loncreateuser.pm:1.465
--- loncom/interface/loncreateuser.pm:1.464 Thu Nov 17 19:07:21 2022
+++ loncom/interface/loncreateuser.pm Wed Nov 23 02:55:37 2022
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Create a user
#
-# $Id: loncreateuser.pm,v 1.464 2022/11/17 19:07:21 raeburn Exp $
+# $Id: loncreateuser.pm,v 1.465 2022/11/23 02:55:37 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -3977,7 +3977,13 @@
my ($r,$context,$showcredits) = @_;
my $now=time;
my @rolechanges;
- my %disallowed;
+ my (%disallowed,%got_role_approvals,%got_instdoms,%process_by,%instdoms,
+ %pending,%reject,%notifydc);
+ $got_role_approvals{$context} = '';
+ $process_by{$context} = {};
+ my @domroles = &Apache::lonuserutils::domain_roles();
+ my @cstrroles = &Apache::lonuserutils::construction_space_roles();
+ my @courseroles = &Apache::lonuserutils::roles_by_context('course',1);
$r->print('<h3>'.&mt('Modifying Roles').'</h3>');
foreach my $key (keys(%env)) {
next if (! $env{$key});
@@ -4079,6 +4085,7 @@
if ($key=~/^form\.ren\:([^\_]+)\_([^\_\.]+)$/) {
my $url = $1;
my $role = $2;
+ my $id = $url.'_'.$role;
my $logmsg;
my $output;
if ($role eq 'st') {
@@ -4086,10 +4093,16 @@
my ($cdom,$cnum,$csec) = ($1,$2,$3);
my $credits;
if ($showcredits) {
- my $defaultcredits =
+ my $defaultcredits =
\
&Apache::lonuserutils::get_defaultcredits($cdom,$cnum);
$credits = \
&get_user_credits($defaultcredits,$cdom,$cnum); }
+ unless ($udom eq $cdom) {
+ next if \
(&Apache::lonuserutils::restricted_dom($context,$id,$udom, + \
$uname,$role,$now,0,$cdom,$cnum,$csec,$credits, + \
\%process_by,\%instdoms,\%got_role_approvals, + \
\%got_instdoms,\%reject,\%pending,\%notifydc)); + }
my $result = \
&Apache::loncommon::commit_studentrole(\$logmsg,$udom,$uname,$url,$role,$now,0,$cdom,$cnum,$csec,$context,$credits);
if (($result =~ /^error/) || ($result eq 'not_in_class') || \
($result eq 'unknown_course') || ($result eq 'refused')) { if ($result eq 'refused' \
&& $logmsg) { @@ -4105,6 +4118,22 @@
}
}
} else {
+ my ($cdom,$cnum,$csec);
+ if (grep(/^\Q$role\E$/,@cstrroles)) {
+ ($cdom,$cnum) = ($url =~ \
m{^/($match_domain)/($match_username)$}); + } elsif \
(grep(/^\Q$role\E$/,@domroles)) { + ($cdom) = ($url =~ \
m{^/($match_domain)/$}); + } elsif ($url =~ \
m-^/($match_domain)/($match_courseid)/?(\w*)$-) { + \
($cdom,$cnum,$csec) = ($1,$2,$3); + }
+ if ($cdom ne '') {
+ unless ($udom eq $cdom) {
+ next if \
(&Apache::lonuserutils::restricted_dom($context,$id,$udom, + \
$uname,$role,$now,0,$cdom,$cnum,$csec,'',\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc)); + }
+ }
my $result=&Apache::lonnet::assignrole($env{'form.ccdomain'},
$env{'form.ccuname'},$url,$role,0,$now,'','',
$context);
@@ -4123,6 +4152,17 @@
# Re-enable custom role
if ($key=~m{^form\.ren\:([^_]+)_cr\.cr/($match_domain)/($match_username)/(\w+)$}) \
{ my ($url,$rdom,$rnam,$rolename) = ($1,$2,$3,$4);
+ my $id = $url.'_cr'."/$rdom/$rnam/$rolename";
+ my $role = "cr/$rdom/$rnam/$rolename";
+ if ($url =~ m-^/($match_domain)/($match_courseid)/?(\w*)$-) {
+ my ($cdom,$cnum,$csec) = ($1,$2,$3);
+ unless ($udom eq $cdom) {
+ next if \
(&Apache::lonuserutils::restricted_dom($context,$id,$udom, + \
$uname,$role,$now,0,$cdom,$cnum,$csec,'',\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc)); + }
+ }
my $result = &Apache::lonnet::assigncustomrole(
$env{'form.ccdomain'}, $env{'form.ccuname'},
$url,$rdom,$rnam,$rolename,0,$now,undef,$context);
@@ -4144,6 +4184,8 @@
# Activate a custom role
my ($one,$two,$three,$four,$five)=($1,$2,$3,$4,$5);
my $url='/'.$one.'/'.$two;
+ my $id = $url.'_cr/'."$three/$four/$five";
+ my $role = "cr/$three/$four/$five";
my $full=$one.'_'.$two.'_cr_cr_'.$three.'_'.$four.'_'.$five;
my $start = ( $env{'form.start_'.$full} ?
@@ -4152,15 +4194,22 @@
my $end = ( $env{'form.end_'.$full} ?
