--- loncom/interface/createaccount.pm 2014/03/30 23:44:50 1.62 +++ loncom/interface/createaccount.pm 2014/05/30 16:46:03 1.67 @@ -4,7 +4,7 @@ # kerberos, or SSO) or an e-mail address. Requests to use an e-mail address as # username may be processed automatically, or may be queued for approval. # -# $Id: createaccount.pm,v 1.62 2014/03/30 23:44:50 raeburn Exp $ +# $Id: createaccount.pm,v 1.67 2014/05/30 16:46:03 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -170,10 +170,38 @@ sub handler { if (grep(/^sso$/,@{$cancreate})) { $msg = '

'.&mt('Account creation').'

'. &mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution.").'
'; - + my $shibenv; + if (($r->dir_config('lonOtherAuthen') eq 'yes') && + ($r->dir_config('lonOtherAuthenType') eq 'Shibboleth')) { + if (ref($domconfig{'usercreation'}) eq 'HASH') { + if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') { + if (ref($domconfig{'usercreation'}{'cancreate'}{'shibenv'}) eq 'HASH') { + my @possfields = ('firstname','middlename','lastname','generation', + 'permanentemail','id'); + my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($domain); + $shibenv= {}; + foreach my $key (keys(%{$domconfig{'usercreation'}{'cancreate'}{'shibenv'}})) { + if ($key eq 'inststatus') { + if (ref($usertypes) eq 'HASH') { + if ($domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key} ne '') { + if (exists($usertypes->{$domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key}})) { + $shibenv->{$key} = $domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key}; + } + } + } + } elsif (grep(/^\Q$key\E/,@possfields)) { + if ($domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key} ne '') { + $shibenv->{$key} = $domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key}; + } + } + } + } + } + } + } $msg .= &username_check($sso_username,$domain,$domdesc,$courseid, $lonhost,$contact_email,$contact_name, - $sso_logout,$statustocreate); + $sso_logout,$statustocreate,$shibenv); } else { $msg = '

'.&mt('Account creation unavailable').'

'. ''.&mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution, and you are not permitted to create one.").'

'.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email).'
'. @@ -187,10 +215,11 @@ sub handler { my ($output,$nostart,$noend,$redirect); my $token = $env{'form.token'}; if ($token) { + my $usertype = &get_usertype($domain); ($output,$nostart,$noend,$redirect) = &process_mailtoken($r,$token,$contact_name,$contact_email,$domain, $domdesc,$lonhost,$include,$start_page,$cancreate, - $domconfig{'usercreation'}); + $domconfig{'usercreation'},$usertype); if ($redirect) { $r->internal_redirect('/adm/switchserver'); return OK; @@ -259,7 +288,7 @@ sub handler { $gotlondes = 1; } } - if (grep(/^email(|approval)$/,@{$cancreate})) { + if (grep(/^email$/,@{$cancreate})) { $r->print(&javascript_validmail()); } my $usertype = &get_usertype($domain); @@ -511,7 +540,7 @@ sub print_username_form { $domain,'createaccount').''; } } - if (grep(/^email(|approval)$/,@{$cancreate})) { + if (grep(/^email$/,@{$cancreate})) { $output .= '

'.&mt('Create account with an e-mail address as your username').'