$env{'form.end_'.$full} :
0 );
- \
+
# split multiple sections
my %sections = ();
my $num_sections = \
&build_roles($env{'form.sec_'.$full},\%sections,$five); if ($num_sections == 0) {
+ unless ($udom eq $one) {
+ next if \
(&Apache::lonuserutils::restricted_dom($context,$id,$udom, + \
$uname,$role,$start,$end,$one,$two,'','',\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc)); + }
\
$r->print(&Apache::loncommon::commit_customrole($udom,$uname,$url,$three,$four,$five,$start,$end,$context));
} else {
my %curr_groups =
&Apache::longroup::coursegroups($one,$two);
+ my ($restricted,$numchanges);
foreach my $sec (sort {$a cmp $b} keys(%sections)) {
if (($sec eq 'none') || ($sec eq 'all') ||
exists($curr_groups{$sec})) {
@@ -4168,8 +4217,18 @@
next;
}
my $securl = $url.'/'.$sec;
+ my $secid = $securl.'_cr'."/$three/$four/$five";
+ undef($restricted);
+ unless ($udom eq $one) {
+ next if \
(&Apache::lonuserutils::restricted_dom($context,$secid,$udom, + \
$uname,$role,$start,$end,$one,$two,$sec,'',\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc)); + }
+ $numchanges ++;
$r->print(&Apache::loncommon::commit_customrole($udom,$uname,$securl,$three,$four,$five,$start,$end,$context));
}
+ next unless ($numchanges);
}
if (!grep(/^cr$/,@rolechanges)) {
push(@rolechanges,'cr');
@@ -4185,11 +4244,12 @@
$env{'form.end_'.$one.'_'.$two.'_'.$three} :
0 );
my $url='/'.$one.'/'.$two;
+ my $id = $url.'_'.$three;
my $type = 'three';
# split multiple sections
my %sections = ();
my $num_sections = \
&build_roles($env{'form.sec_'.$one.'_'.$two.'_'.$three},\%sections,$three);
- my $credits;
+ my ($credits,$numchanges);
if ($three eq 'st') {
if ($showcredits) {
my $defaultcredits =
@@ -4202,11 +4262,19 @@
}
}
if ($num_sections == 0) {
+ unless ($udom eq $one) {
+ next if \
(&Apache::lonuserutils::restricted_dom($context,$id,$udom, + \
$uname,$three,$start,$end,$one,$two,'',$credits,\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc)); + }
+ $numchanges ++;
\
$r->print(&Apache::loncommon::commit_standardrole($udom,$uname,$url,$three,$start,$end,$one,$two,'',$context,$credits));
} else {
my %curr_groups =
&Apache::longroup::coursegroups($one,$two);
my $emptysec = 0;
+ my $restricted;
foreach my $sec (sort {$a cmp $b} keys(%sections)) {
$sec =~ s/\W//g;
if ($sec ne '') {
@@ -4216,14 +4284,34 @@
next;
}
my $securl = $url.'/'.$sec;
+ my $secid = $securl.'_'.$three;
+ unless ($udom eq $one) {
+ undef($restricted);
+ $restricted = \
&Apache::lonuserutils::restricted_dom($context,$secid,$udom, + \
$uname,$three,$start,$end,$one,$two,$sec,$credits,\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc); + next if ($restricted);
+ }
+ $numchanges ++;
\
$r->print(&Apache::loncommon::commit_standardrole($udom,$uname,$securl,$three,$start,$end,$one,$two,$sec,$context,$credits));
} else {
$emptysec = 1;
}
}
if ($emptysec) {
+ unless ($udom eq $one) {
+ undef($restricted);
+ $restricted = \
&Apache::lonuserutils::restricted_dom($context,$id,$udom, + \
$uname,$three,$start,$end,$one,$two,'',$credits,\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc); + next if ($restricted);
+ }
+ $numchanges ++;
\
$r->print(&Apache::loncommon::commit_standardrole($udom,$uname,$url,$three,$start,$end,$one,$two,'',$context,$credits));
}
+ next unless ($numchanges);
}
if (!grep(/^\Q$three\E$/,@rolechanges)) {
push(@rolechanges,$three);
@@ -4240,24 +4328,54 @@
my $one = $1;
my $two = $2;
my $url='/'.$one.'/';
+ my $id = $url.'_'.$two;
# split multiple sections
my %sections = ();
+ my ($restricted,$numchanges);
my $num_sections = \
&build_roles($env{'form.sec_'.$one.'_'.$two},\%sections,$two); if ($num_sections == \
0) { + unless ($udom eq $one) {
+ $restricted = \
&Apache::lonuserutils::restricted_dom($context,$id,$udom, + \
$uname,$two,$start,$end,$one,$two,'','',\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc); + next if ($restricted);
+ }
+ $numchanges ++;
\
$r->print(&Apache::loncommon::commit_standardrole($udom,$uname,$url,$two,$start,$end,$one,undef,'',$context));
} else {
my $emptysec = 0;
foreach my $sec (sort {$a cmp $b} keys(%sections)) {
if ($sec ne '') {
my $securl = $url.'/'.$sec;
+ my $secid = $securl.'_'.$two;
+ unless ($udom eq $one) {
+ undef($restricted);
+ $restricted = \
&Apache::lonuserutils::restricted_dom($context,$secid,$udom, + \
$uname,$two,$start,$end,$one,$two,$sec,'',\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc); + next if ($restricted);
+ }
+ $numchanges ++;
\
$r->print(&Apache::loncommon::commit_standardrole($udom,$uname,$securl,$two,$start,$end,$one,undef,$sec,$context));
} else {
$emptysec = 1;
}
}
if ($emptysec) {
+ unless ($udom eq $one) {
+ undef($restricted);
+ $restricted = \
&Apache::lonuserutils::restricted_dom($context,$id,$udom, + \
$uname,$two,$start,$end,$one,$two,'','',\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc); + next if ($restricted);
+ }
+ $numchanges ++;
\
$r->print(&Apache::loncommon::commit_standardrole($udom,$uname,$url,$two,$start,$end,$one,undef,'',$context));
}
+ next unless ($numchanges);
}
if (!grep(/^\Q$two\E$/,@rolechanges)) {
push(@rolechanges,$two);
@@ -4281,6 +4399,12 @@
}
}
} # End of foreach (keys(%env))
+ if (keys(%reject)) {
+ $r->print(&Apache::lonuserutils::print_roles_rejected($context,\%reject));
+ }
+ if (keys(%pending)) {
+ $r->print(&Apache::lonuserutils::print_roles_queued($context,\%pending,\%notifydc));
+ }
# Flush the course logs so reverse user roles immediately updated
$r->register_cleanup(\&Apache::lonnet::flushcourselogs);
if (@rolechanges == 0) {
@@ -4335,11 +4459,34 @@
}
}
}
+ my ($startdate,$enddate) = &Apache::lonuserutils::get_dates_from_form();
+ my (%got_role_approvals,%got_instdoms,%process_by,%instdoms,%pending,%reject,%notifydc);
+ unless ($env{'form.ccdomain'} eq \
$env{'course.'.$env{'request.course.id'}.'.domain'}) { + my $cdom = \
$env{'course.'.$env{'request.course.id'}.'.domain'}; + my $cnum = \
$env{'course.'.$env{'request.course.id'}.'.num'}; + my $csec = \
$env{'form.sections'}; + my $id = "/$cdom/$cnum";
+ if ($csec ne '') {
+ $id .= "/$csec";
+ }
+ $id .= '_st';
+ if (&Apache::lonuserutils::restricted_dom($context,$id,$env{'form.ccdomain'},$env{'form.ccuname'},
+ \
'st',$startdate,$enddate,$cdom,$cnum,$csec,$credits, + \
\%process_by,\%instdoms,\%got_role_approvals,\%got_instdoms, + \
\%reject,\%pending,\%notifydc)) { + if (keys(%reject)) {
+ $r->print(&Apache::lonuserutils::print_roles_rejected($context,\%reject));
+ }
+ if (keys(%pending)) {
+ $r->print(&Apache::lonuserutils::print_roles_queued($context,\%pending,\%notifydc));
+ }
+ return;
+ }
+ }
# Clean out any old student roles the user has in this class.
&Apache::lonuserutils::modifystudent($env{'form.ccdomain'},
$env{'form.ccuname'},$env{'request.course.id'},undef,$uhome);
- my ($startdate,$enddate) = &Apache::lonuserutils::get_dates_from_form();
my $enroll_result =
&Apache::lonnet::modify_student_enrollment($env{'form.ccdomain'},
$env{'form.ccuname'},$env{'form.cid'},$env{'form.cfirstname'},
@@ -4701,6 +4848,31 @@
);
}
+sub show_role_requests {
+ my ($caller,$dom) = @_;
+ my $showrolereqs;
+ my %domconfig = &Apache::lonnet::get_dom('configuration',['privacy'],$dom);
+ if (ref($domconfig{'privacy'}) eq 'HASH') {
+ if (ref($domconfig{'privacy'}{'approval'}) eq 'HASH') {
+ my %approvalconf = %{$domconfig{'privacy'}{'approval'}};
+ foreach my $key ('instdom','extdom') {
+ if (ref($approvalconf{$key}) eq 'HASH') {
+ if (keys(%{$approvalconf{$key}})) {
+ foreach my $context ('domain','author','course','community') \
{ + if ($approvalconf{$key}{$context} eq $caller) {
+ $showrolereqs = 1;
+ last if ($showrolereqs);
+ }
+ }
+ }
+ }
+ last if ($showrolereqs);
+ }
+ }
+ }
+ return $showrolereqs;
+}
+
# ================================================================ Main Handler
sub handler {
my $r = shift;
@@ -5381,6 +5553,26 @@
$r->print(&header(undef,{'no_nav_bar' => 1}).
'<span class="LC_error">'.&mt('You do not have permission to \
view helpdesk access').'</span>'); }
+ } elsif ($env{'form.action'} eq 'rolerequests') {
+ if ($permission->{cusr} || $permission->{view}) {
+ &print_queued_roles($r,$context,$permission,$brcrum);
+ }
+ } elsif ($env{'form.action'} eq 'queuedroles') {
+ if (($permission->{cusr}) && ($context eq 'domain')) {
+ if (&show_role_requests($context,$env{'request.role.domain'})) {
+ if ($env{'form.state'} eq 'done') {
+ &process_pendingroles($r,$context,$permission,$brcrum);
+ } else {
+ &print_pendingroles($r,$context,$permission,$brcrum);
+ }
+ } else {
+ $r->print(&header(undef,{'no_nav_bar' => 1}).
+ '<span class="LC_info">'.&mt('Domain coordinator approval \
of requests from other domains for assignment of roles to users from this domain not \
in use.').'</span>'); + }
+ } else {
+ $r->print(&header(undef,{'no_nav_bar' => 1}).