'; my ($captchaform,$error,$captcha) = &Apache::loncommon::captcha_display('usercreation',$lonhost); if ($error) { @@ -612,7 +641,7 @@ sub process_email_request { $server,$settings,$emailusername,$courseid,$usertype) = @_; my $output; if (ref($cancreate) eq 'ARRAY') { - if (!grep(/^email(|approval)$/,@{$cancreate})) { + if (!grep(/^email$/,@{$cancreate})) { $output = &invalid_state('noemails',$domdesc, $contact_name,$contact_email); return $output; @@ -755,7 +784,7 @@ sub send_token { sub process_mailtoken { my ($r,$token,$contact_name,$contact_email,$domain,$domdesc,$lonhost, - $include,$start_page,$cancreate,$settings) = @_; + $include,$start_page,$cancreate,$settings,$usertype) = @_; my ($msg,$nostart,$noend,$redirect); my %data = &Apache::lonnet::tmpget($token); my $now = time; @@ -772,36 +801,46 @@ sub process_mailtoken { if ($now - $data{'time'} < 7200) { # Check if request should be queued. if (ref($cancreate) eq 'ARRAY') { + my $disposition; if (grep(/^email$/,@{$cancreate})) { - my ($result,$output,$uhome) = - &create_account($r,$domain,$domdesc,\%data); - if ($result eq 'ok') { - $msg = $output; - my $shownow = &Apache::lonlocal::locallocaltime($now); - my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; - my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'}, - $mailmsg,$contact_name, - $contact_email); - if ($mailresult eq 'ok') { - $msg .= &mt('An e-mail confirming creation of your new LON-CAPA account has been sent to [_1].',$data{'username'}); - } else { - $msg .= &mt('An error occurred when sending e-mail to [_1] confirming creation of your LON-CAPA account.',$data{'username'}); + if (ref($settings) eq 'HASH') { + if (ref($settings->{'cancreate'}) eq 'HASH') { + if (ref($settings->{'cancreate'}{'selfcreateprocessing'}) eq 'HASH') { + $disposition = $settings->{'cancreate'}{'selfcreateprocessing'}{$usertype}; + } } - $redirect = &start_session($r,$data{'username'},$domain,$uhome, - $data{'courseid'},$token); - $nostart = 1; - $noend = 1; + } + if ($disposition eq 'approval') { + $msg = &store_request($domain,$data{'username'},'approval',\%data,$settings); + my $delete = &Apache::lonnet::tmpdel($token); } else { - $msg .= &mt('A problem occurred when attempting to create your new LON-CAPA account.') - .'
'.$output; - if (($contact_name ne '') && ($contact_email ne '')) { - $msg .= &mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); + my ($result,$output,$uhome) = + &create_account($r,$domain,$domdesc,\%data); + if ($result eq 'ok') { + $msg = $output; + my $shownow = &Apache::lonlocal::locallocaltime($now); + my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; + my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'}, + $mailmsg,$contact_name, + $contact_email); + if ($mailresult eq 'ok') { + $msg .= &mt('An e-mail confirming creation of your new LON-CAPA account has been sent to [_1].',$data{'username'}); + } else { + $msg .= &mt('An error occurred when sending e-mail to [_1] confirming creation of your LON-CAPA account.',$data{'username'}); + } + $redirect = &start_session($r,$data{'username'},$domain,$uhome, + $data{'courseid'},$token); + $nostart = 1; + $noend = 1; + } else { + $msg .= &mt('A problem occurred when attempting to create your new LON-CAPA account.') + .'
'.$output; + if (($contact_name ne '') && ($contact_email ne '')) { + $msg .= &mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); + } } + my $delete = &Apache::lonnet::tmpdel($token); } - my $delete = &Apache::lonnet::tmpdel($token); - } elsif (grep(/^emailapproval$/,@{$cancreate})) { - $msg = &store_request($domain,$data{'username'},'approval',\%data,$settings); - my $delete = &Apache::lonnet::tmpdel($token); } else { $msg = &invalid_state('noemails',$domdesc,$contact_name,$contact_email); } @@ -964,7 +1003,12 @@ sub get_creation_controls { if (ref($usercreation->{'cancreate'}{'emailusername'}) eq 'HASH') { $emailusername = $usercreation->{'cancreate'}{'emailusername'}; } else { - $emailusername = {'lastname' => '1', 'firstname' => 1, }; + $emailusername = { + default => { + 'lastname' => '1', + 'firstname' => 1, + }, + }; } } } @@ -991,8 +1035,8 @@ sub create_account { $middlename = $dataref->{'middlename'}; $lastname = $dataref->{'lastname'}; $generation = $dataref->{'generation'}; - $inststatus = $dataref->{'usertype'}; - + $inststatus = $dataref->{'inststatus'}; + my $currhome = &Apache::lonnet::homeserver($username,$domain); unless ($currhome eq 'no_host') { $output = &mt('User account requested for username: [_1] in domain: [_2] already exists.',$username,$domain); @@ -1153,7 +1197,7 @@ sub login_failure_msg { sub username_check { my ($username,$domain,$domdesc,$courseid,$lonhost,$contact_email, - $contact_name,$sso_logout,$statustocreate) = @_; + $contact_name,$sso_logout,$statustocreate,$shibenv) = @_; my (%rulematch,%inst_results,$checkfail,$rowcount,$editable,$output,$msg, %alerts,%curr_rules,%got_rules); &call_rulecheck($username,$domain,\%alerts,\%rulematch, @@ -1189,6 +1233,13 @@ sub username_check { } if (!$checkfail) { $output = '
'; + if (ref($shibenv) eq 'HASH') { + foreach my $key (keys(%{$shibenv})) { + if ($ENV{$shibenv->{$key}} ne '') { + $inst_results{$username.':'.$domain}{$key} = $ENV{$shibenv->{$key}}; + } + } + } (my $datatable,$rowcount,$editable) = &Apache::loncreateuser::personal_data_display($username,$domain,1,'selfcreate', $inst_results{$username.':'.$domain});