+ '<span class="LC_error">'.&mt('You do not have permission to \
view queued requests from other domains for assignment of roles to users from this \
domain.').'</span>'); + }
} else {
$bread_crumbs_component = 'User Management';
$args = { bread_crumbs => $brcrum,
@@ -5632,6 +5824,7 @@
listusers => 'Show and manage users in this \
community.', },
);
+
if ($linkcontext eq 'domain') {
unless ($permission->{'cusr'}) {
$links{'domain'}{'singleuser'} = 'View a User';
@@ -5877,6 +6070,28 @@
},
);
}
+ push(@{ $menu[2]->{items} },
+ {
+ linktext => 'Role Requests (other domains)',
+ icon => 'edit-find.png',
+ #help => 'Role_Requests',
+ url => '/adm/createuser?action=rolerequests',
+ permission => $permission->{'cusr'},
+ linktitle => 'Role requests for users in other domains',
+ },
+ );
+ if (&show_role_requests($context,$env{'request.role.domain'})) {
+ push(@{ $menu[2]->{items} },
+ {
+ linktext => 'Queued Role Assignments (this domain)',
+ icon => 'edit-find.png',
+ #help => 'Role_Approvals',
+ url => '/adm/createuser?action=queuedroles',
+ permission => $permission->{'cusr'},
+ linktitle => "Role requests for this domain's users",
+ },
+ );
+ }
return Apache::lonhtmlcommon::generate_menu(@menu);
# { text => 'View Log-in History',
# help => 'Course_User_Logins',
@@ -7961,6 +8176,67 @@
return;
}
+sub print_queued_roles {
+ my ($r,$context,$permission,$brcrum) = @_;
+ push (@{$brcrum},
+ {href => '/adm/createuser?action=rolerequests',
+ text => 'Role Requests (other domains)',
+ help => ''});
+ my $bread_crumbs_component = 'Role Requests';
+ my $args = { bread_crumbs => $brcrum,
+ bread_crumbs_component => $bread_crumbs_component};
+ # print page header
+ $r->print(&header('',$args));
+ my ($dom,$cnum);
+ $dom = $env{'request.role.domain'};
+ if ($context eq 'course') {
+ if ($env{'request.course.id'}) {
+ if (&Apache::loncommon::course_type() eq 'Community') {
+ $context = 'community';
+ }
+ $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+ }
+ } elsif ($context eq 'author') {
+ $cnum = $env{'user.name'};
+ }
+ $r->print(&Apache::loncoursequeueadmin::display_queued_requests('othdomqueue',$dom,$cnum,$context));
+ return;
+}
+
+sub print_pendingroles {
+ my ($r,$context,$permission,$brcrum) = @_;
+ push (@{$brcrum},
+ {href => '/adm/createuser?action=queuedroles',
+ text => 'Queued Role Assignments (users in this domain)',
+ help => ''});
+ my $bread_crumbs_component = 'Queued Role Assignments';
+ my $args = { bread_crumbs => $brcrum,
+ bread_crumbs_component => $bread_crumbs_component};
+ # print page header
+ $r->print(&header('',$args));
+ $r->print(&Apache::loncoursequeueadmin::display_queued_requests('othdomaction',$env{'request.role.domain'},'','domain'));
+ return;
+}
+
+sub process_pendingroles {
+ my ($r,$context,$permission,$brcrum) = @_;
+ push (@{$brcrum},
+ {href => '/adm/createuser?action=queuedroles',
+ text => 'Queued Role Assignments (users in this domain)',
+ help => ''},
+ {href => '/adm/createuser?action=processrolereq',
+ text => 'Process Queue',
+ help => ''});
+ my $bread_crumbs_component = 'Queued Role Assignments';
+ my $args = { bread_crumbs => $brcrum,
+ bread_crumbs_component => $bread_crumbs_component};
+ # print page header
+ $r->print(&header('',$args));
+ $r->print(&Apache::loncoursequeueadmin::update_request_queue('othdombydc',
+ \
$env{'request.role.domain'})); + return;
+}
+
sub domain_adhoc_access {
my ($roles,$domcurrent,$accesstypes,$usertypes,$othertitle) = @_;
my %domusage;
Index: loncom/interface/lonuserutils.pm
diff -u loncom/interface/lonuserutils.pm:1.211 loncom/interface/lonuserutils.pm:1.212
--- loncom/interface/lonuserutils.pm:1.211 Thu Nov 17 19:07:21 2022
+++ loncom/interface/lonuserutils.pm Wed Nov 23 02:55:37 2022
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Utility functions for managing LON-CAPA user accounts
#
-# $Id: lonuserutils.pm,v 1.211 2022/11/17 19:07:21 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.212 2022/11/23 02:55:37 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -50,6 +50,7 @@
use Apache::lonnet;
use Apache::loncommon();
use Apache::lonhtmlcommon;
+use Apache::loncoursequeueadmin;
use Apache::lonlocal;
use Apache::longroup;
use HTML::Entities;
@@ -153,6 +154,357 @@
return ($userresult,$authresult,$roleresult,$idresult);
}
+sub role_approval {
+ my ($dom,$context,$process_by,$notifydc) = @_;
+ if (ref($process_by) eq 'HASH') {
+ my %domconfig = &Apache::lonnet::get_dom('configuration',['privacy'],$dom);
+ if (ref($domconfig{'privacy'}) eq 'HASH') {
+ if (ref($notifydc) eq 'ARRAY') {
+ if ($domconfig{'privacy'}{'notify'} ne '') {
+ @{$notifydc} = split(/,/,$domconfig{'privacy'}{'notify'});
+ }
+ }
+ if (ref($domconfig{'privacy'}{'approval'}) eq 'HASH') {
+ my %approvalconf = %{$domconfig{'privacy'}{'approval'}};
+ foreach my $key ('instdom','extdom') {
+ if (ref($approvalconf{$key}) eq 'HASH') {
+ if (keys(%{$approvalconf{$key}})) {
+ $process_by->{$key} = $approvalconf{$key}{$context};
+ }
+ }
+ }
+ }
+ }
+ }
+ return;
+}
+
+sub get_instdoms {
+ my ($udom,$instdoms) = @_;
+ return unless (ref($instdoms) eq 'ARRAY');
+ my @intdoms;
+ my %iphost = &Apache::lonnet::get_iphost();
+ my $primary_id = &Apache::lonnet::domain($udom,'primary');
+ my $primary_ip = &Apache::lonnet::get_host_ip($primary_id);
+ if (ref($iphost{$primary_ip}) eq 'ARRAY') {
+ foreach my $id (@{$iphost{$primary_ip}}) {
+ my $intdom = &Apache::lonnet::internet_dom($id);
+ unless(grep(/^\Q$intdom\E$/,@intdoms)) {
+ push(@intdoms,$intdom);
+ }
+ }
+ }
+ foreach my $ip (keys(%iphost)) {
+ if (ref($iphost{$ip}) eq 'ARRAY') {
+ foreach my $id (@{$iphost{$ip}}) {
+ my $location = &Apache::lonnet::internet_dom($id);
+ if ($location) {
+ if (grep(/^\Q$location\E$/,@intdoms)) {
+ my $dom = &Apache::lonnet::host_domain($id);
+ unless (grep(/^\Q$dom\E/,@{$instdoms})) {
+ push(@{$instdoms},$dom);
+ }
+ }
+ }
+ }
+ }
+ }
+ return;
+}
+
+sub restricted_dom {
+ my ($context,$key,$udom,$uname,$role,$start,$end,$cdom,$cnum,$csec,$credits,
+ $process_by,$instdoms,$got_role_approvals,$got_instdoms,$reject,$pending,
+ $notifydc) = @_;
+ return if ($udom eq $cdom);
+ return unless ((ref($process_by) eq 'HASH') && (ref($instdoms) eq 'HASH') &&
+ (ref($got_role_approvals) eq 'HASH') && (ref($got_instdoms) eq \
'HASH') && + (ref($reject) eq 'HASH') && (ref($pending) eq 'HASH') \
&& + (ref($notifydc) eq 'HASH'));
+ my (%approval,@notify,$gotdata,$skip);
+ if (ref($got_role_approvals->{$context}) eq 'HASH') {
+ if ($got_role_approvals->{$context}{$udom}) {
+ $gotdata = 1;
+ if (ref($process_by->{$context}{$udom}) eq 'HASH') {
+ %approval = %{$process_by->{$context}{$udom}};
+ }
+ }
+ }
+ unless ($gotdata) {
+ &role_approval($udom,$context,\%approval,\@notify);
+ $process_by->{$context} = {
+ $udom => \%approval,
+ };
+ $got_role_approvals->{$context} = {
+ $udom => 1,
+ };
+ $notifydc->{$udom} = \@notify;
+ }
+ if (ref($process_by->{$context}) eq 'HASH') {
+ if (ref($process_by->{$context}{$udom}) eq 'HASH') {
+ my @inst;
+ if ($got_instdoms->{$udom}) {
+ if (ref($instdoms->{$udom}) eq 'ARRAY') {
+ @inst = @{$instdoms->{$udom}};
+ }
+ } else {
+ &get_instdoms(\@inst);
+ $instdoms->{$udom} = \@inst;
+ $got_instdoms->{$udom} = 1;
+ }
+ if (grep(/^\Q$cdom\E$/,@inst)) {
+ if (exists($approval{'instdom'})) {
+ my $rule = $approval{'instdom'};
+ if ($rule eq 'none') {
+ $reject->{$key} = {
+ cdom => $cdom,
+ cnum => $cnum,
+ csec => $csec,
+ udom => $udom,
+ uname => $uname,
+ role => $role,
+ };
+ $skip = 1;
+ } elsif (($rule eq 'user') || ($rule eq 'domain')) {
+ $pending->{$key} = {
+ cdom => $cdom,
+ cnum => $cnum,
+ csec => $csec,
+ udom => $udom,
+ uname => $uname,
+ role => $role,
+ start => $start,
+ end => $end,
+ adj => $rule,
+ };
+ if (($role eq 'st') && ($credits ne '')) {
+ $pending->{$key}->{'credits'} = $credits;
+ }
+ $skip = 1;
+ }
+ }
+ } elsif (exists($approval{'extdom'})) {
+ my $rule = $approval{'extdom'};
+ if ($rule eq 'none') {
+ $reject->{$key} = {
+ cdom => $cdom,
+ cnum => $cnum,
+ csec => $csec,
+ udom => $udom,
+ uname => $uname,
+ role => $role,
+ };
+ $skip = 1;
+ } elsif (($rule eq 'user') || ($rule eq 'domain')) {
+ $pending->{$key} = {
+ cdom => $cdom,
+ cnum => $cnum,
+ csec => $csec,
+ udom => $udom,
+ uname => $uname,
+ role => $role,
+ start => $start,
+ end => $end,
+ adj => $rule,
+ };
+ if (($role eq 'st') && ($credits ne '')) {
+ $pending->{$key}->{'credits'} = $credits;
+ }
+ $skip = 1;
+ }
+ }
+ }
+ }
+ return $skip;
+}
+
+sub print_roles_rejected {
+ my ($context,$reject) = @_;
+ return unless (ref($reject) eq 'HASH');
+ my $output;
+ if (keys(%{$reject}) > 0) {
+ $output = '<p class="LC_warning">'.
+ &mt("The following roles could not be assigned because the user is \
from another domain, and that domain's policies disallow it").'<ul>'; + \
foreach my $key (sort(keys(%{$reject}))) { + if (ref($reject->{$key}) eq \
'HASH') { + my ($crstype,$role,$cdom,$cnum,$title);
+ $role = $reject->{$key}{'role'};
+ $cdom = $reject->{$key}{'cdom'};
+ $cnum = $reject->{$key}{'cnum'};
+ if ($context eq 'domain') {
+ if (&Apache::lonnet::is_course($cdom,$cnum)) {
+ my %coursedata = \
&Apache::lonnet::coursedescription($cdom.'_'.$cnum); + \
$crstype = $coursedata{'type'}; + $title = \
$coursedata{'description'}; + } elsif (($role eq 'ca') || ($role \
eq 'aa')) { + $title = \
&Apache::loncommon::plainname($cnum,$cdom); + }
+ } elsif ($context eq 'course') {
+ $crstype = &Apache::loncommon::course_type();
+ }
+ my $plainrole = \
&Apache::lonnet::plaintext($reject->{$key}{'role'},$crstype); + \
$output .= '<li>'.&mt('User: [_1]',$reject->{$key}{'uname'}).' | '. + \
&mt('Domain: [_1]',$reject->{$key}{'udom'}).' | '. + \
&mt('Role: [_1]',$plainrole); + if ($crstype) {
+ $output .= ' | '.&mt('Section: [_1]',$reject->{$key}{'csec'});
+ } elsif (($context eq 'domain') && (($role eq 'ca') || ($role eq \
'aa'))) { + $output .= ' | '.&mt('Authoring Space belonging to: \
[_1]',$title); + }
+ if (($context eq 'domain') && ($crstype)) {
+ $output .= ' | '.&mt("$crstype: [_1]",$title);
+ }
+ $output .= '</li>';
+ }
+ }
+ $output .= '</ul></p>';
+ }
+ return $output;
+}
+
+sub print_roles_queued {
+ my ($context,$pending,$notifydc) = @_;
+ return unless ((ref($pending) eq 'HASH') && (ref($notifydc) eq 'HASH'));
+ my $output;
+ if (keys(%{$pending}) > 0) {
+ my $now = time;
+ $output = '<p class="LC_warning">'.
+ &mt("The following role assignments have been queued because the \
user is from another domain, and that domain's policies require approval by the user \
themselves or by a domain coordinator in that domain").'<ul>'; + my \
(%todom,%touser,%crsqueue,%caqueue,%domqueue); + my $requester = \
$env{'user.name'}.':'.$env{'user.domain'}; + foreach my $key \
(sort(keys(%{$pending}))) { + if (ref($pending->{$key}) eq 'HASH') {
+ my $role = $pending->{$key}{'role'};
+ my $uname = $pending->{$key}{'uname'};
+ my $udom = $pending->{$key}{'udom'};
+ my $csec = $pending->{$key}{'csec'};
+ my $cdom = $pending->{$key}{'cdom'};
+ my $cnum = $pending->{$key}{'cnum'};
+ my $adj = $pending->{$key}{'adj'};
+ my $start = $pending->{$key}{'start'};
+ my $end = $pending->{$key}{'end'};
+ my $credits = $pending->{$key}{'credits'};
+ my $now = time;
+ my ($crstype,$title);
+ if ($context eq 'course') {
+ $crstype = &Apache::loncommon::course_type();
+ } elsif ($context eq 'domain') {
+ if (&Apache::lonnet::is_course($cdom,$cnum)) {
+ my %coursedata = \
&Apache::lonnet::coursedescription($cdom.'_'.$cnum); + \
$crstype = $coursedata{'type'}; + $title = \
$coursedata{'description'}; + } elsif (($role eq 'ca') || ($role \
eq 'aa')) { + $title = \
&Apache::loncommon::plainname($cnum,$cdom); + }
+ }
+ my $plainrole = &Apache::lonnet::plaintext($role,$crstype);
+ my $extent = "/$cdom/$cnum";
+ $output .= '<li>'.&mt('User: [_1]',$uname).' | '.
+ &mt('Domain: [_1]',$udom).' | '.
+ &mt('Role: [_1]',$plainrole).' | ';
+ if ($crstype) {
+ if ($csec ne '') {
+ $output .= &mt('Section: [_1]',$csec).' | ';
+ $extent .= "/$csec";
+ }
+ }
+ if ($adj eq 'user') {
+ $output .= '<br />'.&mt('Message sent to user for approval');
+ $touser{$uname.':'.$udom}{$extent.':'.$role} = {
+ timestamp => \
$now, + requester \
=> $requester, + \
start => $start, + \
end => $end, + \
credits => $credits, + \
context => $context, + \
}; + } elsif ($adj eq 'domain') {
+ $output .= '<br />'.&mt("Message sent to user's domain \
coordinator for approval"); + \
$todom{$udom}{$uname.':'.$extent.':'.$role} = { + \
timestamp => $now, + \
requester => $requester, + \
start => $start, + \
end => $end, + \
credits => $credits, + \
context => $context, + \
}; + }
+ $output .= '</li>';
+ my $id = $uname.':'.$udom.':'.$role;
+ if (($context eq 'course') || ($crstype)) {
+ $id .= ':'.$csec;
+ $crsqueue{$cdom.'_'.$cnum}{$id} = {
+ timestamp => $now,
+ requester => $requester,
+ adj => $adj,
+ };
+ } elsif (($context eq 'author') ||
+ (($context eq 'domain') && (($role eq 'ca') || ($role eq \
'aa')))) { + $caqueue{$cnum.':'.$cdom}{$id} = {
+ timestamp => $now,
+ requester => $requester,
+ adj => $adj,
+ };
+ } elsif ($context eq 'domain') {
+ $domqueue{$id} = {
+ timestamp => $now,
+ requester => $requester,
+ adj => $adj,
+ };
+ }
+ }
+ }
+ $output .= '</ul></p>';
+ if (keys(%touser)) {
+ foreach my $key (keys(%touser)) {
+ my ($uname,$udom) = split(/:/,$touser{$key});
+ if (&Apache::lonnet::put('queuedrolereqs',$touser{$key},$udom,$uname) \
eq 'ok') { + my $owndomdesc = &Apache::lonnet::domain($udom);
+ \
&Apache::loncoursequeueadmin::send_selfserve_notification($uname.':'.$udom, + \
'','',$owndomdesc,$now,'othdomroleuser',$requester); + }
+ }
+ }
+ if (keys(%todom)) {
+ foreach my $dom (keys(%todom)) {
+ if (ref($todom{$dom}) eq 'HASH') {
+ my $confname = &Apache::lonnet::get_domainconfiguser($dom);
+ if \
(&Apache::lonnet::put('queuedrolereqs',$todom{$dom},$dom,$confname) eq 'ok') { + \
if (ref($notifydc->{$dom}) eq 'ARRAY') { + if \
(@{$notifydc->{$dom}} > 0) { + my $notifylist = \
join(',',@{$notifydc->{$dom}}); + \
&Apache::loncoursequeueadmin::send_selfserve_notification($notifylist, + \
'','','',$now,'othdomroledc',$requester); + }
+ }
+ }
+ }
+ }
+ }
+ if (keys(%crsqueue)) {
+ foreach my $key (keys(%crsqueue)) {
+ my ($cdom,$cnum) = split(/_/,$key);
+ if (ref($crsqueue{$key}) eq 'HASH') {
+ \
&Apache::lonnet::put('othdomqueued',$crsqueue{$key},$cdom,$cnum); + }
+ }
+ }
+ if (keys(%caqueue)) {
+ foreach my $key (keys(%caqueue)) {
+ my ($auname,$audom) = split(/:/,$key);
+ if (ref($caqueue{$key}) eq 'HASH') {
+ \
&Apache::lonnet::put('othdomqueued',$caqueue{$key},$audom,$auname); + \
} + }
+ }
+ if (keys(%domqueue)) {
+ my $confname = \
&Apache::lonnet::get_domainconfiguser($env{'request.role.domain'}); + \
&Apache::lonnet::put('othdomqueued',\%domqueue,$env{'request.role.domain'},$confname);
+ }
+ }
+ return $output;
+}
+
sub propagate_id_change {
my ($uname,$udom,$user) = @_;
my (@types,@roles);
@@ -4168,7 +4520,7 @@
$fieldstype{$field.'_choice'} = 'scalar';
}
&Apache::loncommon::store_course_settings('enrollment_upload',\%fieldstype);
- my ($cid,$crstype,$setting,$crsdom);
+ my ($cid,$crstype,$setting,$crsdom,$crsnum);
if ($context eq 'domain') {
$setting = $env{'form.roleaction'};
}
@@ -4176,11 +4528,13 @@
$cid = $env{'request.course.id'};
$crstype = &Apache::loncommon::course_type();
$crsdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+ $crsnum = $env{'course.'.$env{'request.course.id'}.'.num'};
} elsif ($setting eq 'course') {
if (&Apache::lonnet::is_course($env{'form.dcdomain'},$env{'form.dccourse'})) \
{ $cid = $env{'form.dcdomain'}.'_'.$env{'form.dccourse'};
$crstype = &Apache::loncommon::course_type($cid);
$crsdom = $env{'form.dcdomain'};
+ $crsnum = $env{'form.dccourse'};
}
}
my ($startdate,$enddate) = &get_dates_from_form();
@@ -4365,6 +4719,8 @@
$r->print('<h3>'.&mt('Adding/Modifying Users')."</h3>\n<p>\n");
}
$r->rflush;
+ my (%got_role_approvals,%got_instdoms,%process_by,%instdoms,
+ %pending,%reject,%notifydc);
my %counts = (
user => 0,
@@ -4897,6 +5253,17 @@
$sec = $secs[0];
}
}
+ if ($userdomain ne $env{'request.role.domain'}) {
+ my $item = "/$crsdom/$crsnum" ;
+ if ($sec ne '') {
+ $item .= "/$sec";
+ }
+ $item .= '_st';
+ next if \
(&restricted_dom($context,$item,$userdomain,$username,$role,$startdate, + \
$enddate,$crsdom,$crsnum,$sec,$credits,\%process_by, + \
\%instdoms,\%got_role_approvals,\%got_instdoms,\%reject, + \
\%pending,\%notifydc)); + }
&modifystudent($userdomain,$username,$cid,$sec,
$desiredhost,$context);
$roleresult =
@@ -4908,16 +5275,33 @@
'',$context,$inststatus,$credits);
$userresult = $roleresult;
} else {
- if ($role ne '') {
+ my $possrole;
+ if ($role ne '') {
if ($context eq 'course' || $setting eq 'course') {
if ($customroles{$role}) {
$role = 'cr_'.$env{'user.domain'}.'_'.
$env{'user.name'}.'_'.$role;
}
- if (($role ne 'cc') && ($role ne 'co')) {
+ $possrole = $role;
+ if ($possrole =~ /^cr_/) {
+ $possrole =~ s{_}{/}g;
+ }
+ if (($role ne 'cc') && ($role ne 'co')) {
if (@secs > 1) {
$multiple = 1;
+ my $prefix = "/$crsdom/$crsnum";
foreach my $sec (@secs) {
+ if ($userdomain ne \
$env{'request.role.domain'}) { + my \
$item = $prefix; + if ($sec ne '') {
+ $item .= "/$sec";
+ }
+ $item .= '_'.$possrole;
+ next if \
(&restricted_dom($context,$item,$userdomain,$username,$possrole, + \
$startdate,$enddate,$crsdom,$crsnum,$sec, + \
$credits,\%process_by,\%instdoms,\%got_role_approvals, + \
\%got_instdoms,\%reject,\%pending,\%notifydc)); + \
}
\
($userres{$sec},$authres{$sec},$roleres{$sec},$idres{$sec}) =
&modifyuserrole($context,$setting,
\
$changeauth,$cid,$userdomain,$username, @@ -4931,9 +5315,21 @@
$singlesec = $secs[0];
}
}
+ } else {
+ $possrole = $role;
}
}
if (!$multiple) {
+ if (($userdomain ne $env{'request.role.domain'}) && \
($role ne '')) { + my $item = "/$crsdom/$crsnum";
+ if ($singlesec ne '') {
+ $item .= "/$singlesec";
+ }
+ $item .= '_'.$possrole;
+ next if \
(&restricted_dom($context,$item,$userdomain,$username,$possrole,$startdate,$enddate, \
+ \
$crsdom,$crsnum,$singlesec,$credits,\%process_by,\%instdoms, + \
\%got_role_approvals,\%got_instdoms,\%reject,\%pending,\%notifydc)); + \
}
($userresult,$authresult,$roleresult,$idresult) =
&modifyuserrole($context,$setting,
\
$changeauth,$cid,$userdomain,$username, @@ -4983,6 +5379,12 @@
}
$r->print(&print_namespacing_alerts($domain,\%alerts,\%curr_rules));
$r->print(&passwdrule_alerts($domain,\%showpasswdrules));
+ if (keys(%reject)) {
+ $r->print(&print_roles_rejected($context,\%reject));
+ }
+ if (keys(%pending)) {
+ $r->print(&print_roles_queued($context,\%pending,\%notifydc));
+ }
#####################################
# Display list of students to drop #
#####################################
@@ -5176,7 +5578,8 @@
if ($context eq 'course') {
$crstype = &Apache::loncommon::course_type();
}
- my @changelist;
+ my (@changelist,%got_role_approvals,%got_instdoms,%process_by,%instdoms,
+ %pending,%reject,%notifydc);
if ($choice eq 'drop') {
@changelist = &Apache::loncommon::get_env_multiple('form.droplist');
} else {
@@ -5206,7 +5609,7 @@
foreach my $item (@changelist) {
my ($role,$uname,$udom,$cid,$sec,$scope,$result,$type,$locktype,
@sections,$scopestem,$singlesec,$showsecs,$warn_singlesec,
- $nothingtodo,$keepnosection,$credits,$instsec);
+ $nothingtodo,$keepnosection,$credits,$instsec,$cdom,$cnum);
if ($choice eq 'drop') {
($uname,$udom,$sec) = split(/:/,$item,-1);
$role = 'st';
@@ -5223,6 +5626,8 @@
split(/\:/,$item,8);
$instsec = &unescape($instsec);
$cid = $env{'request.course.id'};
+ $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+ $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
$scopestem = '/'.$cid;
$scopestem =~s/\_/\//g;
if ($sec eq '') {
@@ -5233,15 +5638,20 @@
} elsif ($context eq 'author') {
($uname,$udom,$role) = split(/\:/,$item,-1);
$scope = '/'.$env{'user.domain'}.'/'.$env{'user.name'};
+ $cdom = $env{'user.domain'};
+ $cnum = $env{'user.name'};
} elsif ($context eq 'domain') {
if ($setting eq 'domain') {
($role,$uname,$udom) = split(/\:/,$item,-1);
$scope = '/'.$env{'request.role.domain'}.'/';
+ $cdom = $env{'request.role.domain'};
} elsif ($setting eq 'author') {
($uname,$udom,$role,$scope) = split(/\:/,$item);
+ (undef,$cdom,$cnum) = split(/\//,$scope);
} elsif ($setting eq 'course') {
($uname,$udom,$role,$cid,$sec,$type,$locktype,$credits,$instsec) =
split(/\:/,$item,9);
+ ($cdom,$cnum) = split('_',$cid);
$instsec = &unescape($instsec);
$scope = '/'.$cid;
$scope =~s/\_/\//g;
@@ -5283,7 +5693,11 @@
$start = $startdate;
$end = $enddate;
}
+ my $id = $scope.'_'.$role;
if ($choice eq 'reenable') {
+ next if \
(&restricted_dom($context,$id,$udom,$uname,$role,$now,$end,$cdom,$cnum, + \
$sec,$credits,\%process_by,\%instdoms,\%got_role_approvals, + \
\%got_instdoms,\%reject,\%pending,\%notifydc)); if ($role eq 'st') {
$result = \
&Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid,'',$context,$credits,$instsec);
} else {
@@ -5292,6 +5706,9 @@
$now,'','',$context);
}
} elsif ($choice eq 'activate') {
+ next if \
(&restricted_dom($context,$id,$udom,$uname,$role,$now,$end,$cdom,$cnum, + \
$sec,$credits,\%process_by,\%instdoms,\%got_role_approvals, + \
\%got_instdoms,\%reject,\%pending,\%notifydc)); if ($role eq 'st') {
$result = \
&Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid,'',$context,$credits,$instsec);
} else {
@@ -5299,6 +5716,9 @@
$now,'','',$context);
}
} elsif ($choice eq 'chgdates') {
+ next if \
(&restricted_dom($context,$id,$udom,$uname,$role,$start,$end,$cdom,$cnum, + \
$sec,$credits,\%process_by,\%instdoms,\%got_role_approvals, + \
\%got_instdoms,\%reject,\%pending,\%notifydc)); if ($role eq 'st') {
$result = \
&Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,undef,undef,$sec,$end,$start,$type,$locktype,$cid,'',$context,$credits,$instsec);
} else {
@@ -5508,6 +5928,12 @@
$r->print(&make_dates_default($startdate,$enddate,$context,$crstype));
}
}
+ if (keys(%reject)) {
+ $r->print(&print_roles_rejected($context,\%reject));
+ }
+ if (keys(%pending)) {
+ $r->print(&print_roles_queued($context,\%pending,\%notifydc));
+ }
my $linktext = &mt('Display User Lists');
if ($choice eq 'drop') {
$linktext = &mt('Display current class roster');
Index: loncom/lonnet/perl/lonnet.pm
diff -u loncom/lonnet/perl/lonnet.pm:1.1501 loncom/lonnet/perl/lonnet.pm:1.1502
--- loncom/lonnet/perl/lonnet.pm:1.1501 Sat Nov 5 06:00:07 2022
+++ loncom/lonnet/perl/lonnet.pm Wed Nov 23 02:55:37 2022
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.1501 2022/11/05 06:00:07 raeburn Exp $
+# $Id: lonnet.pm,v 1.1502 2022/11/23 02:55:37 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -10334,7 +10334,7 @@
if ($role =~ /^cr\//) {
my $cwosec=$url;
$cwosec=~s/^\/($match_domain)\/($match_courseid)\/.*/$1\/$2/;
- unless (&allowed('ccr',$cwosec)) {
+ if ((!&allowed('ccr',$cwosec)) && (!&allowed('ccr',$udom))) {
my $refused = 1;
if ($context eq 'requestcourses') {
if (($env{'user.name'} ne '') && ($env{'user.domain'} ne '')) {
_______________________________________________
LON-CAPA-cvs mailing list
LON-CAPA-cvs@mail.lon-capa.org
http://mail.lon-capa.org/mailman/listinfo/lon-capa-cvs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic