--- loncom/interface/domainprefs.pm 2017/11/01 03:00:31 1.160.6.84.2.7 +++ loncom/interface/domainprefs.pm 2023/01/23 17:40:19 1.160.6.118.2.12 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Handler to set domain-wide configuration settings # -# $Id: domainprefs.pm,v 1.160.6.84.2.7 2017/11/01 03:00:31 raeburn Exp $ +# $Id: domainprefs.pm,v 1.160.6.118.2.12 2023/01/23 17:40:19 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -27,7 +27,7 @@ # # ############################################################### -############################################################### +############################################################## =pod @@ -174,6 +174,7 @@ use File::Copy; use Locale::Language; use DateTime::TimeZone; use DateTime::Locale; +use Net::CIDR; my $registered_cleanup; my $modified_urls; @@ -217,10 +218,10 @@ sub handler { 'serverstatuses','requestcourses','helpsettings', 'coursedefaults','usersessions','loadbalancing', 'requestauthor','selfenrollment','inststatus', - 'ltitools'],$dom); + 'passwords','ltitools','ltisec','wafproxy','ipaccess'],$dom); + my %encconfig = + &Apache::lonnet::get_dom('encconfig',['ltitools','linkprot'],$dom,undef,1); if (ref($domconfig{'ltitools'}) eq 'HASH') { - my %encconfig = - &Apache::lonnet::get_dom('encconfig',['ltitools'],$dom); if (ref($encconfig{'ltitools'}) eq 'HASH') { foreach my $id (keys(%{$domconfig{'ltitools'}})) { if (ref($domconfig{'ltitools'}{$id}) eq 'HASH') { @@ -231,12 +232,29 @@ sub handler { } } } - my @prefs_order = ('rolecolors','login','defaults','quotas','autoenroll', - 'autoupdate','autocreate','directorysrch','contacts', - 'usercreation','selfcreation','usermodification','scantron', - 'requestcourses','requestauthor','coursecategories', + if (ref($domconfig{'ltisec'}) eq 'HASH') { + if (ref($domconfig{'ltisec'}{'linkprot'}) eq 'HASH') { + if (ref($encconfig{'linkprot'}) eq 'HASH') { + foreach my $id (keys(%{$domconfig{'ltisec'}{'linkprot'}})) { + unless ($id =~ /^\d+$/) { + delete($domconfig{'ltisec'}{'linkprot'}{$id}); + } + if ((ref($domconfig{'ltisec'}{'linkprot'}{$id}) eq 'HASH') && + (ref($encconfig{'linkprot'}{$id}) eq 'HASH')) { + foreach my $item ('key','secret') { + $domconfig{'ltisec'}{'linkprot'}{$id}{$item} = $encconfig{'linkprot'}{$id}{$item}; + } + } + } + } + } + } + my @prefs_order = ('rolecolors','login','ipaccess','defaults','wafproxy','passwords', + 'quotas','autoenroll','autoupdate','autocreate','directorysrch', + 'contacts','usercreation','selfcreation','usermodification', + 'scantron','requestcourses','requestauthor','coursecategories', 'serverstatuses','helpsettings','coursedefaults', - 'ltitools','selfenrollment','usersessions'); + 'ltitools','selfenrollment','usersessions','lti'); my %existing; if (ref($domconfig{'loadbalancing'}) eq 'HASH') { %existing = %{$domconfig{'loadbalancing'}}; @@ -267,7 +285,10 @@ sub handler { {col1 => 'Log-in Help', col2 => 'Value'}, {col1 => 'Custom HTML in document head', - col2 => 'Value'}], + col2 => 'Value'}, + {col1 => 'SSO', + col2 => 'Dual login: SSO and non-SSO options'}, + ], print => \&print_login, modify => \&modify_login, }, @@ -276,15 +297,40 @@ sub handler { help => 'Domain_Configuration_LangTZAuth', header => [{col1 => 'Setting', col2 => 'Value'}, - {col1 => 'Internal Authentication', - col2 => 'Value'}, {col1 => 'Institutional user types', - col2 => 'Assignable to e-mail usernames'}], + col2 => 'Name displayed'}, + {col1 => 'Mapping for missing usernames via standard log-in', + col2 => 'Rules in use'}], print => \&print_defaults, modify => \&modify_defaults, }, + 'wafproxy' => + { text => 'Web Application Firewall/Reverse Proxy', + help => 'Domain_Configuration_WAF_Proxy', + header => [{col1 => 'Domain(s)', + col2 => 'Servers and WAF/Reverse Proxy alias(es)', + }, + {col1 => 'Domain(s)', + col2 => 'WAF Configuration',}], + print => \&print_wafproxy, + modify => \&modify_wafproxy, + }, + 'passwords' => + { text => 'Passwords (Internal authentication)', + help => 'Domain_Configuration_Passwords', + header => [{col1 => 'Resetting Forgotten Password', + col2 => 'Settings'}, + {col1 => 'Encryption of Stored Passwords (Internal Auth)', + col2 => 'Settings'}, + {col1 => 'Rules for LON-CAPA Passwords', + col2 => 'Settings'}, + {col1 => 'Course Owner Changing Student Passwords', + col2 => 'Settings'}], + print => \&print_passwords, + modify => \&modify_passwords, + }, 'quotas' => - { text => 'Blogs, personal web pages, webDAV/quotas, portfolios', + { text => 'Blogs, personal pages/timezones, webDAV/quotas, portfolio', help => 'Domain_Configuration_Quotas', header => [{col1 => 'User affiliation', col2 => 'Available tools', @@ -337,6 +383,8 @@ sub handler { col2 => 'Value',}, {col1 => 'Recipient(s) for notifications', col2 => 'Value',}, + {col1 => 'Nightly status check e-mail', + col2 => 'Settings',}, {col1 => 'Ask helpdesk form settings', col2 => 'Value',},], print => \&print_contacts, @@ -361,7 +409,7 @@ sub handler { col2 => 'Enabled?'}, {col1 => 'Institutional user type (login/SSO self-creation)', col2 => 'Information user can enter'}, - {col1 => 'Self-creation with e-mail as username', + {col1 => 'Self-creation with e-mail verification', col2 => 'Settings'}], print => \&print_selfcreation, modify => \&modify_selfcreation, @@ -377,11 +425,12 @@ sub handler { modify => \&modify_usermodification, }, 'scantron' => - { text => 'Bubblesheet format file', + { text => 'Bubblesheet format', help => 'Domain_Configuration_Scantron_Format', - header => [ {col1 => 'Item', - col2 => '', - }], + header => [ {col1 => 'Bubblesheet format file', + col2 => ''}, + {col1 => 'Bubblesheet data upload formats', + col2 => 'Settings'}], print => \&print_scantron, modify => \&modify_scantron, }, @@ -497,6 +546,26 @@ sub handler { print => \&print_ltitools, modify => \&modify_ltitools, }, + 'lti' => + {text => 'LTI Link Protection and LTI Consumers', + help => 'Domain_Configuration_LTI_Provider', + header => [{col1 => 'Encryption of shared secrets', + col2 => 'Settings'}, + {col1 => 'Rules for shared secrets', + col2 => 'Settings'}, + {col1 => 'Link Protectors', + col2 => 'Settings'},], + print => \&print_lti, + modify => \&modify_lti, + }, + 'ipaccess' => + {text => 'IP-based access control', + help => 'Domain_Configuration_IP_Access', + header => [{col1 => 'Setting', + col2 => 'Value'},], + print => \&print_ipaccess, + modify => \&modify_ipaccess, + }, ); if (keys(%servers) > 1) { $prefs{'login'} = { text => 'Log-in page options', @@ -504,11 +573,14 @@ sub handler { header => [{col1 => 'Log-in Service', col2 => 'Server Setting',}, {col1 => 'Log-in Page Items', - col2 => ''}, + col2 => 'Settings'}, {col1 => 'Log-in Help', col2 => 'Value'}, {col1 => 'Custom HTML in document head', - col2 => 'Value'}], + col2 => 'Value'}, + {col1 => 'SSO', + col2 => 'Dual login: SSO and non-SSO options'}, + ], print => \&print_login, modify => \&modify_login, }; @@ -549,10 +621,18 @@ $javascript_validations </script> $coursebrowserjs END + } elsif (grep(/^ipaccess$/,@actions)) { + $js .= &Apache::loncommon::coursebrowser_javascript($env{'request.role.domain'}); + } + if (grep(/^selfcreation$/,@actions)) { + $js .= &selfcreate_javascript(); } if (grep(/^contacts$/,@actions)) { $js .= &contacts_javascript(); } + if (grep(/^scantron$/,@actions)) { + $js .= &scantron_javascript(); + } &Apache::lonconfigsettings::display_settings($r,$dom,$phase,$context,\@prefs_order,\%prefs,\%domconfig,$confname,$js); } else { # check if domconfig user exists for the domain. @@ -646,7 +726,7 @@ sub process_changes { } elsif ($action eq 'usercreation') { $output = &modify_usercreation($dom,%domconfig); } elsif ($action eq 'selfcreation') { - $output = &modify_selfcreation($dom,%domconfig); + $output = &modify_selfcreation($dom,$lastactref,%domconfig); } elsif ($action eq 'usermodification') { $output = &modify_usermodification($dom,%domconfig); } elsif ($action eq 'contacts') { @@ -673,8 +753,16 @@ sub process_changes { $output = &modify_usersessions($dom,$lastactref,%domconfig); } elsif ($action eq 'loadbalancing') { $output = &modify_loadbalancing($dom,%domconfig); + } elsif ($action eq 'lti') { + $output = &modify_lti($r,$dom,$action,$lastactref,%domconfig); + } elsif ($action eq 'passwords') { + $output = &modify_passwords($r,$dom,$confname,$lastactref,%domconfig); } elsif ($action eq 'ltitools') { $output = &modify_ltitools($r,$dom,$action,$lastactref,%domconfig); + } elsif ($action eq 'wafproxy') { + $output = &modify_wafproxy($dom,$action,$lastactref,%domconfig); + } elsif ($action eq 'ipaccess') { + $output = &modify_ipaccess($dom,$lastactref,%domconfig); } return $output; } @@ -687,6 +775,8 @@ sub print_config_box { $output = &coursecategories_javascript($settings); } elsif ($action eq 'defaults') { $output = &defaults_javascript($settings); + } elsif ($action eq 'passwords') { + $output = &passwords_javascript($action); } elsif ($action eq 'helpsettings') { my (%privs,%levelscurrent); my %full=(); @@ -703,11 +793,26 @@ sub print_config_box { $output = &Apache::lonuserutils::custom_roledefs_js($context,$crstype,$formname,\%full, \@templateroles); + } elsif ($action eq 'ltitools') { + $output .= <itools_javascript($settings); + } elsif ($action eq 'lti') { + $output .= &passwords_javascript('secrets')."\n". + <i_javascript($dom,$settings); + } elsif ($action eq 'wafproxy') { + $output .= &wafproxy_javascript($dom); + } elsif ($action eq 'autoupdate') { + $output .= &autoupdate_javascript(); + } elsif ($action eq 'autoenroll') { + $output .= &autoenroll_javascript(); + } elsif ($action eq 'login') { + $output .= &saml_javascript(); + } elsif ($action eq 'ipaccess') { + $output .= &ipaccess_javascript($settings); } $output .= '<table class="LC_nested_outer"> <tr> - <th align="left" valign="middle"><span class="LC_nobreak">'. + <th class="LC_left_item LC_middle"><span class="LC_nobreak">'. &mt($item->{text}).' '. &Apache::loncommon::help_open_topic($item->{'help'}).'</span></th>'."\n". '</tr>'; @@ -719,32 +824,40 @@ sub print_config_box { if ($numheaders > 1) { my $colspan = ''; my $rightcolspan = ''; + my $leftnobr = ''; if (($action eq 'rolecolors') || ($action eq 'defaults') || ($action eq 'directorysrch') || - (($action eq 'login') && ($numheaders < 4))) { + (($action eq 'login') && ($numheaders < 5))) { $colspan = ' colspan="2"'; } if ($action eq 'usersessions') { $rightcolspan = ' colspan="3"'; } + if ($action eq 'passwords') { + $leftnobr = ' LC_nobreak'; + } $output .= ' <tr> <td> <table class="LC_nested"> <tr class="LC_info_row"> - <td class="LC_left_item"'.$colspan.'>'.&mt($item->{'header'}->[0]->{'col1'}).'</td> + <td class="LC_left_item'.$leftnobr.'"'.$colspan.'>'.&mt($item->{'header'}->[0]->{'col1'}).'</td> <td class="LC_right_item"'.$rightcolspan.'>'.&mt($item->{'header'}->[0]->{'col2'}).'</td> </tr>'; $rowtotal ++; if (($action eq 'autoupdate') || ($action eq 'usercreation') || ($action eq 'selfcreation') || ($action eq 'usermodification') || ($action eq 'defaults') || ($action eq 'coursedefaults') || ($action eq 'selfenrollment') || ($action eq 'usersessions') || ($action eq 'directorysrch') || - ($action eq 'helpsettings') || ($action eq 'contacts')) { + ($action eq 'helpsettings') || ($action eq 'contacts') || ($action eq 'wafproxy') || ($action eq 'lti')) { $output .= $item->{'print'}->('top',$dom,$settings,\$rowtotal); + } elsif ($action eq 'passwords') { + $output .= $item->{'print'}->('top',$dom,$confname,$settings,\$rowtotal); } elsif ($action eq 'coursecategories') { $output .= $item->{'print'}->('top',$dom,$item,$settings,\$rowtotal); + } elsif ($action eq 'scantron') { + $output .= $item->{'print'}->($r,'top',$dom,$confname,$settings,\$rowtotal); } elsif ($action eq 'login') { - if ($numheaders == 4) { + if ($numheaders == 5) { $colspan = ' colspan="2"'; $output .= &print_login('service',$dom,$confname,$phase,$settings,\$rowtotal); } else { @@ -770,10 +883,13 @@ sub print_config_box { if (($action eq 'autoupdate') || ($action eq 'usercreation') || ($action eq 'selfcreation') || ($action eq 'selfenrollment') || ($action eq 'usersessions') || ($action eq 'coursecategories') || - ($action eq 'contacts') || ($action eq 'defaults')) { + ($action eq 'contacts') || ($action eq 'passwords') || + ($action eq 'defaults') || ($action eq 'lti')) { if ($action eq 'coursecategories') { $output .= &print_coursecategories('middle',$dom,$item,$settings,\$rowtotal); $colspan = ' colspan="2"'; + } elsif ($action eq 'passwords') { + $output .= $item->{'print'}->('middle',$dom,$confname,$settings,\$rowtotal); } else { $output .= $item->{'print'}->('middle',$dom,$settings,\$rowtotal); } @@ -790,16 +906,45 @@ sub print_config_box { </tr>'."\n"; if ($action eq 'coursecategories') { $output .= &print_coursecategories('bottom',$dom,$item,$settings,\$rowtotal); + } elsif (($action eq 'contacts') || ($action eq 'passwords')) { + if ($action eq 'passwords') { + $output .= $item->{'print'}->('lower',$dom,$confname,$settings,\$rowtotal); + } else { + $output .= $item->{'print'}->('lower',$dom,$settings,\$rowtotal); + } + $output .= ' + </tr> + </table> + </td> + </tr> + <tr> + <td> + <table class="LC_nested"> + <tr class="LC_info_row"> + <td class="LC_left_item'.$leftnobr.'"'.$colspan.'>'.&mt($item->{'header'}->[3]->{'col1'}).'</td> + <td class="LC_right_item"'.$colspan.'>'.&mt($item->{'header'}->[3]->{'col2'}).'</td></tr>'."\n"; + if ($action eq 'passwords') { + $output .= $item->{'print'}->('bottom',$dom,$confname,$settings,\$rowtotal); + } else { + $output .= $item->{'print'}->('bottom',$dom,$settings,\$rowtotal); + } + $output .= ' + </table> + </td> + </tr> + <tr>'; } else { $output .= $item->{'print'}->('bottom',$dom,$settings,\$rowtotal); } $rowtotal ++; } elsif (($action eq 'usermodification') || ($action eq 'coursedefaults') || - ($action eq 'defaults') || ($action eq 'directorysrch') || - ($action eq 'helpsettings')) { + ($action eq 'directorysrch') || ($action eq 'helpsettings') || + ($action eq 'wafproxy')) { $output .= $item->{'print'}->('bottom',$dom,$settings,\$rowtotal); + } elsif ($action eq 'scantron') { + $output .= $item->{'print'}->($r,'bottom',$dom,$confname,$settings,\$rowtotal); } elsif ($action eq 'login') { - if ($numheaders == 4) { + if ($numheaders == 5) { $output .= &print_login('page',$dom,$confname,$phase,$settings,\$rowtotal).' </table> </td> @@ -823,7 +968,7 @@ sub print_config_box { <td> <table class="LC_nested"> <tr class="LC_info_row">'; - if ($numheaders == 4) { + if ($numheaders == 5) { $output .= ' <td class="LC_left_item"'.$colspan.'>'.&mt($item->{'header'}->[3]->{'col1'}).'</td> <td class="LC_right_item"'.$colspan.'>'.&mt($item->{'header'}->[3]->{'col2'}).'</td> @@ -835,7 +980,27 @@ sub print_config_box { </tr>'; } $rowtotal ++; - $output .= &print_login('headtag',$dom,$confname,$phase,$settings,\$rowtotal); + $output .= &print_login('headtag',$dom,$confname,$phase,$settings,\$rowtotal).' + </table> + </td> + </tr> + <tr> + <td> + <table class="LC_nested"> + <tr class="LC_info_row">'; + if ($numheaders == 5) { + $output .= ' + <td class="LC_left_item"'.$colspan.'>'.&mt($item->{'header'}->[4]->{'col1'}).'</td> + <td class="LC_right_item"'.$colspan.'>'.&mt($item->{'header'}->[4]->{'col2'}).'</td> + </tr>'; + } else { + $output .= ' + <td class="LC_left_item"'.$colspan.'>'.&mt($item->{'header'}->[3]->{'col1'}).'</td> + <td class="LC_right_item"'.$colspan.'>'.&mt($item->{'header'}->[3]->{'col2'}).'</td> + </tr>'; + } + $rowtotal ++; + $output .= &print_login('saml',$dom,$confname,$phase,$settings,\$rowtotal); } elsif ($action eq 'requestcourses') { $output .= &print_requestmail($dom,$action,$settings,\$rowtotal); $rowtotal ++; @@ -955,10 +1120,8 @@ sub print_config_box { $output .= &print_quotas($dom,$settings,\$rowtotal,$action); } elsif (($action eq 'autoenroll') || ($action eq 'autocreate') || ($action eq 'serverstatuses') || ($action eq 'loadbalancing') || - ($action eq 'ltitools')) { + ($action eq 'ltitools') || ($action eq 'ipaccess')) { $output .= $item->{'print'}->($dom,$settings,\$rowtotal); - } elsif ($action eq 'scantron') { - $output .= &print_scantronformat($r,$dom,$confname,$settings,\$rowtotal); } } $output .= ' @@ -971,8 +1134,12 @@ sub print_config_box { sub print_login { my ($caller,$dom,$confname,$phase,$settings,$rowtotal) = @_; - my ($css_class,$datatable); + my ($css_class,$datatable,$switchserver,%lt); my %choices = &login_choices(); + if (($caller eq 'help') || ($caller eq 'headtag') || ($caller eq 'saml')) { + %lt = &login_file_options(); + $switchserver = &check_switchserver($dom,$confname); + } if ($caller eq 'service') { my %servers = &Apache::lonnet::internet_dom_servers($dom); @@ -1060,6 +1227,7 @@ sub print_login { } } my @images = ('img','logo','domlogo','login'); + my @alttext = ('img','logo','domlogo'); my @logintext = ('textcol','bgcol'); my @bgs = ('pgbg','mainbg','sidebg'); my @links = ('link','alink','vlink'); @@ -1101,6 +1269,13 @@ sub print_login { $designs{'showlogo'}{$item} = $settings->{'showlogo'}{$item}; } } + foreach my $item (@alttext) { + if (ref($settings->{'alttext'}) eq 'HASH') { + if ($settings->{'alttext'}->{$item} ne '') { + $designs{'alttext'}{$item} = $settings->{'alttext'}{$item}; + } + } + } foreach my $item (@logintext) { if ($settings->{$item} ne '') { $designs{'logintext'}{$item} = $settings->{$item}; @@ -1167,18 +1342,10 @@ sub print_login { $datatable .= &display_color_options($dom,$confname,$phase,'login',$itemcount,\%choices,\%is_custom,\%defaults,\%designs,\@images,\@bgs,\@links,\%alt_text,$rowtotal,\@logintext); $datatable .= '</tr></table></td></tr>'; } elsif ($caller eq 'help') { - my ($defaulturl,$defaulttype,%url,%type,%lt,%langchoices); - my $switchserver = &check_switchserver($dom,$confname); + my ($defaulturl,$defaulttype,%url,%type,%langchoices); my $itemcount = 1; $defaulturl = '/adm/loginproblems.html'; $defaulttype = 'default'; - %lt = &Apache::lonlocal::texthash ( - del => 'Delete?', - rep => 'Replace:', - upl => 'Upload:', - default => 'Default', - custom => 'Custom', - ); %langchoices = &Apache::lonlocal::texthash(&get_languages_hash()); my @currlangs; if (ref($settings) eq 'HASH') { @@ -1275,14 +1442,6 @@ sub print_login { } } } - my %lt = &Apache::lonlocal::texthash( - del => 'Delete?', - rep => 'Replace:', - upl => 'Upload:', - curr => 'View contents', - none => 'None', - ); - my $switchserver = &check_switchserver($dom,$confname); foreach my $lonhost (sort(keys(%domservers))) { my $exempt = &check_exempt_addresses($currexempt{$lonhost}); $datatable .= '<tr><td>'.$domservers{$lonhost}.'</td>'; @@ -1303,7 +1462,102 @@ sub print_login { } else { $datatable .= '<input type="file" name="loginheadtag_'.$lonhost.'" />'; } - $datatable .= '</td><td><input type="textbox" name="loginheadtagexempt_'.$lonhost.'" value="'.$exempt.'" /></td></tr>'; + $datatable .= '</td><td><input type="text" name="loginheadtagexempt_'.$lonhost.'" value="'.$exempt.'" /></td></tr>'; + } + $datatable .= '</table></td></tr>'; + } elsif ($caller eq 'saml') { + my %domservers = &Apache::lonnet::get_servers($dom); + $datatable .= '<tr><td colspan="3" style="text-align: left">'. + '<table><tr><th>'.$choices{'hostid'}.'</th>'. + '<th>'.$choices{'samllanding'}.'</th>'. + '<th>'.$choices{'samloptions'}.'</th></tr>'."\n"; + my (%saml,%samltext,%samlimg,%samlalt,%samlurl,%samltitle,%samlwindow,%samlnotsso,%styleon,%styleoff); + foreach my $lonhost (keys(%domservers)) { + $samlurl{$lonhost} = '/adm/sso'; + $styleon{$lonhost} = 'display:none'; + $styleoff{$lonhost} = ''; + } + if ((ref($settings) eq 'HASH') && (ref($settings->{'saml'}) eq 'HASH')) { + foreach my $lonhost (keys(%{$settings->{'saml'}})) { + if (ref($settings->{'saml'}{$lonhost}) eq 'HASH') { + $saml{$lonhost} = 1; + $samltext{$lonhost} = $settings->{'saml'}{$lonhost}{'text'}; + $samlimg{$lonhost} = $settings->{'saml'}{$lonhost}{'img'}; + $samlalt{$lonhost} = $settings->{'saml'}{$lonhost}{'alt'}; + $samlurl{$lonhost} = $settings->{'saml'}{$lonhost}{'url'}; + $samltitle{$lonhost} = $settings->{'saml'}{$lonhost}{'title'}; + $samlwindow{$lonhost} = $settings->{'saml'}{$lonhost}{'window'}; + $samlnotsso{$lonhost} = $settings->{'saml'}{$lonhost}{'notsso'}; + $styleon{$lonhost} = ''; + $styleoff{$lonhost} = 'display:none'; + } else { + $styleon{$lonhost} = 'display:none'; + $styleoff{$lonhost} = ''; + } + } + } + my $itemcount = 1; + foreach my $lonhost (sort(keys(%domservers))) { + my $samlon = ' '; + my $samloff = ' checked="checked" '; + if ($saml{$lonhost}) { + $samlon = $samloff; + $samloff = ' '; + } + my $samlwinon = ''; + my $samlwinoff = ' checked="checked"'; + if ($samlwindow{$lonhost}) { + $samlwinon = $samlwinoff; + $samlwinoff = ''; + } + my $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td><span class="LC_nobreak">'.$domservers{$lonhost}.'</span></td>'. + '<td><span class="LC_nobreak"><label><input type="radio" name="saml_'.$lonhost.'"'.$samloff. + 'onclick="toggleSamlOptions(this.form,'."'$lonhost'".');" value="0" />'. + &mt('No').'</label>'.(' 'x2). + '<label><input type="radio" name="saml_'.$lonhost.'"'.$samlon. + 'onclick="toggleSamlOptions(this.form,'."'$lonhost'".');" value="1" />'. + &mt('Yes').'</label></span></td>'. + '<td id="samloptionson_'.$lonhost.'" style="'.$styleon{$lonhost}.'" width="100%">'. + '<table width="100%"><tr><th colspan="3" align="center">'.&mt('SSO').'</th></tr>'. + '<tr><th>'.&mt('Text').'</th><th>'.&mt('Image').'</th>'. + '<th>'.&mt('Alt Text').'</th></tr>'. + '<tr'.$css_class.'><td><input type="text" name="saml_text_'.$lonhost.'" size="20" value="'. + $samltext{$lonhost}.'" /></td><td>'; + if ($samlimg{$lonhost}) { + $datatable .= '<img src="'.$samlimg{$lonhost}.'" /><br />'. + '<span class="LC_nobreak"><label>'. + '<input type="checkbox" name="saml_img_del" value="'.$lonhost.'" />'. + $lt{'del'}.'</label> '.$lt{'rep'}.'</span>'; + } else { + $datatable .= $lt{'upl'}; + } + $datatable .='<br />'; + if ($switchserver) { + $datatable .= &mt('Upload to library server: [_1]',$switchserver); + } else { + $datatable .= '<input type="file" name="saml_img_'.$lonhost.'" />'; + } + $datatable .= '</td>'. + '<td><input type="text" name="saml_alt_'.$lonhost.'" size="25" '. + 'value="'.$samlalt{$lonhost}.'" /></td></tr></table><br />'. + '<table width="100%"><tr><th colspan="3" align="center">'.&mt('SSO').'</th><th align="center">'. + '<span class="LC_nobreak">'.&mt('Non-SSO').'</span></th></tr>'. + '<tr><th>'.&mt('URL').'</th><th>'.&mt('Tool Tip').'</th>'. + '<th>'.&mt('Pop-up if iframe').'</th><th>'.&mt('Text').'</th></tr>'. + '<tr'.$css_class.'>'. + '<td><input type="text" name="saml_url_'.$lonhost.'" size="30" '. + 'value="'.$samlurl{$lonhost}.'" /></td>'. + '<td><textarea name="saml_title_'.$lonhost.'" rows="3" cols="20">'. + $samltitle{$lonhost}.'</textarea></td>'. + '<td><label><input type="radio" name="saml_window_'.$lonhost.'" value=""'.$samlwinoff.'>'. + &mt('No').'</label>'.(' 'x2).'<label><input type="radio" '. + 'name="saml_window_'.$lonhost.'" value="1"'.$samlwinon.'>'.&mt('Yes').'</label></td>'. + '<td><input type="text" name="saml_notsso_'.$lonhost.'" size="12" '. + 'value="'.$samlnotsso{$lonhost}.'" /></td></tr>'. + '</table></td>'. + '<td id="samloptionsoff_'.$lonhost.'" style="'.$styleoff{$lonhost}.'" width="100%"> </td></tr>'; + $itemcount ++; } $datatable .= '</table></td></tr>'; } @@ -1342,10 +1596,205 @@ sub login_choices { headtag => "Custom markup", action => "Action", current => "Current", + samllanding => "Dual login?", + samloptions => "Options", + alttext => "Alt text", ); return %choices; } +sub login_file_options { + return &Apache::lonlocal::texthash( + del => 'Delete?', + rep => 'Replace:', + upl => 'Upload:', + curr => 'View contents', + default => 'Default', + custom => 'Custom', + none => 'None', + ); +} + +sub print_ipaccess { + my ($dom,$settings,$rowtotal) = @_; + my $css_class; + my $itemcount = 0; + my $datatable; + my %ordered; + if (ref($settings) eq 'HASH') { + foreach my $item (keys(%{$settings})) { + if (ref($settings->{$item}) eq 'HASH') { + my $num = $settings->{$item}{'order'}; + if ($num eq '') { + $num = scalar(keys(%{$settings})); + } + $ordered{$num} = $item; + } + } + } + my $maxnum = scalar(keys(%ordered)); + if (keys(%ordered)) { + my @items = sort { $a <=> $b } keys(%ordered); + for (my $i=0; $i<@items; $i++) { + $css_class = $itemcount%2?' class="LC_odd_row"':''; + my $item = $ordered{$items[$i]}; + my ($name,$ipranges,%commblocks,%courses); + if (ref($settings->{$item}) eq 'HASH') { + $name = $settings->{$item}->{'name'}; + $ipranges = $settings->{$item}->{'ip'}; + if (ref($settings->{$item}->{'commblocks'}) eq 'HASH') { + %commblocks = %{$settings->{$item}->{'commblocks'}}; + } + if (ref($settings->{$item}->{'courses'}) eq 'HASH') { + %courses = %{$settings->{$item}->{'courses'}}; + } + } + my $chgstr = ' onchange="javascript:reorderIPaccess(this.form,'."'ipaccess_pos_".$item."'".');"'; + $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">' + .'<select name="ipaccess_pos_'.$item.'"'.$chgstr.'>'; + for (my $k=0; $k<=$maxnum; $k++) { + my $vpos = $k+1; + my $selstr; + if ($k == $i) { + $selstr = ' selected="selected" '; + } + $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>'; + } + $datatable .= '</select>'.(' 'x2). + '<label><input type="checkbox" name="ipaccess_del" value="'.$item.'" />'. + &mt('Delete?').'</label></span></td>'. + '<td colspan="2"><input type="hidden" name="ipaccess_id_'.$i.'" value="'.$item.'" />'. + &ipaccess_options($i,$itemcount,$dom,$name,$ipranges,\%commblocks,\%courses). + '</td></tr>'; + $itemcount ++; + } + } + $css_class = $itemcount%2?' class="LC_odd_row"':''; + my $chgstr = ' onchange="javascript:reorderIPaccess(this.form,'."'ipaccess_pos_add'".');"'; + $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'."\n". + '<input type="hidden" name="ipaccess_maxnum" value="'.$maxnum.'" />'."\n". + '<select name="ipaccess_pos_add"'.$chgstr.'>'; + for (my $k=0; $k<$maxnum+1; $k++) { + my $vpos = $k+1; + my $selstr; + if ($k == $maxnum) { + $selstr = ' selected="selected" '; + } + $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>'; + } + $datatable .= '</select> '."\n". + '<input type="checkbox" name="ipaccess_add" value="1" />'.&mt('Add').'</span></td>'."\n". + '<td colspan="2">'. + &ipaccess_options('add',$itemcount,$dom). + '</td>'."\n". + '</tr>'."\n"; + $$rowtotal ++; + return $datatable; +} + +sub ipaccess_options { + my ($num,$itemcount,$dom,$name,$ipranges,$blocksref,$coursesref) = @_; + my (%currblocks,%currcourses,$output); + if (ref($blocksref) eq 'HASH') { + %currblocks = %{$blocksref}; + } + if (ref($coursesref) eq 'HASH') { + %currcourses = %{$coursesref}; + } + $output = '<fieldset><legend>'.&mt('Location(s)').'</legend>'. + '<span class="LC_nobreak">'.&mt('Name').': '. + '<input type="text" name="ipaccess_name_'.$num.'" value="'.$name.'" />'. + '</span></fieldset>'. + '<fieldset><legend>'.&mt('IP Range(s)').'</legend>'. + &mt('Format for each IP range').': '.&mt('A.B.C.D/N or A.B.C.D-E.F.G.H').'<br />'. + &mt('Range(s) will be stored as IP netblock(s) in CIDR notation (comma separated)').'<br />'. + '<textarea name="ipaccess_range_'.$num.'" rows="3" cols="80">'. + $ipranges.'</textarea></fieldset>'. + '<fieldset><legend>'.&mt('Functionality Blocked?').'</legend>'. + &blocker_checkboxes($num,$blocksref).'</fieldset>'. + '<fieldset><legend>'.&mt('Courses/Communities allowed').'</legend>'. + '<table>'; + foreach my $cid (sort(keys(%currcourses))) { + my %courseinfo = &Apache::lonnet::coursedescription($cid,{'one_time' => 1}); + $output .= '<tr><td><span class="LC_nobreak">'. + '<label><input type="checkbox" name="ipaccess_course_delete_'.$num.'" value="'.$cid.'" />'. + &mt('Delete?').' <span class="LC_cusr_emph">'.$courseinfo{'description'}.'</span></label></span>'. + ' <span class="LC_fontsize_medium">('.$cid.')</span></td></tr>'; + } + $output .= '<tr><td><span class="LC_nobreak">'.&mt('Add').': '. + '<input type="text" name="ipaccess_cdesc_'.$num.'" value="" onfocus="this.blur();opencrsbrowser('."'display','ipaccess_cnum_$num','ipaccess_cdom_$num','ipaccess_cdesc_$num'".');" />'. + &Apache::loncommon::selectcourse_link('display','ipaccess_cnum_'.$num,'ipaccess_cdom_'.$num,'ipaccess_cdesc_'.$num,$dom,undef,'Course/Community'). + '<input type="hidden" name="ipaccess_cnum_'.$num.'" value="" />'. + '<input type="hidden" name="ipaccess_cdom_'.$num.'" value="" />'. + '</span></td></tr></table>'."\n". + '</fieldset>'; + return $output; +} + +sub blocker_checkboxes { + my ($num,$blocks) = @_; + my ($typeorder,$types) = &commblocktype_text(); + my $numinrow = 6; + my $output = '<table>'; + for (my $i=0; $i<@{$typeorder}; $i++) { + my $block = $typeorder->[$i]; + my $blockstatus; + if (ref($blocks) eq 'HASH') { + if ($blocks->{$block} eq 'on') { + $blockstatus = 'checked="checked"'; + } + } + my $rem = $i%($numinrow); + if ($rem == 0) { + if ($i > 0) { + $output .= '</tr>'; + } + $output .= '<tr>'; + } + if ($i == scalar(@{$typeorder})-1) { + my $colsleft = $numinrow-$rem; + if ($colsleft > 1) { + $output .= '<td colspan="'.$colsleft.'">'; + } else { + $output .= '<td>'; + } + } else { + $output .= '<td>'; + } + my $item = 'ipaccess_block_'.$num; + if ($blockstatus) { + $blockstatus = ' '.$blockstatus; + } + $output .= '<span class="LC_nobreak"><label>'."\n". + '<input type="checkbox" name="'.$item.'"'. + $blockstatus.' value="'.$block.'"'.' />'. + $types->{$block}.'</label></span>'."\n". + '<br /></td>'; + } + $output .= '</tr></table>'; + return $output; +} + +sub commblocktype_text { + my %types = &Apache::lonlocal::texthash( + 'com' => 'Messaging', + 'chat' => 'Chat Room', + 'boards' => 'Discussion', + 'port' => 'Portfolio', + 'groups' => 'Groups', + 'blogs' => 'Blogs', + 'about' => 'User Information', + 'printout' => 'Printouts', + 'passwd' => 'Change Password', + 'grades' => 'Gradebook', + 'search' => 'Course search', + 'wishlist' => 'Stored links', + 'annotate' => 'Annotations', + ); + my $typeorder = ['com','chat','boards','port','groups','blogs','about','wishlist','printout','grades','search','annotate','passwd']; + return ($typeorder,\%types); +} + sub print_rolecolors { my ($phase,$role,$dom,$confname,$settings,$rowtotal) = @_; my %choices = &color_font_choices(); @@ -1463,7 +1912,7 @@ sub display_color_options { my $datatable = '<tr'.$css_class.'>'. '<td>'.$choices->{'font'}.'</td>'; if (!$is_custom->{'font'}) { - $datatable .= '<td>'.&mt('Default in use:').' <span id="css_default_'.$role.'_font" style="color: '.$defaults->{'font'}.';">'.$defaults->{'font'}.'</span></td>'; + $datatable .= '<td>'.&mt('Default in use:').' <span class="css_default_'.$role.'_font" style="color: '.$defaults->{'font'}.';">'.$defaults->{'font'}.'</span></td>'; } else { $datatable .= '<td> </td>'; } @@ -1472,12 +1921,12 @@ sub display_color_options { $datatable .= '<td><span class="LC_nobreak">'. '<input type="text" class="colorchooser" size="10" name="'.$role.'_font"'. ' value="'.$current_color.'" /> '. - ' </td></tr>'; + ' </span></td></tr>'; unless ($role eq 'login') { $datatable .= '<tr'.$css_class.'>'. '<td>'.$choices->{'fontmenu'}.'</td>'; if (!$is_custom->{'fontmenu'}) { - $datatable .= '<td>'.&mt('Default in use:').' <span id="css_default_'.$role.'_font" style="color: '.$defaults->{'fontmenu'}.';">'.$defaults->{'fontmenu'}.'</span></td>'; + $datatable .= '<td>'.&mt('Default in use:').' <span class="css_default_'.$role.'_font" style="color: '.$defaults->{'fontmenu'}.';">'.$defaults->{'fontmenu'}.'</span></td>'; } else { $datatable .= '<td> </td>'; } @@ -1487,7 +1936,7 @@ sub display_color_options { '<input class="colorchooser" type="text" size="10" name="' .$role.'_fontmenu"'. ' value="'.$current_color.'" /> '. - ' </td></tr>'; + ' </span></td></tr>'; } my $switchserver = &check_switchserver($dom,$confname); foreach my $img (@{$images}) { @@ -1495,7 +1944,7 @@ sub display_color_options { $css_class = $itemcount%2?' class="LC_odd_row"':''; $datatable .= '<tr'.$css_class.'>'. '<td>'.$choices->{$img}; - my ($imgfile,$img_import,$login_hdr_pick,$logincolors); + my ($imgfile,$img_import,$login_hdr_pick,$logincolors,$alttext); if ($role eq 'login') { if ($img eq 'login') { $login_hdr_pick = @@ -1503,8 +1952,13 @@ sub display_color_options { $logincolors = &login_text_colors($img,$role,$logintext,$phase,$choices, $designs,$defaults); - } elsif ($img ne 'domlogo') { - $datatable.= &logo_display_options($img,$defaults,$designs); + } else { + if ($img ne 'domlogo') { + $datatable.= &logo_display_options($img,$defaults,$designs); + } + if (ref($designs->{'alttext'}) eq 'HASH') { + $alttext = $designs->{'alttext'}{$img}; + } } } $datatable .= '</td>'; @@ -1546,7 +2000,8 @@ sub display_color_options { if ($fullwidth ne '' && $fullheight ne '') { if ($fullwidth > $width && $fullheight > $height) { my $size = $width.'x'.$height; - system("convert -sample $size $input $output"); + my @args = ('convert','-sample',$size,$input,$output); + system({$args[0]} @args); $showfile = "/$imgdir/tn-".$filename; } } @@ -1595,6 +2050,11 @@ sub display_color_options { $datatable .=' <input type="file" name="'.$role.'_'.$img.'" />'; } } + if (($role eq 'login') && ($img ne 'login')) { + $datatable .= (' ' x2).' <span class="LC_nobreak"><label>'.$choices->{'alttext'}.':'. + '<input type="text" name="'.$role.'_alt_'.$img.'" size="10" value="'.$alttext.'" />'. + '</label></span>'; + } $datatable .= '</td></tr>'; } $itemcount ++; @@ -1604,7 +2064,7 @@ sub display_color_options { my $bgs_def; foreach my $item (@{$bgs}) { if (!$is_custom->{$item}) { - $bgs_def .= '<td><span class="LC_nobreak">'.$choices->{$item}.'</span> <span id="css_default_'.$role.'_'.$item.'" style="background-color: '.$defaults->{'bgs'}{$item}.';"> </span><br />'.$defaults->{'bgs'}{$item}.'</td>'; + $bgs_def .= '<td><span class="LC_nobreak">'.$choices->{$item}.'</span> <span class="css_default_'.$role.'_'.$item.'" style="background-color: '.$defaults->{'bgs'}{$item}.';"> </span><br />'.$defaults->{'bgs'}{$item}.'</td>'; } } if ($bgs_def) { @@ -1632,7 +2092,7 @@ sub display_color_options { my $links_def; foreach my $item (@{$links}) { if (!$is_custom->{$item}) { - $links_def .= '<td>'.$choices->{$item}.'<br /><span id="css_default_'.$role.'_'.$item.'" style="color: '.$defaults->{'links'}{$item}.';">'.$defaults->{'links'}{$item}.'</span></td>'; + $links_def .= '<td>'.$choices->{$item}.'<br /><span class="css_default_'.$role.'_'.$item.'" style="color: '.$defaults->{'links'}{$item}.';">'.$defaults->{'links'}{$item}.'</span></td>'; } } if ($links_def) { @@ -1718,17 +2178,15 @@ sub image_changes { my ($is_custom,$alt_text,$img_import,$showfile,$fullsize,$role,$img,$imgfile,$logincolors) = @_; my $output; if ($img eq 'login') { - # suppress image for Log-in header + $output = '</td><td>'.$logincolors; # suppress image for Log-in header } elsif (!$is_custom) { if ($img ne 'domlogo') { - $output .= &mt('Default image:').'<br />'; + $output = &mt('Default image:').'<br />'; } else { - $output .= &mt('Default in use:').'<br />'; + $output = &mt('Default in use:').'<br />'; } } - if ($img eq 'login') { # suppress image for Log-in header - $output .= '<td>'.$logincolors; - } else { + if ($img ne 'login') { if ($img_import) { $output .= '<input type="hidden" name="'.$role.'_import_'.$img.'" value="'.$imgfile.'" />'; } @@ -1768,7 +2226,7 @@ sub print_quotas { @options = ('norequest','approval','automatic'); %titles = &authorrequest_titles(); } else { - @usertools = ('aboutme','blog','webdav','portfolio'); + @usertools = ('aboutme','blog','webdav','portfolio','timezone'); %titles = &tool_titles(); } if (ref($types) eq 'ARRAY') { @@ -1872,9 +2330,12 @@ sub print_quotas { } } else { my $checked = 'checked="checked" '; + if ($item eq 'timezone') { + $checked = ''; + } if (ref($settings) eq 'HASH') { if (ref($settings->{$item}) eq 'HASH') { - if ($settings->{$item}->{$type} == 0) { + if (!$settings->{$item}->{$type}) { $checked = ''; } elsif ($settings->{$item}->{$type} == 1) { $checked = 'checked="checked" '; @@ -2172,7 +2633,7 @@ sub print_quotas { } sub print_requestmail { - my ($dom,$action,$settings,$rowtotal) = @_; + my ($dom,$action,$settings,$rowtotal,$customcss,$rowstyle) = @_; my ($now,$datatable,%currapp); $now = time; if (ref($settings) eq 'HASH') { @@ -2184,7 +2645,19 @@ sub print_requestmail { } my $numinrow = 2; my $css_class; - $css_class = ($$rowtotal%2? ' class="LC_odd_row"':''); + if ($$rowtotal%2) { + $css_class = 'LC_odd_row'; + } + if ($customcss) { + $css_class .= " $customcss"; + } + $css_class =~ s/^\s+//; + if ($css_class) { + $css_class = ' class="'.$css_class.'"'; + } + if ($rowstyle) { + $css_class .= ' style="'.$rowstyle.'"'; + } my $text; if ($action eq 'requestcourses') { $text = &mt('Receive notification of course requests requiring approval'); @@ -2307,8 +2780,7 @@ sub print_textbookcourses { (' 'x2). '<span class="LC_nobreak">'.&mt('Thumbnail:'); if ($image) { - $datatable .= '<span class="LC_nobreak">'. - $imgsrc. + $datatable .= $imgsrc. '<label><input type="checkbox" name="'.$type.'_image_del"'. ' value="'.$key.'" />'.&mt('Delete?').'</label></span> '. '<span class="LC_nobreak"> '.&mt('Replace:').' '; @@ -2339,7 +2811,7 @@ sub print_textbookcourses { $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>'; } $datatable .= '</select> '."\n". - '<input type="checkbox" name="'.$type.'_addbook" value="1" />'.&mt('Add').'</td>'."\n". + '<input type="checkbox" name="'.$type.'_addbook" value="1" />'.&mt('Add').'</span></td>'."\n". '<td colspan="2">'. '<span class="LC_nobreak">'.&mt('Subject:').'<input type="text" size="15" name="'.$type.'_addbook_subject" value="" /></span> '."\n". (' 'x2). @@ -2356,13 +2828,13 @@ sub print_textbookcourses { } else { $datatable .= '<input type="file" name="'.$type.'_addbook_image" value="" />'; } + $datatable .= '</span>'."\n"; } - $datatable .= '</span>'."\n". - '<span class="LC_nobreak">'.&mt('LON-CAPA course:').' '. + $datatable .= '<span class="LC_nobreak">'.&mt('LON-CAPA course:').' '. &Apache::loncommon::select_dom_form($env{'request.role.domain'},$type.'_addbook_cdom'). '<input type="text" size="25" name="'.$type.'_addbook_cnum" value="" />'. &Apache::loncommon::selectcourse_link - ('display',$type.'_addbook_cnum',$type.'_addbook_cdom',undef,undef,undef,'Course'); + ('display',$type.'_addbook_cnum',$type.'_addbook_cdom',undef,undef,undef,'Course'). '</span></td>'."\n". '</tr>'."\n"; $itemcount ++; @@ -2464,7 +2936,10 @@ ENDSCRIPT sub ltitools_javascript { my ($settings) = @_; - return unless(ref($settings) eq 'HASH'); + my $togglejs = <itools_toggle_js(); + unless (ref($settings) eq 'HASH') { + return $togglejs; + } my (%ordered,$total,%jstext); $total = 0; foreach my $item (keys(%{$settings})) { @@ -2482,7 +2957,7 @@ sub ltitools_javascript { return <<"ENDSCRIPT"; <script type="text/javascript"> // <![CDATA[ -function reorderLTI(form,item) { +function reorderLTITools(form,item) { var changedVal; $jstext var newpos = 'ltitools_add_pos'; @@ -2527,13 +3002,478 @@ $jstext // ]]> </script> +$togglejs + +ENDSCRIPT +} + +sub ltitools_toggle_js { + return <<"ENDSCRIPT"; +<script type="text/javascript"> +// <![CDATA[ + +function toggleLTITools(form,setting,item) { + var radioname = ''; + var divid = ''; + if (setting == 'user') { + divid = 'ltitools_'+setting+'_div_'+item; + var checkid = 'ltitools_'+setting+'_field_'+item; + if (document.getElementById(divid)) { + if (document.getElementById(checkid)) { + if (document.getElementById(checkid).checked) { + document.getElementById(divid).style.display = 'inline-block'; + } else { + document.getElementById(divid).style.display = 'none'; + } + } + } + } + return; +} +// ]]> +</script> + +ENDSCRIPT +} + +sub wafproxy_javascript { + my ($dom) = @_; + return <<"ENDSCRIPT"; +<script type="text/javascript"> +// <![CDATA[ +function updateWAF() { + if (document.getElementById('wafproxy_remoteip')) { + var wafremote = 0; + if (document.display.wafproxy_remoteip.options[document.display.wafproxy_remoteip.selectedIndex].value == 'h') { + wafremote = 1; + } + var fields = new Array('header','trust'); + for (var i=0; i<fields.length; i++) { + if (document.getElementById('wafproxy_'+fields[i])) { + if (wafremote == 1) { + document.getElementById('wafproxy_'+fields[i]).style.display = 'table-row'; + } + else { + document.getElementById('wafproxy_'+fields[i]).style.display = 'none'; + } + } + } + if (document.getElementById('wafproxyranges_$dom')) { + if (wafremote == 1) { + document.getElementById('wafproxyranges_$dom').style.display = 'inline-block'; + } else { + for (var i=0; i<document.display.wafproxy_vpnaccess.length; i++) { + if (document.display.wafproxy_vpnaccess[i].checked) { + if (document.display.wafproxy_vpnaccess[i].value == 0) { + document.getElementById('wafproxyranges_$dom').style.display = 'none'; + } + } + } + } + } + } + return; +} + +function checkWAF() { + if (document.getElementById('wafproxy_remoteip')) { + var wafvpn = 0; + for (var i=0; i<document.display.wafproxy_vpnaccess.length; i++) { + if (document.display.wafproxy_vpnaccess[i].checked) { + if (document.display.wafproxy_vpnaccess[i].value == 1) { + wafvpn = 1; + } + break; + } + } + var vpn = new Array('vpnint','vpnext'); + for (var i=0; i<vpn.length; i++) { + if (document.getElementById('wafproxy_show_'+vpn[i])) { + if (wafvpn == 1) { + document.getElementById('wafproxy_show_'+vpn[i]).style.display = 'table-row'; + } + else { + document.getElementById('wafproxy_show_'+vpn[i]).style.display = 'none'; + } + } + } + if (document.getElementById('wafproxyranges_$dom')) { + if (wafvpn == 1) { + document.getElementById('wafproxyranges_$dom').style.display = 'inline-block'; + } + else if (document.display.wafproxy_remoteip.options[document.display.wafproxy_remoteip.selectedIndex].value != 'h') { + document.getElementById('wafproxyranges_$dom').style.display = 'none'; + } + } + } + return; +} + +function toggleWAF() { + if (document.getElementById('wafproxy_table')) { + var wafproxy = 0; + for (var i=0; i<document.display.wafproxy_${dom}.length; i++) { + if (document.display.wafproxy_${dom}[i].checked) { + if (document.display.wafproxy_${dom}[i].value == 1) { + wafproxy = 1; + break; + } + } + } + if (wafproxy == 1) { + document.getElementById('wafproxy_table').style.display='inline'; + } + else { + document.getElementById('wafproxy_table').style.display='none'; + } + if (document.getElementById('wafproxyrow_${dom}')) { + if (wafproxy == 1) { + document.getElementById('wafproxyrow_${dom}').style.display = 'table-row'; + } + else { + document.getElementById('wafproxyrow_${dom}').style.display = 'none'; + } + } + if (document.getElementById('nowafproxyrow_$dom')) { + if (wafproxy == 1) { + document.getElementById('nowafproxyrow_${dom}').style.display = 'none'; + } + else { + document.getElementById('nowafproxyrow_${dom}').style.display = 'table-row'; + } + } + } + return; +} +// ]]> +</script> + +ENDSCRIPT +} + +sub lti_javascript { + my ($dom,$settings) = @_; + my $togglejs = <i_toggle_js($dom); + my $linkprot_js = &Apache::courseprefs::linkprot_javascript(); + return <<"ENDSCRIPT"; +<script type="text/javascript"> +// <![CDATA[ + +$linkprot_js + +// ]]> +</script> + +$togglejs + +ENDSCRIPT +} + +sub lti_toggle_js { + my ($dom) = @_; + my %servers = &Apache::lonnet::get_servers($dom,'library'); + my $primary = &Apache::lonnet::domain($dom,'primary'); + my $course_servers = "'".join("','",keys(%servers))."'"; + return <<"ENDSCRIPT"; +<script type="text/javascript"> +// <![CDATA[ +function toggleLTIEncKey(form) { + var shownhosts = new Array(); + var hiddenhosts = new Array(); + var forcourse = new Array($course_servers); + var fromdomain = '$primary'; + var crsradio = form.elements['ltisec_crslinkprot']; + if (crsradio.length) { + for (var i=0; i<crsradio.length; i++) { + if (crsradio[i].checked) { + if (crsradio[i].value == 1) { + if (forcourse.length > 0) { + for (var j=0; j<forcourse.length; j++) { + if (!shownhosts.includes(forcourse[j])) { + shownhosts.push(forcourse[j]); + } + } + } + } else { + if (forcourse.length > 0) { + for (var j=0; j<forcourse.length; j++) { + if (!hiddenhosts.includes(forcourse[j])) { + hiddenhosts.push(forcourse[j]); + } + } + } + } + } + } + } + var domradio = form.elements['ltisec_domlinkprot']; + if (domradio.length) { + for (var i=0; i<domradio.length; i++) { + if (domradio[i].checked) { + if (domradio[i].value == 1) { + if (!shownhosts.includes(fromdomain)) { + shownhosts.push(fromdomain); + } + } else { + if (!hiddenhosts.includes(fromdomain)) { + hiddenhosts.push(fromdomain); + } + } + } + } + } + if (shownhosts.length > 0) { + for (var i=0; i<shownhosts.length; i++) { + if (document.getElementById('ltisec_info_'+shownhosts[i])) { + document.getElementById('ltisec_info_'+shownhosts[i]).style.display = 'block'; + } + } + if (document.getElementById('ltisec_noprivkey')) { + document.getElementById('ltisec_noprivkey').style.display = 'none'; + } + } else { + if (document.getElementById('ltisec_noprivkey')) { + document.getElementById('ltisec_noprivkey').style.display = 'inline-block'; + } + } + if (hiddenhosts.length > 0) { + for (var i=0; i<hiddenhosts.length; i++) { + if (!shownhosts.includes(hiddenhosts[i])) { + if (document.getElementById('ltisec_info_'+hiddenhosts[i])) { + document.getElementById('ltisec_info_'+hiddenhosts[i]).style.display = 'none'; + } + } + } + } + return; +} + +function togglePrivKey(form,hostid) { + var radioname = ''; + var currdivid = ''; + var newdivid = ''; + if ((document.getElementById('ltisec_divcurrprivkey_'+hostid)) && + (document.getElementById('ltisec_divchgprivkey_'+hostid))) { + currdivid = document.getElementById('ltisec_divcurrprivkey_'+hostid); + newdivid = document.getElementById('ltisec_divchgprivkey_'+hostid); + radioname = form.elements['ltisec_changeprivkey_'+hostid]; + if (radioname) { + if (radioname.length > 0) { + var setvis; + for (var i=0; i<radioname.length; i++) { + if (radioname[i].checked == true) { + if (radioname[i].value == 1) { + newdivid.style.display = 'inline-block'; + currdivid.style.display = 'none'; + setvis = 1; + } + break; + } + } + if (!setvis) { + newdivid.style.display = 'none'; + currdivid.style.display = 'inline-block'; + } + } + } + } +} + +// ]]> +</script> + +ENDSCRIPT +} + +sub autoupdate_javascript { + return <<"ENDSCRIPT"; +<script type="text/javascript"> +// <![CDATA[ +function toggleLastActiveDays(form) { + var radioname = 'lastactive'; + var divid = 'lastactive_div'; + var num = form.elements[radioname].length; + if (num) { + var setvis = ''; + for (var i=0; i<num; i++) { + if (form.elements[radioname][i].checked) { + if (form.elements[radioname][i].value == '1') { + if (document.getElementById(divid)) { + document.getElementById(divid).style.display = 'inline-block'; + } + setvis = 1; + } + break; + } + } + if (!setvis) { + if (document.getElementById(divid)) { + document.getElementById(divid).style.display = 'none'; + } + } + } + return; +} +// ]]> +</script> + +ENDSCRIPT +} + +sub autoenroll_javascript { + return <<"ENDSCRIPT"; +<script type="text/javascript"> +// <![CDATA[ +function toggleFailsafe(form) { + var radioname = 'autoenroll_failsafe'; + var divid = 'autoenroll_failsafe_div'; + var num = form.elements[radioname].length; + if (num) { + var setvis = ''; + for (var i=0; i<num; i++) { + if (form.elements[radioname][i].checked) { + if ((form.elements[radioname][i].value == 'zero') || (form.elements[radioname][i].value == 'any')) { + if (document.getElementById(divid)) { + document.getElementById(divid).style.display = 'inline-block'; + } + setvis = 1; + } + break; + } + } + if (!setvis) { + if (document.getElementById(divid)) { + document.getElementById(divid).style.display = 'none'; + } + } + } + return; +} +// ]]> +</script> + +ENDSCRIPT +} + +sub saml_javascript { + return <<"ENDSCRIPT"; +<script type="text/javascript"> +// <![CDATA[ +function toggleSamlOptions(form,hostid) { + var radioname = 'saml_'+hostid; + var tablecellon = 'samloptionson_'+hostid; + var tablecelloff = 'samloptionsoff_'+hostid; + var num = form.elements[radioname].length; + if (num) { + var setvis = ''; + for (var i=0; i<num; i++) { + if (form.elements[radioname][i].checked) { + if (form.elements[radioname][i].value == '1') { + if (document.getElementById(tablecellon)) { + document.getElementById(tablecellon).style.display=''; + } + if (document.getElementById(tablecelloff)) { + document.getElementById(tablecelloff).style.display='none'; + } + setvis = 1; + } + break; + } + } + if (!setvis) { + if (document.getElementById(tablecellon)) { + document.getElementById(tablecellon).style.display='none'; + } + if (document.getElementById(tablecelloff)) { + document.getElementById(tablecelloff).style.display=''; + } + } + } + return; +} +// ]]> +</script> + +ENDSCRIPT +} + +sub ipaccess_javascript { + my ($settings) = @_; + my (%ordered,$total,%jstext); + $total = 0; + if (ref($settings) eq 'HASH') { + foreach my $item (keys(%{$settings})) { + if (ref($settings->{$item}) eq 'HASH') { + my $num = $settings->{$item}{'order'}; + $ordered{$num} = $item; + } + } + $total = scalar(keys(%{$settings})); + } + my @jsarray = (); + foreach my $item (sort {$a <=> $b } (keys(%ordered))) { + push(@jsarray,$ordered{$item}); + } + my $jstext = ' var ipaccess = Array('."'".join("','",@jsarray)."'".');'."\n"; + return <<"ENDSCRIPT"; +<script type="text/javascript"> +// <![CDATA[ +function reorderIPaccess(form,item) { + var changedVal; +$jstext + var newpos = 'ipaccess_pos_add'; + var maxh = 1 + $total; + var current = new Array; + var newitemVal = form.elements[newpos].options[form.elements[newpos].selectedIndex].value; + if (item == newpos) { + changedVal = newitemVal; + } else { + changedVal = form.elements[item].options[form.elements[item].selectedIndex].value; + current[newitemVal] = newpos; + } + for (var i=0; i<ipaccess.length; i++) { + var elementName = 'ipaccess_pos_'+ipaccess[i]; + if (elementName != item) { + if (form.elements[elementName]) { + var currVal = form.elements[elementName].options[form.elements[elementName].selectedIndex].value; + current[currVal] = elementName; + } + } + } + var oldVal; + for (var j=0; j<maxh; j++) { + if (current[j] == undefined) { + oldVal = j; + } + } + if (oldVal < changedVal) { + for (var k=oldVal+1; k<=changedVal ; k++) { + var elementName = current[k]; + form.elements[elementName].selectedIndex = form.elements[elementName].selectedIndex - 1; + } + } else { + for (var k=changedVal; k<oldVal; k++) { + var elementName = current[k]; + form.elements[elementName].selectedIndex = form.elements[elementName].selectedIndex + 1; + } + } + return; +} +// ]]> +</script> + ENDSCRIPT } sub print_autoenroll { my ($dom,$settings,$rowtotal) = @_; my $autorun = &Apache::lonnet::auto_run(undef,$dom), - my ($defdom,$runon,$runoff,$coownerson,$coownersoff,$failsafe); + my ($defdom,$runon,$runoff,$coownerson,$coownersoff, + $failsafe,$autofailsafe,$failsafesty,%failsafechecked); + $failsafesty = 'none'; + %failsafechecked = ( + off => ' checked="checked"', + ); if (ref($settings) eq 'HASH') { if (exists($settings->{'run'})) { if ($settings->{'run'} eq '0') { @@ -2567,8 +3507,24 @@ sub print_autoenroll { if (exists($settings->{'sender_domain'})) { $defdom = $settings->{'sender_domain'}; } - if (exists($settings->{'autofailsafe'})) { - $failsafe = $settings->{'autofailsafe'}; + if (exists($settings->{'failsafe'})) { + $failsafe = $settings->{'failsafe'}; + if ($failsafe eq 'zero') { + $failsafechecked{'zero'} = ' checked="checked"'; + $failsafechecked{'off'} = ''; + $failsafesty = 'inline-block'; + } elsif ($failsafe eq 'any') { + $failsafechecked{'any'} = ' checked="checked"'; + $failsafechecked{'off'} = ''; + } + $autofailsafe = $settings->{'autofailsafe'}; + } elsif (exists($settings->{'autofailsafe'})) { + $autofailsafe = $settings->{'autofailsafe'}; + if ($autofailsafe ne '') { + $failsafechecked{'zero'} = ' checked="checked"'; + $failsafe = 'zero'; + $failsafechecked{'off'} = ''; + } } } else { if ($autorun) { @@ -2607,51 +3563,84 @@ sub print_autoenroll { $coownersoff.' value="0" />'.&mt('No').'</label></span></td>'. '</tr><tr>'. '<td>'.&mt('Failsafe for no drops when institutional data missing').'</td>'. - '<td class="LC_right_item"><span class="LC_nobreak">'. - '<input type="text" name="autoenroll_failsafe"'. - ' value="'.$failsafe.'" size="4" /></td></tr>'; + '<td class="LC_left_item"><span class="LC_nobreak">'. + '<span class="LC_nobreak"><label><input type="radio" name="autoenroll_failsafe" value="off" onclick="toggleFailsafe(this.form)"'.$failsafechecked{'off'}.' />'.&mt('Not in use').'</label></span> '. + '<span class="LC_nobreak"><label><input type="radio" name="autoenroll_failsafe" value="zero" onclick="toggleFailsafe(this.form)"'.$failsafechecked{'zero'}.' />'.&mt('Retrieved section enrollment is zero').'</label></span><br />'. + '<span class="LC_nobreak"><label><input type="radio" name="autoenroll_failsafe" value="any" onclick="toggleFailsafe(this.form)"'.$failsafechecked{'any'}.' />'.&mt('Retrieved section enrollment is zero or greater').'</label></span>'. + '<div class="LC_floatleft" style="display:'.$failsafesty.';" id="autoenroll_failsafe_div">'. + '<span class="LC_nobreak">'. + &mt('Threshold for number of students in section to drop: [_1]', + '<input type="text" name="autoenroll_autofailsafe" value="'.$autofailsafe.'" size="4" />'). + '</span></div></td></tr>'; $$rowtotal += 4; return $datatable; } sub print_autoupdate { my ($position,$dom,$settings,$rowtotal) = @_; - my $datatable; + my ($enable,$datatable); if ($position eq 'top') { + my %choices = &Apache::lonlocal::texthash ( + run => 'Auto-update active?', + classlists => 'Update information in classlists?', + unexpired => 'Skip updates for users without active or future roles?', + lastactive => 'Skip updates for inactive users?', + ); + my $itemcount = 0; my $updateon = ' '; my $updateoff = ' checked="checked" '; - my $classlistson = ' '; - my $classlistsoff = ' checked="checked" '; if (ref($settings) eq 'HASH') { if ($settings->{'run'} eq '1') { $updateon = $updateoff; $updateoff = ' '; } - if ($settings->{'classlists'} eq '1') { - $classlistson = $classlistsoff; - $classlistsoff = ' '; - } } - my %title = ( - run => 'Auto-update active?', - classlists => 'Update information in classlists?', - ); - $datatable = '<tr class="LC_odd_row">'. - '<td>'.&mt($title{'run'}).'</td>'. - '<td class="LC_right_item"><span class="LC_nobreak"><label>'. + $enable = '<tr class="LC_odd_row">'. + '<td>'.&mt($choices{'run'}).'</td>'. + '<td class="LC_left_item"><span class="LC_nobreak"><label>'. '<input type="radio" name="autoupdate_run"'. - $updateon.' value="1" />'.&mt('Yes').'</label> '. + $updateoff.'value="0" />'.&mt('No').'</label> '. '<label><input type="radio" name="autoupdate_run"'. - $updateoff.'value="0" />'.&mt('No').'</label></span></td>'. - '</tr><tr>'. - '<td>'.&mt($title{'classlists'}).'</td>'. - '<td class="LC_right_item"><span class="LC_nobreak">'. - '<label><input type="radio" name="classlists"'. - $classlistson.' value="1" />'.&mt('Yes').'</label> '. - '<label><input type="radio" name="classlists"'. - $classlistsoff.'value="0" />'.&mt('No').'</label></span></td>'. + $updateon.'value="1" />'.&mt('Yes').'</label></span></td>'. '</tr>'; - $$rowtotal += 2; + my @toggles = ('classlists','unexpired'); + my %defaultchecked = ('classlists' => 'off', + 'unexpired' => 'off' + ); + $$rowtotal ++; + ($datatable,$itemcount) = &radiobutton_prefs($settings,\@toggles,\%defaultchecked, + \%choices,$itemcount,'','','left','no'); + $datatable = $enable.$datatable; + $$rowtotal += $itemcount; + my $lastactiveon = ' '; + my $lastactiveoff = ' checked="checked" '; + my $lastactivestyle = 'none'; + my $lastactivedays; + my $onclick = ' onclick="javascript:toggleLastActiveDays(this.form);"'; + if (ref($settings) eq 'HASH') { + if ($settings->{'lastactive'} =~ /^\d+$/) { + $lastactiveon = $lastactiveoff; + $lastactiveoff = ' '; + $lastactivestyle = 'inline-block'; + $lastactivedays = $settings->{'lastactive'}; + } + } + my $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'>'. + '<td>'.$choices{'lastactive'}.'</td>'. + '<td class="LC_left_item"><span class="LC_nobreak"><label>'. + '<input type="radio" name="lastactive"'. + $lastactiveoff.'value="0"'.$onclick.' />'.&mt('No').'</label>'. + ' <label>'. + '<input type="radio" name="lastactive"'. + $lastactiveon.' value="1"'.$onclick.' />'.&mt('Yes').'</label>'. + '<div id="lastactive_div" style="display:'.$lastactivestyle.';">'. + ': '.&mt('inactive = no activity in last [_1] days', + '<input type="text" size="5" name="lastactivedays" value="'. + $lastactivedays.'" />'). + '</span></td>'. + '</tr>'; + $$rowtotal ++; } elsif ($position eq 'middle') { my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom); my $numinrow = 3; @@ -2891,7 +3880,7 @@ sub print_contacts { my $datatable; my @contacts = ('adminemail','supportemail'); my (%checked,%to,%otheremails,%bccemails,%includestr,%includeloc,%currfield, - $maxsize,$fields,$fieldtitles,$fieldoptions,$possoptions,@mailings); + $maxsize,$fields,$fieldtitles,$fieldoptions,$possoptions,@mailings,%lonstatus); if ($position eq 'top') { if (ref($settings) eq 'HASH') { foreach my $item (@contacts) { @@ -2902,10 +3891,16 @@ sub print_contacts { } } elsif ($position eq 'middle') { @mailings = ('errormail','packagesmail','lonstatusmail','requestsmail', - 'updatesmail','idconflictsmail'); + 'updatesmail','idconflictsmail','hostipmail'); foreach my $type (@mailings) { $otheremails{$type} = ''; } + } elsif ($position eq 'lower') { + if (ref($settings) eq 'HASH') { + if (ref($settings->{'lonstatus'}) eq 'HASH') { + %lonstatus = %{$settings->{'lonstatus'}}; + } + } } else { @mailings = ('helpdeskmail','otherdomsmail'); foreach my $type (@mailings) { @@ -2918,7 +3913,7 @@ sub print_contacts { ($fields,$fieldtitles,$fieldoptions,$possoptions) = &helpform_fields(); } if (ref($settings) eq 'HASH') { - unless ($position eq 'top') { + unless (($position eq 'top') || ($position eq 'lower')) { foreach my $type (@mailings) { if (exists($settings->{$type})) { if (ref($settings->{$type}) eq 'HASH') { @@ -2979,6 +3974,7 @@ sub print_contacts { $checked{'requestsmail'}{'adminemail'} = ' checked="checked" '; $checked{'updatesmail'}{'adminemail'} = ' checked="checked" '; $checked{'idconflictsmail'}{'adminemail'} = ' checked="checked" '; + $checked{'hostipmail'}{'adminemail'} = ' checked="checked" '; } elsif ($position eq 'bottom') { $checked{'helpdeskmail'}{'supportemail'} = ' checked="checked" '; $checked{'otherdomsmail'}{'supportemail'} = ' checked="checked" '; @@ -3039,7 +4035,7 @@ sub print_contacts { if ($currfield{$field} eq 'no') { $display = ' style="display:none"'; } - $datatable .= '</td></tr><tr id="help_screenshotsize"'.$display.' />'. + $datatable .= '</td></tr><tr id="help_screenshotsize"'.$display.'>'. '<td>'.&mt('Maximum size for upload (MB)').'</td><td>'. '<input type="text" size="5" name="helpform_maxsize" value="'.$maxsize.'" />'; } @@ -3050,7 +4046,7 @@ sub print_contacts { $datatable .= '</td></tr>'."\n"; $rownum ++; } - unless ($position eq 'top') { + unless (($position eq 'top') || ($position eq 'lower')) { foreach my $type (@mailings) { $css_class = $rownum%2?' class="LC_odd_row"':''; $datatable .= '<tr'.$css_class.'>'. @@ -3084,7 +4080,7 @@ sub print_contacts { 'value="'.$bccemails{$type}.'" /></fieldset>'. '<fieldset><legend>'.&mt('Optional added text').'</legend>'. &mt('Text automatically added to e-mail:').' '. - '<input type="text" name="'.$type.'_includestr" value="'.$includestr{$type}.'" /><br >'. + '<input type="text" name="'.$type.'_includestr" value="'.$includestr{$type}.'" /><br />'. '<span class="LC_nobreak">'.&mt('Location:').' '. '<label><input type="radio" name="'.$type.'_includeloc" value="s"'.$locchecked{'s'}.' />'.&mt('in subject').'</label>'. (' 'x2). @@ -3097,18 +4093,104 @@ sub print_contacts { } if ($position eq 'middle') { my %choices; - $choices{'reporterrors'} = &mt('E-mail error reports to [_1]', - &Apache::loncommon::modal_link('http://loncapa.org/core.html', - &mt('LON-CAPA core group - MSU'),600,500)); + my $corelink = &core_link_msu(); + $choices{'reporterrors'} = &mt('E-mail error reports to [_1]',$corelink); $choices{'reportupdates'} = &mt('E-mail record of completed LON-CAPA updates to [_1]', - &Apache::loncommon::modal_link('http://loncapa.org/core.html', - &mt('LON-CAPA core group - MSU'),600,500)); - my @toggles = ('reporterrors','reportupdates'); + $corelink); + $choices{'reportstatus'} = &mt('E-mail status if errors above threshold to [_1]',$corelink); + my @toggles = ('reporterrors','reportupdates','reportstatus'); my %defaultchecked = ('reporterrors' => 'on', - 'reportupdates' => 'on'); + 'reportupdates' => 'on', + 'reportstatus' => 'on'); (my $reports,$rownum) = &radiobutton_prefs($settings,\@toggles,\%defaultchecked, \%choices,$rownum); $datatable .= $reports; + } elsif ($position eq 'lower') { + my (%current,%excluded,%weights); + my ($defaults,$names) = &Apache::loncommon::lon_status_items(); + if ($lonstatus{'threshold'} =~ /^\d+$/) { + $current{'errorthreshold'} = $lonstatus{'threshold'}; + } else { + $current{'errorthreshold'} = $defaults->{'threshold'}; + } + if ($lonstatus{'sysmail'} =~ /^\d+$/) { + $current{'errorsysmail'} = $lonstatus{'sysmail'}; + } else { + $current{'errorsysmail'} = $defaults->{'sysmail'}; + } + if (ref($lonstatus{'weights'}) eq 'HASH') { + foreach my $type ('E','W','N','U') { + if ($lonstatus{'weights'}{$type} =~ /^\d+$/) { + $weights{$type} = $lonstatus{'weights'}{$type}; + } else { + $weights{$type} = $defaults->{$type}; + } + } + } else { + foreach my $type ('E','W','N','U') { + $weights{$type} = $defaults->{$type}; + } + } + if (ref($lonstatus{'excluded'}) eq 'ARRAY') { + if (@{$lonstatus{'excluded'}} > 0) { + map {$excluded{$_} = 1; } @{$lonstatus{'excluded'}}; + } + } + foreach my $item ('errorthreshold','errorsysmail') { + $css_class = $rownum%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'>'. + '<td class="LC_left_item"><span class="LC_nobreak">'. + $titles->{$item}. + '</span></td><td class="LC_left_item">'. + '<input type="text" name="'.$item.'" value="'. + $current{$item}.'" size="5" /></td></tr>'; + $rownum ++; + } + $css_class = $rownum%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'>'. + '<td class="LC_left_item">'. + '<span class="LC_nobreak">'.$titles->{'errorweights'}. + '</span></td><td class="LC_left_item"><table><tr>'; + foreach my $type ('E','W','N','U') { + $datatable .= '<td>'.$names->{$type}.'<br />'. + '<input type="text" name="errorweights_'.$type.'" value="'. + $weights{$type}.'" size="5" /></td>'; + } + $datatable .= '</tr></table></tr>'; + $rownum ++; + $css_class = $rownum%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td class="LC_left_item">'. + $titles->{'errorexcluded'}.'</td>'. + '<td class="LC_left_item"><table>'; + my $numinrow = 4; + my @ids = sort(values(%Apache::lonnet::serverhomeIDs)); + for (my $i=0; $i<@ids; $i++) { + my $rem = $i%($numinrow); + if ($rem == 0) { + if ($i > 0) { + $datatable .= '</tr>'; + } + $datatable .= '<tr>'; + } + my $check; + if ($excluded{$ids[$i]}) { + $check = ' checked="checked" '; + } + $datatable .= '<td class="LC_left_item">'. + '<span class="LC_nobreak"><label>'. + '<input type="checkbox" name="errorexcluded" '. + 'value="'.$ids[$i].'"'.$check.' />'. + $ids[$i].'</label></span></td>'; + } + my $colsleft = $numinrow - @ids%($numinrow); + if ($colsleft > 1 ) { + $datatable .= '<td colspan="'.$colsleft.'" class="LC_left_item">'. + ' </td>'; + } elsif ($colsleft == 1) { + $datatable .= '<td class="LC_left_item"> </td>'; + } + $datatable .= '</tr></table></td></tr>'; + $rownum ++; } elsif ($position eq 'bottom') { my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom); my (@posstypes,%usertypeshash); @@ -3182,6 +4264,11 @@ sub print_contacts { return $datatable; } +sub core_link_msu { + return &Apache::loncommon::modal_link('http://loncapa.org/core.html', + &mt('LON-CAPA core group - MSU'),600,500); +} + sub overridden_helpdesk { my ($checked,$otheremails,$bccemails,$includeloc,$includestr,$type,$rowid, $typetitle,$css_class,$rowstyle,$contacts,$short_titles) = @_; @@ -3232,7 +4319,7 @@ sub overridden_helpdesk { 'value="'.$bccemails.'" /></fieldset>'. '<fieldset><legend>'.&mt('Optional added text').'</legend>'. &mt('Text automatically added to e-mail:').' '. - '<input type="text" name="override_'.$type.'_includestr" value="'.$includestr.'" /><br >'. + '<input type="text" name="override_'.$type.'_includestr" value="'.$includestr.'" /><br />'. '<span class="LC_nobreak">'.&mt('Location:').' '. '<label><input type="radio" name="override_'.$type.'_includeloc" value="s"'.$locchecked{'s'}.' />'.&mt('in subject').'</label>'. (' 'x2). @@ -3289,7 +4376,6 @@ function toggleHelpdeskRow(form,checkbox return; } - // ]]> </script> @@ -3464,7 +4550,9 @@ sub print_helpsettings { \@templateroles,$newcust). &Apache::lonuserutils::custom_role_table('Course',\%full,\%levels, \%levelscurrent,$newcust). - '</fieldset></td></tr>'; + '</fieldset>'. + &helpsettings_javascript(\@roles_by_num,$maxnum,$hiddenstr,$formname). + '</td></tr>'; $count ++; $$rowtotal += $count; } @@ -3681,7 +4769,7 @@ sub helpdeskroles_access { sub radiobutton_prefs { my ($settings,$toggles,$defaultchecked,$choices,$itemcount,$onclick, - $additional,$align) = @_; + $additional,$align,$firstval) = @_; return unless ((ref($toggles) eq 'ARRAY') && (ref($defaultchecked) eq 'HASH') && (ref($choices) eq 'HASH')); @@ -3721,15 +4809,21 @@ sub radiobutton_prefs { } else { $datatable .= '<td class="LC_right_item">'; } - $datatable .= - '<span class="LC_nobreak">'. + $datatable .= '<span class="LC_nobreak">'; + if ($firstval eq 'no') { + $datatable .= + '<label><input type="radio" name="'. + $item.'" '.$checkedoff{$item}.' value="0"'.$onclick.' />'.&mt('No'). + '</label> <label><input type="radio" name="'.$item.'" '. + $checkedon{$item}.' value="1"'.$onclick.' />'.&mt('Yes').'</label>'; + } else { + $datatable .= '<label><input type="radio" name="'. $item.'" '.$checkedon{$item}.' value="1"'.$onclick.' />'.&mt('Yes'). '</label> <label><input type="radio" name="'.$item.'" '. - $checkedoff{$item}.' value="0"'.$onclick.' />'.&mt('No').'</label>'. - '</span>'.$additional. - '</td>'. - '</tr>'; + $checkedoff{$item}.' value="0"'.$onclick.' />'.&mt('No').'</label>'; + } + $datatable .= '</span>'.$additional.'</td></tr>'; $itemcount ++; } return ($datatable,$itemcount); @@ -3753,28 +4847,34 @@ sub print_ltitools { my $confname = $dom.'-domainconfig'; my $switchserver = &check_switchserver($dom,$confname); my $maxnum = scalar(keys(%ordered)); - my $datatable = <itools_javascript($settings); + my $datatable; my %lt = <itools_names(); my @courseroles = ('cc','in','ta','ep','st'); my @ltiroles = qw(Instructor ContentDeveloper TeachingAssistant Learner); - my @fields = ('fullname','firstname','lastname','email','user','roles'); + my @fields = ('fullname','firstname','lastname','email','roles','user'); if (keys(%ordered)) { my @items = sort { $a <=> $b } keys(%ordered); for (my $i=0; $i<@items; $i++) { $css_class = $itemcount%2?' class="LC_odd_row"':''; my $item = $ordered{$items[$i]}; - my ($title,$key,$secret,$url,$imgsrc,$version); + my ($title,$key,$secret,$url,$lifetime,$imgsrc,%sigsel); if (ref($settings->{$item}) eq 'HASH') { $title = $settings->{$item}->{'title'}; $url = $settings->{$item}->{'url'}; $key = $settings->{$item}->{'key'}; $secret = $settings->{$item}->{'secret'}; + $lifetime = $settings->{$item}->{'lifetime'}; my $image = $settings->{$item}->{'image'}; if ($image ne '') { $imgsrc = '<img src="'.$image.'" alt="'.&mt('Tool Provider icon').'" />'; } + if ($settings->{$item}->{'sigmethod'} eq 'HMAC-256') { + $sigsel{'HMAC-256'} = ' selected="selected"'; + } else { + $sigsel{'HMAC-SHA1'} = ' selected="selected"'; + } } - my $chgstr = ' onchange="javascript:reorderLTI(this.form,'."'ltitools_".$item."'".');"'; + my $chgstr = ' onchange="javascript:reorderLTITools(this.form,'."'ltitools_".$item."'".');"'; $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">' .'<select name="ltitools_'.$item.'"'.$chgstr.'>'; for (my $k=0; $k<=$maxnum; $k++) { @@ -3790,20 +4890,27 @@ sub print_ltitools { &mt('Delete?').'</label></span></td>'. '<td colspan="2">'. '<fieldset><legend>'.&mt('Required settings').'</legend>'. - '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="30" name="ltitools_title_'.$i.'" value="'.$title.'" /></span> '. + '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="20" name="ltitools_title_'.$i.'" value="'.$title.'" /></span> '. (' 'x2). '<span class="LC_nobreak">'.$lt{'version'}.':<select name="ltitools_version_'.$i.'">'. '<option value="LTI-1p0" selected="selected">1.1</option></select></span> '. (' 'x2). '<span class="LC_nobreak">'.$lt{'msgtype'}.':<select name="ltitools_msgtype_'.$i.'">'. '<option value="basic-lti-launch-request" selected="selected">Launch</option></select></span> '. + (' 'x2). + '<span class="LC_nobreak">'.$lt{'sigmethod'}.':<select name="ltitools_sigmethod_'.$i.'">'. + '<option value="HMAC-SHA1"'.$sigsel{'HMAC-SHA1'}.'>HMAC-SHA1</option>'. + '<option value="HMAC-SHA256"'.$sigsel{'HMAC-SHA256'}.'>HMAC-SHA256</option></select></span>'. '<br /><br />'. - '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="30" name="ltitools_url_'.$i.'"'. + '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="40" name="ltitools_url_'.$i.'"'. ' value="'.$url.'" /></span>'. (' 'x2). - '<span class="LC_nobreak">'.$lt{'key'}. + '<span class="LC_nobreak">'.$lt{'key'}.':'. '<input type="text" size="25" name="ltitools_key_'.$i.'" value="'.$key.'" /></span> '. (' 'x2). + '<span class="LC_nobreak">'.$lt{'lifetime'}.':'. + '<input type="text" size="5" name="ltitools_lifetime_'.$i.'" value="'.$lifetime.'" /></span> '. + (' 'x2). '<span class="LC_nobreak">'.$lt{'secret'}.':'. '<input type="password" size="20" name="ltitools_secret_'.$i.'" value="'.$secret.'" />'. '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.ltitools_secret_'.$i.'.type='."'text'".' } else { this.form.ltitools_secret_'.$i.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'. @@ -3841,27 +4948,14 @@ sub print_ltitools { '<input type="text" name="ltitools_'.$dimen.'_'.$i.'" size="5" value="'.$currdisp{$dimen}.'" /></label>'. (' 'x2); } - $datatable .= '<br />'. + $datatable .= '</span><br />'. '<div class="LC_left_float">'.$lt{'linktext'}.'<br />'. - '<input type="text" name="ltitools_linktext_'.$i.'" size="25" value="'.$currdisp{'linktext'}.'" /></label></div>'. + '<input type="text" name="ltitools_linktext_'.$i.'" size="25" value="'.$currdisp{'linktext'}.'" /></div>'. '<div class="LC_left_float">'.$lt{'explanation'}.'<br />'. '<textarea name="ltitools_explanation_'.$i.'" rows="5" cols="40">'.$currdisp{'explanation'}. - '</textarea></div><div style=""></div><br />'; - $datatable .= '<br />'; - foreach my $extra ('passback','roster') { - my $checkedon = ''; - my $checkedoff = ' checked="checked"'; - if ($settings->{$item}->{$extra}) { - $checkedon = $checkedoff; - $checkedoff = ''; - } - $datatable .= $lt{$extra}.' '. - '<label><input type="radio" name="ltitools_'.$extra.'_'.$i.'" value="1"'.$checkedon.' />'. - &mt('Yes').'</label>'.(' 'x2). - '<label><input type="radio" name="ltitools_'.$extra.'_'.$i.'" value="0"'.$checkedoff.' />'. - &mt('No').'</label>'.(' 'x4); - } - $datatable .= '<br /><br /><span class="LC_nobreak">'.$lt{'icon'}.': '; + '</textarea></div><div style=""></div>'. + '<div style="padding:0;clear:both;margin:0;border:0"></div>'; + $datatable .= '<span class="LC_nobreak">'.$lt{'icon'}.': '; if ($imgsrc) { $datatable .= $imgsrc. '<label><input type="checkbox" name="ltitools_image_del"'. @@ -3876,11 +4970,12 @@ sub print_ltitools { $datatable .= '<input type="file" name="ltitools_image_'.$i.'" value="" />'; } $datatable .= '</span></fieldset>'; - my (%checkedfields,%rolemaps); + my (%checkedfields,%rolemaps,$userincdom); if (ref($settings->{$item}) eq 'HASH') { if (ref($settings->{$item}->{'fields'}) eq 'HASH') { %checkedfields = %{$settings->{$item}->{'fields'}}; } + $userincdom = $settings->{$item}->{'incdom'}; if (ref($settings->{$item}->{'roles'}) eq 'HASH') { %rolemaps = %{$settings->{$item}->{'roles'}}; $checkedfields{'roles'} = 1; @@ -3888,16 +4983,40 @@ sub print_ltitools { } $datatable .= '<fieldset><legend>'.&mt('User data sent on launch').'</legend>'. '<span class="LC_nobreak">'; + my $userfieldstyle = 'display:none;'; + my $seluserdom = ''; + my $unseluserdom = ' selected="selected"'; foreach my $field (@fields) { - my $checked; + my ($checked,$onclick,$id,$spacer); if ($checkedfields{$field}) { $checked = ' checked="checked"'; } + if ($field eq 'user') { + $id = ' id="ltitools_user_field_'.$i.'"'; + $onclick = ' onclick="toggleLTITools(this.form,'."'$field','$i'".')"'; + if ($checked) { + $userfieldstyle = 'display:inline-block'; + if ($userincdom) { + $seluserdom = $unseluserdom; + $unseluserdom = ''; + } + } + } else { + $spacer = (' ' x2); + } $datatable .= '<label>'. - '<input type="checkbox" name="ltitools_fields_'.$i.'" value="'.$field.'"'.$checked.' />'. - $lt{$field}.'</label>'.(' ' x2); + '<input type="checkbox" name="ltitools_fields_'.$i.'" value="'.$field.'"'.$id.$checked.$onclick.' />'. + $lt{$field}.'</label>'.$spacer; } - $datatable .= '</span></fieldset>'. + $datatable .= '</span>'; + $datatable .= '<div style="'.$userfieldstyle.'" id="ltitools_user_div_'.$i.'">'. + '<span class="LC_nobreak"> : '. + '<select name="ltitools_userincdom_'.$i.'">'. + '<option value="">'.&mt('Select').'</option>'. + '<option value="0"'.$unseluserdom.'>'.&mt('username').'</option>'. + '<option value="1"'.$seluserdom.'>'.&mt('username:domain').'</option>'. + '</select></span></div>'; + $datatable .= '</fieldset>'. '<fieldset><legend>'.&mt('Role mapping').'</legend><table><tr>'; foreach my $role (@courseroles) { my ($selected,$selectnone); @@ -3928,7 +5047,7 @@ sub print_ltitools { } } $datatable .= '<fieldset><legend>'.&mt('Configurable in course').'</legend><span class="LC_nobreak">'; - foreach my $item ('label','title','target','linktext','explanation') { + foreach my $item ('label','title','target','linktext','explanation','append') { my $checked; if ($courseconfig{$item}) { $checked = ' checked="checked"'; @@ -3961,7 +5080,7 @@ sub print_ltitools { } } $css_class = $itemcount%2?' class="LC_odd_row"':''; - my $chgstr = ' onchange="javascript:reorderLTI(this.form,'."'ltitools_add_pos'".');"'; + my $chgstr = ' onchange="javascript:reorderLTITools(this.form,'."'ltitools_add_pos'".');"'; $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'."\n". '<input type="hidden" name="ltitools_maxnum" value="'.$maxnum.'" />'."\n". '<select name="ltitools_add_pos"'.$chgstr.'>'; @@ -3974,21 +5093,26 @@ sub print_ltitools { $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>'; } $datatable .= '</select> '."\n". - '<input type="checkbox" name="ltitools_add" value="1" />'.&mt('Add').'</td>'."\n". + '<input type="checkbox" name="ltitools_add" value="1" />'.&mt('Add').'</span></td>'."\n". '<td colspan="2">'. '<fieldset><legend>'.&mt('Required settings').'</legend>'. - '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="30" name="ltitools_add_title" value="" /></span> '."\n". + '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="20" name="ltitools_add_title" value="" /></span> '."\n". (' 'x2). '<span class="LC_nobreak">'.$lt{'version'}.':<select name="ltitools_add_version">'. '<option value="LTI-1p0" selected="selected">1.1</option></select></span> '."\n". (' 'x2). '<span class="LC_nobreak">'.$lt{'msgtype'}.':<select name="ltitools_add_msgtype">'. '<option value="basic-lti-launch-request" selected="selected">Launch</option></select></span> '. + '<span class="LC_nobreak">'.$lt{'sigmethod'}.':<select name="ltitools_add_sigmethod">'. + '<option value="HMAC-SHA1" selected="selected">HMAC-SHA1</option>'. + '<option value="HMAC-SHA256">HMAC-SHA256</option></select></span>'. '<br />'. - '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="30" name="ltitools_add_url" value="" /></span> '."\n". + '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="40" name="ltitools_add_url" value="" /></span> '."\n". (' 'x2). '<span class="LC_nobreak">'.$lt{'key'}.':<input type="text" size="25" name="ltitools_add_key" value="" /></span> '."\n". (' 'x2). + '<span class="LC_nobreak">'.$lt{'lifetime'}.':<input type="text" size="5" name="ltitools_add_lifetime" value="300" /></span> '."\n". + (' 'x2). '<span class="LC_nobreak">'.$lt{'secret'}.':<input type="password" size="20" name="ltitools_add_secret" value="" />'. '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.ltitools_add_secret.type='."'text'".' } else { this.form.ltitools_add_secret.type='."'password'".' }" />'.&mt('Visible input').'</label></span> '."\n". '</fieldset>'. @@ -4006,20 +5130,14 @@ sub print_ltitools { '<input type="text" name="ltitools_add_'.$dimen.'" size="5" /></label>'. (' 'x2); } - $datatable .= '<br />'. + $datatable .= '</span><br />'. '<div class="LC_left_float">'.$lt{'linktext'}.'<br />'. - '<input type="text" name="ltitools_add_linktext" size="5" /></label></div>'. + '<input type="text" name="ltitools_add_linktext" size="5" /></div>'. '<div class="LC_left_float">'.$lt{'explanation'}.'<br />'. - '<textarea name=ltitools_add_explanation" rows="5" cols="40"></textarea>'. - '</div><div style=""></div><br />'; - foreach my $extra ('passback','roster') { - $datatable .= $lt{$extra}.' '. - '<label><input type="radio" name="ltitools_add_'.$extra.'" value="1" />'. - &mt('Yes').'</label>'.(' 'x2). - '<label><input type="radio" name="ltitools_add_'.$extra.'" value="0" checked="checked" />'. - &mt('No').'</label>'.(' 'x4); - } - $datatable .= '<br /><br /><span class="LC_nobreak">'.$lt{'icon'}.': '. + '<textarea name="ltitools_add_explanation" rows="5" cols="40"></textarea>'. + '</div><div style=""></div>'. + '<div style="padding:0;clear:both;margin:0;border:0"></div>'; + $datatable .= '<span class="LC_nobreak">'.$lt{'icon'}.': '. '('.&mt('if larger than 21x21 pixels, image will be scaled').') '; if ($switchserver) { $datatable .= &mt('Upload to library server: [_1]',$switchserver); @@ -4030,12 +5148,26 @@ sub print_ltitools { '<fieldset><legend>'.&mt('User data sent on launch').'</legend>'. '<span class="LC_nobreak">'; foreach my $field (@fields) { + my ($id,$onclick,$spacer); + if ($field eq 'user') { + $id = ' id="ltitools_user_field_add"'; + $onclick = ' onclick="toggleLTITools(this.form,'."'$field','add'".')"'; + } else { + $spacer = (' ' x2); + } $datatable .= '<label>'. - '<input type="checkbox" name="ltitools_add_fields" value="'.$field.'" />'. - $lt{$field}.'</label>'.(' ' x2); + '<input type="checkbox" name="ltitools_add_fields" value="'.$field.'"'.$id.$onclick.' />'. + $lt{$field}.'</label>'.$spacer; } - $datatable .= '</span></fieldset>'. - '<fieldset><legend>'.&mt('Role mapping').'</legend><table><tr>'; + $datatable .= '</span>'. + '<div style="display:none;" id="ltitools_user_div_add">'. + '<span class="LC_nobreak"> : '. + '<select name="ltitools_userincdom_add">'. + '<option value="" selected="selected">'.&mt('Select').'</option>'. + '<option value="0">'.&mt('username').'</option>'. + '<option value="1">'.&mt('username:domain').'</option>'. + '</select></span></div></fieldset>'; + $datatable .= '<fieldset><legend>'.&mt('Role mapping').'</legend><table><tr>'; foreach my $role (@courseroles) { my ($checked,$checkednone); $datatable .= '<td align="center">'. @@ -4049,7 +5181,7 @@ sub print_ltitools { } $datatable .= '</tr></table></fieldset>'. '<fieldset><legend>'.&mt('Configurable in course').'</legend><span class="LC_nobreak">'; - foreach my $item ('label','title','target','linktext','explanation') { + foreach my $item ('label','title','target','linktext','explanation','append') { $datatable .= '<label>'. '<input type="checkbox" name="ltitools_courseconfig" value="'.$item.'" checked="checked" />'. $lt{'crs'.$item}.'</label>'.(' ' x2)."\n"; @@ -4061,7 +5193,7 @@ sub print_ltitools { '<label><input type="checkbox" name="ltitools_add_custom" value="1" />'. &mt('Add').'</label></span></td><td><input type="text" name="ltitools_add_custom_name" />'. '</td><td><input type="text" name="ltitools_add_custom_value" /></td></tr>'. - '</table></fieldset></td></tr>'."\n". + '</table></fieldset>'."\n". '</td>'."\n". '</tr>'."\n"; $itemcount ++; @@ -4073,11 +5205,13 @@ sub ltitools_names { 'title' => 'Title', 'version' => 'Version', 'msgtype' => 'Message Type', + 'sigmethod' => 'Signature Method', 'url' => 'URL', 'key' => 'Key', + 'lifetime' => 'Nonce lifetime (s)', 'secret' => 'Secret', 'icon' => 'Icon', - 'user' => 'Username:domain', + 'user' => 'User', 'fullname' => 'Full Name', 'firstname' => 'First Name', 'lastname' => 'Last Name', @@ -4090,18 +5224,157 @@ sub ltitools_names { 'width' => 'Width', 'linktext' => 'Default Link Text', 'explanation' => 'Default Explanation', - 'passback' => 'Tool can return grades:', - 'roster' => 'Tool can retrieve roster:', 'crstarget' => 'Display target', 'crslabel' => 'Course label', 'crstitle' => 'Course title', 'crslinktext' => 'Link Text', 'crsexplanation' => 'Explanation', + 'crsappend' => 'Provider URL', ); return %lt; } +sub print_lti { + my ($position,$dom,$settings,$rowtotal) = @_; + my $itemcount = 1; + my ($datatable,$css_class); + my (%rules,%encrypt,%privkeys,%linkprot); + if (ref($settings) eq 'HASH') { + if ($position eq 'top') { + if (exists($settings->{'encrypt'})) { + if (ref($settings->{'encrypt'}) eq 'HASH') { + foreach my $key (keys(%{$settings->{'encrypt'}})) { + $encrypt{'ltisec_'.$key.'linkprot'} = $settings->{'encrypt'}{$key}; + } + } + } + if (exists($settings->{'private'})) { + if (ref($settings->{'private'}) eq 'HASH') { + if (ref($settings->{'private'}) eq 'HASH') { + if (ref($settings->{'private'}{'keys'}) eq 'ARRAY') { + map { $privkeys{$_} = 1; } (@{$settings->{'private'}{'keys'}}); + } + } + } + } + } elsif ($position eq 'middle') { + if (exists($settings->{'rules'})) { + if (ref($settings->{'rules'}) eq 'HASH') { + %rules = %{$settings->{'rules'}}; + } + } + } elsif ($position eq 'bottom') { + if (exists($settings->{'linkprot'})) { + if (ref($settings->{'linkprot'}) eq 'HASH') { + %linkprot = %{$settings->{'linkprot'}}; + if ($linkprot{'lock'}) { + delete($linkprot{'lock'}); + } + } + } + } + } + if ($position eq 'top') { + my @ids=&Apache::lonnet::current_machine_ids(); + my %servers = &Apache::lonnet::get_servers($dom,'library'); + my $primary = &Apache::lonnet::domain($dom,'primary'); + my ($extra,$numshown); + foreach my $hostid (sort(keys(%servers))) { + my ($showextra,$divsty,$switch); + if ($hostid eq $primary) { + if ($encrypt{'ltisec_domlinkprot'}) { + $showextra = 1; + } + } + if ($encrypt{'ltisec_crslinkprot'}) { + $showextra = 1; + } + unless (grep(/^\Q$hostid\E$/,@ids)) { + $switch = 1; + } + if ($showextra) { + $numshown ++; + $divsty = 'display:inline-block'; + } else { + $divsty = 'display:none'; + } + $extra .= '<fieldset id="ltisec_info_'.$hostid.'" style="'.$divsty.'">'. + '<legend>'.$hostid.'</legend>'; + if ($switch) { + my $switchserver = '<a href="/adm/switchserver?otherserver='.$hostid.'&role='. + &HTML::Entities::encode($env{'request.role'},'\'<>"&'). + '&destinationurl=/adm/domainprefs">'.&mt('Switch Server').'</a>'; + if (exists($privkeys{$hostid})) { + $extra .= '<div id="ltisec_divcurrprivkey_'.$hostid.'" style="display:inline-block" />'. + '<span class="LC_nobreak">'. + &mt('Encryption Key').': ['.&mt('not shown').'] '.(' 'x2).'</span></div>'. + '<span class="LC_nobreak">'.&mt('Change?'). + '<label><input type="radio" value="0" name="ltisec_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$hostid'".');" checked="checked" />'.&mt('No').'</label>'. + (' 'x2). + '<label><input type="radio" value="1" name="ltisec_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$hostid'".');" />'.&mt('Yes'). + '</label> </span><div id="ltisec_divchgprivkey_'.$hostid.'" style="display:none" />'. + '<span class="LC_nobreak"> - '.&mt('submit from server ([_1]): [_2].',$hostid,$switchserver). + '</span></div>'; + } else { + $extra .= '<span class="LC_nobreak">'. + &mt('Key required').' - '.&mt('submit from server ([_1]): [_2].',$hostid,$switchserver). + '</span>'."\n"; + } + } elsif (exists($privkeys{$hostid})) { + $extra .= '<div id="ltisec_divcurrprivkey_'.$hostid.'" style="display:inline-block" /><span class="LC_nobreak">'. + &mt('Encryption Key').': ['.&mt('not shown').'] '.(' 'x2).'</span></div>'. + '<span class="LC_nobreak">'.&mt('Change?'). + '<label><input type="radio" value="0" name="ltisec_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$hostid'".');" checked="checked" />'.&mt('No').'</label>'. + (' 'x2). + '<label><input type="radio" value="1" name="ltisec_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$hostid'".');" />'.&mt('Yes'). + '</label> </span><div id="ltisec_divchgprivkey_'.$hostid.'" style="display:none" />'. + '<span class="LC_nobreak">'.&mt('New Key').':'. + '<input type="password" size="20" name="ltisec_privkey_'.$hostid.'" value="" autocomplete="off" />'. + '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.ltisec_privkey_'.$hostid.'.type='."'text'".' } else { this.form.ltisec_privkey_'.$hostid.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'. + '</span></div>'; + } else { + $extra .= '<span class="LC_nobreak">'.&mt('Encryption Key').':'. + '<input type="password" size="20" name="ltisec_privkey_'.$hostid.'" value="" autocomplete="off" />'. + '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.ltisec_privkey_'.$hostid.'.type='."'text'".' } else { this.form.ltisec_privkey_'.$hostid.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'; + } + $extra .= '</fieldset>'; + } + my %choices = &Apache::lonlocal::texthash ( + ltisec_crslinkprot => 'Encrypt stored link protection secrets defined in courses', + ltisec_domlinkprot => 'Encrypt stored link protection secrets defined in domain', + ); + my @toggles = qw(ltisec_crslinkprot ltisec_domlinkprot); + my %defaultchecked = ( + 'ltisec_crslinkprot' => 'off', + 'ltisec_domlinkprot' => 'off', + ); + my ($onclick,$itemcount); + $onclick = 'javascript:toggleLTIEncKey(this.form);'; + ($datatable,$itemcount) = &radiobutton_prefs(\%encrypt,\@toggles,\%defaultchecked, + \%choices,$itemcount,$onclick,'','left','no'); + + $css_class = $itemcount%2?' class="LC_odd_row"':''; + my $noprivkeysty = 'display:inline-block'; + if ($numshown) { + $noprivkeysty = 'display:none'; + } + $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'.&mt('Encryption Key(s)').'</td>'. + '<td><div id="ltisec_noprivkey" style="'.$noprivkeysty.'" >'. + '<span class="LC_nobreak">'.&mt('Not in use').'</span></div>'. + $extra. + '</td></tr>'; + $itemcount ++; + $$rowtotal += $itemcount; + } elsif ($position eq 'middle') { + $datatable = &password_rules('secrets',\$itemcount,\%rules); + $$rowtotal += $itemcount; + } elsif ($position eq 'bottom') { + $datatable .= &Apache::courseprefs::print_linkprotection($dom,'',$settings,$rowtotal,'','','domain'); + } + return $datatable; +} + sub print_coursedefaults { my ($position,$dom,$settings,$rowtotal) = @_; my ($css_class,$datatable,%checkedon,%checkedoff,%defaultchecked,@toggles); @@ -4112,9 +5385,12 @@ sub print_coursedefaults { coursecredits => 'Credits can be specified for courses', uselcmath => 'Math preview uses LON-CAPA previewer (javascript) in place of DragMath (Java)', usejsme => 'Molecule editor uses JSME (HTML5) in place of JME (Java)', + inline_chem => 'Use inline previewer for chemical reaction response in place of pop-up', + texengine => 'Default method to display mathematics', postsubmit => 'Disable submit button/keypress following student submission', canclone => "People who may clone a course (besides course's owner and coordinators)", mysqltables => 'Lifetime (s) of "Temporary" MySQL tables (student performance data) on homeserver', + ltiauth => 'Student username in LTI launch of deep-linked URL can be accepted without re-authentication', ); my %staticdefaults = ( anonsurvey_threshold => 10, @@ -4126,11 +5402,40 @@ sub print_coursedefaults { %defaultchecked = ( 'uselcmath' => 'on', 'usejsme' => 'on', + 'inline_chem' => 'on', 'canclone' => 'none', ); - @toggles = ('uselcmath','usejsme'); + @toggles = ('uselcmath','usejsme','inline_chem'); + my $deftex = $Apache::lonnet::deftex; + if (ref($settings) eq 'HASH') { + if ($settings->{'texengine'}) { + if ($settings->{'texengine'} =~ /^(MathJax|mimetex|tth)$/) { + $deftex = $settings->{'texengine'}; + } + } + } + $css_class = $itemcount%2?' class="LC_odd_row"':''; + my $mathdisp = '<tr'.$css_class.'><td style="vertical-align: top">'. + '<span class="LC_nobreak">'.$choices{'texengine'}. + '</span></td><td class="LC_right_item">'. + '<select name="texengine">'."\n"; + my %texoptions = ( + MathJax => 'MathJax', + mimetex => &mt('Convert to Images'), + tth => &mt('TeX to HTML'), + ); + foreach my $renderer ('MathJax','mimetex','tth') { + my $selected = ''; + if ($renderer eq $deftex) { + $selected = ' selected="selected"'; + } + $mathdisp .= '<option value="'.$renderer.'"'.$selected.'>'.$texoptions{$renderer}.'</option>'."\n"; + } + $mathdisp .= '</select></td></tr>'."\n"; + $itemcount ++; ($datatable,$itemcount) = &radiobutton_prefs($settings,\@toggles,\%defaultchecked, \%choices,$itemcount); + $datatable = $mathdisp.$datatable; $css_class = $itemcount%2?' class="LC_odd_row"':''; $datatable .= '<tr'.$css_class.'><td valign="top">'. @@ -4139,7 +5444,7 @@ sub print_coursedefaults { my $currcanclone = 'none'; my $onclick; my @cloneoptions = ('none','domain'); - my %clonetitles = ( + my %clonetitles = &Apache::lonlocal::texthash ( none => 'No additional course requesters', domain => "Any course requester in course's domain", instcode => 'Course requests for official courses ...', @@ -4207,8 +5512,12 @@ sub print_coursedefaults { my ($currdefresponder,%defcredits,%curruploadquota,%deftimeout,%currmysql); my $currusecredits = 0; my $postsubmitclient = 1; + my $ltiauth = 0; my @types = ('official','unofficial','community','textbook'); if (ref($settings) eq 'HASH') { + if ($settings->{'ltiauth'}) { + $ltiauth = 1; + } $currdefresponder = $settings->{'anonsurvey_threshold'}; if (ref($settings->{'uploadquota'}) eq 'HASH') { foreach my $type (keys(%{$settings->{'uploadquota'}})) { @@ -4354,7 +5663,16 @@ sub print_coursedefaults { } $datatable .= '</tr></table></td></tr>'."\n"; $itemcount ++; - + %defaultchecked = ('ltiauth' => 'off'); + @toggles = ('ltiauth'); + $current = { + 'ltiauth' => $ltiauth, + }; + ($table,$itemcount) = + &radiobutton_prefs($current,\@toggles,\%defaultchecked, + \%choices,$itemcount,undef,undef,'left'); + $datatable .= $table; + $itemcount ++; } $$rowtotal += $itemcount; return $datatable; @@ -4548,7 +5866,7 @@ sub print_validation_rows { '</label></span> '; } } elsif ($item eq 'markup') { - $datatable .= '<textarea name="'.$caller.'_validation_markup" cols="50" rows="5" wrap="soft">'. + $datatable .= '<textarea name="'.$caller.'_validation_markup" cols="50" rows="5">'. $currvalidation{$item}. '</textarea>'; } @@ -4570,7 +5888,7 @@ sub print_validation_rows { my ($numdc,$dctable,$rows) = &active_dc_picker($dom,$numinrow,'radio', 'validationdc',%currhash); my $css_class = $itemcount%2 ? ' class="LC_odd_row"' : ''; - $datatable .= '</td></tr><tr'.$css_class.'><td>'; + $datatable .= '<tr'.$css_class.'><td>'; if ($numdc > 1) { $datatable .= &mt('Course creation processed as: (choose Dom. Coord.)'); } else { @@ -4585,6 +5903,769 @@ sub print_validation_rows { return $datatable; } +sub print_passwords { + my ($position,$dom,$confname,$settings,$rowtotal) = @_; + my ($datatable,$css_class); + my $itemcount = 0; + my %titles = &Apache::lonlocal::texthash ( + captcha => '"Forgot Password" CAPTCHA validation', + link => 'Reset link expiration (hours)', + case => 'Case-sensitive usernames/e-mail', + prelink => 'Information required (form 1)', + postlink => 'Information required (form 2)', + emailsrc => 'LON-CAPA e-mail address type(s)', + customtext => 'Domain specific text (HTML)', + intauth_cost => 'Encryption cost for bcrypt (positive integer)', + intauth_check => 'Check bcrypt cost if authenticated', + intauth_switch => 'Existing crypt-based switched to bcrypt on authentication', + permanent => 'Permanent e-mail address', + critical => 'Critical notification address', + notify => 'Notification address', + min => 'Minimum password length', + max => 'Maximum password length', + chars => 'Required characters', + numsaved => 'Number of previous passwords to save and disallow reuse', + ); + if ($position eq 'top') { + my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom); + my $shownlinklife = 2; + my $prelink = 'both'; + my (%casesens,%postlink,%emailsrc,$nostdtext,$customurl); + if (ref($settings) eq 'HASH') { + if ($settings->{resetlink} =~ /^\d+(|\.\d*)$/) { + $shownlinklife = $settings->{resetlink}; + } + if (ref($settings->{resetcase}) eq 'ARRAY') { + map { $casesens{$_} = 1; } (@{$settings->{resetcase}}); + } + if ($settings->{resetprelink} =~ /^(both|either)$/) { + $prelink = $settings->{resetprelink}; + } + if (ref($settings->{resetpostlink}) eq 'HASH') { + %postlink = %{$settings->{resetpostlink}}; + } + if (ref($settings->{resetemail}) eq 'ARRAY') { + map { $emailsrc{$_} = 1; } (@{$settings->{resetemail}}); + } + if ($settings->{resetremove}) { + $nostdtext = 1; + } + if ($settings->{resetcustom}) { + $customurl = $settings->{resetcustom}; + } + } else { + if (ref($types) eq 'ARRAY') { + foreach my $item (@{$types}) { + $casesens{$item} = 1; + $postlink{$item} = ['username','email']; + } + } + $casesens{'default'} = 1; + $postlink{'default'} = ['username','email']; + $prelink = 'both'; + %emailsrc = ( + permanent => 1, + critical => 1, + notify => 1, + ); + } + $datatable = &captcha_choice('passwords',$settings,$$rowtotal); + $itemcount ++; + $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td>'.$titles{'link'}.'</td>'. + '<td class="LC_left_item">'. + '<input type="textbox" value="'.$shownlinklife.'" '. + 'name="passwords_link" size="3" /></td></tr>'; + $itemcount ++; + $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td>'.$titles{'case'}.'</td>'. + '<td class="LC_left_item">'; + if ((ref($types) eq 'ARRAY') && (ref($usertypes) eq 'HASH')) { + foreach my $item (@{$types}) { + my $checkedcase; + if ($casesens{$item}) { + $checkedcase = ' checked="checked"'; + } + $datatable .= '<span class="LC_nobreak"><label>'. + '<input type="checkbox" name="passwords_case_sensitive" value="'. + $item.'"'.$checkedcase.' />'.$usertypes->{$item}.'</label>'. + '</span> '; + } + } + my $checkedcase; + if ($casesens{'default'}) { + $checkedcase = ' checked="checked"'; + } + $datatable .= '<span class="LC_nobreak"><label><input type="checkbox" '. + 'name="passwords_case_sensitive" value="default"'.$checkedcase.' />'. + $othertitle.'</label></span></td>'; + $itemcount ++; + $css_class = $itemcount%2?' class="LC_odd_row"':''; + my %checkedpre = ( + both => ' checked="checked"', + either => '', + ); + if ($prelink eq 'either') { + $checkedpre{either} = ' checked="checked"'; + $checkedpre{both} = ''; + } + $datatable .= '<tr'.$css_class.'><td>'.$titles{'prelink'}.'</td>'. + '<td class="LC_left_item"><span class="LC_nobreak">'. + '<label><input type="radio" name="passwords_prelink" value="both"'.$checkedpre{'both'}.' />'. + &mt('Both username and e-mail address').'</label></span> '. + '<span class="LC_nobreak"><label>'. + '<input type="radio" name="passwords_prelink" value="either"'.$checkedpre{'either'}.' />'. + &mt('Either username or e-mail address').'</label></span></td></tr>'; + $itemcount ++; + $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td>'.$titles{'postlink'}.'</td>'. + '<td class="LC_left_item">'; + my %postlinked; + if ((ref($types) eq 'ARRAY') && (ref($usertypes) eq 'HASH')) { + foreach my $item (@{$types}) { + undef(%postlinked); + $datatable .= '<fieldset style="display: inline-block;">'. + '<legend>'.$usertypes->{$item}.'</legend>'; + if (ref($postlink{$item}) eq 'ARRAY') { + map { $postlinked{$_} = 1; } (@{$postlink{$item}}); + } + foreach my $field ('email','username') { + my $checked; + if ($postlinked{$field}) { + $checked = ' checked="checked"'; + } + $datatable .= '<span class="LC_nobreak"><label>'. + '<input type="checkbox" name="passwords_postlink_'.$item.'" value="'. + $field.'"'.$checked.' />'.$field.'</label>'. + '<span> '; + } + $datatable .= '</fieldset>'; + } + } + if (ref($postlink{'default'}) eq 'ARRAY') { + map { $postlinked{$_} = 1; } (@{$postlink{'default'}}); + } + $datatable .= '<fieldset style="display: inline-block;">'. + '<legend>'.$othertitle.'</legend>'; + foreach my $field ('email','username') { + my $checked; + if ($postlinked{$field}) { + $checked = ' checked="checked"'; + } + $datatable .= '<span class="LC_nobreak"><label>'. + '<input type="checkbox" name="passwords_postlink_default" value="'. + $field.'"'.$checked.' />'.$field.'</label>'. + '<span> '; + } + $datatable .= '</fieldset></td></tr>'; + $itemcount ++; + $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td>'.$titles{'emailsrc'}.'</td>'. + '<td class="LC_left_item">'; + foreach my $type ('permanent','critical','notify') { + my $checkedemail; + if ($emailsrc{$type}) { + $checkedemail = ' checked="checked"'; + } + $datatable .= '<span class="LC_nobreak"><label>'. + '<input type="checkbox" name="passwords_emailsrc" value="'. + $type.'"'.$checkedemail.' />'.$titles{$type}.'</label>'. + '<span> '; + } + $datatable .= '</td></tr>'; + $itemcount ++; + $css_class = $itemcount%2?' class="LC_odd_row"':''; + my $switchserver = &check_switchserver($dom,$confname); + my ($showstd,$noshowstd); + if ($nostdtext) { + $noshowstd = ' checked="checked"'; + } else { + $showstd = ' checked="checked"'; + } + $datatable .= '<tr'.$css_class.'><td>'.$titles{'customtext'}.'</td>'. + '<td class="LC_left_item"><span class="LC_nobreak">'. + &mt('Retain standard text:'). + '<label><input type="radio" name="passwords_stdtext" value="1"'.$showstd.' />'. + &mt('Yes').'</label>'.' '. + '<label><input type="radio" name="passwords_stdtext" value="0"'.$noshowstd.' />'. + &mt('No').'</label></span><br />'. + '<span class="LC_fontsize_small">'. + &mt('(If you use the same account ... reset a password from this page.)').'</span><br /><br />'. + &mt('Include custom text:'); + if ($customurl) { + my $link = &Apache::loncommon::modal_link($customurl,&mt('custom text'),600,500, + undef,undef,undef,undef,'background-color:#ffffff'); + $datatable .= '<span class="LC_nobreak"> '.$link. + '<label><input type="checkbox" name="passwords_custom_del"'. + ' value="1" />'.&mt('Delete?').'</label></span>'. + ' <span class="LC_nobreak"> '.&mt('Replace:').'</span>'; + } + if ($switchserver) { + $datatable .= '<span class="LC_nobreak"> '.&mt('Upload to library server: [_1]',$switchserver).'</span>'; + } else { + $datatable .='<span class="LC_nobreak"> '. + '<input type="file" name="passwords_customfile" /></span>'; + } + $datatable .= '</td></tr>'; + } elsif ($position eq 'middle') { + my %domconf = &Apache::lonnet::get_dom('configuration',['defaults'],$dom); + my @items = ('intauth_cost','intauth_check','intauth_switch'); + my %defaults; + if (ref($domconf{'defaults'}) eq 'HASH') { + %defaults = %{$domconf{'defaults'}}; + if ($defaults{'intauth_cost'} !~ /^\d+$/) { + $defaults{'intauth_cost'} = 10; + } + if ($defaults{'intauth_check'} !~ /^(0|1|2)$/) { + $defaults{'intauth_check'} = 0; + } + if ($defaults{'intauth_switch'} !~ /^(0|1|2)$/) { + $defaults{'intauth_switch'} = 0; + } + } else { + %defaults = ( + 'intauth_cost' => 10, + 'intauth_check' => 0, + 'intauth_switch' => 0, + ); + } + foreach my $item (@items) { + if ($itemcount%2) { + $css_class = ''; + } else { + $css_class = ' class="LC_odd_row" '; + } + $datatable .= '<tr'.$css_class.'>'. + '<td><span class="LC_nobreak">'.$titles{$item}. + '</span></td><td class="LC_left_item" colspan="3">'; + if ($item eq 'intauth_switch') { + my @options = (0,1,2); + my %optiondesc = &Apache::lonlocal::texthash ( + 0 => 'No', + 1 => 'Yes', + 2 => 'Yes, and copy existing passwd file to passwd.bak file', + ); + $datatable .= '<table width="100%">'; + foreach my $option (@options) { + my $checked = ' '; + if ($defaults{$item} eq $option) { + $checked = ' checked="checked"'; + } + $datatable .= '<tr><td class="LC_left_item"><span class="LC_nobreak">'. + '<label><input type="radio" name="'.$item. + '" value="'.$option.'"'.$checked.' />'. + $optiondesc{$option}.'</label></span></td></tr>'; + } + $datatable .= '</table>'; + } elsif ($item eq 'intauth_check') { + my @options = (0,1,2); + my %optiondesc = &Apache::lonlocal::texthash ( + 0 => 'No', + 1 => 'Yes, allow login then update passwd file using default cost (if higher)', + 2 => 'Yes, disallow login if stored cost is less than domain default', + ); + $datatable .= '<table width="100%">'; + foreach my $option (@options) { + my $checked = ' '; + my $onclick; + if ($defaults{$item} eq $option) { + $checked = ' checked="checked"'; + } + if ($option == 2) { + $onclick = ' onclick="javascript:warnIntAuth(this);"'; + } + $datatable .= '<tr><td class="LC_left_item"><span class="LC_nobreak">'. + '<label><input type="radio" name="'.$item. + '" value="'.$option.'"'.$checked.$onclick.' />'. + $optiondesc{$option}.'</label></span></td></tr>'; + } + $datatable .= '</table>'; + } else { + $datatable .= '<input type="text" name="'.$item.'" value="'. + $defaults{$item}.'" size="3" onblur="javascript:warnIntAuth(this);" />'; + } + $datatable .= '</td></tr>'; + $itemcount ++; + } + } elsif ($position eq 'lower') { + $datatable .= &password_rules('passwords',\$itemcount,$settings); + } else { + my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom); + my %ownerchg = ( + by => {}, + for => {}, + ); + my %ownertitles = &Apache::lonlocal::texthash ( + by => 'Course owner status(es) allowed', + for => 'Student status(es) allowed', + ); + if (ref($settings) eq 'HASH') { + if (ref($settings->{crsownerchg}) eq 'HASH') { + if (ref($settings->{crsownerchg}{'by'}) eq 'ARRAY') { + map { $ownerchg{by}{$_} = 1; } (@{$settings->{crsownerchg}{'by'}}); + } + if (ref($settings->{crsownerchg}{'for'}) eq 'ARRAY') { + map { $ownerchg{for}{$_} = 1; } (@{$settings->{crsownerchg}{'for'}}); + } + } + } + $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr '.$css_class.'>'. + '<td>'. + &mt('Requirements').'<ul>'. + '<li>'.&mt("Course 'type' is not a Community").'</li>'. + '<li>'.&mt('User is Course Coordinator and also course owner').'</li>'. + '<li>'.&mt("Student's only active roles are student role(s) in course(s) owned by this user").'</li>'. + '<li>'.&mt('User, course, and student share same domain').'</li>'. + '</ul>'. + '</td>'. + '<td class="LC_left_item">'; + foreach my $item ('by','for') { + $datatable .= '<fieldset style="display: inline-block;">'. + '<legend>'.$ownertitles{$item}.'</legend>'; + if ((ref($types) eq 'ARRAY') && (ref($usertypes) eq 'HASH')) { + foreach my $type (@{$types}) { + my $checked; + if ($ownerchg{$item}{$type}) { + $checked = ' checked="checked"'; + } + $datatable .= '<span class="LC_nobreak"><label>'. + '<input type="checkbox" name="passwords_crsowner_'.$item.'" value="'. + $type.'"'.$checked.' />'.$usertypes->{$type}.'</label>'. + '</span> '; + } + } + my $checked; + if ($ownerchg{$item}{'default'}) { + $checked = ' checked="checked"'; + } + $datatable .= '<span class="LC_nobreak"><label><input type="checkbox" '. + 'name="passwords_crsowner_'.$item.'" value="default"'.$checked.' />'. + $othertitle.'</label></span></fieldset>'; + } + $datatable .= '</td></tr>'; + } + return $datatable; +} + +sub password_rules { + my ($prefix,$itemcountref,$settings) = @_; + my ($min,$max,%chars,$numsaved,$numinrow); + my %titles; + if ($prefix eq 'passwords') { + %titles = &Apache::lonlocal::texthash ( + min => 'Minimum password length', + max => 'Maximum password length', + chars => 'Required characters', + ); + } elsif ($prefix eq 'secrets') { + %titles = &Apache::lonlocal::texthash ( + min => 'Minimum secret length', + max => 'Maximum secret length', + chars => 'Required characters', + ); + } + $min = $Apache::lonnet::passwdmin; + my $datatable; + my $itemcount; + if (ref($itemcountref)) { + $itemcount = $$itemcountref; + } + if (ref($settings) eq 'HASH') { + if ($settings->{min}) { + $min = $settings->{min}; + } + if ($settings->{max}) { + $max = $settings->{max}; + } + if (ref($settings->{chars}) eq 'ARRAY') { + map { $chars{$_} = 1; } (@{$settings->{chars}}); + } + if ($prefix eq 'passwords') { + if ($settings->{numsaved}) { + $numsaved = $settings->{numsaved}; + } + } + } + my %rulenames = &Apache::lonlocal::texthash( + uc => 'At least one upper case letter', + lc => 'At least one lower case letter', + num => 'At least one number', + spec => 'At least one non-alphanumeric', + ); + my $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td>'.$titles{'min'}.'</td>'. + '<td class="LC_left_item"><span class="LC_nobreak">'. + '<input type="text" name="'.$prefix.'_min" value="'.$min.'" size="3" '. + 'onblur="javascript:warnInt'.$prefix.'(this);" />'. + '<span class="LC_fontsize_small"> '.&mt('(Enter an integer: 7 or larger)').'</span>'. + '</span></td></tr>'; + $itemcount ++; + $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td>'.$titles{'max'}.'</td>'. + '<td class="LC_left_item"><span class="LC_nobreak">'. + '<input type="text" name="'.$prefix.'_max" value="'.$max.'" size="3" '. + 'onblur="javascript:warnInt'.$prefix.'(this);" />'. + '<span class="LC_fontsize_small"> '.&mt('(Leave blank for no maximum)').'</span>'. + '</span></td></tr>'; + $itemcount ++; + $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td>'.$titles{'chars'}.'<br />'. + '<span class="LC_nobreak LC_fontsize_small">'.&mt('(Leave unchecked if not required)'). + '</span></td>'; + my $numinrow = 2; + my @possrules = ('uc','lc','num','spec'); + $datatable .= '<td class="LC_left_item"><table>'; + for (my $i=0; $i<@possrules; $i++) { + my ($rem,$checked); + if ($chars{$possrules[$i]}) { + $checked = ' checked="checked"'; + } + $rem = $i%($numinrow); + if ($rem == 0) { + if ($i > 0) { + $datatable .= '</tr>'; + } + $datatable .= '<tr>'; + } + $datatable .= '<td><span class="LC_nobreak"><label>'. + '<input type="checkbox" name="'.$prefix.'_chars" value="'.$possrules[$i].'"'.$checked.' />'. + $rulenames{$possrules[$i]}.'</label></span></td>'; + } + my $rem = @possrules%($numinrow); + my $colsleft = $numinrow - $rem; + if ($colsleft > 1 ) { + $datatable .= '<td colspan="'.$colsleft.'" class="LC_left_item">'. + ' </td>'; + } elsif ($colsleft == 1) { + $datatable .= '<td class="LC_left_item"> </td>'; + } + $datatable .='</table></td></tr>'; + $itemcount ++; + if ($prefix eq 'passwords') { + $titles{'numsaved'} = &mt('Number of previous passwords to save and disallow reuse'); + $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td>'.$titles{'numsaved'}.'</td>'. + '<td class="LC_left_item"><span class="LC_nobreak">'. + '<input type="text" name="'.$prefix.'_numsaved" value="'.$numsaved.'" size="3" '. + 'onblur="javascript:warnInt'.$prefix.'(this);" />'. + '<span class="LC_fontsize_small"> '.&mt('(Leave blank to not save previous passwords)').'</span>'. + '</span></td></tr>'; + $itemcount ++; + } + if (ref($itemcountref)) { + $$itemcountref += $itemcount; + } + return $datatable; +} + +sub print_wafproxy { + my ($position,$dom,$settings,$rowtotal) = @_; + my $css_class; + my $itemcount = 0; + my $datatable; + my %servers = &Apache::lonnet::internet_dom_servers($dom); + my (%othercontrol,%otherdoms,%aliases,%saml,%values,$setdom,$showdom); + my %lt = &wafproxy_titles(); + foreach my $server (sort(keys(%servers))) { + my $serverhome = &Apache::lonnet::get_server_homeID($servers{$server}); + next if ($serverhome eq ''); + my $serverdom; + if ($serverhome ne $server) { + $serverdom = &Apache::lonnet::host_domain($serverhome); + if (($serverdom ne '') && (&Apache::lonnet::domain($serverdom) ne '')) { + $othercontrol{$server} = $serverdom; + } + } else { + $serverdom = &Apache::lonnet::host_domain($server); + next if (($serverdom eq '') || (&Apache::lonnet::domain($serverdom) eq '')); + if ($serverdom ne $dom) { + $othercontrol{$server} = $serverdom; + } else { + $setdom = 1; + if (ref($settings) eq 'HASH') { + if (ref($settings->{'alias'}) eq 'HASH') { + $aliases{$dom} = $settings->{'alias'}; + if ($aliases{$dom} ne '') { + $showdom = 1; + } + } + if (ref($settings->{'saml'}) eq 'HASH') { + $saml{$dom} = $settings->{'saml'}; + } + } + } + } + } + if ($setdom) { + %{$values{$dom}} = (); + if (ref($settings) eq 'HASH') { + foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') { + $values{$dom}{$item} = $settings->{$item}; + } + } + } + if (keys(%othercontrol)) { + %otherdoms = reverse(%othercontrol); + foreach my $domain (keys(%otherdoms)) { + %{$values{$domain}} = (); + my %config = &Apache::lonnet::get_dom('configuration',['wafproxy'],$domain); + if (ref($config{'wafproxy'}) eq 'HASH') { + $aliases{$domain} = $config{'wafproxy'}{'alias'}; + if (exists($config{'wafproxy'}{'saml'})) { + $saml{$domain} = $config{'wafproxy'}{'saml'}; + } + foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') { + $values{$domain}{$item} = $config{'wafproxy'}{$item}; + } + } + } + } + if ($position eq 'top') { + my %servers = &Apache::lonnet::internet_dom_servers($dom); + my %aliasinfo; + foreach my $server (sort(keys(%servers))) { + $itemcount ++; + my $dom_in_effect; + my $aliasrows = '<tr>'. + '<td class="LC_left_item" style="vertical-align: baseline;">'. + &mt('Hostname').': '. + '<i>'.&Apache::lonnet::hostname($server).'</i></td><td> </td>'; + if ($othercontrol{$server}) { + $dom_in_effect = $othercontrol{$server}; + my ($current,$forsaml); + if (ref($aliases{$dom_in_effect}) eq 'HASH') { + $current = $aliases{$dom_in_effect}{$server}; + } + if (ref($saml{$dom_in_effect}) eq 'HASH') { + if ($saml{$dom_in_effect}{$server}) { + $forsaml = 1; + } + } + $aliasrows .= '<td class="LC_left_item" style="vertical-align: baseline;">'. + &mt('Alias').': '; + if ($current) { + $aliasrows .= $current; + if ($forsaml) { + $aliasrows .= ' ('.&mt('also for SSO Auth').')'; + } + } else { + $aliasrows .= &mt('None'); + } + $aliasrows .= ' <span class="LC_small">('. + &mt('controlled by domain: [_1]', + '<b>'.$dom_in_effect.'</b>').')</span></td>'; + } else { + $dom_in_effect = $dom; + my ($current,$samlon,$samloff); + $samloff = ' checked="checked"'; + if (ref($aliases{$dom}) eq 'HASH') { + if ($aliases{$dom}{$server}) { + $current = $aliases{$dom}{$server}; + } + } + if (ref($saml{$dom}) eq 'HASH') { + if ($saml{$dom}{$server}) { + $samlon = $samloff; + undef($samloff); + } + } + $aliasrows .= '<td class="LC_left_item" style="vertical-align: baseline;">'. + &mt('Alias').': '. + '<input type="text" name="wafproxy_alias_'.$server.'" '. + 'value="'.$current.'" size="30" />'. + (' 'x2).'<span class="LC_nobreak">'. + &mt('Alias used for SSO Auth').': <label>'. + '<input type="radio" value="0"'.$samloff.' name="wafproxy_alias_saml_'.$server.'" />'. + &mt('No').'</label> <label>'. + '<input type="radio" value="1"'.$samlon.' name="wafproxy_alias_saml_'.$server.'" />'. + &mt('Yes').'</label></span>'. + '</td>'; + } + $aliasrows .= '</tr>'; + $aliasinfo{$dom_in_effect} .= $aliasrows; + } + if ($aliasinfo{$dom}) { + my ($onclick,$wafon,$wafoff,$showtable); + $onclick = ' onclick="javascript:toggleWAF();"'; + $wafoff = ' checked="checked"'; + $showtable = ' style="display:none";'; + if ($showdom) { + $wafon = $wafoff; + $wafoff = ''; + $showtable = ' style="display:inline;"'; + } + $css_class = $itemcount%2 ? ' class="LC_odd_row"' : ''; + $datatable = '<tr'.$css_class.'>'. + '<td class="LC_left_item">'.&mt('Domain: [_1]','<b>'.$dom.'</b>').'<br />'. + '<span class="LC_nobreak">'.&mt('WAF in use?').' <label>'. + '<input type="radio" name="wafproxy_'.$dom.'" value="1"'.$wafon.$onclick.' />'. + &mt('Yes').'</label>'.(' 'x2).'<label>'. + '<input type="radio" name="wafproxy_'.$dom.'" value="0"'.$wafoff.$onclick.' />'. + &mt('No').'</label></span></td>'. + '<td class="LC_left_item">'. + '<table id="wafproxy_table"'.$showtable.'>'.$aliasinfo{$dom}. + '</table></td></tr>'; + $itemcount++; + } + if (keys(%otherdoms)) { + foreach my $key (sort(keys(%otherdoms))) { + $css_class = $itemcount%2 ? ' class="LC_odd_row"' : ''; + $datatable .= '<tr'.$css_class.'>'. + '<td class="LC_left_item">'.&mt('Domain: [_1]','<b>'.$key.'</b>').'</td>'. + '<td class="LC_left_item"><table>'.$aliasinfo{$key}. + '</table></td></tr>'; + $itemcount++; + } + } + } else { + my %ip_methods = &remoteip_methods(); + if ($setdom) { + $itemcount ++; + $css_class = $itemcount%2 ? ' class="LC_odd_row"' : ''; + my ($nowafstyle,$wafstyle,$curr_remotip,$currwafdisplay,$vpndircheck,$vpnaliascheck, + $currwafvpn,$wafrangestyle,$alltossl,$ssltossl); + $wafstyle = ' style="display:none;"'; + $nowafstyle = ' style="display:table-row;"'; + $currwafdisplay = ' style="display: none"'; + $wafrangestyle = ' style="display: none"'; + $curr_remotip = 'n'; + $ssltossl = ' checked="checked"'; + if ($showdom) { + $wafstyle = ' style="display:table-row;"'; + $nowafstyle = ' style="display:none;"'; + if (keys(%{$values{$dom}})) { + if ($values{$dom}{remoteip} =~ /^[nmh]$/) { + $curr_remotip = $values{$dom}{remoteip}; + } + if ($curr_remotip eq 'h') { + $currwafdisplay = ' style="display:table-row"'; + $wafrangestyle = ' style="display:inline-block;"'; + } + if ($values{$dom}{'sslopt'}) { + $alltossl = ' checked="checked"'; + $ssltossl = ''; + } + } + if (($values{$dom}{'vpnint'} ne '') || ($values{$dom}{'vpnext'} ne '')) { + $vpndircheck = ' checked="checked"'; + $currwafvpn = ' style="display:table-row;"'; + $wafrangestyle = ' style="display:inline-block;"'; + } else { + $vpnaliascheck = ' checked="checked"'; + $currwafvpn = ' style="display:none;"'; + } + } + $datatable .= '<tr'.$css_class.' id="nowafproxyrow_'.$dom.'"'.$wafstyle.'>'. + '<td class="LC_left_item">'.&mt('Domain: [_1]','<b>'.$dom.'</b>').'</td>'. + '<td class="LC_right_item">'.&mt('WAF not in use, nothing to set').'</td>'. + '</tr>'. + '<tr'.$css_class.' id="wafproxyrow_'.$dom.'"'.$wafstyle.'>'. + '<td class="LC_left_item">'.&mt('Domain: [_1]','<b>'.$dom.'</b>').'<br /><br />'. + '<div id="wafproxyranges_'.$dom.'">'.&mt('Format for comma separated IP ranges').':<br />'. + &mt('A.B.C.D/N or A.B.C.D-E.F.G.H').'<br />'. + &mt('Range(s) stored in CIDR notation').'</div></td>'. + '<td class="LC_left_item"><table>'. + '<tr>'. + '<td valign="top">'.$lt{'remoteip'}.': '. + '<select name="wafproxy_remoteip" id="wafproxy_remoteip" onchange="javascript:updateWAF();">'; + foreach my $option ('m','h','n') { + my $sel; + if ($option eq $curr_remotip) { + $sel = ' selected="selected"'; + } + $datatable .= '<option value="'.$option.'"'.$sel.'>'. + $ip_methods{$option}.'</option>'; + } + $datatable .= '</select></td></tr>'."\n". + '<tr id="wafproxy_header"'.$currwafdisplay.'><td>'. + $lt{'ipheader'}.': '. + '<input type="text" value="'.$values{$dom}{'ipheader'}.'" '. + 'name="wafproxy_ipheader" />'. + '</td></tr>'."\n". + '<tr id="wafproxy_trust"'.$currwafdisplay.'><td>'. + $lt{'trusted'}.':<br />'. + '<textarea name="wafproxy_trusted" rows="3" cols="80">'. + $values{$dom}{'trusted'}.'</textarea>'. + '</td></tr>'."\n". + '<tr><td><hr /></td></tr>'."\n". + '<tr>'. + '<td valign="top">'.$lt{'vpnaccess'}.':<br /><span class="LC_nobreak">'. + '<label><input type="radio" name="wafproxy_vpnaccess"'.$vpndircheck.' value="1" onclick="javascript:checkWAF();" />'. + $lt{'vpndirect'}.'</label>'.(' 'x2). + '<label><input type="radio" name="wafproxy_vpnaccess"'.$vpnaliascheck.' value="0" onclick="javascript:checkWAF();" />'. + $lt{'vpnaliased'}.'</label></span></td></tr>'; + foreach my $item ('vpnint','vpnext') { + $datatable .= '<tr id="wafproxy_show_'.$item.'"'.$currwafvpn.'>'. + '<td valign="top">'.$lt{$item}.':<br />'. + '<textarea name="wafproxy_'.$item.'" rows="3" cols="80">'. + $values{$dom}{$item}.'</textarea>'. + '</td></tr>'."\n"; + } + $datatable .= '<tr><td><hr /></td></tr>'."\n". + '<tr>'. + '<td valign="top">'.$lt{'sslopt'}.':<br /><span class="LC_nobreak">'. + '<label><input type="radio" name="wafproxy_sslopt"'.$alltossl.' value="1" />'. + $lt{'alltossl'}.'</label>'.(' 'x2). + '<label><input type="radio" name="wafproxy_sslopt"'.$ssltossl.' value="0" />'. + $lt{'ssltossl'}.'</label></span></td></tr>'."\n". + '</table></td></tr>'; + } + if (keys(%otherdoms)) { + foreach my $domain (sort(keys(%otherdoms))) { + $itemcount ++; + $css_class = $itemcount%2 ? ' class="LC_odd_row"' : ''; + $datatable .= '<tr'.$css_class.'>'. + '<td class="LC_left_item">'.&mt('Domain: [_1]','<b>'.$domain.'</b>').'</td>'. + '<td class="LC_left_item"><table>'; + foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') { + my $showval = &mt('None'); + if ($item eq 'ssl') { + $showval = $lt{'ssltossl'}; + } + if ($values{$domain}{$item}) { + $showval = $values{$domain}{$item}; + if ($item eq 'ssl') { + $showval = $lt{'alltossl'}; + } elsif ($item eq 'remoteip') { + $showval = $ip_methods{$values{$domain}{$item}}; + } + } + $datatable .= '<tr>'. + '<td>'.$lt{$item}.': '.$showval.'</td></tr>'; + } + $datatable .= '</table></td></tr>'; + } + } + } + $$rowtotal += $itemcount; + return $datatable; +} + +sub wafproxy_titles { + return &Apache::lonlocal::texthash( + remoteip => "Method for determining user's IP", + ipheader => 'Request header containing remote IP', + trusted => 'Trusted IP range(s)', + vpnaccess => 'Access from institutional VPN', + vpndirect => 'via regular hostname (no WAF)', + vpnaliased => 'via aliased hostname (WAF)', + vpnint => 'Internal IP Range(s) for VPN sessions', + vpnext => 'IP Range(s) for backend WAF connections', + sslopt => 'Forwarding http/https', + alltossl => 'WAF forwards both http and https requests to https', + ssltossl => 'WAF forwards http requests to http and https to https', + ); +} + +sub remoteip_methods { + return &Apache::lonlocal::texthash( + m => 'Use Apache mod_remoteip', + h => 'Use headers parsed by LON-CAPA', + n => 'Not in use', + ); +} + sub print_usersessions { my ($position,$dom,$settings,$rowtotal) = @_; my ($css_class,$datatable,%checked,%choices); @@ -4599,13 +6680,18 @@ sub print_usersessions { if ($position eq 'top') { if (keys(%serverhomes) > 1) { my %spareid = ¤t_offloads_to($dom,$settings,\%servers); - my $curroffloadnow; + my ($curroffloadnow,$curroffloadoth); if (ref($settings) eq 'HASH') { if (ref($settings->{'offloadnow'}) eq 'HASH') { $curroffloadnow = $settings->{'offloadnow'}; } + if (ref($settings->{'offloadoth'}) eq 'HASH') { + $curroffloadoth = $settings->{'offloadoth'}; + } } - $datatable .= &spares_row($dom,\%servers,\%spareid,\%serverhomes,\%altids,$curroffloadnow,$rowtotal); + my $other_insts = scalar(keys(%by_location)); + $datatable .= &spares_row($dom,\%servers,\%spareid,\%serverhomes,\%altids, + $other_insts,$curroffloadnow,$curroffloadoth,$rowtotal); } else { $datatable .= '<tr'.$css_class.'><td colspan="2">'. &mt('Nothing to set here, as the cluster to which this domain belongs only contains one server.'); @@ -4855,7 +6941,8 @@ sub current_offloads_to { } sub spares_row { - my ($dom,$servers,$spareid,$serverhomes,$altids,$curroffloadnow,$rowtotal) = @_; + my ($dom,$servers,$spareid,$serverhomes,$altids,$other_insts, + $curroffloadnow,$curroffloadoth,$rowtotal) = @_; my $css_class; my $numinrow = 4; my $itemcount = 1; @@ -4875,12 +6962,17 @@ sub spares_row { } } next unless (ref($spareid->{$server}) eq 'HASH'); - my $checkednow; + my ($checkednow,$checkedoth); if (ref($curroffloadnow) eq 'HASH') { if ($curroffloadnow->{$server}) { $checkednow = ' checked="checked"'; } } + if (ref($curroffloadoth) eq 'HASH') { + if ($curroffloadoth->{$server}) { + $checkedoth = ' checked="checked"'; + } + } $css_class = $itemcount%2 ? ' class="LC_odd_row"' : ''; $datatable .= '<tr'.$css_class.'> <td rowspan="2"> @@ -4889,8 +6981,15 @@ sub spares_row { ,'<b>'.$server.'</b>').'</span><br />'. '<span class="LC_nobreak">'."\n". '<label><input type="checkbox" name="offloadnow" value="'.$server.'"'.$checkednow.' />'. - ' '.&mt('Switch active users on next access').'</label></span>'. + ' '.&mt('Switch any active user on next access').'</label></span>'. + "\n"; + if ($other_insts) { + $datatable .= '<br />'. + '<span class="LC_nobreak">'."\n". + '<label><input type="checkbox" name="offloadoth" value="'.$server.'"'.$checkedoth.' />'. + ' '.&mt('Switch other institutions on next access').'</label></span>'. "\n"; + } my (%current,%canselect); my @choices = &possible_newspares($server,$spareid->{$server},$serverhomes,$altids); @@ -5014,13 +7113,13 @@ sub print_loadbalancing { my $numinrow = 1; my $datatable; my %servers = &Apache::lonnet::internet_dom_servers($dom); - my (%currbalancer,%currtargets,%currrules,%existing); + my (%currbalancer,%currtargets,%currrules,%existing,%currcookies); if (ref($settings) eq 'HASH') { %existing = %{$settings}; } if ((keys(%servers) > 1) || (keys(%existing) > 0)) { &get_loadbalancers_config(\%servers,\%existing,\%currbalancer, - \%currtargets,\%currrules); + \%currtargets,\%currrules,\%currcookies); } else { return; } @@ -5097,6 +7196,9 @@ sub print_loadbalancing { my %hostherechecked = ( no => ' checked="checked"', ); + my %balcookiechecked = ( + no => ' checked="checked"', + ); foreach my $sparetype (@sparestypes) { my $targettable; for (my $i=0; $i<$numspares; $i++) { @@ -5152,6 +7254,11 @@ sub print_loadbalancing { } } } + if ($currcookies{$lonhost}) { + %balcookiechecked = ( + yes => ' checked="checked"', + ); + } $datatable .= &mt('Hosting on balancer itself').'<br />'. '<label><input type="radio" name="loadbalancing_target_'.$balnum.'_hosthere" value="no"'. $hostherechecked{'no'}.' />'.&mt('No').'</label><br />'; @@ -5160,7 +7267,12 @@ sub print_loadbalancing { 'value="'.$sparetype.'"'.$hostherechecked{$sparetype}.' /><i>'.$typetitles{$sparetype}. '</i></label><br />'; } - $datatable .= '</div></td></tr>'. + $datatable .= &mt('Use balancer cookie').'<br />'. + '<label><input type="radio" name="loadbalancing_cookie_'.$balnum.'" value="1"'. + $balcookiechecked{'yes'}.' />'.&mt('Yes').'</label><br />'. + '<label><input type="radio" name="loadbalancing_cookie_'.$balnum.'" value="0"'. + $balcookiechecked{'no'}.' />'.&mt('No').'</label><br />'. + '</div></td></tr>'. &loadbalancing_rules($dom,$intdom,$currrules{$lonhost}, $othertitle,$usertypes,$types,\%servers, \%currbalancer,$lonhost, @@ -5174,10 +7286,11 @@ sub print_loadbalancing { } sub get_loadbalancers_config { - my ($servers,$existing,$currbalancer,$currtargets,$currrules) = @_; + my ($servers,$existing,$currbalancer,$currtargets,$currrules,$currcookies) = @_; return unless ((ref($servers) eq 'HASH') && (ref($existing) eq 'HASH') && (ref($currbalancer) eq 'HASH') && - (ref($currtargets) eq 'HASH') && (ref($currrules) eq 'HASH')); + (ref($currtargets) eq 'HASH') && (ref($currrules) eq 'HASH') && + (ref($currcookies) eq 'HASH')); if (keys(%{$existing}) > 0) { my $oldlonhost; foreach my $key (sort(keys(%{$existing}))) { @@ -5196,6 +7309,9 @@ sub get_loadbalancers_config { $currbalancer->{$key} = 1; $currtargets->{$key} = $existing->{$key}{'targets'}; $currrules->{$key} = $existing->{$key}{'rules'}; + if ($existing->{$key}{'cookie'}) { + $currcookies->{$key} = 1; + } } } } else { @@ -5391,6 +7507,11 @@ sub contact_titles { 'requestsmail' => 'E-mail from course requests requiring approval', 'updatesmail' => 'E-mail from nightly check of LON-CAPA module integrity/updates', 'idconflictsmail' => 'E-mail from bi-nightly check for multiple users sharing same student/employee ID', + 'hostipmail' => 'E-mail from nightly check of hostname/IP network changes', + 'errorthreshold' => 'Error count threshold for status e-mail to admin(s)', + 'errorsysmail' => 'Error count threshold for e-mail to developer group', + 'errorweights' => 'Weights used to compute error count', + 'errorexcluded' => 'Servers with unsent updates excluded from count', ); my %short_titles = &Apache::lonlocal::texthash ( adminemail => 'Admin E-mail address', @@ -5433,6 +7554,7 @@ sub tool_titles { blog => 'Blog', webdav => 'WebDAV', portfolio => 'Portfolio', + timezone => 'Can set time zone', official => 'Official courses (with institutional codes)', unofficial => 'Unofficial courses', community => 'Communities', @@ -5611,7 +7733,8 @@ sub print_usercreation { sub print_selfcreation { my ($position,$dom,$settings,$rowtotal) = @_; - my (@selfcreate,$createsettings,$processing,$datatable); + my (@selfcreate,$createsettings,$processing,$emailoptions,$emailverified, + $emaildomain,$datatable); if (ref($settings) eq 'HASH') { if (ref($settings->{'cancreate'}) eq 'HASH') { $createsettings = $settings->{'cancreate'}; @@ -5628,6 +7751,15 @@ sub print_selfcreation { if (ref($createsettings->{'selfcreateprocessing'}) eq 'HASH') { $processing = $createsettings->{'selfcreateprocessing'}; } + if (ref($createsettings->{'emailoptions'}) eq 'HASH') { + $emailoptions = $createsettings->{'emailoptions'}; + } + if (ref($createsettings->{'emailverified'}) eq 'HASH') { + $emailverified = $createsettings->{'emailverified'}; + } + if (ref($createsettings->{'emaildomain'}) eq 'HASH') { + $emaildomain = $createsettings->{'emaildomain'}; + } } } } @@ -5649,7 +7781,7 @@ sub print_selfcreation { ($datatable,$itemcount) = &radiobutton_prefs(\%radiohash,\@toggles,\%defaultchecked, \%choices,$itemcount,$onclick); $$rowtotal += $itemcount; - + if (ref($usertypes) eq 'HASH') { if (keys(%{$usertypes}) > 0) { $datatable .= &insttypes_row($createsettings,$types,$usertypes, @@ -5667,7 +7799,7 @@ sub print_selfcreation { $datatable .= '<tr'.$css_class.'>'. '<td class="LC_left_item">'.&mt('Mapping of Shibboleth environment variable names to user data fields (SSO auth)').'</td>'. '<td class="LC_left_item">'."\n". - '<table><tr><td>'."\n"; + '<table>'."\n"; for (my $i=0; $i<@fields; $i++) { $rem = $i%($numperrow); if ($rem == 0) { @@ -5718,139 +7850,411 @@ sub print_selfcreation { } } else { my %choices = &Apache::lonlocal::texthash ( - cancreate_email => 'E-mail address as username', + 'cancreate_email' => 'Non-institutional username (via e-mail verification)', ); my @toggles = sort(keys(%choices)); my %defaultchecked = ( 'cancreate_email' => 'off', ); - my $itemcount = 0; + my $customclass = 'LC_selfcreate_email'; + my $classprefix = 'LC_canmodify_emailusername_'; + my $optionsprefix = 'LC_options_emailusername_'; my $display = 'none'; + my $rowstyle = 'display:none'; if (grep(/^\Qemail\E$/,@selfcreate)) { $display = 'block'; + $rowstyle = 'display:table-row'; } - my $onclick = "toggleDisplay(this.form,'emailoptions');"; - my $additional = '<div id="emailoptions" style="display: '.$display.'">'; + my $onclick = "toggleRows(this.form,'cancreate_email','selfassign','$customclass','$classprefix','$optionsprefix');"; + ($datatable,$$rowtotal) = &radiobutton_prefs(\%radiohash,\@toggles,\%defaultchecked, + \%choices,$$rowtotal,$onclick); + $datatable .= &print_requestmail($dom,'selfcreation',$createsettings,$rowtotal,$customclass, + $rowstyle); + $$rowtotal ++; + $datatable .= &captcha_choice('cancreate',$createsettings,$$rowtotal,$customclass, + $rowstyle); + $$rowtotal ++; + my (@ordered,@posstypes,%usertypeshash); my %domdefaults = &Apache::lonnet::get_domain_defaults($dom); - if (ref($domdefaults{'inststatusguest'}) eq 'ARRAY') { - $order = $domdefaults{'inststatusguest'}; + my ($emailrules,$emailruleorder) = + &Apache::lonnet::inst_userrules($dom,'email'); + my $primary_id = &Apache::lonnet::domain($dom,'primary'); + my $intdom = &Apache::lonnet::internet_dom($primary_id); + if (ref($types) eq 'ARRAY') { + @posstypes = @{$types}; } - my (@ordered,%usertypeshash); - if (ref($order) eq 'ARRAY') { - @ordered = @{$order}; - } - if (@ordered) { - unless (grep(/^default$/,@ordered)) { - push(@ordered,'default'); + if (@posstypes) { + unless (grep(/^default$/,@posstypes)) { + push(@posstypes,'default'); } if (ref($usertypes) eq 'HASH') { %usertypeshash = %{$usertypes}; } + my $currassign; + if (ref($domdefaults{'inststatusguest'}) eq 'ARRAY') { + $currassign = { + selfassign => $domdefaults{'inststatusguest'}, + }; + @ordered = @{$domdefaults{'inststatusguest'}}; + } else { + $currassign = { selfassign => [] }; + } + my $onclicktypes = "toggleDataRow(this.form,'selfassign','$customclass','$optionsprefix',);". + "toggleDataRow(this.form,'selfassign','$customclass','$classprefix',1);"; + $datatable .= &insttypes_row($currassign,$types,$usertypes,$dom, + $numinrow,$othertitle,'selfassign', + $rowtotal,$onclicktypes,$customclass, + $rowstyle); + $$rowtotal ++; $usertypeshash{'default'} = $othertitle; - $additional .= '<table><tr>'; - foreach my $status (@ordered) { - $additional .= '<th>'.$usertypeshash{$status}.'</th>'; - } - $additional .= '</tr><tr>'; - foreach my $status (@ordered) { - $additional .= '<td>'.&email_as_username($rowtotal,$processing,$status).'</td>'; + foreach my $status (@posstypes) { + my $css_class; + if ($$rowtotal%2) { + $css_class = 'LC_odd_row '; + } + $css_class .= $customclass; + my $rowid = $optionsprefix.$status; + my $hidden = 1; + my $currstyle = 'display:none'; + if (grep(/^\Q$status\E$/,@ordered)) { + $currstyle = $rowstyle; + $hidden = 0; + } + $datatable .= &noninst_users($processing,$emailverified,$emailoptions,$emaildomain, + $emailrules,$emailruleorder,$settings,$status,$rowid, + $usertypeshash{$status},$css_class,$currstyle,$intdom); + unless ($hidden) { + $$rowtotal ++; + } } - $additional .= '</tr></table>'; } else { + my $css_class; + if ($$rowtotal%2) { + $css_class = 'LC_odd_row '; + } + $css_class .= $customclass; $usertypeshash{'default'} = $othertitle; - $additional .= &email_as_username($rowtotal,$processing); + $datatable .= &noninst_users($processing,$emailverified,$emailoptions,$emaildomain, + $emailrules,$emailruleorder,$settings,'default','', + $othertitle,$css_class,$rowstyle,$intdom); + $$rowtotal ++; } - $additional .= '</div>'."\n"; - - ($datatable,$itemcount) = &radiobutton_prefs(\%radiohash,\@toggles,\%defaultchecked, - \%choices,$$rowtotal,$onclick,$additional); - $$rowtotal ++; - $datatable .= &print_requestmail($dom,'selfcreation',$createsettings,$rowtotal); - $$rowtotal ++; my ($infofields,$infotitles) = &Apache::loncommon::emailusername_info(); $numinrow = 1; - foreach my $status (@ordered) { - $datatable .= &modifiable_userdata_row('cancreate','emailusername_'.$status,$settings, - $numinrow,$$rowtotal,\%usertypeshash,$infofields,$infotitles); - $$rowtotal ++; - } - my ($emailrules,$emailruleorder) = - &Apache::lonnet::inst_userrules($dom,'email'); - if (ref($emailrules) eq 'HASH') { - if (keys(%{$emailrules}) > 0) { - $datatable .= &user_formats_row('email',$settings,$emailrules, - $emailruleorder,$numinrow,$$rowtotal); - $$rowtotal ++; + if (@posstypes) { + foreach my $status (@posstypes) { + my $rowid = $classprefix.$status; + my $datarowstyle = 'display:none'; + if (grep(/^\Q$status\E$/,@ordered)) { + $datarowstyle = $rowstyle; + } + $datatable .= &modifiable_userdata_row('cancreate','emailusername_'.$status,$settings, + $numinrow,$$rowtotal,\%usertypeshash,$infofields, + $infotitles,$rowid,$customclass,$datarowstyle); + unless ($datarowstyle eq 'display:none') { + $$rowtotal ++; + } } + } else { + $datatable .= &modifiable_userdata_row('cancreate','emailusername_default',$settings, + $numinrow,$$rowtotal,\%usertypeshash,$infofields, + $infotitles,'',$customclass,$rowstyle); } - $datatable .= &captcha_choice('cancreate',$createsettings,$$rowtotal); } return $datatable; } -sub email_as_username { - my ($rowtotal,$processing,$type) = @_; - my %choices = - &Apache::lonlocal::texthash ( - automatic => 'Automatic approval', - approval => 'Queued for approval', - ); - my $output; - foreach my $option ('automatic','approval') { - my $checked; - if (ref($processing) eq 'HASH') { - if ($type eq '') { - if (!exists($processing->{'default'})) { - if ($option eq 'automatic') { - $checked = ' checked="checked"'; +sub selfcreate_javascript { + return <<"ENDSCRIPT"; + +<script type="text/javascript"> +// <![CDATA[ + +function toggleRows(form,radio,checkbox,target,prefix,altprefix) { + var x = document.getElementsByClassName(target); + var insttypes = 0; + var insttypeRegExp = new RegExp(prefix); + if ((x.length != undefined) && (x.length > 0)) { + if (form.elements[radio].length != undefined) { + for (var i=0; i<form.elements[radio].length; i++) { + if (form.elements[radio][i].checked) { + if (form.elements[radio][i].value == 1) { + for (var j=0; j<x.length; j++) { + if (x[j].id == 'undefined') { + x[j].style.display = 'table-row'; + } else if (insttypeRegExp.test(x[j].id)) { + insttypes ++; + } else { + x[j].style.display = 'table-row'; + } + } + } else { + for (var j=0; j<x.length; j++) { + x[j].style.display = 'none'; + } + } + break; + } + } + if (insttypes > 0) { + toggleDataRow(form,checkbox,target,altprefix); + toggleDataRow(form,checkbox,target,prefix,1); + } + } + } + return; +} + +function toggleDataRow(form,checkbox,target,prefix,docount) { + if (form.elements[checkbox].length != undefined) { + var count = 0; + if (docount) { + for (var i=0; i<form.elements[checkbox].length; i++) { + if (form.elements[checkbox][i].checked) { + count ++; + } + } + } + for (var i=0; i<form.elements[checkbox].length; i++) { + var type = form.elements[checkbox][i].value; + if (document.getElementById(prefix+type)) { + if (form.elements[checkbox][i].checked) { + document.getElementById(prefix+type).style.display = 'table-row'; + if (count % 2 == 1) { + document.getElementById(prefix+type).className = target+' LC_odd_row'; + } else { + document.getElementById(prefix+type).className = target; } + count ++; } else { - if ($processing->{'default'} eq $option) { - $checked = ' checked="checked"'; + document.getElementById(prefix+type).style.display = 'none'; + } + } + } + } + return; +} + +function toggleEmailOptions(form,radio,prefix,altprefix,status) { + var caller = radio+'_'+status; + if (form.elements[caller].length != undefined) { + for (var i=0; i<form.elements[caller].length; i++) { + if (form.elements[caller][i].checked) { + if (document.getElementById(altprefix+'_inst_'+status)) { + var curr = form.elements[caller][i].value; + if (prefix) { + document.getElementById(prefix+'_'+status).style.display = 'none'; + } + document.getElementById(altprefix+'_inst_'+status).style.display = 'none'; + document.getElementById(altprefix+'_noninst_'+status).style.display = 'none'; + if (curr == 'custom') { + if (prefix) { + document.getElementById(prefix+'_'+status).style.display = 'inline'; + } + } else if (curr == 'inst') { + document.getElementById(altprefix+'_inst_'+status).style.display = 'inline'; + } else if (curr == 'noninst') { + document.getElementById(altprefix+'_noninst_'+status).style.display = 'inline'; } + break; } - } else { - if (!exists($processing->{$type})) { - if ($option eq 'automatic') { - $checked = ' checked="checked"'; + } + } + } +} + +// ]]> +</script> + +ENDSCRIPT +} + +sub noninst_users { + my ($processing,$emailverified,$emailoptions,$emaildomain,$emailrules, + $emailruleorder,$settings,$type,$rowid,$typetitle,$css_class,$rowstyle,$intdom) = @_; + my $class = 'LC_left_item'; + if ($css_class) { + $css_class = ' class="'.$css_class.'"'; + } + if ($rowid) { + $rowid = ' id="'.$rowid.'"'; + } + if ($rowstyle) { + $rowstyle = ' style="'.$rowstyle.'"'; + } + my ($output,$description); + if ($type eq 'default') { + $description = &mt('Requests for: [_1]',$typetitle); + } else { + $description = &mt('Requests for: [_1] (status self-reported)',$typetitle); + } + $output = '<tr'.$css_class.$rowid.$rowstyle.'>'. + "<td>$description</td>\n". + '<td class="'.$class.'" colspan="2">'. + '<table><tr>'; + my %headers = &Apache::lonlocal::texthash( + approve => 'Processing', + email => 'E-mail', + username => 'Username', + ); + foreach my $item ('approve','email','username') { + $output .= '<th>'.$headers{$item}.'</th>'; + } + $output .= '</tr><tr>'; + foreach my $item ('approve','email','username') { + $output .= '<td valign="top">'; + my (%choices,@options,$hashref,$defoption,$name,$onclick,$hascustom); + if ($item eq 'approve') { + %choices = &Apache::lonlocal::texthash ( + automatic => 'Automatically approved', + approval => 'Queued for approval', + ); + @options = ('automatic','approval'); + $hashref = $processing; + $defoption = 'automatic'; + $name = 'cancreate_emailprocess_'.$type; + } elsif ($item eq 'email') { + %choices = &Apache::lonlocal::texthash ( + any => 'Any e-mail', + inst => 'Institutional only', + noninst => 'Non-institutional only', + custom => 'Custom restrictions', + ); + @options = ('any','inst','noninst'); + my $showcustom; + if (ref($emailrules) eq 'HASH') { + if (keys(%{$emailrules}) > 0) { + push(@options,'custom'); + $showcustom = 'cancreate_emailrule'; + if (ref($settings) eq 'HASH') { + if (ref($settings->{'email_rule'}) eq 'ARRAY') { + foreach my $rule (@{$settings->{'email_rule'}}) { + if (exists($emailrules->{$rule})) { + $hascustom ++; + } + } + } elsif (ref($settings->{'email_rule'}) eq 'HASH') { + if (ref($settings->{'email_rule'}{$type}) eq 'ARRAY') { + foreach my $rule (@{$settings->{'email_rule'}{$type}}) { + if (exists($emailrules->{$rule})) { + $hascustom ++; + } + } + } + } + } + } + } + $onclick = ' onclick="toggleEmailOptions(this.form,'."'cancreate_emailoptions','$showcustom',". + "'cancreate_emaildomain','$type'".');"'; + $hashref = $emailoptions; + $defoption = 'any'; + $name = 'cancreate_emailoptions_'.$type; + } elsif ($item eq 'username') { + %choices = &Apache::lonlocal::texthash ( + all => 'Same as e-mail', + first => 'Omit @domain', + free => 'Free to choose', + ); + @options = ('all','first','free'); + $hashref = $emailverified; + $defoption = 'all'; + $name = 'cancreate_usernameoptions_'.$type; + } + foreach my $option (@options) { + my $checked; + if (ref($hashref) eq 'HASH') { + if ($type eq '') { + if (!exists($hashref->{'default'})) { + if ($option eq $defoption) { + $checked = ' checked="checked"'; + } + } else { + if ($hashref->{'default'} eq $option) { + $checked = ' checked="checked"'; + } } } else { - if ($processing->{$type} eq $option) { - $checked = ' checked="checked"'; + if (!exists($hashref->{$type})) { + if ($option eq $defoption) { + $checked = ' checked="checked"'; + } + } else { + if ($hashref->{$type} eq $option) { + $checked = ' checked="checked"'; + } } } + } elsif (($item eq 'email') && ($hascustom)) { + if ($option eq 'custom') { + $checked = ' checked="checked"'; + } + } elsif ($option eq $defoption) { + $checked = ' checked="checked"'; + } + $output .= '<span class="LC_nobreak"><label>'. + '<input type="radio" name="'.$name.'"'. + $checked.' value="'.$option.'"'.$onclick.' />'. + $choices{$option}.'</label></span><br />'; + if ($item eq 'email') { + if ($option eq 'custom') { + my $id = 'cancreate_emailrule_'.$type; + my $display = 'none'; + if ($checked) { + $display = 'inline'; + } + my $numinrow = 2; + $output .= '<fieldset id="'.$id.'" style="display:'.$display.';">'. + '<legend>'.&mt('Disallow').'</legend><table>'. + &user_formats_row('email',$settings,$emailrules, + $emailruleorder,$numinrow,'',$type); + '</table></fieldset>'; + } elsif (($option eq 'inst') || ($option eq 'noninst')) { + my %text = &Apache::lonlocal::texthash ( + inst => 'must end:', + noninst => 'cannot end:', + ); + my $value; + if (ref($emaildomain) eq 'HASH') { + if (ref($emaildomain->{$type}) eq 'HASH') { + $value = $emaildomain->{$type}->{$option}; + } + } + if ($value eq '') { + $value = '@'.$intdom; + } + my $condition = 'cancreate_emaildomain_'.$option.'_'.$type; + my $display = 'none'; + if ($checked) { + $display = 'inline'; + } + $output .= '<div id="'.$condition.'" style="display:'.$display.';">'. + '<span class="LC_domprefs_email">'.$text{$option}.'</span> '. + '<input type="text" name="'.$condition.'" value="'.$value.'" size="10" />'. + '</div>'; + } } - } elsif ($option eq 'automatic') { - $checked = ' checked="checked"'; - } - my $name = 'cancreate_emailprocess'; - if (($type ne '') && ($type ne 'default')) { - $name .= '_'.$type; - } - $output .= '<span class="LC_nobreak"><label>'. - '<input type="radio" name="'.$name.'"'. - $checked.' value="'.$option.'" />'. - $choices{$option}.'</label></span>'; - if ($type eq '') { - $output .= ' '; - } else { - $output .= '<br />'; } + $output .= '</td>'."\n"; } - $$rowtotal ++; + $output .= "</tr></table></td></tr>\n"; return $output; } sub captcha_choice { - my ($context,$settings,$itemcount) = @_; + my ($context,$settings,$itemcount,$customcss,$rowstyle) = @_; my ($keyentry,$currpub,$currpriv,%checked,$rowname,$pubtext,$privtext, $vertext,$currver); my %lt = &captcha_phrases(); $keyentry = 'hidden'; + my $colspan=2; if ($context eq 'cancreate') { $rowname = &mt('CAPTCHA validation'); } elsif ($context eq 'login') { $rowname = &mt('"Contact helpdesk" CAPTCHA validation'); + } elsif ($context eq 'passwords') { + $rowname = &mt('"Forgot Password" CAPTCHA validation'); + $colspan=1; } if (ref($settings) eq 'HASH') { if ($settings->{'captcha'}) { @@ -5875,9 +8279,22 @@ sub captcha_choice { } else { $checked{'original'} = ' checked="checked"'; } - my $css_class = $itemcount%2?' class="LC_odd_row"':''; + my $css_class; + if ($itemcount%2) { + $css_class = 'LC_odd_row'; + } + if ($customcss) { + $css_class .= " $customcss"; + } + $css_class =~ s/^\s+//; + if ($css_class) { + $css_class = ' class="'.$css_class.'"'; + } + if ($rowstyle) { + $css_class .= ' style="'.$rowstyle.'"'; + } my $output = '<tr'.$css_class.'>'. - '<td class="LC_left_item">'.$rowname.'</td><td class="LC_left_item" colspan="2">'."\n". + '<td class="LC_left_item">'.$rowname.'</td><td class="LC_left_item" colspan="'.$colspan.'">'."\n". '<table><tr><td>'."\n"; foreach my $option ('original','recaptcha','notused') { $output .= '<span class="LC_nobreak"><label><input type="radio" name="'.$context.'_captcha" value="'. @@ -5894,7 +8311,7 @@ sub captcha_choice { # specified for use with the key should be broad enough to accommodate all servers in the LON-CAPA domain. # $output .= '</td></tr>'."\n". - '<tr><td>'."\n". + '<tr><td class="LC_zero_height">'."\n". '<span class="LC_nobreak"><span id="'.$context.'_recaptchapubtxt">'.$pubtext.'</span> '."\n". '<input type="'.$keyentry.'" id="'.$context.'_recaptchapub" name="'.$context.'_recaptchapub" value="'. $currpub.'" size="40" /></span><br />'."\n". @@ -5910,23 +8327,19 @@ sub captcha_choice { } sub user_formats_row { - my ($type,$settings,$rules,$ruleorder,$numinrow,$rowcount) = @_; + my ($type,$settings,$rules,$ruleorder,$numinrow,$rowcount,$status) = @_; my $output; my %text = ( 'username' => 'new usernames', 'id' => 'IDs', - 'email' => 'self-created accounts (e-mail)', ); - my $css_class = $rowcount%2?' class="LC_odd_row"':''; - $output = '<tr '.$css_class.'>'. - '<td><span class="LC_nobreak">'; - if ($type eq 'email') { - $output .= &mt("Formats disallowed for $text{$type}: "); - } else { - $output .= &mt("Format rules to check for $text{$type}: "); + unless (($type eq 'email') || ($type eq 'unamemap')) { + my $css_class = $rowcount%2?' class="LC_odd_row"':''; + $output = '<tr '.$css_class.'>'. + '<td><span class="LC_nobreak">'. + &mt("Format rules to check for $text{$type}: "). + '</td><td class="LC_left_item" colspan="2"><table>'; } - $output .= '</span></td>'. - '<td class="LC_left_item" colspan="2"><table>'; my $rem; if (ref($ruleorder) eq 'ARRAY') { for (my $i=0; $i<@{$ruleorder}; $i++) { @@ -5944,25 +8357,41 @@ sub user_formats_row { if (grep(/^\Q$ruleorder->[$i]\E$/,@{$settings->{$type.'_rule'}})) { $check = ' checked="checked" '; } + } elsif ((ref($settings->{$type.'_rule'}) eq 'HASH') && ($status ne '')) { + if (ref($settings->{$type.'_rule'}->{$status}) eq 'ARRAY') { + if (grep(/^\Q$ruleorder->[$i]\E$/,@{$settings->{$type.'_rule'}->{$status}})) { + $check = ' checked="checked" '; + } + } } } + my $name = $type.'_rule'; + if ($type eq 'email') { + $name .= '_'.$status; + } $output .= '<td class="LC_left_item">'. '<span class="LC_nobreak"><label>'. - '<input type="checkbox" name="'.$type.'_rule" '. + '<input type="checkbox" name="'.$name.'" '. 'value="'.$ruleorder->[$i].'"'.$check.'/>'. $rules->{$ruleorder->[$i]}{'name'}.'</label></span></td>'; } } $rem = @{$ruleorder}%($numinrow); } - my $colsleft = $numinrow - $rem; + my $colsleft; + if ($rem) { + $colsleft = $numinrow - $rem; + } if ($colsleft > 1 ) { $output .= '<td colspan="'.$colsleft.'" class="LC_left_item">'. ' </td>'; } elsif ($colsleft == 1) { $output .= '<td class="LC_left_item"> </td>'; } - $output .= '</tr></table></td></tr>'; + $output .= '</tr>'; + unless (($type eq 'email') || ($type eq 'unamemap')) { + $output .= '</table></td></tr>'; + } return $output; } @@ -6091,110 +8520,42 @@ sub print_defaults { } elsif ($item eq 'lang_def') { my $includeempty = 1; $datatable .= &Apache::loncommon::select_language($item,$defaults{$item},$includeempty); - } else { - my $size; - if ($item eq 'portal_def') { - $size = ' size="25"'; - } + } elsif ($item eq 'portal_def') { $datatable .= '<input type="text" name="'.$item.'" value="'. - $defaults{$item}.'"'.$size.' />'; - } - $datatable .= '</td></tr>'; - $rownum ++; - } - } elsif ($position eq 'middle') { - my @items = ('intauth_cost','intauth_check','intauth_switch'); - my %defaults; - if (ref($settings) eq 'HASH') { - %defaults = %{$settings}; - if ($defaults{'intauth_cost'} !~ /^\d+$/) { - $defaults{'intauth_cost'} = 10; - } - if ($defaults{'intauth_check'} !~ /^(0|1|2)$/) { - $defaults{'intauth_check'} = 0; - } - if ($defaults{'intauth_switch'} !~ /^(0|1|2)$/) { - $defaults{'intauth_switch'} = 0; - } - } else { - %defaults = ( - 'intauth_cost' => 10, - 'intauth_check' => 0, - 'intauth_switch' => 0, - ); - } - foreach my $item (@items) { - if ($rownum%2) { - $css_class = ''; - } else { - $css_class = ' class="LC_odd_row" '; - } - $datatable .= '<tr'.$css_class.'>'. - '<td><span class="LC_nobreak">'.$titles->{$item}. - '</span></td><td class="LC_left_item" colspan="3">'; - if ($item eq 'intauth_switch') { - my @options = (0,1,2); - my %optiondesc = &Apache::lonlocal::texthash ( - 0 => 'No', - 1 => 'Yes', - 2 => 'Yes, and copy existing passwd file to passwd.bak file', - ); - $datatable .= '<table width="100%">'; - foreach my $option (@options) { - my $checked = ' '; - if ($defaults{$item} eq $option) { - $checked = ' checked="checked"'; - } - $datatable .= '<tr><td class="LC_left_item"><span class="LC_nobreak">'. - '<label><input type="radio" name="'.$item. - '" value="'.$option.'"'.$checked.' />'. - $optiondesc{$option}.'</label></span></td></tr>'; - } - $datatable .= '</table>'; - } elsif ($item eq 'intauth_check') { - my @options = (0,1,2); - my %optiondesc = &Apache::lonlocal::texthash ( - 0 => 'No', - 1 => 'Yes, allow login then update passwd file using default cost (if higher)', - 2 => 'Yes, disallow login if stored cost is less than domain default', - ); - $datatable .= '<table wisth="100%">'; - foreach my $option (@options) { - my $checked = ' '; - my $onclick; - if ($defaults{$item} eq $option) { - $checked = ' checked="checked"'; - } - if ($option == 2) { - $onclick = ' onclick="javascript:warnIntAuth(this);"'; + $defaults{$item}.'" size="25" onkeyup="portalExtras(this);" />'; + my $portalsty = 'none'; + if ($defaults{$item}) { + $portalsty = 'block'; + } + foreach my $field ('email','web') { + my $checkedoff = ' checked="checked"'; + my $checkedon; + if ($defaults{$item.'_'.$field}) { + $checkedon = $checkedoff; + $checkedoff = ''; } - $datatable .= '<tr><td class="LC_left_item"><span class="LC_nobreak">'. - '<label><input type="radio" name="'.$item. - '" value="'.$option.'"'.$checked.$onclick.' />'. - $optiondesc{$option}.'</label></span></td></tr>'; + $datatable .= '<div id="'.$item.'_'.$field.'_div" style="display:'.$portalsty.'">'. + '<span class="LC_nobreak">'.$titles->{$field}.' '. + '<label><input type="radio" name="'.$item.'_'.$field.'" value="1"'.$checkedon.'/>'.&mt('Yes').'</label>'. + (' 'x2). + '<label><input type="radio" name="'.$item.'_'.$field.'" value="0"'.$checkedoff.'/>'.&mt('No').'</label>'. + '</div>'; } - $datatable .= '</table>'; } else { - $datatable .= '<input type="text" name="'.$item.'" value="'. - $defaults{$item}.'" size="3" onblur="javascript:warnIntAuth(this);" />'; + $datatable .= '<input type="text" name="'.$item.'" value="'.$defaults{$item}.'" />'; } $datatable .= '</td></tr>'; $rownum ++; } - } else { + } elsif ($position eq 'middle') { my %defaults; if (ref($settings) eq 'HASH') { - if ((ref($settings->{'inststatusorder'}) eq 'ARRAY') && (ref($settings->{'inststatustypes'}) eq 'HASH') && - (ref($settings->{'inststatusguest'}) eq 'ARRAY')) { + if ((ref($settings->{'inststatusorder'}) eq 'ARRAY') && (ref($settings->{'inststatustypes'}) eq 'HASH')) { my $maxnum = @{$settings->{'inststatusorder'}}; for (my $i=0; $i<$maxnum; $i++) { $css_class = $rownum%2?' class="LC_odd_row"':''; my $item = $settings->{'inststatusorder'}->[$i]; my $title = $settings->{'inststatustypes'}->{$item}; - my $guestok; - if (grep(/^\Q$item\E$/,@{$settings->{'inststatusguest'}})) { - $guestok = 1; - } my $chgstr = ' onchange="javascript:reorderTypes(this.form,'."'$item'".');"'; $datatable .= '<tr'.$css_class.'>'. '<td><span class="LC_nobreak">'. @@ -6207,23 +8568,12 @@ sub print_defaults { } $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>'; } - my ($checkedon,$checkedoff); - $checkedoff = ' checked="checked"'; - if ($guestok) { - $checkedon = $checkedoff; - $checkedoff = ''; - } $datatable .= '</select> '.&mt('Internal ID:').' <b>'.$item.'</b> '. '<input type="checkbox" name="inststatus_delete" value="'.$item.'" />'. &mt('delete').'</span></td>'. - '<td class="LC_left_item"><span class="LC_nobreak">'.&mt('Name displayed:'). + '<td class="LC_left_item"><span class="LC_nobreak">'.&mt('Name displayed').':'. '<input type="text" size="20" name="inststatus_title_'.$item.'" value="'.$title.'" />'. - '</span></td>'. - '<td class="LC_right_item"><span class="LC_nobreak">'. - '<label><input type="radio" value="1" name="inststatus_guest_'.$item.'"'.$checkedon.' />'. - &mt('Yes').'</label>'.(' 'x2). - '<label><input type="radio" value="0" name="inststatus_guest_'.$item.'"'.$checkedoff.' />'. - &mt('No').'</label></span></td></tr>'; + '</span></td></tr>'; } $css_class = $rownum%2?' class="LC_odd_row"':''; my $chgstr = ' onchange="javascript:reorderTypes(this.form,'."'addinststatus_pos'".');"'; @@ -6241,17 +8591,28 @@ sub print_defaults { '<input type="text" size="10" name="addinststatus" value="" />'. ' '.&mt('(new)'). '</span></td><td class="LC_left_item"><span class="LC_nobreak">'. - &mt('Name displayed:'). + &mt('Name displayed').':'. '<input type="text" size="20" name="addinststatus_title" value="" /></span></td>'. - '<td class="LC_right_item"><span class="LC_nobreak">'. - '<label><input type="radio" value="1" name="addinststatus_guest" />'. - &mt('Yes').'</label>'.(' 'x2). - '<label><input type="radio" value="0" name="addinststatus_guest" />'. - &mt('No').'</label></span></td></tr>'; '</tr>'."\n"; $rownum ++; } } + } else { + my ($unamemaprules,$ruleorder) = + &Apache::lonnet::inst_userrules($dom,'unamemap'); + $css_class = $rownum%2?' class="LC_odd_row"':''; + if ((ref($unamemaprules) eq 'HASH') && (ref($ruleorder) eq 'ARRAY')) { + my $numinrow = 2; + $datatable .= '<tr'.$css_class.'><td>'.&mt('Available conversions').'</td><td><table>'. + &user_formats_row('unamemap',$settings,$unamemaprules, + $ruleorder,$numinrow). + '</table></td></tr>'; + } + if ($datatable eq '') { + $datatable .= '<tr'.$css_class.'><td colspan="2">'. + &mt('No rules set for domain in customized localenroll.pm'). + '</td></tr>'; + } } $$rowtotal += $rownum; return $datatable; @@ -6277,6 +8638,8 @@ sub defaults_titles { 'timezone_def' => 'Default timezone', 'datelocale_def' => 'Default locale for dates', 'portal_def' => 'Portal/Default URL', + 'email' => 'Email links use portal URL', + 'web' => 'Public web links use portal URL', 'intauth_cost' => 'Encryption cost for bcrypt (positive integer)', 'intauth_check' => 'Check bcrypt cost if authenticated', 'intauth_switch' => 'Existing crypt-based switched to bcrypt on authentication', @@ -6294,6 +8657,58 @@ sub defaults_titles { return (\%titles); } +sub print_scantron { + my ($r,$position,$dom,$confname,$settings,$rowtotal) = @_; + if ($position eq 'top') { + return &print_scantronformat($r,$dom,$confname,$settings,\$rowtotal); + } else { + return &print_scantronconfig($dom,$settings,\$rowtotal); + } +} + +sub scantron_javascript { + return <<"ENDSCRIPT"; + +<script type="text/javascript"> +// <![CDATA[ + +function toggleScantron(form) { + var csvfieldset = new Array(); + if (document.getElementById('scantroncsv_cols')) { + csvfieldset.push(document.getElementById('scantroncsv_cols')); + } + if (document.getElementById('scantroncsv_options')) { + csvfieldset.push(document.getElementById('scantroncsv_options')); + } + if (csvfieldset.length) { + if (document.getElementById('scantronconfcsv')) { + var scantroncsv = document.getElementById('scantronconfcsv'); + if (scantroncsv.checked) { + for (var i=0; i<csvfieldset.length; i++) { + csvfieldset[i].style.display = 'block'; + } + } else { + for (var i=0; i<csvfieldset.length; i++) { + csvfieldset[i].style.display = 'none'; + } + var csvselects = document.getElementsByClassName('scantronconfig_csv'); + if (csvselects.length) { + for (var j=0; j<csvselects.length; j++) { + csvselects[j].selectedIndex = 0; + } + } + } + } + } + return; +} +// ]]> +</script> + +ENDSCRIPT + +} + sub print_scantronformat { my ($r,$dom,$confname,$settings,$rowtotal) = @_; my $itemcount = 1; @@ -6320,8 +8735,8 @@ sub print_scantronformat { if ($configuserok eq 'ok') { if ($author_ok eq 'ok') { my %legacyfile = ( - default => $Apache::lonnet::perlvar{'lonTabDir'}.'/default_scantronformat.tab', - custom => $Apache::lonnet::perlvar{'lonTabDir'}.'/scantronformat.tab', + default => $Apache::lonnet::perlvar{'lonTabDir'}.'/default_scantronformat.tab', + custom => $Apache::lonnet::perlvar{'lonTabDir'}.'/scantronformat.tab', ); my %md5chk; foreach my $type (keys(%legacyfile)) { @@ -6330,7 +8745,7 @@ sub print_scantronformat { } if ($md5chk{'default'} ne $md5chk{'custom'}) { foreach my $type (keys(%legacyfile)) { - ($scantronurls{$type},my $error) = + ($scantronurls{$type},my $error) = &legacy_scantronformat($r,$dom,$confname, $type,$legacyfile{$type}, $scantronurls{$type}, @@ -6341,13 +8756,13 @@ sub print_scantronformat { } if (keys(%error) == 0) { $is_custom = 1; - $confhash{'scantron'}{'scantronformat'} = + $confhash{'scantron'}{'scantronformat'} = $scantronurls{'custom'}; - my $putresult = + my $putresult = &Apache::lonnet::put_dom('configuration', \%confhash,$dom); if ($putresult ne 'ok') { - $error{'custom'} = + $error{'custom'} = '<span class="LC_error">'. &mt('An error occurred updating the domain configuration: [_1]',$putresult).'</span>'; } @@ -6467,6 +8882,129 @@ sub legacy_scantronformat { return ($url,$error); } +sub print_scantronconfig { + my ($dom,$settings,$rowtotal) = @_; + my $itemcount = 2; + my $is_checked = ' checked="checked"'; + my %optionson = ( + hdr => ' checked="checked"', + pad => ' checked="checked"', + rem => ' checked="checked"', + ); + my %optionsoff = ( + hdr => '', + pad => '', + rem => '', + ); + my $currcsvsty = 'none'; + my ($datatable,%csvfields,%checked,%onclick,%csvoptions); + my @fields = &scantroncsv_fields(); + my %titles = &scantronconfig_titles(); + if (ref($settings) eq 'HASH') { + if (ref($settings->{config}) eq 'HASH') { + if ($settings->{config}->{dat}) { + $checked{'dat'} = $is_checked; + } + if (ref($settings->{config}->{csv}) eq 'HASH') { + if (ref($settings->{config}->{csv}->{fields}) eq 'HASH') { + %csvfields = %{$settings->{config}->{csv}->{fields}}; + if (keys(%csvfields) > 0) { + $checked{'csv'} = $is_checked; + $currcsvsty = 'block'; + } + } + if (ref($settings->{config}->{csv}->{options}) eq 'HASH') { + %csvoptions = %{$settings->{config}->{csv}->{options}}; + foreach my $option (keys(%optionson)) { + unless ($csvoptions{$option}) { + $optionsoff{$option} = $optionson{$option}; + $optionson{$option} = ''; + } + } + } + } + } else { + $checked{'dat'} = $is_checked; + } + } else { + $checked{'dat'} = $is_checked; + } + $onclick{'csv'} = ' onclick="toggleScantron(this.form);"'; + my $css_class = $itemcount%2? ' class="LC_odd_row"':''; + $datatable = '<tr '.$css_class.'><td>'.&mt('Supported formats').'</td>'. + '<td class="LC_left_item" valign="top"><span class="LC_nobreak">'; + foreach my $item ('dat','csv') { + my $id; + if ($item eq 'csv') { + $id = 'id="scantronconfcsv" '; + } + $datatable .= '<label><input type="checkbox" name="scantronconfig" '.$id.'value="'.$item.'"'.$checked{$item}.$onclick{$item}.' />'. + $titles{$item}.'</label>'.(' 'x3); + if ($item eq 'csv') { + $datatable .= '<fieldset style="display:'.$currcsvsty.'" id="scantroncsv_cols">'. + '<legend>'.&mt('CSV Column Mapping').'</legend>'. + '<table><tr><th>'.&mt('Field').'</th><th>'.&mt('Location').'</th></tr>'."\n"; + foreach my $col (@fields) { + my $selnone; + if ($csvfields{$col} eq '') { + $selnone = ' selected="selected"'; + } + $datatable .= '<tr><td>'.$titles{$col}.'</td>'. + '<td><select name="scantronconfig_csv_'.$col.'" class="scantronconfig_csv">'. + '<option value=""'.$selnone.'></option>'; + for (my $i=0; $i<20; $i++) { + my $shown = $i+1; + my $sel; + unless ($selnone) { + if (exists($csvfields{$col})) { + if ($csvfields{$col} == $i) { + $sel = ' selected="selected"'; + } + } + } + $datatable .= '<option value="'.$i.'"'.$sel.'>'.$shown.'</option>'; + } + $datatable .= '</select></td></tr>'; + } + $datatable .= '</table></fieldset>'. + '<fieldset style="display:'.$currcsvsty.'" id="scantroncsv_options">'. + '<legend>'.&mt('CSV Options').'</legend>'; + foreach my $option ('hdr','pad','rem') { + $datatable .= '<span class="LC_nobreak">'.$titles{$option}.':'. + '<label><input type="radio" name="scantroncsv_'.$option.'" value="1"'.$optionson{$option}.' />'. + &mt('Yes').'</label>'.(' 'x2)."\n". + '<label><input type="radio" name="scantroncsv_'.$option.'" value="0"'.$optionsoff{$option}.' />'.&mt('No').'</label></span><br />'; + } + $datatable .= '</fieldset>'; + $itemcount ++; + } + } + $datatable .= '</td></tr>'; + $$rowtotal ++; + return $datatable; +} + +sub scantronconfig_titles { + return &Apache::lonlocal::texthash( + dat => 'Standard format (.dat)', + csv => 'Comma separated values (.csv)', + hdr => 'Remove first line in file (contains column titles)', + pad => 'Prepend 0s to PaperID', + rem => 'Remove leading spaces (except Question Response columns)', + CODE => 'CODE', + ID => 'Student ID', + PaperID => 'Paper ID', + FirstName => 'First Name', + LastName => 'Last Name', + FirstQuestion => 'First Question Response', + Section => 'Section', + ); +} + +sub scantroncsv_fields { + return ('PaperID','LastName','FirstName','ID','Section','CODE','FirstQuestion'); +} + sub print_coursecategories { my ($position,$dom,$hdritem,$settings,$rowtotal) = @_; my $datatable; @@ -6509,7 +9047,7 @@ sub print_coursecategories { '<input type="radio" name="coursecat_'.$item.'" value="'.$type.'"'.$ischecked. ' />'.$lt{$type}.'</label> '; } - $datatable .= '</td></tr>'; + $datatable .= '</span></td></tr>'; $itemcount ++; } $$rowtotal += $itemcount; @@ -6720,7 +9258,7 @@ sub print_coursecategories { $datatable .= &initialize_categories($itemcount); } } else { - $datatable .= '<td class="LC_right_item">'.$hdritem->{'header'}->[1]->{'col2'}.'</td>' + $datatable .= '<tr><td class="LC_right_item">'.$hdritem->{'header'}->[1]->{'col2'}.'</td></tr>' .&initialize_categories($itemcount); } $$rowtotal += $itemcount; @@ -6768,7 +9306,7 @@ sub print_serverstatuses { '<span class="LC_nobreak">'. '<input type="text" name="'.$type.'_machines" '. 'value="'.$machineaccess{$type}.'" size="10" />'. - '</td></tr>'."\n"; + '</span></td></tr>'."\n"; } $$rowtotal += $rownum; return $datatable; @@ -6783,35 +9321,24 @@ sub serverstatus_pages { sub defaults_javascript { my ($settings) = @_; - my $intauthcheck = &mt('Warning: disallowing login for an authenticated user if the stored cost is less than the default will require a password reset by/for the user.'); - my $intauthcost = &mt('Warning: bcrypt encryption cost for internal authentication must be an integer.'); - &js_escape(\$intauthcheck); - &js_escape(\$intauthcost); - my $intauthjs = <<"ENDSCRIPT"; + return unless (ref($settings) eq 'HASH'); + my $portal_js = <<"ENDPORTAL"; -function warnIntAuth(field) { - if (field.name == 'intauth_check') { - if (field.value == '2') { - alert('$intauthcheck'); - } - } - if (field.name == 'intauth_cost') { - field.value.replace(/\s/g,''); - if (field.value != '') { - var regexdigit=/^\\d+\$/; - if (!regexdigit.test(field.value)) { - alert('$intauthcost'); +function portalExtras(caller) { + var x = caller.value; + var y = new Array('email','web'); + for (var i=0; i<y.length; i++) { + if (document.getElementById('portal_def_'+y[i]+'_div')) { + var z = document.getElementById('portal_def_'+y[i]+'_div'); + if (x.length > 0) { + z.style.display = 'block'; + } else { + z.style.display = 'none'; } } } - return; } - -ENDSCRIPT - - if (ref($settings) ne 'HASH') { - return &Apache::lonhtmlcommon::scripttag($intauthjs); - } +ENDPORTAL if ((ref($settings->{'inststatusorder'}) eq 'ARRAY') && (ref($settings->{'inststatustypes'}) eq 'HASH')) { my $maxnum = scalar(@{$settings->{'inststatusorder'}}); if ($maxnum eq '') { @@ -6865,15 +9392,111 @@ $jstext return; } -$intauthjs +$portal_js // ]]> </script> ENDSCRIPT } else { - return &Apache::lonhtmlcommon::scripttag($intauthjs); +return <<"ENDSCRIPT"; +<script type="text/javascript"> +// <![CDATA[ +$portal_js +// ]]> +</script> + +ENDSCRIPT + } +} + +sub passwords_javascript { + my ($prefix) = @_; + my %intalert; + if ($prefix eq 'passwords') { + %intalert = &Apache::lonlocal::texthash ( + authcheck => 'Warning: disallowing login for an authenticated user if the stored cost is less than the default will require a password reset by/for the user.', + authcost => 'Warning: bcrypt encryption cost for internal authentication must be an integer.', + passmin => 'Warning: minimum password length must be a positive integer greater than 6.', + passmax => 'Warning: maximum password length must be a positive integer (or blank).', + passnum => 'Warning: number of previous passwords to save must be a positive integer (or blank).', + ); + } elsif ($prefix eq 'secrets') { + %intalert = &Apache::lonlocal::texthash ( + passmin => 'Warning: minimum secret length must be a positive integer greater than 6.', + passmax => 'Warning: maximum secret length must be a positive integer (or blank).', + ); + } + &js_escape(\%intalert); + my $defmin = $Apache::lonnet::passwdmin; + my $intauthjs; + if ($prefix eq 'passwords') { $intauthjs = <<"ENDSCRIPT"; + +function warnIntAuth(field) { + if (field.name == 'intauth_check') { + if (field.value == '2') { + alert('$intalert{authcheck}'); + } + } + if (field.name == 'intauth_cost') { + field.value.replace(/\s/g,''); + if (field.value != '') { + var regexdigit=/^\\d+\$/; + if (!regexdigit.test(field.value)) { + alert('$intalert{authcost}'); + } + } + } + return; +} + +ENDSCRIPT + + } + + $intauthjs .= <<"ENDSCRIPT"; + +function warnInt$prefix(field) { + field.value.replace(/^\s+/,''); + field.value.replace(/\s+\$/,''); + var regexdigit=/^\\d+\$/; + if (field.name == '${prefix}_min') { + if (field.value == '') { + alert('$intalert{passmin}'); + field.value = '$defmin'; + } else { + if (!regexdigit.test(field.value)) { + alert('$intalert{passmin}'); + field.value = '$defmin'; + } + var minval = parseInt(field.value,10); + if (minval < $defmin) { + alert('$intalert{passmin}'); + field.value = '$defmin'; + } + } + } else { + if (field.value == '0') { + field.value = ''; + } + if (field.value != '') { + if (!regexdigit.test(field.value)) { + if (field.name == '${prefix}_max') { + alert('$intalert{passmax}'); + } else { + if (field.name == '${prefix}_numsaved') { + alert('$intalert{passnum}'); + } + } + field.value = ''; + } + } } + return; +} + +ENDSCRIPT + return &Apache::lonhtmlcommon::scripttag($intauthjs); } sub coursecategories_javascript { @@ -6985,7 +9608,7 @@ ENDSCRIPT sub initialize_categories { my ($itemcount) = @_; my ($datatable,$css_class,$chgstr); - my %default_names = ( + my %default_names = &Apache::lonlocal::texthash ( instcode => 'Official courses (with institutional codes)', communities => 'Communities', ); @@ -6993,7 +9616,7 @@ sub initialize_categories { my $select1 = ''; foreach my $default ('instcode','communities') { $css_class = $itemcount%2?' class="LC_odd_row"':''; - $chgstr = ' onchange="javascript:reorderCats(this.form,'."'',$default"."_pos','0'".');"'; + $chgstr = ' onchange="javascript:reorderCats(this.form,'."'','$default"."_pos','0'".');"'; if ($default eq 'communities') { $select1 = $select0; $select0 = ''; @@ -7018,8 +9641,9 @@ sub initialize_categories { .'<option value="0">1</option>' .'<option value="1">2</option>' .'<option value="2" selected="selected">3</option></select> ' - .&mt('Add category').'</td><td>'.&mt('Name:') - .' <input type="text" size="20" name="addcategory_name" value="" /></td></tr>'; + .&mt('Add category').'</span></td><td><span class="LC_nobreak">'.&mt('Name:') + .' <input type="text" size="20" name="addcategory_name" value="" /></span>' + .'</td></tr>'; return $datatable; } @@ -7074,7 +9698,7 @@ sub build_category_rows { pop(@{$path}); } } else { - $text .= &mt('Add subcategory:').' </span><input type="textbox" size="20" name="addcategory_name_'; + $text .= &mt('Add subcategory:').' </span><input type="text" size="20" name="addcategory_name_'; if ($j == $numchildren) { $text .= $name; } else { @@ -7097,7 +9721,7 @@ sub build_category_rows { my $colspan; if ($parent ne 'instcode') { $colspan = $maxdepth - $depth - 1; - $text .= '<td colspan="'.$colspan.'">'.&mt('Add subcategory:').'<input type="textbox" size="20" name="subcat_'.$name.'" value="" /></td>'; + $text .= '<td colspan="'.$colspan.'">'.&mt('Add subcategory:').'<input type="text" size="20" name="subcat_'.$name.'" value="" /></td>'; } } } @@ -7106,13 +9730,14 @@ sub build_category_rows { } sub modifiable_userdata_row { - my ($context,$item,$settings,$numinrow,$rowcount,$usertypes,$fieldsref,$titlesref) = @_; + my ($context,$item,$settings,$numinrow,$rowcount,$usertypes,$fieldsref,$titlesref, + $rowid,$customcss,$rowstyle) = @_; my ($role,$rolename,$statustype); $role = $item; if ($context eq 'cancreate') { - if ($item =~ /^emailusername_(.+)$/) { - $statustype = $1; - $role = 'emailusername'; + if ($item =~ /^(emailusername)_(.+)$/) { + $role = $1; + $statustype = $2; if (ref($usertypes) eq 'HASH') { if ($usertypes->{$statustype}) { $rolename = &mt('Data provided by [_1]',$usertypes->{$statustype}); @@ -7147,8 +9772,25 @@ sub modifiable_userdata_row { %fieldtitles = &Apache::loncommon::personal_data_fieldtitles(); } my $output; - my $css_class = $rowcount%2?' class="LC_odd_row"':''; - $output = '<tr '.$css_class.'>'. + my $css_class; + if ($rowcount%2) { + $css_class = 'LC_odd_row'; + } + if ($customcss) { + $css_class .= " $customcss"; + } + $css_class =~ s/^\s+//; + if ($css_class) { + $css_class = ' class="'.$css_class.'"'; + } + if ($rowstyle) { + $css_class .= ' style="'.$rowstyle.'"'; + } + if ($rowid) { + $rowid = ' id="'.$rowid.'"'; + } + + $output = '<tr '.$css_class.$rowid.'>'. '<td><span class="LC_nobreak">'.$rolename.'</span></td>'. '<td class="LC_left_item" colspan="2"><table>'; my $rem; @@ -7182,9 +9824,10 @@ sub modifiable_userdata_row { } } } - - for (my $i=0; $i<@fields; $i++) { - my $rem = $i%($numinrow); + + my $total = scalar(@fields); + for (my $i=0; $i<$total; $i++) { + $rem = $i%($numinrow); if ($rem == 0) { if ($i > 0) { $output .= '</tr>'; @@ -7194,7 +9837,7 @@ sub modifiable_userdata_row { my $check = ' '; unless ($role eq 'emailusername') { if (exists($checks{$fields[$i]})) { - $check = $checks{$fields[$i]} + $check = $checks{$fields[$i]}; } else { if ($role eq 'st') { if (ref($settings) ne 'HASH') { @@ -7226,10 +9869,13 @@ sub modifiable_userdata_row { '</label>'; } $output .= '</span></td>'; - $rem = @fields%($numinrow); } - my $colsleft = $numinrow - $rem; - if ($colsleft > 1 ) { + $rem = $total%$numinrow; + my $colsleft; + if ($rem) { + $colsleft = $numinrow - $rem; + } + if ($colsleft > 1) { $output .= '<td colspan="'.$colsleft.'" class="LC_left_item">'. ' </td>'; } elsif ($colsleft == 1) { @@ -7246,6 +9892,7 @@ sub insttypes_row { cansearch => 'Users allowed to search', statustocreate => 'Institutional affiliation(s) able to create own account (login/SSO)', lockablenames => 'User preference to lock name', + selfassign => 'Self-reportable affiliations', overrides => "Override domain's helpdesk settings based on requester's affiliation", ); my $showdom; @@ -7304,7 +9951,7 @@ sub insttypes_row { $output .= '<td class="LC_left_item">'. '<span class="LC_nobreak"><label>'. '<input type="checkbox" name="'.$context.'" '. - 'value="'.$types->[$i].'"'.$check.'/>'. + 'value="'.$types->[$i].'"'.$check.$onclick.'/>'. $usertypes->{$types->[$i]}.'</label></span></td>'; } } @@ -7319,7 +9966,7 @@ sub insttypes_row { } $output .= ' '; } else { - if (($rem == 0) && (@{$types} > 0)) { + if ($rem == 0) { $output .= '<tr>'; } if ($colsleft > 1) { @@ -7339,7 +9986,7 @@ sub insttypes_row { } $output .= '<span class="LC_nobreak"><label>'. '<input type="checkbox" name="'.$context.'" '. - 'value="default"'.$defcheck.'/>'. + 'value="default"'.$defcheck.$onclick.' />'. $othertitle.'</label></span>'; } $output .= '</td></tr></table></td></tr>'; @@ -7419,12 +10066,14 @@ sub usertype_update_row { sub modify_login { my ($r,$dom,$confname,$lastactref,%domconfig) = @_; my ($resulttext,$errors,$colchgtext,%changes,%colchanges,%newfile,%newurl, - %curr_loginvia,%loginhash,@currlangs,@newlangs,$addedfile,%title,@offon); + %curr_loginvia,%loginhash,@currlangs,@newlangs,$addedfile,%title,@offon, + %currsaml,%saml,%samltext,%samlimg,%samlalt,%samlurl,%samltitle,%samlwindow,%samlnotsso); %title = ( coursecatalog => 'Display course catalog', adminmail => 'Display administrator E-mail address', helpdesk => 'Display "Contact Helpdesk" link', newuser => 'Link for visitors to create a user account', - loginheader => 'Log-in box header'); + loginheader => 'Log-in box header', + saml => 'Dual SSO and non-SSO login'); @offon = ('off','on'); if (ref($domconfig{login}) eq 'HASH') { if (ref($domconfig{login}{loginvia}) eq 'HASH') { @@ -7432,6 +10081,21 @@ sub modify_login { $curr_loginvia{$lonhost} = $domconfig{login}{loginvia}{$lonhost}; } } + if (ref($domconfig{login}{'saml'}) eq 'HASH') { + foreach my $lonhost (keys(%{$domconfig{login}{'saml'}})) { + if (ref($domconfig{login}{'saml'}{$lonhost}) eq 'HASH') { + $currsaml{$lonhost} = $domconfig{login}{'saml'}{$lonhost}; + $saml{$lonhost} = 1; + $samltext{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'text'}; + $samlurl{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'url'}; + $samlalt{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'alt'}; + $samlimg{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'img'}; + $samltitle{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'title'}; + $samlwindow{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'window'}; + $samlnotsso{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'notsso'}; + } + } + } } ($errors,%colchanges) = &modify_colors($r,$dom,$confname,['login'], \%domconfig,\%loginhash); @@ -7678,6 +10342,95 @@ sub modify_login { $errors .= '<li><span class="LC_error">'.$error.'</span></li>'; } } + my @delsamlimg = &Apache::loncommon::get_env_multiple('form.saml_img_del'); + my @newsamlimgs; + foreach my $lonhost (keys(%domservers)) { + if ($env{'form.saml_'.$lonhost}) { + if ($env{'form.saml_img_'.$lonhost.'.filename'}) { + push(@newsamlimgs,$lonhost); + } + foreach my $item ('text','alt','url','title','window','notsso') { + $env{'form.saml_'.$item.'_'.$lonhost} =~ s/^\s+|\s+$//g; + } + if ($saml{$lonhost}) { + if ($env{'form.saml_window_'.$lonhost} ne '1') { + $env{'form.saml_window_'.$lonhost} = ''; + } + if (grep(/^\Q$lonhost\E$/,@delsamlimg)) { +#FIXME Need to obsolete published image + delete($currsaml{$lonhost}{'img'}); + $changes{'saml'}{$lonhost} = 1; + } + if ($env{'form.saml_alt_'.$lonhost} ne $samlalt{$lonhost}) { + $changes{'saml'}{$lonhost} = 1; + } + if ($env{'form.saml_text_'.$lonhost} ne $samltext{$lonhost}) { + $changes{'saml'}{$lonhost} = 1; + } + if ($env{'form.saml_url_'.$lonhost} ne $samlurl{$lonhost}) { + $changes{'saml'}{$lonhost} = 1; + } + if ($env{'form.saml_title_'.$lonhost} ne $samltitle{$lonhost}) { + $changes{'saml'}{$lonhost} = 1; + } + if ($env{'form.saml_window_'.$lonhost} ne $samlwindow{$lonhost}) { + $changes{'saml'}{$lonhost} = 1; + } + if ($env{'form.saml_notsso_'.$lonhost} ne $samlnotsso{$lonhost}) { + $changes{'saml'}{$lonhost} = 1; + } + } else { + $changes{'saml'}{$lonhost} = 1; + } + foreach my $item ('text','alt','url','title','window','notsso') { + $currsaml{$lonhost}{$item} = $env{'form.saml_'.$item.'_'.$lonhost}; + } + } else { + if ($saml{$lonhost}) { + $changes{'saml'}{$lonhost} = 1; + delete($currsaml{$lonhost}); + } + } + } + foreach my $posshost (keys(%currsaml)) { + unless (exists($domservers{$posshost})) { + delete($currsaml{$posshost}); + } + } + %{$loginhash{'login'}{'saml'}} = %currsaml; + if (@newsamlimgs) { + my $error; + my ($configuserok,$author_ok,$switchserver) = &config_check($dom,$confname,$servadm); + if ($configuserok eq 'ok') { + if ($switchserver) { + $error = &mt("Upload of SSO Button Image is not permitted to this server: [_1].",$switchserver); + } elsif ($author_ok eq 'ok') { + foreach my $lonhost (@newsamlimgs) { + my $formelem = 'saml_img_'.$lonhost; + my ($result,$imgurl) = &publishlogo($r,'upload',$formelem,$dom,$confname, + "login/saml/$lonhost",'','', + $env{'form.saml_img_'.$lonhost.'.filename'}); + if ($result eq 'ok') { + $currsaml{$lonhost}{'img'} = $imgurl; + $loginhash{'login'}{'saml'}{$lonhost}{'img'} = $imgurl; + $changes{'saml'}{$lonhost} = 1; + } else { + my $puberror = &mt("Upload of SSO button image failed for [_1] because an error occurred publishing the file in RES space. Error was: [_2].", + $lonhost,$result); + $errors .= '<li><span class="LC_error">'.$puberror.'</span></li>'; + } + } + } else { + $error = &mt("Upload of SSO button image file(s) failed because an author role could not be assigned to a Domain Configuration user ([_1]) in domain: [_2]. Error was: [_3].",$confname,$dom,$author_ok); + } + } else { + $error = &mt("Upload of SSO button image file(s) failed because a Domain Configuration user ([_1]) could not be created in domain: [_2]. Error was: [_3].",$confname,$dom,$configuserok); + } + if ($error) { + &Apache::lonnet::logthis($error); + $errors .= '<li><span class="LC_error">'.$error.'</span></li>'; + } + } &process_captcha('login',\%changes,$loginhash{'login'},$domconfig{'login'}); my $defaulthelpfile = '/adm/loginproblems.html'; @@ -7718,6 +10471,31 @@ sub modify_login { } if (keys(%changes) > 0 || $colchgtext) { &Apache::loncommon::devalidate_domconfig_cache($dom); + if (exists($changes{'saml'})) { + my $hostid_in_use; + my @hosts = &Apache::lonnet::current_machine_ids(); + if (@hosts > 1) { + foreach my $hostid (@hosts) { + if (&Apache::lonnet::host_domain($hostid) eq $dom) { + $hostid_in_use = $hostid; + last; + } + } + } else { + $hostid_in_use = $r->dir_config('lonHostID'); + } + if (($hostid_in_use) && + (&Apache::lonnet::host_domain($hostid_in_use) eq $dom)) { + &Apache::lonnet::devalidate_cache_new('samllanding',$hostid_in_use); + } + if (ref($lastactref) eq 'HASH') { + if (ref($changes{'saml'}) eq 'HASH') { + my %updates; + map { $updates{$_} = 1; } keys(%{$changes{'saml'}}); + $lastactref->{'samllanding'} = \%updates; + } + } + } if (ref($lastactref) eq 'HASH') { $lastactref->{'domainconfig'} = 1; } @@ -7797,6 +10575,41 @@ sub modify_login { } } } + } elsif ($item eq 'saml') { + if (ref($changes{$item}) eq 'HASH') { + my %notlt = ( + text => 'Text for log-in by SSO', + img => 'SSO button image', + alt => 'Alt text for button image', + url => 'SSO URL', + title => 'Tooltip for SSO link', + window => 'Pop-up window if iframe', + notsso => 'Text for non-SSO log-in', + ); + foreach my $lonhost (sort(keys(%{$changes{$item}}))) { + if (ref($currsaml{$lonhost}) eq 'HASH') { + $resulttext .= '<li>'.&mt("$title{$item} in use for [_1]","<b>$lonhost</b>"). + '<ul>'; + foreach my $key ('text','img','alt','url','title','window','notsso') { + if ($currsaml{$lonhost}{$key} eq '') { + $resulttext .= '<li>'.&mt("$notlt{$key} not in use").'</li>'; + } else { + my $value = "'$currsaml{$lonhost}{$key}'"; + if ($key eq 'img') { + $value = '<img src="'.$currsaml{$lonhost}{$key}.'" />'; + } elsif ($key eq 'window') { + $value = 'On'; + } + $resulttext .= '<li>'.&mt("$notlt{$key} set to: [_1]", + $value).'</li>'; + } + } + $resulttext .= '</ul></li>'; + } else { + $resulttext .= '<li>'.&mt("$title{$item} not in use for [_1]",$lonhost).'</li>'; + } + } + } } elsif ($item eq 'captcha') { if (ref($loginhash{'login'}) eq 'HASH') { my $chgtxt; @@ -7899,6 +10712,283 @@ sub color_font_choices { return %choices; } +sub modify_ipaccess { + my ($dom,$lastactref,%domconfig) = @_; + my (@allpos,%changes,%confhash,$errors,$resulttext); + my (@items,%deletions,%itemids,@warnings); + my ($typeorder,$types) = &commblocktype_text(); + if ($env{'form.ipaccess_add'}) { + my $name = $env{'form.ipaccess_name_add'}; + my ($newid,$error) = &get_ipaccess_id($dom,$name); + if ($newid) { + $itemids{'add'} = $newid; + push(@items,'add'); + $changes{$newid} = 1; + } else { + $error = &mt('Failed to acquire unique ID for new IP access control item'); + $errors .= '<li><span class="LC_error">'.$error.'</span></li>'; + } + } + if (ref($domconfig{'ipaccess'}) eq 'HASH') { + my @todelete = &Apache::loncommon::get_env_multiple('form.ipaccess_del'); + if (@todelete) { + map { $deletions{$_} = 1; } @todelete; + } + my $maxnum = $env{'form.ipaccess_maxnum'}; + for (my $i=0; $i<$maxnum; $i++) { + my $itemid = $env{'form.ipaccess_id_'.$i}; + $itemid =~ s/\D+//g; + if (ref($domconfig{'ipaccess'}{$itemid}) eq 'HASH') { + if ($deletions{$itemid}) { + $changes{$itemid} = $domconfig{'ipaccess'}{$itemid}{'name'}; + } else { + push(@items,$i); + $itemids{$i} = $itemid; + } + } + } + } + foreach my $idx (@items) { + my $itemid = $itemids{$idx}; + next unless ($itemid); + my %current; + unless ($idx eq 'add') { + if (ref($domconfig{'ipaccess'}{$itemid}) eq 'HASH') { + %current = %{$domconfig{'ipaccess'}{$itemid}}; + } + } + my $position = $env{'form.ipaccess_pos_'.$itemid}; + $position =~ s/\D+//g; + if ($position ne '') { + $allpos[$position] = $itemid; + } + my $name = $env{'form.ipaccess_name_'.$idx}; + $name =~ s/^\s+|\s+$//g; + $confhash{$itemid}{'name'} = $name; + my $possrange = $env{'form.ipaccess_range_'.$idx}; + $possrange =~ s/^\s+|\s+$//g; + unless ($possrange eq '') { + $possrange =~ s/[\r\n]+/\s/g; + $possrange =~ s/\s*-\s*/-/g; + $possrange =~ s/\s+/,/g; + $possrange =~ s/,+/,/g; + if ($possrange ne '') { + my (@ok,$count); + $count = 0; + foreach my $poss (split(/\,/,$possrange)) { + $count ++; + $poss = &validate_ip_pattern($poss); + if ($poss ne '') { + push(@ok,$poss); + } + } + my $diff = $count - scalar(@ok); + if ($diff) { + $errors .= '<li><span class="LC_error">'. + &mt('[quant,_1,IP] invalid and excluded from saved value for IP range(s) for [_2]', + $diff,$name). + '</span></li>'; + } + if (@ok) { + my @cidr_list; + foreach my $item (@ok) { + @cidr_list = &Net::CIDR::cidradd($item,@cidr_list); + } + $confhash{$itemid}{'ip'} = join(',',@cidr_list); + } + } + } + foreach my $field ('name','ip') { + unless (($idx eq 'add') || ($changes{$itemid})) { + if ($current{$field} ne $confhash{$itemid}{$field}) { + $changes{$itemid} = 1; + last; + } + } + } + $confhash{$itemid}{'commblocks'} = {}; + + my %commblocks; + map { $commblocks{$_} = 1; } &Apache::loncommon::get_env_multiple('form.ipaccess_block_'.$idx); + foreach my $type (@{$typeorder}) { + if ($commblocks{$type}) { + $confhash{$itemid}{'commblocks'}{$type} = 'on'; + } + unless (($idx eq 'add') || ($changes{$itemid})) { + if (ref($current{'commblocks'}) eq 'HASH') { + if ($confhash{$itemid}{'commblocks'}{$type} ne $current{'commblocks'}{$type}) { + $changes{$itemid} = 1; + } + } elsif ($confhash{$itemid}{'commblocks'}{$type}) { + $changes{$itemid} = 1; + } + } + } + $confhash{$itemid}{'courses'} = {}; + my %crsdeletions; + my @delcrs = &Apache::loncommon::get_env_multiple('form.ipaccess_course_delete_'.$idx); + if (@delcrs) { + map { $crsdeletions{$_} = 1; } @delcrs; + } + if (ref($current{'courses'}) eq 'HASH') { + foreach my $cid (sort(keys(%{$current{'courses'}}))) { + if ($crsdeletions{$cid}) { + $changes{$itemid} = 1; + } else { + $confhash{$itemid}{'courses'}{$cid} = 1; + } + } + } + $env{'form.ipaccess_cnum_'.$idx} =~ s/^\s+|\s+$//g; + $env{'form.ipaccess_cdom_'.$idx} =~ s/^\s+|\s+$//g; + if (($env{'form.ipaccess_cnum_'.$idx} =~ /^$match_courseid$/) && + ($env{'form.ipaccess_cdom_'.$idx} =~ /^$match_domain$/)) { + if (&Apache::lonnet::homeserver($env{'form.ipaccess_cnum_'.$idx}, + $env{'form.ipaccess_cdom_'.$idx}) eq 'no_host') { + $errors .= '<li><span class="LC_error">'. + &mt('Invalid courseID [_1] omitted from list of allowed courses', + $env{'form.ipaccess_cdom_'.$idx}.'_'.$env{'form.ipaccess_cnum_'.$idx}). + '</span></li>'; + } else { + $confhash{$itemid}{'courses'}{$env{'form.ipaccess_cdom_'.$idx}.'_'.$env{'form.ipaccess_cnum_'.$idx}} = 1; + $changes{$itemid} = 1; + } + } + } + if (@allpos > 0) { + my $idx = 0; + foreach my $itemid (@allpos) { + if ($itemid ne '') { + $confhash{$itemid}{'order'} = $idx; + unless ($changes{$itemid}) { + if (ref($domconfig{'ipaccess'}) eq 'HASH') { + if (ref($domconfig{'ipaccess'}{$itemid}) eq 'HASH') { + if ($domconfig{'ipaccess'}{$itemid}{'order'} ne $idx) { + $changes{$itemid} = 1; + } + } + } + } + $idx ++; + } + } + } + if (keys(%changes)) { + my %defaultshash = ( + ipaccess => \%confhash, + ); + my $putresult = &Apache::lonnet::put_dom('configuration',\%defaultshash, + $dom); + if ($putresult eq 'ok') { + my $cachetime = 1800; + &Apache::lonnet::do_cache_new('ipaccess',$dom,\%confhash,$cachetime); + if (ref($lastactref) eq 'HASH') { + $lastactref->{'ipaccess'} = 1; + } + $resulttext = &mt('Changes made:').'<ul>'; + my %bynum; + foreach my $itemid (sort(keys(%changes))) { + if (ref($confhash{$itemid}) eq 'HASH') { + my $position = $confhash{$itemid}{'order'}; + if ($position =~ /^\d+$/) { + $bynum{$position} = $itemid; + } + } + } + if (keys(%deletions)) { + foreach my $itemid (sort { $a <=> $b } keys(%deletions)) { + $resulttext .= '<li>'.&mt('Deleted: [_1]',$changes{$itemid}).'</li>'; + } + } + foreach my $pos (sort { $a <=> $b } keys(%bynum)) { + my $itemid = $bynum{$pos}; + if (ref($confhash{$itemid}) eq 'HASH') { + $resulttext .= '<li><b>'.$confhash{$itemid}{'name'}.'</b><ul>'; + my $position = $pos + 1; + $resulttext .= '<li>'.&mt('Order: [_1]',$position).'</li>'; + if ($confhash{$itemid}{'ip'} eq '') { + $resulttext .= '<li>'.&mt('No IP Range(s) set').'</li>'; + } else { + $resulttext .= '<li>'.&mt('IP Range(s): [_1]',$confhash{$itemid}{'ip'}).'</li>'; + } + if (keys(%{$confhash{$itemid}{'commblocks'}})) { + $resulttext .= '<li>'.&mt('Functionality Blocked: [_1]', + join(', ', map { $types->{$_}; } sort(keys(%{$confhash{$itemid}{'commblocks'}})))). + '</li>'; + } else { + $resulttext .= '<li>'.&mt('No functionality blocked').'</li>'; + } + if (keys(%{$confhash{$itemid}{'courses'}})) { + my @courses; + foreach my $cid (sort(keys(%{$confhash{$itemid}{'courses'}}))) { + my %courseinfo = &Apache::lonnet::coursedescription($cid,{'one_time' => 1}); + push(@courses,$courseinfo{'description'}.' ('.$cid.')'); + } + $resulttext .= '<li>'.&mt('Courses/Communities allowed').':<ul><li>'. + join('</li><li>',@courses).'</li></ul>'; + } else { + $resulttext .= '<li>'.&mt('No courses allowed').'</li>'; + } + $resulttext .= '</ul></li>'; + } + } + $resulttext .= '</ul>'; + } else { + $errors .= '<li><span class="LC_error">'.&mt('Failed to save changes').'</span></li>'; + } + } else { + $resulttext = &mt('No changes made'); + } + if ($errors) { + $resulttext .= '<p>'.&mt('The following errors occurred: ').'<ul>'. + $errors.'</ul></p>'; + } + return $resulttext; +} + +sub get_ipaccess_id { + my ($domain,$location) = @_; + # get lock on ipaccess db + my $lockhash = { + lock => $env{'user.name'}. + ':'.$env{'user.domain'}, + }; + my $tries = 0; + my $gotlock = &Apache::lonnet::newput_dom('ipaccess',$lockhash,$domain); + my ($id,$error); + + while (($gotlock ne 'ok') && ($tries<10)) { + $tries ++; + sleep (0.1); + $gotlock = &Apache::lonnet::newput_dom('ipaccess',$lockhash,$domain); + } + if ($gotlock eq 'ok') { + my %currids = &Apache::lonnet::dump_dom('ipaccess',$domain); + if ($currids{'lock'}) { + delete($currids{'lock'}); + if (keys(%currids)) { + my @curr = sort { $a <=> $b } keys(%currids); + if ($curr[-1] =~ /^\d+$/) { + $id = 1 + $curr[-1]; + } + } else { + $id = 1; + } + if ($id) { + unless (&Apache::lonnet::newput_dom('ipaccess',{ $id => $location },$domain) eq 'ok') { + $error = 'nostore'; + } + } else { + $error = 'nonumber'; + } + } + my $dellockoutcome = &Apache::lonnet::del_dom('ipaccess',['lock'],$domain); + } else { + $error = 'nolock'; + } + return ($id,$error); +} + sub modify_rolecolors { my ($r,$dom,$confname,$roles,$lastactref,%domconfig) = @_; my ($resulttext,%rolehash); @@ -8006,13 +11096,18 @@ sub modify_colors { $domconfig->{$role} = {}; } foreach my $img (@images) { - if (($role eq 'login') && (($img eq 'img') || ($img eq 'logo'))) { - if (defined($env{'form.login_showlogo_'.$img})) { - $confhash->{$role}{'showlogo'}{$img} = 1; - } else { - $confhash->{$role}{'showlogo'}{$img} = 0; + if ($role eq 'login') { + if (($img eq 'img') || ($img eq 'logo')) { + if (defined($env{'form.login_showlogo_'.$img})) { + $confhash->{$role}{'showlogo'}{$img} = 1; + } else { + $confhash->{$role}{'showlogo'}{$img} = 0; + } } - } + if ($env{'form.login_alt_'.$img} ne '') { + $confhash->{$role}{'alttext'}{$img} = $env{'form.login_alt_'.$img}; + } + } if ( ! $env{'form.'.$role.'_'.$img.'.filename'} && !defined($domconfig->{$role}{$img}) && !$env{'form.'.$role.'_del_'.$img} @@ -8087,15 +11182,29 @@ sub modify_colors { $changes{$role}{'images'}{$img} = 1; } } - if (($role eq 'login') && (($img eq 'logo') || ($img eq 'img'))) { - if (ref($domconfig->{'login'}{'showlogo'}) eq 'HASH') { - if ($confhash->{$role}{'showlogo'}{$img} ne - $domconfig->{$role}{'showlogo'}{$img}) { - $changes{$role}{'showlogo'}{$img} = 1; + if ($role eq 'login') { + if (($img eq 'logo') || ($img eq 'img')) { + if (ref($domconfig->{'login'}{'showlogo'}) eq 'HASH') { + if ($confhash->{$role}{'showlogo'}{$img} ne + $domconfig->{$role}{'showlogo'}{$img}) { + $changes{$role}{'showlogo'}{$img} = 1; + } + } else { + if ($confhash->{$role}{'showlogo'}{$img} == 0) { + $changes{$role}{'showlogo'}{$img} = 1; + } } - } else { - if ($confhash->{$role}{'showlogo'}{$img} == 0) { - $changes{$role}{'showlogo'}{$img} = 1; + } + if ($img ne 'login') { + if (ref($domconfig->{$role}{'alttext'}) eq 'HASH') { + if ($confhash->{$role}{'alttext'}{$img} ne + $domconfig->{$role}{'alttext'}{$img}) { + $changes{$role}{'alttext'}{$img} = 1; + } + } else { + if ($confhash->{$role}{'alttext'}{$img} ne '') { + $changes{$role}{'alttext'}{$img} = 1; + } } } } @@ -8206,6 +11315,11 @@ sub default_change_checker { if ($confhash->{$role}{'showlogo'}{$img} == 0) { $changes->{$role}{'showlogo'}{$img} = 1; } + if (ref($confhash->{$role}{'alttext'}) eq 'HASH') { + if ($confhash->{$role}{'alttext'}{$img} ne '') { + $changes->{$role}{'alttext'}{$img} = 1; + } + } } } if ($confhash->{$role}{'font'}) { @@ -8244,6 +11358,13 @@ sub display_colorchgs { } else { $resulttext .= '<li>'.&mt("$choices{$item} set to not be displayed").'</li>'; } + } elsif (($role eq 'login') && ($key eq 'alttext')) { + if ($confhash->{$role}{$key}{$item} ne '') { + $resulttext .= '<li>'.&mt("$choices{$key} for $choices{$item} set to [_1].", + $confhash->{$role}{$key}{$item}).'</li>'; + } else { + $resulttext .= '<li>'.&mt("$choices{$key} for $choices{$item} deleted.").'</li>'; + } } elsif ($confhash->{$role}{$item} eq '') { $resulttext .= '<li>'.&mt("$choices{$item} set to default").'</li>'; } else { @@ -8302,7 +11423,7 @@ sub check_configuser { my ($configuserok,%currroles); if ($uhome eq 'no_host') { srand( time() ^ ($$ + ($$ << 15)) ); # Seed rand. - my $configpass = &LONCAPA::Enrollment::create_password(); + my $configpass = &LONCAPA::Enrollment::create_password($dom); $configuserok = &Apache::lonnet::modifyuser($dom,$confname,'','internal', $configpass,'','','','','',undef,$servadm); @@ -8376,14 +11497,14 @@ sub publishlogo { } else { my $source = $filepath.'/'.$file; my $logfile; - if (!open($logfile,">>$source".'.log')) { + if (!open($logfile,">>",$source.'.log')) { return (&mt('No write permission to Authoring Space')); } print $logfile "\n================= Publish ".localtime()." ================\n". $env{'user.name'}.':'.$env{'user.domain'}."\n"; # Save the file - if (!open(FH,'>'.$source)) { + if (!open(FH,">",$source)) { &Apache::lonnet::logthis('Failed to create '.$source); return (&mt('Failed to create file')); } @@ -8444,7 +11565,8 @@ $env{'user.name'}.':'.$env{'user.domain' if ($fullwidth ne '' && $fullheight ne '') { if ($fullwidth > $thumbwidth && $fullheight > $thumbheight) { my $thumbsize = $thumbwidth.'x'.$thumbheight; - system("convert -sample $thumbsize $inputfile $outfile"); + my @args = ('convert','-sample',$thumbsize,$inputfile,$outfile); + system({$args[0]} @args); chmod(0660, $filepath.'/tn-'.$file); if (-e $outfile) { my $copyfile=$targetdir.'/tn-'.$file; @@ -8523,7 +11645,7 @@ sub write_metadata { { print $logfile "\nWrite metadata file for ".$targetdir.'/'.$file; my $mfh; - if (open($mfh,'>'.$targetdir.'/'.$file.'.meta')) { + if (open($mfh,">",$targetdir.'/'.$file.'.meta')) { foreach (sort(keys(%metadatafields))) { unless ($_=~/\./) { my $unikey=$_; @@ -8557,7 +11679,7 @@ sub notifysubscribed { next unless (ref($targetsource) eq 'ARRAY'); my ($target,$source)=@{$targetsource}; if ($source ne '') { - if (open(my $logfh,'>>'.$source.'.log')) { + if (open(my $logfh,">>",$source.'.log')) { print $logfh "\nCleanup phase: Notifications\n"; my @subscribed=&subscribed_hosts($target); foreach my $subhost (@subscribed) { @@ -8583,7 +11705,7 @@ sub notifysubscribed { sub subscribed_hosts { my ($target) = @_; my @subscribed; - if (open(my $fh,"<$target.subscription")) { + if (open(my $fh,"<","$target.subscription")) { while (my $subline=<$fh>) { if ($subline =~ /^($match_lonid):/) { my $host = $1; @@ -8640,7 +11762,7 @@ sub modify_quotas { @usertools = ('author'); %titles = &authorrequest_titles(); } else { - @usertools = ('aboutme','blog','webdav','portfolio'); + @usertools = ('aboutme','blog','webdav','portfolio','timezone'); %titles = &tool_titles(); } my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1); @@ -8784,7 +11906,7 @@ sub modify_quotas { my ($cdom,$cnum) = split(/_/,$key); if (&Apache::lonnet::homeserver($cnum,$cdom) eq 'no_host') { $errors .= '<li><span class="LC_error">'.&mt('Image not saved: could not find textbook course').'</li>'; - } else { + } else { my ($imgurl,$error) = &process_textbook_image($r,$dom,$confname,$type.'_image_'.$i, $cdom,$cnum,$type,$configuserok, $switchserver,$author_ok); @@ -8829,15 +11951,19 @@ sub modify_quotas { if ($type eq 'textbooks') { if ($env{'form.'.$type.'_addbook_image.filename'} ne '') { my ($cdom,$cnum) = split(/_/,$newbook{$type}); - my ($imageurl,$error) = - &process_textbook_image($r,$dom,$confname,$type.'_addbook_image',$cdom,$cnum,$type, - $configuserok,$switchserver,$author_ok); - if ($imageurl) { - $confhash{$type}{$newbook{$type}}{'image'} = $imageurl; - } - if ($error) { - &Apache::lonnet::logthis($error); - $errors .= '<li><span class="LC_error">'.$error.'</span></li>'; + if (&Apache::lonnet::homeserver($cnum,$cdom) eq 'no_host') { + $errors .= '<li><span class="LC_error">'.&mt('Image not saved: could not find textbook course').'</li>'; + } else { + my ($imageurl,$error) = + &process_textbook_image($r,$dom,$confname,$type.'_addbook_image',$cdom,$cnum,$type, + $configuserok,$switchserver,$author_ok); + if ($imageurl) { + $confhash{$type}{$newbook{$type}}{'image'} = $imageurl; + } + if ($error) { + &Apache::lonnet::logthis($error); + $errors .= '<li><span class="LC_error">'.$error.'</span></li>'; + } } } } @@ -9369,8 +12495,11 @@ sub modify_ltitools { $allpos[$position] = $newid; } $changes{$newid} = 1; - foreach my $item ('title','url','key','secret') { + foreach my $item ('title','url','key','secret','lifetime') { $env{'form.ltitools_add_'.$item} =~ s/(`)/'/g; + if ($item eq 'lifetime') { + $env{'form.ltitools_add_'.$item} =~ s/[^\d.]//g; + } if ($env{'form.ltitools_add_'.$item}) { if (($item eq 'key') || ($item eq 'secret')) { $encconfig{$newid}{$item} = $env{'form.ltitools_add_'.$item}; @@ -9385,6 +12514,11 @@ sub modify_ltitools { if ($env{'form.ltitools_add_msgtype'} eq 'basic-lti-launch-request') { $confhash{$newid}{'msgtype'} = $env{'form.ltitools_add_msgtype'}; } + if ($env{'form.ltitools_add_sigmethod'} eq 'HMAC-SHA256') { + $confhash{$newid}{'sigmethod'} = $env{'form.ltitools_add_sigmethod'}; + } else { + $confhash{$newid}{'sigmethod'} = 'HMAC-SHA1'; + } foreach my $item ('width','height','linktext','explanation') { $env{'form.ltitools_add_'.$item} =~ s/^\s+//; $env{'form.ltitools_add_'.$item} =~ s/\s+$//; @@ -9405,11 +12539,6 @@ sub modify_ltitools { } else { $confhash{$newid}{'display'}{'target'} = 'iframe'; } - foreach my $item ('passback','roster') { - if ($env{'form.ltitools_add_'.$item}) { - $confhash{$newid}{$item} = 1; - } - } if ($env{'form.ltitools_add_image.filename'} ne '') { my ($imageurl,$error) = &process_ltitools_image($r,$dom,$confname,'ltitools_add_image',$newid, @@ -9440,6 +12569,13 @@ sub modify_ltitools { } } } + if (ref($confhash{$newid}{'fields'}) eq 'HASH') { + if ($confhash{$newid}{'fields'}{'user'}) { + if ($env{'form.ltitools_userincdom_add'}) { + $confhash{$newid}{'incdom'} = 1; + } + } + } my @courseconfig = &Apache::loncommon::get_env_multiple('form.ltitools_courseconfig'); foreach my $item (@courseconfig) { $confhash{$newid}{'crsconf'}{$item} = 1; @@ -9486,7 +12622,7 @@ sub modify_ltitools { } else { my $newpos = $env{'form.ltitools_'.$itemid}; $newpos =~ s/\D+//g; - foreach my $item ('title','url') { + foreach my $item ('title','url','lifetime') { $confhash{$itemid}{$item} = $env{'form.ltitools_'.$item.'_'.$i}; if ($domconfig{$action}{$itemid}{$item} ne $confhash{$itemid}{$item}) { $changes{$itemid} = 1; @@ -9504,6 +12640,18 @@ sub modify_ltitools { if ($env{'form.ltitools_msgtype_'.$i} eq 'basic-lti-launch-request') { $confhash{$itemid}{'msgtype'} = $env{'form.ltitools_msgtype_'.$i}; } + if ($env{'form.ltitools_sigmethod_'.$i} eq 'HMAC-SHA256') { + $confhash{$itemid}{'sigmethod'} = $env{'form.ltitools_sigmethod_'.$i}; + } else { + $confhash{$itemid}{'sigmethod'} = 'HMAC-SHA1'; + } + if ($domconfig{$action}{$itemid}{'sigmethod'} eq '') { + if ($confhash{$itemid}{'sigmethod'} ne 'HMAC-SHA1') { + $changes{$itemid} = 1; + } + } elsif ($domconfig{$action}{$itemid}{'sigmethod'} ne $confhash{$itemid}{'sigmethod'}) { + $changes{$itemid} = 1; + } foreach my $size ('width','height') { $env{'form.ltitools_'.$size.'_'.$i} =~ s/^\s+//; $env{'form.ltitools_'.$size.'_'.$i} =~ s/\s+$//; @@ -9554,16 +12702,8 @@ sub modify_ltitools { } else { $changes{$itemid} = 1; } - foreach my $extra ('passback','roster') { - if ($env{'form.ltitools_'.$extra.'_'.$i}) { - $confhash{$itemid}{$extra} = 1; - } - if ($domconfig{$action}{$itemid}{$extra} ne $confhash{$itemid}{$extra}) { - $changes{$itemid} = 1; - } - } my @courseconfig = &Apache::loncommon::get_env_multiple('form.ltitools_courseconfig_'.$i); - foreach my $item ('label','title','target','linktext','explanation') { + foreach my $item ('label','title','target','linktext','explanation','append') { if (grep(/^\Q$item\E$/,@courseconfig)) { $confhash{$itemid}{'crsconf'}{$item} = 1; if (ref($domconfig{$action}{$itemid}{'crsconf'}) eq 'HASH') { @@ -9607,6 +12747,16 @@ sub modify_ltitools { } } } + if (ref($confhash{$itemid}{'fields'}) eq 'HASH') { + if ($confhash{$itemid}{'fields'}{'user'}) { + if ($env{'form.ltitools_userincdom_'.$i}) { + $confhash{$itemid}{'incdom'} = 1; + } + if ($domconfig{$action}{$itemid}{'incdom'} ne $confhash{$itemid}{'incdom'}) { + $changes{$itemid} = 1; + } + } + } $allpos[$newpos] = $itemid; } if ($imgdeletions{$itemid}) { @@ -9705,7 +12855,7 @@ sub modify_ltitools { my %ltienchash = ( $action => { %encconfig } ); - &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom); + &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom,undef,1); if (keys(%changes) > 0) { my $cachetime = 24*60*60; my %ltiall = %confhash; @@ -9740,7 +12890,7 @@ sub modify_ltitools { $resulttext .= '</li><ul>'; my $position = $pos + 1; $resulttext .= '<li>'.&mt('Order: [_1]',$position).'</li>'; - foreach my $item ('version','msgtype','url') { + foreach my $item ('version','msgtype','sigmethod','url','lifetime') { if ($confhash{$itemid}{$item} ne '') { $resulttext .= '<li>'.$lt{$item}.': '.$confhash{$itemid}{$item}.'</li>'; } @@ -9754,7 +12904,7 @@ sub modify_ltitools { $resulttext .= ('*'x$num).'</li>'; } $resulttext .= '<li>'.&mt('Configurable in course:'); - my @possconfig = ('label','title','target','linktext','explanation'); + my @possconfig = ('label','title','target','linktext','explanation','append'); my $numconfig = 0; if (ref($confhash{$itemid}{'crsconf'}) eq 'HASH') { foreach my $item (@possconfig) { @@ -9768,15 +12918,6 @@ sub modify_ltitools { $resulttext .= &mt('None'); } $resulttext .= '</li>'; - foreach my $item ('passback','roster') { - $resulttext .= '<li>'.$lt{$item}.' '; - if ($confhash{$itemid}{$item}) { - $resulttext .= &mt('Yes'); - } else { - $resulttext .= &mt('No'); - } - $resulttext .= '</li>'; - } if (ref($confhash{$itemid}{'display'}) eq 'HASH') { my $displaylist; if ($confhash{$itemid}{'display'}{'target'}) { @@ -9808,6 +12949,13 @@ sub modify_ltitools { } if ($fieldlist) { $fieldlist =~ s/,$//; + if ($confhash{$itemid}{'fields'}{'user'}) { + if ($confhash{$itemid}{'incdom'}) { + $fieldlist .= ' ('.&mt('username:domain').')'; + } else { + $fieldlist .= ' ('.&mt('username').')'; + } + } $resulttext .= '<li>'.&mt('Data sent').':'.$fieldlist.'</li>'; } } @@ -9832,7 +12980,7 @@ sub modify_ltitools { } } if ($customlist) { - $resulttext .= '<li>'.&mt('Custom items').':'.$customlist.'</li>'; + $resulttext .= '<li>'.&mt('Custom items').': '.$customlist.'</li>'; } } $resulttext .= '</ul></li>'; @@ -9928,6 +13076,255 @@ sub get_ltitools_id { return ($id,$error); } +sub modify_lti { + my ($r,$dom,$action,$lastactref,%domconfig) = @_; + my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1); + my (%encconfig,$errors,$resulttext); + + my (%currltisec,%secchanges,%newltisec,%newltienc,%keyset,%newkeyset); + $newltisec{'private'}{'keys'} = []; + $newltisec{'encrypt'} = {}; + $newltisec{'rules'} = {}; + $newltisec{'linkprot'} = {}; + if (ref($domconfig{'ltisec'}) eq 'HASH') { + %currltisec = %{$domconfig{'ltisec'}}; + if (ref($currltisec{'linkprot'}) eq 'HASH') { + foreach my $id (keys(%{$currltisec{'linkprot'}})) { + unless ($id =~ /^\d+$/) { + delete($currltisec{'linkprot'}{$id}); + } + } + } + if (ref($currltisec{'private'}) eq 'HASH') { + if (ref($currltisec{'private'}{'keys'}) eq 'ARRAY') { + $newltisec{'private'}{'keys'} = $currltisec{'private'}{'keys'}; + map { $keyset{$_} = 1; } @{$currltisec{'private'}{'keys'}}; + } + } + } + foreach my $item ('crs','dom') { + my $formelement = 'form.ltisec_'.$item.'linkprot'; + if ($env{$formelement}) { + $newltisec{'encrypt'}{$item} = 1; + if (ref($currltisec{'encrypt'}) eq 'HASH') { + unless ($currltisec{'encrypt'}{$item}) { + $secchanges{'encrypt'} = 1; + } + } else { + $secchanges{'encrypt'} = 1; + } + } elsif (ref($currltisec{'encrypt'}) eq 'HASH') { + if ($currltisec{'encrypt'}{$item}) { + $secchanges{'encrypt'} = 1; + } + } + } + unless (exists($currltisec{'rules'})) { + $currltisec{'rules'} = {}; + } + &password_rule_changes('secrets',$newltisec{'rules'},$currltisec{'rules'},\%secchanges); + + my @ids=&Apache::lonnet::current_machine_ids(); + my %servers = &Apache::lonnet::get_servers($dom,'library'); + + foreach my $hostid (keys(%servers)) { + if (($hostid ne '') && (grep(/^\Q$hostid\E$/,@ids))) { + my $newkey; + my $keyitem = 'form.ltisec_privkey_'.$hostid; + if (exists($env{$keyitem})) { + $env{$keyitem} =~ s/(`)/'/g; + if ($keyset{$hostid}) { + if ($env{'form.ltisec_changeprivkey_'.$hostid}) { + if ($env{$keyitem} ne '') { + $secchanges{'private'} = 1; + $newkeyset{$hostid} = $env{$keyitem}; + } + } + } elsif ($env{$keyitem} ne '') { + unless (grep(/^\Q$hostid\E$/,@{$newltisec{'private'}{'keys'}})) { + push(@{$newltisec{'private'}{'keys'}},$hostid); + } + $secchanges{'private'} = 1; + $newkeyset{$hostid} = $env{$keyitem}; + } + } + } + } + + my (%linkprotchg,$linkprotoutput,$is_home); + my $proterror = &Apache::courseprefs::process_linkprot($dom,'',$currltisec{'linkprot'}, + \%linkprotchg,'domain'); + my $home = &Apache::lonnet::domain($dom,'primary'); + unless (($home eq 'no_host') || ($home eq '')) { + my @ids=&Apache::lonnet::current_machine_ids(); + foreach my $id (@ids) { if ($id eq $home) { $is_home=1; } } + } + + if (keys(%linkprotchg)) { + $secchanges{'linkprot'} = 1; + my %oldlinkprot; + if (ref($currltisec{'linkprot'}) eq 'HASH') { + %oldlinkprot = %{$currltisec{'linkprot'}}; + } + foreach my $id (keys(%linkprotchg)) { + if (ref($linkprotchg{$id}) eq 'HASH') { + foreach my $inner (keys(%{$linkprotchg{$id}})) { + if (($inner eq 'secret') || ($inner eq 'key')) { + if ($is_home) { + $newltienc{$id}{$inner} = $linkprotchg{$id}{$inner}; + } + } + } + } else { + $newltisec{'linkprot'}{$id} = $linkprotchg{$id}; + } + } + $linkprotoutput = &Apache::courseprefs::store_linkprot($dom,'','domain',\%linkprotchg,\%oldlinkprot); + if (keys(%linkprotchg)) { + %{$newltisec{'linkprot'}} = %linkprotchg; + } + } + if (ref($currltisec{'linkprot'}) eq 'HASH') { + foreach my $id (%{$currltisec{'linkprot'}}) { + next if ($id !~ /^\d+$/); + unless (exists($linkprotchg{$id})) { + if (ref($currltisec{'linkprot'}{$id}) eq 'HASH') { + foreach my $inner (keys(%{$currltisec{'linkprot'}{$id}})) { + if (($inner eq 'secret') || ($inner eq 'key')) { + if ($is_home) { + $newltienc{$id}{$inner} = $currltisec{'linkprot'}{$id}{$inner}; + } + } else { + $newltisec{'linkprot'}{$id}{$inner} = $currltisec{'linkprot'}{$id}{$inner}; + } + } + } else { + $newltisec{'linkprot'}{$id} = $currltisec{'linkprot'}{$id}; + } + } + } + } + if ($proterror) { + $errors .= '<li>'.$proterror.'</li>'; + } + + my ($putresult,%keystore); + if (keys(%secchanges)) { + my %ltienchash; + my %ltihash = ( + 'ltisec' => { %newltisec } + ); + $putresult = &Apache::lonnet::put_dom('configuration',\%ltihash,$dom); + if ($putresult eq 'ok') { + if ($secchanges{'private'}) { + my $who = &escape($env{'user.name'}.':'.$env{'user.domain'}); + foreach my $hostid (keys(%newkeyset)) { + my $storehash = { + key => $newkeyset{$hostid}, + who => $env{'user.name'}.':'.$env{'user.domain'}, + }; + $keystore{$hostid} = &Apache::lonnet::store_dom($storehash,'lti','private', + $dom,$hostid); + } + } + if (ref($lastactref) eq 'HASH') { + if (($secchanges{'encrypt'}) || ($secchanges{'private'})) { + $lastactref->{'domdefaults'} = 1; + } + } + if (($secchanges{'linkprot'}) && ($is_home)) { + my %ltienchash = ( + 'linkprot' => { %newltienc } + ); + &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom,undef,1); + } + } + } else { + return &mt('No changes made.'); + } + if ($putresult eq 'ok') { + $resulttext = &mt('Changes made:').'<ul>'; + foreach my $item (keys(%secchanges)) { + if ($item eq 'encrypt') { + my %encrypted = ( + crs => { + on => &mt('Encryption of stored link protection secrets defined in courses enabled'), + off => &mt('Encryption of stored link protection secrets defined in courses disabled'), + }, + dom => { + on => &mt('Encryption of stored link protection secrets defined in domain enabled'), + off => &mt('Encryption of stored link protection secrets defined in domain disabled'), + }, + ); + foreach my $type ('crs','dom') { + my $shown = $encrypted{$type}{'off'}; + if (ref($newltisec{$item}) eq 'HASH') { + if ($newltisec{$item}{$type}) { + $shown = $encrypted{$type}{'on'}; + } + } + $resulttext .= '<li>'.$shown.'</li>'; + } + } elsif ($item eq 'rules') { + my %titles = &Apache::lonlocal::texthash( + min => 'Minimum password length', + max => 'Maximum password length', + chars => 'Required characters', + ); + foreach my $rule ('min','max') { + if ($newltisec{rules}{$rule} eq '') { + if ($rule eq 'min') { + $resulttext .= '<li>'.&mt('[_1] not set.',$titles{$rule}); + ' '.&mt('Default of [_1] will be used', + $Apache::lonnet::passwdmin).'</li>'; + } else { + $resulttext .= '<li>'.&mt('[_1] set to none',$titles{$rule}).'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('[_1] set to [_2]',$titles{$rule},$newltisec{rules}{$rule}).'</li>'; + } + } + if (ref($newltisec{'rules'}{'chars'}) eq 'ARRAY') { + if (@{$newltisec{'rules'}{'chars'}} > 0) { + my %rulenames = &Apache::lonlocal::texthash( + uc => 'At least one upper case letter', + lc => 'At least one lower case letter', + num => 'At least one number', + spec => 'At least one non-alphanumeric', + ); + my $needed = '<ul><li>'. + join('</li><li>',map {$rulenames{$_} } @{$newltisec{'rules'}{'chars'}}). + '</li></ul>'; + $resulttext .= '<li>'.&mt('[_1] set to: [_2]',$titles{'chars'},$needed).'</li>'; + } else { + $resulttext .= '<li>'.&mt('[_1] set to none',$titles{'chars'}).'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('[_1] set to none',$titles{'chars'}).'</li>'; + } + } elsif ($item eq 'private') { + if (keys(%newkeyset)) { + foreach my $hostid (sort(keys(%newkeyset))) { + if ($keystore{$hostid} eq 'ok') { + $resulttext .= '<li>'.&mt('Encryption key for storage of shared secrets saved for [_1]',$hostid).'</li>'; + } + } + } + } elsif ($item eq 'linkprot') { + $resulttext .= $linkprotoutput; + } + } + $resulttext .= '</ul>'; + } else { + $errors .= '<li><span class="LC_error">'.&mt('Failed to save changes').'</span></li>'; + } + if ($errors) { + $resulttext .= &mt('The following errors occurred: ').'<ul>'. + $errors.'</ul>'; + } + return $resulttext; +} + sub modify_autoenroll { my ($dom,$lastactref,%domconfig) = @_; my ($resulttext,%changes); @@ -9941,7 +13338,7 @@ sub modify_autoenroll { my %title = ( run => 'Auto-enrollment active', sender => 'Sender for notification messages', coowners => 'Automatic assignment of co-ownership to instructors of record (institutional data)', - failsafe => 'Failsafe for no drops if institutional data missing for a section'); + autofailsafe => 'Failsafe for no drops if institutional data missing for a section'); my @offon = ('off','on'); my $sender_uname = $env{'form.sender_uname'}; my $sender_domain = $env{'form.sender_domain'}; @@ -9951,17 +13348,23 @@ sub modify_autoenroll { $sender_domain = ''; } my $coowners = $env{'form.autoassign_coowners'}; + my $autofailsafe = $env{'form.autoenroll_autofailsafe'}; + $autofailsafe =~ s{^\s+|\s+$}{}g; + if ($autofailsafe =~ /\D/) { + undef($autofailsafe); + } my $failsafe = $env{'form.autoenroll_failsafe'}; - $failsafe =~ s{^\s+|\s+$}{}g; - if ($failsafe =~ /\D/) { - undef($failsafe); + unless (($failsafe eq 'zero') || ($failsafe eq 'any')) { + $failsafe = 'off'; + undef($autofailsafe); } my %autoenrollhash = ( autoenroll => { 'run' => $env{'form.autoenroll_run'}, 'sender_uname' => $sender_uname, 'sender_domain' => $sender_domain, 'co-owners' => $coowners, - 'autofailsafe' => $failsafe, + 'autofailsafe' => $autofailsafe, + 'failsafe' => $failsafe, } ); my $putresult = &Apache::lonnet::put_dom('configuration',\%autoenrollhash, @@ -9989,9 +13392,12 @@ sub modify_autoenroll { } elsif ($coowners) { $changes{'coowners'} = 1; } - if ($currautoenroll{'autofailsafe'} ne $failsafe) { + if ($currautoenroll{'autofailsafe'} ne $autofailsafe) { $changes{'autofailsafe'} = 1; } + if ($currautoenroll{'failsafe'} ne $failsafe) { + $changes{'failsafe'} = 1; + } if (keys(%changes) > 0) { $resulttext = &mt('Changes made:').'<ul>'; if ($changes{'run'}) { @@ -10012,11 +13418,24 @@ sub modify_autoenroll { } } if ($changes{'autofailsafe'}) { - if ($failsafe ne '') { - $resulttext .= '<li>'.&mt('Failsafe for no drops if institutional data missing for a section set to: [_1]',$failsafe).'</li>'; + if ($autofailsafe ne '') { + $resulttext .= '<li>'.&mt('Failsafe for no drops if institutional data missing for a section set to: [_1]',$autofailsafe).'</li>'; } else { - $resulttext .= '<li>'.&mt('Failsafe for no drops if institutional data missing for a section: deleted'); + $resulttext .= '<li>'.&mt('Failsafe for no drops if institutional data missing for a section not in use').'</li>'; } + } + if ($changes{'failsafe'}) { + if ($failsafe eq 'off') { + unless ($changes{'autofailsafe'}) { + $resulttext .= '<li>'.&mt('Failsafe for no drops if institutional data missing for a section not in use').'</li>'; + } + } elsif ($failsafe eq 'zero') { + $resulttext .= '<li>'.&mt('Failsafe applies if retrieved section enrollment is zero').'</li>'; + } else { + $resulttext .= '<li>'.&mt('Failsafe applies if retrieved section enrollment is zero or greater').'</li>'; + } + } + if (($changes{'autofailsafe'}) || ($changes{'failsafe'})) { &Apache::lonnet::get_domain_defaults($dom,1); if (ref($lastactref) eq 'HASH') { $lastactref->{'domdefaults'} = 1; @@ -10043,8 +13462,10 @@ sub modify_autoupdate { } my @offon = ('off','on'); my %title = &Apache::lonlocal::texthash ( - run => 'Auto-update:', - classlists => 'Updates to user information in classlists?' + run => 'Auto-update:', + classlists => 'Updates to user information in classlists?', + unexpired => 'Skip updates for users without active or future roles?', + lastactive => 'Skip updates for inactive users?', ); my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom); my %fieldtitles = &Apache::lonlocal::texthash ( @@ -10088,12 +13509,23 @@ sub modify_autoupdate { my %updatehash = ( autoupdate => { run => $env{'form.autoupdate_run'}, classlists => $env{'form.classlists'}, + unexpired => $env{'form.unexpired'}, fields => {%fields}, lockablenames => \@lockablenames, } ); + my $lastactivedays; + if ($env{'form.lastactive'}) { + $lastactivedays = $env{'form.lastactivedays'}; + $lastactivedays =~ s/^\s+|\s+$//g; + unless ($lastactivedays =~ /^\d+$/) { + undef($lastactivedays); + $env{'form.lastactive'} = 0; + } + } + $updatehash{'autoupdate'}{'lastactive'} = $lastactivedays; foreach my $key (keys(%currautoupdate)) { - if (($key eq 'run') || ($key eq 'classlists')) { + if (($key eq 'run') || ($key eq 'classlists') || ($key eq 'unexpired') || ($key eq 'lastactive')) { if (exists($updatehash{autoupdate}{$key})) { if ($currautoupdate{$key} ne $updatehash{autoupdate}{$key}) { $changes{$key} = 1; @@ -10139,6 +13571,16 @@ sub modify_autoupdate { $changes{'lockablenames'} = 1; } } + unless (grep(/^unexpired$/,keys(%currautoupdate))) { + if ($updatehash{'autoupdate'}{'unexpired'}) { + $changes{'unexpired'} = 1; + } + } + unless (grep(/^lastactive$/,keys(%currautoupdate))) { + if ($updatehash{'autoupdate'}{'lastactive'} ne '') { + $changes{'lastactive'} = 1; + } + } foreach my $item (@{$types},'default') { if (defined($fields{$item})) { if (ref($currautoupdate{'fields'}) eq 'HASH') { @@ -10201,6 +13643,11 @@ sub modify_autoupdate { my $newvalue; if ($key eq 'run') { $newvalue = $offon[$env{'form.autoupdate_run'}]; + } elsif ($key eq 'lastactive') { + $newvalue = $offon[$env{'form.lastactive'}]; + unless ($lastactivedays eq '') { + $newvalue .= '; '.&mt('inactive = no activity in last [quant,_1,day]',$lastactivedays); + } } else { $newvalue = $offon[$env{'form.'.$key}]; } @@ -10513,8 +13960,9 @@ sub modify_contacts { my (%others,%to,%bcc,%includestr,%includeloc); my @contacts = ('supportemail','adminemail'); my @mailings = ('errormail','packagesmail','helpdeskmail','otherdomsmail', - 'lonstatusmail','requestsmail','updatesmail','idconflictsmail'); - my @toggles = ('reporterrors','reportupdates'); + 'lonstatusmail','requestsmail','updatesmail','idconflictsmail','hostipmail'); + my @toggles = ('reporterrors','reportupdates','reportstatus'); + my @lonstatus = ('threshold','sysmail','weights','excluded'); my ($fields,$fieldtitles,$fieldoptions,$possoptions) = &helpform_fields(); foreach my $type (@mailings) { @{$newsetting{$type}} = @@ -10547,6 +13995,41 @@ sub modify_contacts { $contacts_hash{'contacts'}{$item} = $env{'form.'.$item}; } } + my ($lonstatus_defs,$lonstatus_names) = &Apache::loncommon::lon_status_items(); + foreach my $item (@lonstatus) { + if ($item eq 'excluded') { + my (%serverhomes,@excluded); + map { $serverhomes{$_} = 1; } values(%Apache::lonnet::serverhomeIDs); + my @possexcluded = &Apache::loncommon::get_env_multiple('form.errorexcluded'); + if (@possexcluded) { + foreach my $id (sort(@possexcluded)) { + if ($serverhomes{$id}) { + push(@excluded,$id); + } + } + } + if (@excluded) { + $contacts_hash{'contacts'}{'lonstatus'}{$item} = \@excluded; + } + } elsif ($item eq 'weights') { + foreach my $type ('E','W','N','U') { + $env{'form.error'.$item.'_'.$type} =~ s/^\s+|\s+$//g; + if ($env{'form.error'.$item.'_'.$type} =~ /^\d+$/) { + unless ($env{'form.error'.$item.'_'.$type} == $lonstatus_defs->{$type}) { + $contacts_hash{'contacts'}{'lonstatus'}{$item}{$type} = + $env{'form.error'.$item.'_'.$type}; + } + } + } + } elsif (($item eq 'threshold') || ($item eq 'sysmail')) { + $env{'form.error'.$item} =~ s/^\s+|\s+$//g; + if ($env{'form.error'.$item} =~ /^\d+$/) { + unless ($env{'form.error'.$item} == $lonstatus_defs->{$item}) { + $contacts_hash{'contacts'}{'lonstatus'}{$item} = $env{'form.error'.$item}; + } + } + } + } if ((ref($fields) eq 'ARRAY') && (ref($possoptions) eq 'HASH')) { foreach my $field (@{$fields}) { if (ref($possoptions->{$field}) eq 'ARRAY') { @@ -10601,7 +14084,7 @@ sub modify_contacts { $contacts_hash{'contacts'}{'overrides'}{$type}{'include'} = $includeloc{$type}.':'.&escape($includestr{$type}); $newsetting{'override_'.$type}{'include'} = $contacts_hash{'contacts'}{'overrides'}{$type}{'include'}; } - } + } } } if (keys(%currsetting) > 0) { @@ -10685,6 +14168,76 @@ sub modify_contacts { } } } + if (ref($currsetting{'lonstatus'}) eq 'HASH') { + foreach my $key ('excluded','weights','threshold','sysmail') { + if ($key eq 'excluded') { + if ((ref($contacts_hash{contacts}{lonstatus}) eq 'HASH') && + (ref($contacts_hash{contacts}{lonstatus}{excluded}) eq 'ARRAY')) { + if ((ref($currsetting{'lonstatus'}{$key}) eq 'ARRAY') && + (@{$currsetting{'lonstatus'}{$key}})) { + my @diffs = + &Apache::loncommon::compare_arrays($contacts_hash{contacts}{lonstatus}{excluded}, + $currsetting{'lonstatus'}{$key}); + if (@diffs) { + push(@{$changes{'lonstatus'}},$key); + } + } elsif (@{$contacts_hash{contacts}{lonstatus}{excluded}}) { + push(@{$changes{'lonstatus'}},$key); + } + } elsif ((ref($currsetting{'lonstatus'}{$key}) eq 'ARRAY') && + (@{$currsetting{'lonstatus'}{$key}})) { + push(@{$changes{'lonstatus'}},$key); + } + } elsif ($key eq 'weights') { + if ((ref($contacts_hash{contacts}{lonstatus}) eq 'HASH') && + (ref($contacts_hash{contacts}{lonstatus}{$key}) eq 'HASH')) { + if (ref($currsetting{'lonstatus'}{$key}) eq 'HASH') { + foreach my $type ('E','W','N','U') { + unless ($contacts_hash{contacts}{lonstatus}{$key}{$type} eq + $currsetting{'lonstatus'}{$key}{$type}) { + push(@{$changes{'lonstatus'}},$key); + last; + } + } + } else { + foreach my $type ('E','W','N','U') { + if ($contacts_hash{contacts}{lonstatus}{$key}{$type} ne '') { + push(@{$changes{'lonstatus'}},$key); + last; + } + } + } + } elsif (ref($currsetting{'lonstatus'}{$key}) eq 'HASH') { + foreach my $type ('E','W','N','U') { + if ($currsetting{'lonstatus'}{$key}{$type} ne '') { + push(@{$changes{'lonstatus'}},$key); + last; + } + } + } + } elsif (($key eq 'threshold') || ($key eq 'sysmail')) { + if (ref($contacts_hash{contacts}{lonstatus}) eq 'HASH') { + if ($currsetting{'lonstatus'}{$key} =~ /^\d+$/) { + if ($currsetting{'lonstatus'}{$key} != $contacts_hash{contacts}{lonstatus}{$key}) { + push(@{$changes{'lonstatus'}},$key); + } + } elsif ($contacts_hash{contacts}{lonstatus}{$key} =~ /^\d+$/) { + push(@{$changes{'lonstatus'}},$key); + } + } elsif ($currsetting{'lonstatus'}{$key} =~ /^\d+$/) { + push(@{$changes{'lonstatus'}},$key); + } + } + } + } else { + if (ref($contacts_hash{contacts}{lonstatus}) eq 'HASH') { + foreach my $key ('excluded','weights','threshold','sysmail') { + if (exists($contacts_hash{contacts}{lonstatus}{$key})) { + push(@{$changes{'lonstatus'}},$key); + } + } + } + } } else { my %default; $default{'supportemail'} = $Apache::lonnet::perlvar{'lonSupportEMail'}; @@ -10696,6 +14249,7 @@ sub modify_contacts { $default{'lonstatusmail'} = 'adminemail'; $default{'requestsmail'} = 'adminemail'; $default{'updatesmail'} = 'adminemail'; + $default{'hostipmail'} = 'adminemail'; foreach my $item (@contacts) { if ($to{$item} ne $default{$item}) { $changes{$item} = 1; @@ -10729,6 +14283,13 @@ sub modify_contacts { } } } + if (ref($contacts_hash{contacts}{lonstatus}) eq 'HASH') { + foreach my $key ('excluded','weights','threshold','sysmail') { + if (exists($contacts_hash{contacts}{lonstatus}{$key})) { + push(@{$changes{'lonstatus'}},$key); + } + } + } } foreach my $item (@toggles) { if (($env{'form.'.$item} == 1) && ($currsetting{$item} == 0)) { @@ -10854,22 +14415,79 @@ sub modify_contacts { } } my @offon = ('off','on'); + my $corelink = &core_link_msu(); if ($changes{'reporterrors'}) { $resulttext .= '<li>'. &mt('E-mail error reports to [_1] set to "'. $offon[$env{'form.reporterrors'}].'".', - &Apache::loncommon::modal_link('http://loncapa.org/core.html', - &mt('LON-CAPA core group - MSU'),600,500)). + $corelink). '</li>'; } if ($changes{'reportupdates'}) { $resulttext .= '<li>'. &mt('E-mail record of completed LON-CAPA updates to [_1] set to "'. $offon[$env{'form.reportupdates'}].'".', - &Apache::loncommon::modal_link('http://loncapa.org/core.html', - &mt('LON-CAPA core group - MSU'),600,500)). + $corelink). '</li>'; } + if ($changes{'reportstatus'}) { + $resulttext .= '<li>'. + &mt('E-mail status if errors above threshold to [_1] set to "'. + $offon[$env{'form.reportstatus'}].'".', + $corelink). + '</li>'; + } + if (ref($changes{'lonstatus'}) eq 'ARRAY') { + $resulttext .= '<li>'. + &mt('Nightly status check e-mail settings').':<ul>'; + my (%defval,%use_def,%shown); + $defval{'threshold'} = $lonstatus_defs->{'threshold'}; + $defval{'sysmail'} = $lonstatus_defs->{'sysmail'}; + $defval{'weights'} = + join(', ',map { $lonstatus_names->{$_}.'='.$lonstatus_defs->{$_}; } ('E','W','N','U')); + $defval{'excluded'} = &mt('None'); + if (ref($contacts_hash{'contacts'}{'lonstatus'}) eq 'HASH') { + foreach my $item ('threshold','sysmail','weights','excluded') { + if (exists($contacts_hash{'contacts'}{'lonstatus'}{$item})) { + if (($item eq 'threshold') || ($item eq 'sysmail')) { + $shown{$item} = $contacts_hash{'contacts'}{'lonstatus'}{$item}; + } elsif ($item eq 'weights') { + if (ref($contacts_hash{'contacts'}{'lonstatus'}{$item}) eq 'HASH') { + foreach my $type ('E','W','N','U') { + $shown{$item} .= $lonstatus_names->{$type}.'='; + if (exists($contacts_hash{'contacts'}{'lonstatus'}{$item}{$type})) { + $shown{$item} .= $contacts_hash{'contacts'}{'lonstatus'}{$item}{$type}; + } else { + $shown{$item} .= $lonstatus_defs->{$type}; + } + $shown{$item} .= ', '; + } + $shown{$item} =~ s/, $//; + } else { + $shown{$item} = $defval{$item}; + } + } elsif ($item eq 'excluded') { + if (ref($contacts_hash{'contacts'}{'lonstatus'}{$item}) eq 'ARRAY') { + $shown{$item} = join(', ',@{$contacts_hash{'contacts'}{'lonstatus'}{$item}}); + } else { + $shown{$item} = $defval{$item}; + } + } + } else { + $shown{$item} = $defval{$item}; + } + } + } else { + foreach my $item ('threshold','weights','excluded','sysmail') { + $shown{$item} = $defval{$item}; + } + } + foreach my $item ('threshold','weights','excluded','sysmail') { + $resulttext .= '<li>'.&mt($titles->{'error'.$item}.' -- [_1]', + $shown{$item}).'</li>'; + } + $resulttext .= '</ul></li>'; + } if ((ref($changes{'helpform'}) eq 'ARRAY') && (ref($fields) eq 'ARRAY')) { my (@optional,@required,@unused,$maxsizechg); foreach my $field (@{$changes{'helpform'}}) { @@ -10921,6 +14539,565 @@ sub modify_contacts { return $resulttext; } +sub modify_passwords { + my ($r,$dom,$confname,$lastactref,%domconfig) = @_; + my ($resulttext,%current,%changes,%newvalues,@oktypes,$errors, + $updatedefaults,$updateconf); + my $customfn = 'resetpw.html'; + if (ref($domconfig{'passwords'}) eq 'HASH') { + %current = %{$domconfig{'passwords'}}; + } + my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1); + my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom); + if (ref($types) eq 'ARRAY') { + @oktypes = @{$types}; + } + push(@oktypes,'default'); + + my %titles = &Apache::lonlocal::texthash ( + intauth_cost => 'Encryption cost for bcrypt (positive integer)', + intauth_check => 'Check bcrypt cost if authenticated', + intauth_switch => 'Existing crypt-based switched to bcrypt on authentication', + permanent => 'Permanent e-mail address', + critical => 'Critical notification address', + notify => 'Notification address', + min => 'Minimum password length', + max => 'Maximum password length', + chars => 'Required characters', + numsaved => 'Number of previous passwords to save', + reset => 'Resetting Forgotten Password', + intauth => 'Encryption of Stored Passwords (Internal Auth)', + rules => 'Rules for LON-CAPA Passwords', + crsownerchg => 'Course Owner Changing Student Passwords', + username => 'Username', + email => 'E-mail address', + ); + +# +# Retrieve current domain configuration for internal authentication from $domconfig{'defaults'}. +# + my (%curr_defaults,%save_defaults); + if (ref($domconfig{'defaults'}) eq 'HASH') { + foreach my $key (keys(%{$domconfig{'defaults'}})) { + if ($key =~ /^intauth_(cost|check|switch)$/) { + $curr_defaults{$key} = $domconfig{'defaults'}{$key}; + } else { + $save_defaults{$key} = $domconfig{'defaults'}{$key}; + } + } + } + my %staticdefaults = ( + 'resetlink' => 2, + 'resetcase' => \@oktypes, + 'resetprelink' => 'both', + 'resetemail' => ['critical','notify','permanent'], + 'intauth_cost' => 10, + 'intauth_check' => 0, + 'intauth_switch' => 0, + ); + $staticdefaults{'min'} = $Apache::lonnet::passwdmin; + foreach my $type (@oktypes) { + $staticdefaults{'resetpostlink'}{$type} = ['email','username']; + } + my $linklife = $env{'form.passwords_link'}; + $linklife =~ s/^\s+|\s+$//g; + if (($linklife =~ /^\d+(|\.\d*)$/) && ($linklife > 0)) { + $newvalues{'resetlink'} = $linklife; + if ($current{'resetlink'}) { + if ($current{'resetlink'} ne $linklife) { + $changes{'reset'} = 1; + } + } elsif (!ref($domconfig{passwords}) eq 'HASH') { + if ($staticdefaults{'resetlink'} ne $linklife) { + $changes{'reset'} = 1; + } + } + } elsif ($current{'resetlink'}) { + $changes{'reset'} = 1; + } + my @casesens; + my @posscase = &Apache::loncommon::get_env_multiple('form.passwords_case_sensitive'); + foreach my $case (sort(@posscase)) { + if (grep(/^\Q$case\E$/,@oktypes)) { + push(@casesens,$case); + } + } + $newvalues{'resetcase'} = \@casesens; + if (ref($current{'resetcase'}) eq 'ARRAY') { + my @diffs = &Apache::loncommon::compare_arrays($current{'resetcase'},\@casesens); + if (@diffs > 0) { + $changes{'reset'} = 1; + } + } elsif (!ref($domconfig{passwords}) eq 'HASH') { + my @diffs = &Apache::loncommon::compare_arrays($staticdefaults{'resetcase'},\@casesens); + if (@diffs > 0) { + $changes{'reset'} = 1; + } + } + if ($env{'form.passwords_prelink'} =~ /^(both|either)$/) { + $newvalues{'resetprelink'} = $env{'form.passwords_prelink'}; + if (exists($current{'resetprelink'})) { + if ($current{'resetprelink'} ne $newvalues{'resetprelink'}) { + $changes{'reset'} = 1; + } + } elsif (!ref($domconfig{passwords}) eq 'HASH') { + if ($staticdefaults{'resetprelink'} ne $newvalues{'resetprelink'}) { + $changes{'reset'} = 1; + } + } + } elsif ($current{'resetprelink'}) { + $changes{'reset'} = 1; + } + foreach my $type (@oktypes) { + my @possplink = &Apache::loncommon::get_env_multiple('form.passwords_postlink_'.$type); + my @postlink; + foreach my $item (sort(@possplink)) { + if ($item =~ /^(email|username)$/) { + push(@postlink,$item); + } + } + $newvalues{'resetpostlink'}{$type} = \@postlink; + unless ($changes{'reset'}) { + if (ref($current{'resetpostlink'}) eq 'HASH') { + if (ref($current{'resetpostlink'}{$type}) eq 'ARRAY') { + my @diffs = &Apache::loncommon::compare_arrays($current{'resetpostlink'}{$type},\@postlink); + if (@diffs > 0) { + $changes{'reset'} = 1; + } + } else { + $changes{'reset'} = 1; + } + } elsif (!ref($domconfig{passwords}) eq 'HASH') { + my @diffs = &Apache::loncommon::compare_arrays($staticdefaults{'resetpostlink'}{$type},\@postlink); + if (@diffs > 0) { + $changes{'reset'} = 1; + } + } + } + } + my @possemailsrc = &Apache::loncommon::get_env_multiple('form.passwords_emailsrc'); + my @resetemail; + foreach my $item (sort(@possemailsrc)) { + if ($item =~ /^(permanent|critical|notify)$/) { + push(@resetemail,$item); + } + } + $newvalues{'resetemail'} = \@resetemail; + unless ($changes{'reset'}) { + if (ref($current{'resetemail'}) eq 'ARRAY') { + my @diffs = &Apache::loncommon::compare_arrays($current{'resetemail'},\@resetemail); + if (@diffs > 0) { + $changes{'reset'} = 1; + } + } elsif (!ref($domconfig{passwords}) eq 'HASH') { + my @diffs = &Apache::loncommon::compare_arrays($staticdefaults{'resetemail'},\@resetemail); + if (@diffs > 0) { + $changes{'reset'} = 1; + } + } + } + if ($env{'form.passwords_stdtext'} == 0) { + $newvalues{'resetremove'} = 1; + unless ($current{'resetremove'}) { + $changes{'reset'} = 1; + } + } elsif ($current{'resetremove'}) { + $changes{'reset'} = 1; + } + if ($env{'form.passwords_customfile.filename'} ne '') { + my $servadm = $r->dir_config('lonAdmEMail'); + my $servadm = $r->dir_config('lonAdmEMail'); + my ($configuserok,$author_ok,$switchserver) = + &config_check($dom,$confname,$servadm); + my $error; + if ($configuserok eq 'ok') { + if ($switchserver) { + $error = &mt("Upload of file containing domain-specific text is not permitted to this server: [_1]",$switchserver); + } else { + if ($author_ok eq 'ok') { + my ($result,$customurl) = + &publishlogo($r,'upload','passwords_customfile',$dom, + $confname,'customtext/resetpw','','',$customfn); + if ($result eq 'ok') { + $newvalues{'resetcustom'} = $customurl; + $changes{'reset'} = 1; + } else { + $error = &mt("Upload of [_1] failed because an error occurred publishing the file in RES space. Error was: [_2].",$customfn,$result); + } + } else { + $error = &mt("Upload of [_1] failed because an author role could not be assigned to a Domain Configuration user ([_2]) in domain: [_3]. Error was: [_4].",$customfn,$confname,$dom,$author_ok); + } + } + } else { + $error = &mt("Upload of [_1] failed because a Domain Configuration user ([_2]) could not be created in domain: [_3]. Error was: [_4].",$customfn,$confname,$dom,$configuserok); + } + if ($error) { + &Apache::lonnet::logthis($error); + $errors .= '<li><span class="LC_error">'.$error.'</span></li>'; + } + } elsif ($current{'resetcustom'}) { + if ($env{'form.passwords_custom_del'}) { + $changes{'reset'} = 1; + } else { + $newvalues{'resetcustom'} = $current{'resetcustom'}; + } + } + $env{'form.intauth_cost'} =~ s/^\s+|\s+$//g; + if (($env{'form.intauth_cost'} ne '') && ($env{'form.intauth_cost'} =~ /^\d+$/)) { + $save_defaults{'intauth_cost'} = $env{'form.intauth_cost'}; + if ($save_defaults{'intauth_cost'} ne $curr_defaults{'intauth_cost'}) { + $changes{'intauth'} = 1; + } + } else { + $save_defaults{'intauth_cost'} = $curr_defaults{'intauth_cost'}; + } + if ($env{'form.intauth_check'} =~ /^(0|1|2)$/) { + $save_defaults{'intauth_check'} = $env{'form.intauth_check'}; + if ($save_defaults{'intauth_check'} ne $curr_defaults{'intauth_check'}) { + $changes{'intauth'} = 1; + } + } else { + $save_defaults{'intauth_check'} = $curr_defaults{'intauth_check'}; + } + if ($env{'form.intauth_switch'} =~ /^(0|1|2)$/) { + $save_defaults{'intauth_switch'} = $env{'form.intauth_switch'}; + if ($save_defaults{'intauth_switch'} ne $curr_defaults{'intauth_switch'}) { + $changes{'intauth'} = 1; + } + } else { + $save_defaults{'intauth_check'} = $curr_defaults{'intauth_check'}; + } + foreach my $item ('cost','check','switch') { + if ($save_defaults{'intauth_'.$item} ne $domdefaults{'intauth_'.$item}) { + $domdefaults{'intauth_'.$item} = $save_defaults{'intauth_'.$item}; + $updatedefaults = 1; + } + } + &password_rule_changes('passwords',\%newvalues,\%current,\%changes); + my %crsownerchg = ( + by => [], + for => [], + ); + foreach my $item ('by','for') { + my @posstypes = &Apache::loncommon::get_env_multiple('form.passwords_crsowner_'.$item); + foreach my $type (sort(@posstypes)) { + if (grep(/^\Q$type\E$/,@oktypes)) { + push(@{$crsownerchg{$item}},$type); + } + } + } + $newvalues{'crsownerchg'} = \%crsownerchg; + if (ref($current{'crsownerchg'}) eq 'HASH') { + foreach my $item ('by','for') { + if (ref($current{'crsownerchg'}{$item}) eq 'ARRAY') { + my @diffs = &Apache::loncommon::compare_arrays($current{'crsownerchg'}{$item},$crsownerchg{$item}); + if (@diffs > 0) { + $changes{'crsownerchg'} = 1; + last; + } + } + } + } elsif (!(ref($domconfig{passwords}) eq 'HASH')) { + foreach my $item ('by','for') { + if (@{$crsownerchg{$item}} > 0) { + $changes{'crsownerchg'} = 1; + last; + } + } + } + + my %confighash = ( + defaults => \%save_defaults, + passwords => \%newvalues, + ); + &process_captcha('passwords',\%changes,$confighash{'passwords'},$domconfig{'passwords'}); + + my $putresult = &Apache::lonnet::put_dom('configuration',\%confighash,$dom); + if ($putresult eq 'ok') { + if (keys(%changes) > 0) { + $resulttext = &mt('Changes made: ').'<ul>'; + foreach my $key ('reset','intauth','rules','crsownerchg') { + if ($changes{$key}) { + unless ($key eq 'intauth') { + $updateconf = 1; + } + $resulttext .= '<li>'.$titles{$key}.':<ul>'; + if ($key eq 'reset') { + if ($confighash{'passwords'}{'captcha'} eq 'original') { + $resulttext .= '<li>'.&mt('CAPTCHA validation set to use: original CAPTCHA').'</li>'; + } elsif ($confighash{'passwords'}{'captcha'} eq 'recaptcha') { + $resulttext .= '<li>'.&mt('CAPTCHA validation set to use: reCAPTCHA').' '. + &mt('version: [_1]',$confighash{'passwords'}{'recaptchaversion'}).'<br />'; + if (ref($confighash{'passwords'}{'recaptchakeys'}) eq 'HASH') { + $resulttext .= &mt('Public key: [_1]',$confighash{'passwords'}{'recaptchakeys'}{'public'}).'</br>'. + &mt('Private key: [_1]',$confighash{'passwords'}{'recaptchakeys'}{'private'}).'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('No CAPTCHA validation').'</li>'; + } + if ($confighash{'passwords'}{'resetlink'}) { + $resulttext .= '<li>'.&mt('Reset link expiration set to [quant,_1,hour]',$confighash{'passwords'}{'resetlink'}).'</li>'; + } else { + $resulttext .= '<li>'.&mt('No reset link expiration set.').' '. + &mt('Will default to 2 hours').'</li>'; + } + if (ref($confighash{'passwords'}{'resetcase'}) eq 'ARRAY') { + if (@{$confighash{'passwords'}{'resetcase'}} == 0) { + $resulttext .= '<li>'.&mt('User input for username and/or e-mail address not case sensitive for "Forgot Password" web form').'</li>'; + } else { + my $casesens; + foreach my $type (@{$confighash{'passwords'}{'resetcase'}}) { + if ($type eq 'default') { + $casesens .= $othertitle.', '; + } elsif ($usertypes->{$type} ne '') { + $casesens .= $usertypes->{$type}.', '; + } + } + $casesens =~ s/\Q, \E$//; + $resulttext .= '<li>'.&mt('"Forgot Password" web form input for username and/or e-mail address is case-sensitive for: [_1]',$casesens).'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('Case-sensitivity not set for "Forgot Password" web form').' '.&mt('Will default to case-sensitive for username and/or e-mail address for all').'</li>'; + } + if ($confighash{'passwords'}{'resetprelink'} eq 'either') { + $resulttext .= '<li>'.&mt('Users can enter either a username or an e-mail address in "Forgot Password" web form').'</li>'; + } else { + $resulttext .= '<li>'.&mt('Users can enter both a username and an e-mail address in "Forgot Password" web form').'</li>'; + } + if (ref($confighash{'passwords'}{'resetpostlink'}) eq 'HASH') { + my $output; + if (ref($types) eq 'ARRAY') { + foreach my $type (@{$types}) { + if (ref($confighash{'passwords'}{'resetpostlink'}{$type}) eq 'ARRAY') { + if (@{$confighash{'passwords'}{'resetpostlink'}{$type}} == 0) { + $output .= $usertypes->{$type}.' -- '.&mt('none'); + } else { + $output .= $usertypes->{$type}.' -- '. + join(', ',map { $titles{$_}; } (@{$confighash{'passwords'}{'resetpostlink'}{$type}})).'; '; + } + } + } + } + if (ref($confighash{'passwords'}{'resetpostlink'}{'default'}) eq 'ARRAY') { + if (@{$confighash{'passwords'}{'resetpostlink'}{'default'}} == 0) { + $output .= $othertitle.' -- '.&mt('none'); + } else { + $output .= $othertitle.' -- '. + join(', ',map { $titles{$_}; } (@{$confighash{'passwords'}{'resetpostlink'}{'default'}})); + } + } + if ($output) { + $resulttext .= '<li>'.&mt('Information required for new password form (by user type) set to: [_1]',$output).'</li>'; + } else { + $resulttext .= '<li>'.&mt('Information required for new password form not set.').' '.&mt('Will default to requiring both the username and an e-mail address').'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('Information required for new password form not set.').' '.&mt('Will default to requiring both the username and an e-mail address').'</li>'; + } + if (ref($confighash{'passwords'}{'resetemail'}) eq 'ARRAY') { + if (@{$confighash{'passwords'}{'resetemail'}} > 0) { + $resulttext .= '<li>'.&mt('E-mail address(es) in LON-CAPA used for verification will include: [_1]',join(', ',map { $titles{$_}; } @{$confighash{'passwords'}{'resetemail'}})).'</li>'; + } else { + $resulttext .= '<li>'.&mt('E-mail address(es) in LON-CAPA used for verification will include: [_1]',join(', ',map { $titles{$_}; } @{$staticdefaults{'resetemail'}})).'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('E-mail address(es) in LON-CAPA used for verification will include: [_1]',join(', ',map { $titles{$_}; } @{$staticdefaults{'resetemail'}})).'</li>'; + } + if ($confighash{'passwords'}{'resetremove'}) { + $resulttext .= '<li>'.&mt('Preamble to "Forgot Password" web form not shown').'</li>'; + } else { + $resulttext .= '<li>'.&mt('Preamble to "Forgot Password" web form is shown').'</li>'; + } + if ($confighash{'passwords'}{'resetcustom'}) { + my $customlink = &Apache::loncommon::modal_link($confighash{'passwords'}{'resetcustom'}, + &mt('custom text'),600,500,undef,undef, + undef,undef,'background-color:#ffffff'); + $resulttext .= '<li>'.&mt('Preamble to "Forgot Password" form includes: [_1]',$customlink).'</li>'; + } else { + $resulttext .= '<li>'.&mt('No custom text included in preamble to "Forgot Password" form').'</li>'; + } + } elsif ($key eq 'intauth') { + foreach my $item ('cost','switch','check') { + my $value = $save_defaults{$key.'_'.$item}; + if ($item eq 'switch') { + my %optiondesc = &Apache::lonlocal::texthash ( + 0 => 'No', + 1 => 'Yes', + 2 => 'Yes, and copy existing passwd file to passwd.bak file', + ); + if ($value =~ /^(0|1|2)$/) { + $value = $optiondesc{$value}; + } else { + $value = &mt('none -- defaults to No'); + } + } elsif ($item eq 'check') { + my %optiondesc = &Apache::lonlocal::texthash ( + 0 => 'No', + 1 => 'Yes, allow login then update passwd file using default cost (if higher)', + 2 => 'Yes, disallow login if stored cost is less than domain default', + ); + if ($value =~ /^(0|1|2)$/) { + $value = $optiondesc{$value}; + } else { + $value = &mt('none -- defaults to No'); + } + } + $resulttext .= '<li>'.&mt('[_1] set to "[_2]"',$titles{$key.'_'.$item},$value).'</li>'; + } + } elsif ($key eq 'rules') { + foreach my $rule ('min','max','numsaved') { + if ($confighash{'passwords'}{$rule} eq '') { + if ($rule eq 'min') { + $resulttext .= '<li>'.&mt('[_1] not set.',$titles{$rule}); + ' '.&mt('Default of [_1] will be used', + $Apache::lonnet::passwdmin).'</li>'; + } else { + $resulttext .= '<li>'.&mt('[_1] set to none',$titles{$rule}).'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('[_1] set to [_2]',$titles{$rule},$confighash{'passwords'}{$rule}).'</li>'; + } + } + if (ref($confighash{'passwords'}{'chars'}) eq 'ARRAY') { + if (@{$confighash{'passwords'}{'chars'}} > 0) { + my %rulenames = &Apache::lonlocal::texthash( + uc => 'At least one upper case letter', + lc => 'At least one lower case letter', + num => 'At least one number', + spec => 'At least one non-alphanumeric', + ); + my $needed = '<ul><li>'. + join('</li><li>',map {$rulenames{$_} } @{$confighash{'passwords'}{'chars'}}). + '</li></ul>'; + $resulttext .= '<li>'.&mt('[_1] set to: [_2]',$titles{'chars'},$needed).'</li>'; + } else { + $resulttext .= '<li>'.&mt('[_1] set to none',$titles{'chars'}).'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('[_1] set to none',$titles{'chars'}).'</li>'; + } + } elsif ($key eq 'crsownerchg') { + if (ref($confighash{'passwords'}{'crsownerchg'}) eq 'HASH') { + if ((@{$confighash{'passwords'}{'crsownerchg'}{'by'}} == 0) || + (@{$confighash{'passwords'}{'crsownerchg'}{'for'}} == 0)) { + $resulttext .= '<li>'.&mt('Course owner may not change student passwords.').'</li>'; + } else { + my %crsownerstr; + foreach my $item ('by','for') { + if (ref($confighash{'passwords'}{'crsownerchg'}{$item}) eq 'ARRAY') { + foreach my $type (@{$confighash{'passwords'}{'crsownerchg'}{$item}}) { + if ($type eq 'default') { + $crsownerstr{$item} .= $othertitle.', '; + } elsif ($usertypes->{$type} ne '') { + $crsownerstr{$item} .= $usertypes->{$type}.', '; + } + } + $crsownerstr{$item} =~ s/\Q, \E$//; + } + } + $resulttext .= '<li>'.&mt('Course owner (with status: [_1]) may change passwords for students (with status: [_2]).', + $crsownerstr{'by'},$crsownerstr{'for'}).'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('Course owner may not change student passwords.').'</li>'; + } + } + $resulttext .= '</ul></li>'; + } + } + $resulttext .= '</ul>'; + } else { + $resulttext = &mt('No changes made to password settings'); + } + my $cachetime = 24*60*60; + if ($updatedefaults) { + &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime); + if (ref($lastactref) eq 'HASH') { + $lastactref->{'domdefaults'} = 1; + } + } + if ($updateconf) { + &Apache::lonnet::do_cache_new('passwdconf',$dom,$confighash{'passwords'},$cachetime); + if (ref($lastactref) eq 'HASH') { + $lastactref->{'passwdconf'} = 1; + } + } + } else { + $resulttext = '<span class="LC_error">'. + &mt('An error occurred: [_1]',$putresult).'</span>'; + } + if ($errors) { + $resulttext .= '<p>'.&mt('The following errors occurred: ').'<ul>'. + $errors.'</ul></p>'; + } + return $resulttext; +} + +sub password_rule_changes { + my ($prefix,$newvalues,$current,$changes) = @_; + return unless ((ref($newvalues) eq 'HASH') && + (ref($current) eq 'HASH') && + (ref($changes) eq 'HASH')); + my (@rules,%staticdefaults); + if ($prefix eq 'passwords') { + @rules = ('min','max','numsaved'); + } elsif ($prefix eq 'secrets') { + @rules = ('min','max'); + } + $staticdefaults{'min'} = $Apache::lonnet::passwdmin; + foreach my $rule (@rules) { + $env{'form.'.$prefix.'_'.$rule} =~ s/^\s+|\s+$//g; + my $ruleok; + if ($rule eq 'min') { + if ($env{'form.'.$prefix.'_'.$rule} =~ /^\d+$/) { + if ($env{'form.'.$prefix.'_'.$rule} >= $staticdefaults{$rule}) { + $ruleok = 1; + } + } + } elsif (($env{'form.'.$prefix.'_'.$rule} =~ /^\d+$/) && + ($env{'form.'.$prefix.'_'.$rule} ne '0')) { + $ruleok = 1; + } + if ($ruleok) { + $newvalues->{$rule} = $env{'form.'.$prefix.'_'.$rule}; + if (exists($current->{$rule})) { + if ($newvalues->{$rule} ne $current->{$rule}) { + $changes->{'rules'} = 1; + } + } elsif ($rule eq 'min') { + if ($staticdefaults{$rule} ne $newvalues->{$rule}) { + $changes->{'rules'} = 1; + } + } else { + $changes->{'rules'} = 1; + } + } elsif (exists($current->{$rule})) { + $changes->{'rules'} = 1; + } + } + my @posschars = &Apache::loncommon::get_env_multiple('form.'.$prefix.'_chars'); + my @chars; + foreach my $item (sort(@posschars)) { + if ($item =~ /^(uc|lc|num|spec)$/) { + push(@chars,$item); + } + } + $newvalues->{'chars'} = \@chars; + unless ($changes->{'rules'}) { + if (ref($current->{'chars'}) eq 'ARRAY') { + my @diffs = &Apache::loncommon::compare_arrays($current->{'chars'},\@chars); + if (@diffs > 0) { + $changes->{'rules'} = 1; + } + } else { + if (@chars > 0) { + $changes->{'rules'} = 1; + } + } + } + return; +} + sub modify_usercreation { my ($dom,%domconfig) = @_; my ($resulttext,%curr_usercreation,%changes,%authallowed,%cancreate,%save_usercreate); @@ -10930,12 +15107,10 @@ sub modify_usercreation { if ($key eq 'cancreate') { if (ref($domconfig{'usercreation'}{$key}) eq 'HASH') { foreach my $item (keys(%{$domconfig{'usercreation'}{$key}})) { - if (($item eq 'selfcreate') || ($item eq 'statustocreate') || - ($item eq 'captcha') || ($item eq 'recaptchakeys') || - ($item eq 'recaptchaversion')) { - $save_usercreate{$key}{$item} = $domconfig{'usercreation'}{$key}{$item}; - } else { + if (($item eq 'requestcrs') || ($item eq 'course') || ($item eq 'author')) { $curr_usercreation{$key}{$item} = $domconfig{'usercreation'}{$key}{$item}; + } else { + $save_usercreate{$key}{$item} = $domconfig{'usercreation'}{$key}{$item}; } } } @@ -11138,14 +15313,18 @@ sub modify_usercreation { } sub modify_selfcreation { - my ($dom,%domconfig) = @_; - my ($resulttext,$warningmsg,%curr_usercreation,%curr_usermodify,%changes,%cancreate); - my (%save_usercreate,%save_usermodify); - my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom); - if (ref($types) eq 'ARRAY') { - $usertypes->{'default'} = $othertitle; - push(@{$types},'default'); + my ($dom,$lastactref,%domconfig) = @_; + my ($resulttext,$warningmsg,%curr_usercreation,%curr_usermodify,%curr_inststatus,%changes,%cancreate); + my (%save_usercreate,%save_usermodify,%save_inststatus,@types,%usertypes); + my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1); + my ($othertitle,$usertypesref,$typesref) = &Apache::loncommon::sorted_inst_types($dom); + if (ref($typesref) eq 'ARRAY') { + @types = @{$typesref}; } + if (ref($usertypesref) eq 'HASH') { + %usertypes = %{$usertypesref}; + } + $usertypes{'default'} = $othertitle; # # Retrieve current domain configuration for self-creation of usernames from $domconfig{'usercreation'}. # @@ -11155,10 +15334,11 @@ sub modify_selfcreation { if (ref($domconfig{'usercreation'}{$key}) eq 'HASH') { foreach my $item (keys(%{$domconfig{'usercreation'}{$key}})) { if (($item eq 'selfcreate') || ($item eq 'statustocreate') || - ($item eq 'captcha') || ($item eq 'recaptchakeys') || - ($item eq 'recaptchaversion') || - ($item eq 'emailusername') || ($item eq 'notify') || - ($item eq 'selfcreateprocessing') || ($item eq 'shibenv')) { + ($item eq 'captcha') || ($item eq 'recaptchakeys') || + ($item eq 'recaptchaversion') || ($item eq 'notify') || + ($item eq 'emailusername') || ($item eq 'shibenv') || + ($item eq 'selfcreateprocessing') || ($item eq 'emailverified') || + ($item eq 'emailoptions') || ($item eq 'emaildomain')) { $curr_usercreation{$key}{$item} = $domconfig{'usercreation'}{$key}{$item}; } else { $save_usercreate{$key}{$item} = $domconfig{'usercreation'}{$key}{$item}; @@ -11184,41 +15364,161 @@ sub modify_selfcreation { } } } +# +# Retrieve current domain configuration for institutional status types from $domconfig{'inststatus'}. +# + if (ref($domconfig{'inststatus'}) eq 'HASH') { + foreach my $key (keys(%{$domconfig{'inststatus'}})) { + if ($key eq 'inststatusguest') { + $curr_inststatus{$key} = $domconfig{'inststatus'}{$key}; + } else { + $save_inststatus{$key} = $domconfig{'inststatus'}{$key}; + } + } + } my @contexts = ('selfcreate'); @{$cancreate{'selfcreate'}} = (); %{$cancreate{'emailusername'}} = (); - @{$cancreate{'statustocreate'}} = (); + if (@types) { + @{$cancreate{'statustocreate'}} = (); + } %{$cancreate{'selfcreateprocessing'}} = (); %{$cancreate{'shibenv'}} = (); + %{$cancreate{'emailverified'}} = (); + %{$cancreate{'emailoptions'}} = (); + %{$cancreate{'emaildomain'}} = (); my %selfcreatetypes = ( sso => 'users authenticated by institutional single sign on', login => 'users authenticated by institutional log-in', - email => 'users who provide a valid e-mail address for use as username', + email => 'users verified by e-mail', ); # # Populate $cancreate{'selfcreate'} array reference with types of user, for which self-creation of user accounts # is permitted. # - my @statuses; - if (ref($domconfig{'inststatus'}) eq 'HASH') { - if (ref($domconfig{'inststatus'}{'inststatusguest'}) eq 'ARRAY') { - @statuses = @{$domconfig{'inststatus'}{'inststatusguest'}}; - } - } - push(@statuses,'default'); + my ($emailrules,$emailruleorder) = &Apache::lonnet::inst_userrules($dom,'email'); + my (@statuses,%email_rule); foreach my $item ('login','sso','email') { if ($item eq 'email') { if ($env{'form.cancreate_email'}) { - push(@{$cancreate{'selfcreate'}},'email'); - push(@contexts,'selfcreateprocessing'); - foreach my $type (@statuses) { - if ($type eq 'default') { - $cancreate{'selfcreateprocessing'}{$type} = $env{'form.cancreate_emailprocess'}; - } else { - $cancreate{'selfcreateprocessing'}{$type} = $env{'form.cancreate_emailprocess_'.$type}; + if (@types) { + my @poss_statuses = &Apache::loncommon::get_env_multiple('form.selfassign'); + foreach my $status (@poss_statuses) { + if (grep(/^\Q$status\E$/,(@types,'default'))) { + push(@statuses,$status); + } + } + $save_inststatus{'inststatusguest'} = \@statuses; + } else { + push(@statuses,'default'); + } + if (@statuses) { + my %curr_rule; + if (ref($curr_usercreation{'email_rule'}) eq 'ARRAY') { + foreach my $type (@statuses) { + $curr_rule{$type} = $curr_usercreation{'email_rule'}; + } + } elsif (ref($curr_usercreation{'email_rule'}) eq 'HASH') { + foreach my $type (@statuses) { + $curr_rule{$type} = $curr_usercreation{'email_rule'}{$type}; + } + } + push(@{$cancreate{'selfcreate'}},'email'); + push(@contexts,('selfcreateprocessing','emailverified','emailoptions')); + my %curremaildom; + if (ref($curr_usercreation{'cancreate'}{'emaildomain'}) eq 'HASH') { + %curremaildom = %{$curr_usercreation{'cancreate'}{'emaildomain'}}; + } + foreach my $type (@statuses) { + if ($env{'form.cancreate_emailprocess_'.$type} =~ /^(?:approval|automatic)$/) { + $cancreate{'selfcreateprocessing'}{$type} = $env{'form.cancreate_emailprocess_'.$type}; + } + if ($env{'form.cancreate_usernameoptions_'.$type} =~ /^(?:all|first|free)$/) { + $cancreate{'emailverified'}{$type} = $env{'form.cancreate_usernameoptions_'.$type}; + } + if ($env{'form.cancreate_emailoptions_'.$type} =~ /^(any|inst|noninst|custom)$/) { +# +# Retrieve rules (if any) governing types of e-mail address which may be used to verify a username. +# + my $chosen = $1; + if (($chosen eq 'inst') || ($chosen eq 'noninst')) { + my $emaildom; + if ($env{'form.cancreate_emaildomain_'.$chosen.'_'.$type} =~ /^\@[^\@]+$/) { + $emaildom = $env{'form.cancreate_emaildomain_'.$chosen.'_'.$type}; + $cancreate{'emaildomain'}{$type}{$chosen} = $emaildom; + if (ref($curremaildom{$type}) eq 'HASH') { + if (exists($curremaildom{$type}{$chosen})) { + if ($curremaildom{$type}{$chosen} ne $emaildom) { + push(@{$changes{'cancreate'}},'emaildomain'); + } + } elsif ($emaildom ne '') { + push(@{$changes{'cancreate'}},'emaildomain'); + } + } elsif ($emaildom ne '') { + push(@{$changes{'cancreate'}},'emaildomain'); + } + } + $cancreate{'emailoptions'}{$type} = $env{'form.cancreate_emailoptions_'.$type}; + } elsif ($chosen eq 'custom') { + my @possemail_rules = &Apache::loncommon::get_env_multiple('form.email_rule_'.$type); + $email_rule{$type} = []; + if (ref($emailrules) eq 'HASH') { + foreach my $rule (@possemail_rules) { + if (exists($emailrules->{$rule})) { + push(@{$email_rule{$type}},$rule); + } + } + } + if (@{$email_rule{$type}}) { + $cancreate{'emailoptions'}{$type} = 'custom'; + if (ref($curr_rule{$type}) eq 'ARRAY') { + if (@{$curr_rule{$type}} > 0) { + foreach my $rule (@{$curr_rule{$type}}) { + if (!grep(/^\Q$rule\E$/,@{$email_rule{$type}})) { + push(@{$changes{'email_rule'}},$type); + } + } + } + foreach my $type (@{$email_rule{$type}}) { + if (!grep(/^\Q$type\E$/,@{$curr_rule{$type}})) { + push(@{$changes{'email_rule'}},$type); + } + } + } else { + push(@{$changes{'email_rule'}},$type); + } + } + } else { + $cancreate{'emailoptions'}{$type} = $env{'form.cancreate_emailoptions_'.$type}; + } + } + } + if (@types) { + if (ref($curr_inststatus{'inststatusguest'}) eq 'ARRAY') { + my @changed = &Apache::loncommon::compare_arrays(\@statuses,$curr_inststatus{'inststatusguest'}); + if (@changed) { + push(@{$changes{'inststatus'}},'inststatusguest'); + } + } else { + push(@{$changes{'inststatus'}},'inststatusguest'); + } + } + } else { + delete($env{'form.cancreate_email'}); + if (ref($curr_inststatus{'inststatusguest'}) eq 'ARRAY') { + if (@{$curr_inststatus{'inststatusguest'}} > 0) { + push(@{$changes{'inststatus'}},'inststatusguest'); + } + } + } + } else { + $save_inststatus{'inststatusguest'} = []; + if (ref($curr_inststatus{'inststatusguest'}) eq 'ARRAY') { + if (@{$curr_inststatus{'inststatusguest'}} > 0) { + push(@{$changes{'inststatus'}},'inststatusguest'); } } } @@ -11228,7 +15528,7 @@ sub modify_selfcreation { } } } - my (@email_rule,%userinfo,%savecaptcha); + my (%userinfo,%savecaptcha); my ($infofields,$infotitles) = &Apache::loncommon::emailusername_info(); # # Populate $cancreate{'emailusername'}{$type} hash ref with information fields (if new user will provide data @@ -11237,8 +15537,8 @@ sub modify_selfcreation { if ($env{'form.cancreate_email'}) { push(@contexts,'emailusername'); - if (ref($types) eq 'ARRAY') { - foreach my $type (@{$types}) { + if (@statuses) { + foreach my $type (@statuses) { if (ref($infofields) eq 'ARRAY') { foreach my $field (@{$infofields}) { if ($env{'form.canmodify_emailusername_'.$type.'_'.$field} =~ /^(required|optional)$/) { @@ -11250,7 +15550,7 @@ sub modify_selfcreation { } # # Populate $cancreate{'notify'} hash ref with names of Domain Coordinators who are to be notified of -# queued requests for self-creation of account using e-mail address as username +# queued requests for self-creation of account verified by e-mail. # my @approvalnotify = &Apache::loncommon::get_env_multiple('form.selfcreationnotifyapproval'); @@ -11270,36 +15570,13 @@ sub modify_selfcreation { push(@{$changes{'cancreate'}},'notify'); } -# -# Retrieve rules (if any) governing types of e-mail address which may be used as a username -# - @email_rule = &Apache::loncommon::get_env_multiple('form.email_rule'); &process_captcha('cancreate',\%changes,\%savecaptcha,$curr_usercreation{'cancreate'}); - if (ref($curr_usercreation{'email_rule'}) eq 'ARRAY') { - if (@{$curr_usercreation{'email_rule'}} > 0) { - foreach my $type (@{$curr_usercreation{'email_rule'}}) { - if (!grep(/^\Q$type\E$/,@email_rule)) { - push(@{$changes{'email_rule'}},$type); - } - } - } - if (@email_rule > 0) { - foreach my $type (@email_rule) { - if (!grep(/^\Q$type\E$/,@{$curr_usercreation{'email_rule'}})) { - push(@{$changes{'email_rule'}},$type); - } - } - } - } elsif (@email_rule > 0) { - push(@{$changes{'email_rule'}},@email_rule); - } } # # Check if domain default is set appropriately, if self-creation of accounts is to be available for # institutional log-in. # if (grep(/^login$/,@{$cancreate{'selfcreate'}})) { - my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1); if (!((($domdefaults{'auth_def'} =~/^krb/) && ($domdefaults{'auth_arg_def'} ne '')) || ($domdefaults{'auth_def'} eq 'localauth'))) { $warningmsg = &mt('Although account creation has been set to be available for institutional logins, currently default authentication in this domain has not been set to support this.').' '. @@ -11318,14 +15595,10 @@ sub modify_selfcreation { # which the user may supply, if institutional data is unavailable. # if (($env{'form.cancreate_login'}) || ($env{'form.cancreate_sso'})) { - if (ref($types) eq 'ARRAY') { - if (@{$types} > 1) { - @{$cancreate{'statustocreate'}} = &Apache::loncommon::get_env_multiple('form.statustocreate'); - push(@contexts,'statustocreate'); - } else { - undef($cancreate{'statustocreate'}); - } - foreach my $type (@{$types}) { + if (@types) { + @{$cancreate{'statustocreate'}} = &Apache::loncommon::get_env_multiple('form.statustocreate'); + push(@contexts,'statustocreate'); + foreach my $type (@types) { my @modifiable = &Apache::loncommon::get_env_multiple('form.canmodify_'.$type); foreach my $field (@fields) { if (grep(/^\Q$field\E$/,@modifiable)) { @@ -11336,7 +15609,7 @@ sub modify_selfcreation { } } if (ref($curr_usermodify{'selfcreate'}) eq 'HASH') { - foreach my $type (@{$types}) { + foreach my $type (@types) { if (ref($curr_usermodify{'selfcreate'}{$type}) eq 'HASH') { foreach my $field (@fields) { if ($save_usermodify{'selfcreate'}{$type}{$field} ne @@ -11348,7 +15621,7 @@ sub modify_selfcreation { } } } else { - foreach my $type (@{$types}) { + foreach my $type (@types) { push(@{$changes{'selfcreate'}},$type); } } @@ -11397,34 +15670,28 @@ sub modify_selfcreation { } } elsif (ref($curr_usercreation{'cancreate'}{$item}) eq 'HASH') { if (ref($cancreate{$item}) eq 'HASH') { - foreach my $curr (keys(%{$curr_usercreation{'cancreate'}{$item}})) { - if (ref($curr_usercreation{'cancreate'}{$item}{$curr}) eq 'HASH') { - foreach my $field (keys(%{$curr_usercreation{'cancreate'}{$item}{$curr}})) { - unless ($curr_usercreation{'cancreate'}{$item}{$curr}{$field} eq $cancreate{$item}{$curr}{$field}) { + foreach my $type (keys(%{$curr_usercreation{'cancreate'}{$item}})) { + if (ref($curr_usercreation{'cancreate'}{$item}{$type}) eq 'HASH') { + foreach my $field (keys(%{$curr_usercreation{'cancreate'}{$item}{$type}})) { + unless ($curr_usercreation{'cancreate'}{$item}{$type}{$field} eq $cancreate{$item}{$type}{$field}) { if (!grep(/^$item$/,@{$changes{'cancreate'}})) { push(@{$changes{'cancreate'}},$item); } } } - } elsif ($item eq 'selfcreateprocessing') { - if ($cancreate{$item}{$curr} ne $curr_usercreation{'cancreate'}{$item}{$curr}) { - if (!grep(/^$item$/,@{$changes{'cancreate'}})) { - push(@{$changes{'cancreate'}},$item); - } - } - } else { - if (!$cancreate{$item}{$curr}) { + } elsif (($item eq 'selfcreateprocessing') || ($item eq 'emailverified') || ($item eq 'emailoptions')) { + if ($cancreate{$item}{$type} ne $curr_usercreation{'cancreate'}{$item}{$type}) { if (!grep(/^$item$/,@{$changes{'cancreate'}})) { push(@{$changes{'cancreate'}},$item); } } } } - foreach my $field (keys(%{$cancreate{$item}})) { - if (ref($cancreate{$item}{$field}) eq 'HASH') { - foreach my $inner (keys(%{$cancreate{$item}{$field}})) { - if (ref($curr_usercreation{'cancreate'}{$item}{$field}) eq 'HASH') { - unless ($curr_usercreation{'cancreate'}{$item}{$field}{$inner} eq $cancreate{$item}{$field}{$inner}) { + foreach my $type (keys(%{$cancreate{$item}})) { + if (ref($cancreate{$item}{$type}) eq 'HASH') { + foreach my $field (keys(%{$cancreate{$item}{$type}})) { + if (ref($curr_usercreation{'cancreate'}{$item}{$type}) eq 'HASH') { + unless ($curr_usercreation{'cancreate'}{$item}{$type}{$field} eq $cancreate{$item}{$type}{$field}) { if (!grep(/^$item$/,@{$changes{'cancreate'}})) { push(@{$changes{'cancreate'}},$item); } @@ -11435,14 +15702,8 @@ sub modify_selfcreation { } } } - } elsif ($item eq 'selfcreateprocessing') { - if ($cancreate{$item}{$field} ne $curr_usercreation{'cancreate'}{$item}{$field}) { - if (!grep(/^$item$/,@{$changes{'cancreate'}})) { - push(@{$changes{'cancreate'}},$item); - } - } - } else { - if (!$curr_usercreation{'cancreate'}{$item}{$field}) { + } elsif (($item eq 'selfcreateprocessing') || ($item eq 'emailverified') || ($item eq 'emailoptions')) { + if ($cancreate{$item}{$type} ne $curr_usercreation{'cancreate'}{$item}{$type}) { if (!grep(/^$item$/,@{$changes{'cancreate'}})) { push(@{$changes{'cancreate'}},$item); } @@ -11457,11 +15718,11 @@ sub modify_selfcreation { push(@{$changes{'cancreate'}},$item); } } - } elsif (ref($cancreate{$item}) eq 'HASH') { - if (!$cancreate{$item}{$curr_usercreation{'cancreate'}{$item}}) { - if (!grep(/^$item$/,@{$changes{'cancreate'}})) { - push(@{$changes{'cancreate'}},$item); - } + } + } elsif (($item eq 'selfcreateprocessing') || ($item eq 'emailverified') || ($item eq 'emailoptions')) { + if (ref($cancreate{$item}) eq 'HASH') { + if (!grep(/^$item$/,@{$changes{'cancreate'}})) { + push(@{$changes{'cancreate'}},$item); } } } elsif ($item eq 'emailusername') { @@ -11494,6 +15755,15 @@ sub modify_selfcreation { if (ref($cancreate{'selfcreateprocessing'}) eq 'HASH') { $save_usercreate{'cancreate'}{'selfcreateprocessing'} = $cancreate{'selfcreateprocessing'}; } + if (ref($cancreate{'emailverified'}) eq 'HASH') { + $save_usercreate{'cancreate'}{'emailverified'} = $cancreate{'emailverified'}; + } + if (ref($cancreate{'emailoptions'}) eq 'HASH') { + $save_usercreate{'cancreate'}{'emailoptions'} = $cancreate{'emailoptions'}; + } + if (ref($cancreate{'emaildomain'}) eq 'HASH') { + $save_usercreate{'cancreate'}{'emaildomain'} = $cancreate{'emaildomain'}; + } if (ref($cancreate{'statustocreate'}) eq 'ARRAY') { $save_usercreate{'cancreate'}{'statustocreate'} = $cancreate{'statustocreate'}; } @@ -11501,16 +15771,18 @@ sub modify_selfcreation { $save_usercreate{'cancreate'}{'shibenv'} = $cancreate{'shibenv'}; } $save_usercreate{'cancreate'}{'emailusername'} = $cancreate{'emailusername'}; - $save_usercreate{'email_rule'} = \@email_rule; + $save_usercreate{'email_rule'} = \%email_rule; my %userconfig_hash = ( usercreation => \%save_usercreate, usermodification => \%save_usermodify, + inststatus => \%save_inststatus, ); + my $putresult = &Apache::lonnet::put_dom('configuration',\%userconfig_hash, $dom); # -# Accumulate details of changes to domain cofiguration for self-creation of usernames in $resulttext +# Accumulate details of changes to domain configuration for self-creation of usernames in $resulttext # if ($putresult eq 'ok') { if (keys(%changes) > 0) { @@ -11518,7 +15790,7 @@ sub modify_selfcreation { if (ref($changes{'cancreate'}) eq 'ARRAY') { my %lt = &selfcreation_types(); foreach my $type (@{$changes{'cancreate'}}) { - my $chgtext; + my $chgtext = ''; if ($type eq 'selfcreate') { if (@{$cancreate{$type}} == 0) { $chgtext .= &mt('Self creation of a new user account is not permitted.'); @@ -11533,18 +15805,25 @@ sub modify_selfcreation { if (grep(/^(login|sso)$/,@{$cancreate{$type}})) { if (ref($cancreate{'statustocreate'}) eq 'ARRAY') { if (@{$cancreate{'statustocreate'}} == 0) { - $chgtext .= '<br />'. - '<span class="LC_warning">'. - &mt("However, no institutional affiliations (including 'other') are currently permitted to create accounts."). - '</span>'; + $chgtext .= '<span class="LC_warning">'. + &mt("However, no institutional affiliations (including 'other') are currently permitted to create accounts via log-in or single sign-on."). + '</span><br />'; } } } + if (grep(/^email$/,@{$cancreate{$type}})) { + if (!@statuses) { + $chgtext .= '<span class="LC_warning">'. + &mt("However, e-mail verification is currently set to 'unavailable' for all user types (including 'other'), so self-creation of accounts is not possible for non-institutional log-in."). + '</span><br />'; + + } + } } } } elsif ($type eq 'shibenv') { if (keys(%{$cancreate{$type}}) == 0) { - $chgtext .= &mt('Shibboleth-autheticated user does not use environment variables to set user information'); + $chgtext .= &mt('Shibboleth-autheticated user does not use environment variables to set user information').'<br />'; } else { $chgtext .= &mt('Shibboleth-autheticated user information set from environment variables, as follows:'). '<ul>'; @@ -11557,7 +15836,7 @@ sub modify_selfcreation { } } $chgtext .= '</ul>'; - } + } } elsif ($type eq 'statustocreate') { if ((ref($cancreate{'selfcreate'}) eq 'ARRAY') && (ref($cancreate{'statustocreate'}) eq 'ARRAY')) { @@ -11570,7 +15849,7 @@ sub modify_selfcreation { &mt("However, no institutional affiliations (including 'other') are currently permitted to create accounts."). '</span>'; } - } elsif (ref($usertypes) eq 'HASH') { + } elsif (keys(%usertypes) > 0) { if (grep(/^(login|sso)$/,@{$cancreate{'selfcreate'}})) { $chgtext .= &mt('Creation of a new account for an institutional user is restricted to the following institutional affiliation(s):'); } else { @@ -11581,12 +15860,12 @@ sub modify_selfcreation { if ($case eq 'default') { $chgtext .= '<li>'.$othertitle.'</li>'; } else { - $chgtext .= '<li>'.$usertypes->{$case}.'</li>'; + $chgtext .= '<li>'.$usertypes{$case}.'</li>'; } } $chgtext .= '</ul>'; if (!grep(/^(login|sso)$/,@{$cancreate{'selfcreate'}})) { - $chgtext .= '<br /><span class="LC_warning">'. + $chgtext .= '<span class="LC_warning">'. &mt('However, users authenticated by institutional login/single sign on are not currently permitted to create accounts.'). '</span>'; } @@ -11598,26 +15877,129 @@ sub modify_selfcreation { $chgtext .= &mt('Although institutional affiliations permitted to create accounts were changed, self creation of accounts is not currently permitted for any authentication types.'); } } + $chgtext .= '<br />'; } } elsif ($type eq 'selfcreateprocessing') { my %choices = &Apache::lonlocal::texthash ( automatic => 'Automatic approval', approval => 'Queued for approval', ); - if (@statuses > 1) { - $chgtext .= &mt('Processing of requests to create account with e-mail address as username set as follows:'). - '<ul>'; - foreach my $type (@statuses) { - if ($type eq 'default') { - $chgtext .= '<li>'.$othertitle.' -- '.$choices{$cancreate{'selfcreateprocessing'}{$type}}.'</li>'; - } else { - $chgtext .= '<li>'.$usertypes->{$type}.' -- '.$choices{$cancreate{'selfcreateprocessing'}{$type}}.'</li>'; - } - } - $chgtext .= '</ul>'; + if (@types) { + if (@statuses) { + $chgtext .= &mt('Processing of requests to create account with e-mail verification set as follows:'). + '<ul>'; + foreach my $status (@statuses) { + if ($status eq 'default') { + $chgtext .= '<li>'.$othertitle.' -- '.$choices{$cancreate{'selfcreateprocessing'}{$status}}.'</li>'; + } else { + $chgtext .= '<li>'.$usertypes{$status}.' -- '.$choices{$cancreate{'selfcreateprocessing'}{$status}}.'</li>'; + } + } + $chgtext .= '</ul>'; + } } else { - $chgtext .= &mt('Processing of requests to create account with e-mail address as username set to: "[_1]"', - $choices{$cancreate{'selfcreateprocessing'}{'default'}}); + $chgtext .= &mt('Processing of requests to create account with e-mail verification set to: "[_1]"', + $choices{$cancreate{'selfcreateprocessing'}{'default'}}); + } + } elsif ($type eq 'emailverified') { + my %options = &Apache::lonlocal::texthash ( + all => 'Same as e-mail', + first => 'Omit @domain', + free => 'Free to choose', + ); + if (@types) { + if (@statuses) { + $chgtext .= &mt('For self-created accounts verified by e-mail address, username is set as follows:'). + '<ul>'; + foreach my $status (@statuses) { + if ($status eq 'default') { + $chgtext .= '<li>'.$othertitle.' -- '.$options{$cancreate{'emailverified'}{$status}}.'</li>'; + } else { + $chgtext .= '<li>'.$usertypes{$status}.' -- '.$options{$cancreate{'emailverified'}{$status}}.'</li>'; + } + } + $chgtext .= '</ul>'; + } + } else { + $chgtext .= &mt("For self-created accounts verified by e-mail address, user's username is: '[_1]'", + $options{$cancreate{'emailverified'}{'default'}}); + } + } elsif ($type eq 'emailoptions') { + my %options = &Apache::lonlocal::texthash ( + any => 'Any e-mail', + inst => 'Institutional only', + noninst => 'Non-institutional only', + custom => 'Custom restrictions', + ); + if (@types) { + if (@statuses) { + $chgtext .= &mt('For self-created accounts verified by e-mail address, requirements for e-mail address are as follows:'). + '<ul>'; + foreach my $status (@statuses) { + if ($type eq 'default') { + $chgtext .= '<li>'.$othertitle.' -- '.$options{$cancreate{'emailoptions'}{$status}}.'</li>'; + } else { + $chgtext .= '<li>'.$usertypes{$status}.' -- '.$options{$cancreate{'emailoptions'}{$status}}.'</li>'; + } + } + $chgtext .= '</ul>'; + } + } else { + if ($cancreate{'emailoptions'}{'default'} eq 'any') { + $chgtext .= &mt('For self-created accounts verified by e-mail address, any e-mail may be used'); + } else { + $chgtext .= &mt('For self-created accounts verified by e-mail address, e-mail restricted to: "[_1]"', + $options{$cancreate{'emailoptions'}{'default'}}); + } + } + } elsif ($type eq 'emaildomain') { + my $output; + if (@statuses) { + foreach my $type (@statuses) { + if (ref($cancreate{'emaildomain'}{$type}) eq 'HASH') { + if ($cancreate{'emailoptions'}{$type} eq 'inst') { + if ($type eq 'default') { + if ((ref($cancreate{'emaildomain'}{$type}) ne 'HASH') || + ($cancreate{'emaildomain'}{$type}{'inst'} eq '')) { + $output = '<li>'.$othertitle.' -- '.&mt('No restriction on e-mail domain').'</li>'; + } else { + $output = '<li>'.$othertitle.' -- '.&mt("User's e-mail address needs to end: [_1]", + $cancreate{'emaildomain'}{$type}{'inst'}).'</li>'; + } + } else { + if ((ref($cancreate{'emaildomain'}{$type}) ne 'HASH') || + ($cancreate{'emaildomain'}{$type}{'inst'} eq '')) { + $output = '<li>'.$usertypes{$type}.' -- '.&mt('No restriction on e-mail domain').'</li>'; + } else { + $output = '<li>'.$usertypes{$type}.' -- '.&mt("User's e-mail address needs to end: [_1]", + $cancreate{'emaildomain'}{$type}{'inst'}).'</li>'; + } + } + } elsif ($cancreate{'emailoptions'}{$type} eq 'noninst') { + if ($type eq 'default') { + if ((ref($cancreate{'emaildomain'}{$type}) ne 'HASH') || + ($cancreate{'emaildomain'}{$type}{'noninst'} eq '')) { + $output = '<li>'.$othertitle.' -- '.&mt('No restriction on e-mail domain').'</li>'; + } else { + $output = '<li>'.$othertitle.' -- '.&mt("User's e-mail address must not end: [_1]", + $cancreate{'emaildomain'}{$type}{'noninst'}).'</li>'; + } + } else { + if ((ref($cancreate{'emaildomain'}{$type}) ne 'HASH') || + ($cancreate{'emaildomain'}{$type}{'noninst'} eq '')) { + $output = '<li>'.$usertypes{$type}.' -- '.&mt('No restriction on e-mail domain').'</li>'; + } else { + $output = '<li>'.$usertypes{$type}.' -- '.&mt("User's e-mail address must not end: [_1]", + $cancreate{'emaildomain'}{$type}{'noninst'}).'</li>'; + } + } + } + } + } + } + if ($output ne '') { + $chgtext .= &mt('For self-created accounts verified by e-mail address:'). + '<ul>'.$output.'</ul>'; } } elsif ($type eq 'captcha') { if ($savecaptcha{$type} eq 'notused') { @@ -11654,11 +16036,11 @@ sub modify_selfcreation { } } elsif ($type eq 'emailusername') { if (ref($cancreate{'emailusername'}) eq 'HASH') { - if (ref($types) eq 'ARRAY') { - foreach my $type (@{$types}) { + if (@statuses) { + foreach my $type (@statuses) { if (ref($cancreate{'emailusername'}{$type}) eq 'HASH') { if (keys(%{$cancreate{'emailusername'}{$type}}) > 0) { - $chgtext .= &mt('When self-creating account with e-mail as username, the following information will be provided by [_1]:',"'$usertypes->{$type}'"). + $chgtext .= &mt('When self-creating account with e-mail verification, the following information will be provided by [_1]:',"'$usertypes{$type}'"). '<ul>'; foreach my $field (@{$infofields}) { if ($cancreate{'emailusername'}{$type}{$field}) { @@ -11667,48 +16049,86 @@ sub modify_selfcreation { } $chgtext .= '</ul>'; } else { - $chgtext .= &mt('When self creating account with e-mail as username, no information besides e-mail address will be provided by [_1].',"'$usertypes->{$type}'").'<br />'; + $chgtext .= &mt('When self creating account with e-mail verification, no information besides e-mail address will be provided by [_1].',"'$usertypes{$type}'").'<br />'; } } else { - $chgtext .= &mt('When self creating account with e-mail as username, no information besides e-mail address will be provided by [_1].',"'$usertypes->{$type}'").'<br />'; + $chgtext .= &mt('When self creating account with e-mail verification, no information besides e-mail address will be provided by [_1].',"'$usertypes{$type}'").'<br />'; } } } } } elsif ($type eq 'notify') { - $chgtext = &mt('No Domain Coordinators will receive notification of username requests requiring approval.'); + my $numapprove = 0; if (ref($changes{'cancreate'}) eq 'ARRAY') { if ((grep(/^notify$/,@{$changes{'cancreate'}})) && (ref($cancreate{'notify'}) eq 'HASH')) { if ($cancreate{'notify'}{'approval'}) { - $chgtext = &mt('Notification of username requests requiring approval will be sent to: ').$cancreate{'notify'}{'approval'}; + $chgtext .= &mt('Notification of username requests requiring approval will be sent to: ').$cancreate{'notify'}{'approval'}; + $numapprove ++; } } } + unless ($numapprove) { + $chgtext .= &mt('No Domain Coordinators will receive notification of username requests requiring approval.'); + } } if ($chgtext) { $resulttext .= '<li>'.$chgtext.'</li>'; } } } - if (ref($changes{'email_rule'}) eq 'ARRAY') { + if ((ref($changes{'email_rule'}) eq 'ARRAY') && (@{$changes{'email_rule'}} > 0)) { my ($emailrules,$emailruleorder) = &Apache::lonnet::inst_userrules($dom,'email'); - my $chgtext = '<ul>'; - foreach my $type (@email_rule) { - if (ref($emailrules->{$type}) eq 'HASH') { - $chgtext .= '<li>'.$emailrules->{$type}{'name'}.'</li>'; + foreach my $type (@{$changes{'email_rule'}}) { + if (ref($email_rule{$type}) eq 'ARRAY') { + my $chgtext = '<ul>'; + foreach my $rule (@{$email_rule{$type}}) { + if (ref($emailrules->{$rule}) eq 'HASH') { + $chgtext .= '<li>'.$emailrules->{$rule}{'name'}.'</li>'; + } + } + $chgtext .= '</ul>'; + my $typename; + if (@types) { + if ($type eq 'default') { + $typename = $othertitle; + } else { + $typename = $usertypes{$type}; + } + $chgtext .= &mt('(Affiliation: [_1])',$typename); + } + if (@{$email_rule{$type}} > 0) { + $resulttext .= '<li>'. + &mt('Accounts may not be created by users verified by e-mail, for e-mail addresses of the following types: ', + $usertypes{$type}). + $chgtext. + '</li>'; + } else { + $resulttext .= '<li>'. + &mt('There are now no restrictions on e-mail addresses which may be used for verification when a user requests an account.'). + '</li>'. + &mt('(Affiliation: [_1])',$typename); + } } } - $chgtext .= '</ul>'; - if (@email_rule > 0) { - $resulttext .= '<li>'. - &mt('Accounts may not be created by users self-enrolling with e-mail addresses of the following types: '). - $chgtext. - '</li>'; - } else { - $resulttext .= '<li>'. - &mt('There are now no restrictions on e-mail addresses which may be used as a username when self-enrolling.'). - '</li>'; + } + if (ref($changes{'inststatus'}) eq 'ARRAY') { + if (ref($save_inststatus{'inststatusguest'}) eq 'ARRAY') { + if (@{$save_inststatus{'inststatusguest'}} > 0) { + my $chgtext = '<ul>'; + foreach my $type (@{$save_inststatus{'inststatusguest'}}) { + $chgtext .= '<li>'.$usertypes{$type}.'</li>'; + } + $chgtext .= '</ul>'; + $resulttext .= '<li>'. + &mt('A user will self-report one of the following affiliations when requesting an account verified by e-mail: '). + $chgtext. + '</li>'; + } else { + $resulttext .= '<li>'. + &mt('No affiliations available for self-reporting when requesting an account verified by e-mail.'). + '</li>'; + } } } if (ref($changes{'selfcreate'}) eq 'ARRAY') { @@ -11716,9 +16136,9 @@ sub modify_selfcreation { my %fieldtitles = &Apache::loncommon::personal_data_fieldtitles(); foreach my $type (@{$changes{'selfcreate'}}) { my $typename = $type; - if (ref($usertypes) eq 'HASH') { - if ($usertypes->{$type} ne '') { - $typename = $usertypes->{$type}; + if (keys(%usertypes) > 0) { + if ($usertypes{$type} ne '') { + $typename = $usertypes{$type}; } } my @modifiable; @@ -11741,6 +16161,12 @@ sub modify_selfcreation { $resulttext .= '</ul></li>'; } $resulttext .= '</ul>'; + my $cachetime = 24*60*60; + $domdefaults{'inststatusguest'} = $save_inststatus{'inststatusguest'}; + &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime); + if (ref($lastactref) eq 'HASH') { + $lastactref->{'domdefaults'} = 1; + } } else { $resulttext = &mt('No changes made to self-creation settings'); } @@ -11755,19 +16181,25 @@ sub modify_selfcreation { } sub process_captcha { - my ($container,$changes,$newsettings,$current) = @_; - return unless ((ref($changes) eq 'HASH') && (ref($newsettings) eq 'HASH') || (ref($current) eq 'HASH')); + my ($container,$changes,$newsettings,$currsettings) = @_; + return unless ((ref($changes) eq 'HASH') && (ref($newsettings) eq 'HASH')); $newsettings->{'captcha'} = $env{'form.'.$container.'_captcha'}; unless ($newsettings->{'captcha'} eq 'recaptcha' || $newsettings->{'captcha'} eq 'notused') { $newsettings->{'captcha'} = 'original'; } - if ($current->{'captcha'} ne $newsettings->{'captcha'}) { + my %current; + if (ref($currsettings) eq 'HASH') { + %current = %{$currsettings}; + } + if ($current{'captcha'} ne $newsettings->{'captcha'}) { if ($container eq 'cancreate') { if (ref($changes->{'cancreate'}) eq 'ARRAY') { push(@{$changes->{'cancreate'}},'captcha'); } elsif (!defined($changes->{'cancreate'})) { $changes->{'cancreate'} = ['captcha']; } + } elsif ($container eq 'passwords') { + $changes->{'reset'} = 1; } else { $changes->{'captcha'} = 1; } @@ -11789,9 +16221,9 @@ sub process_captcha { } $newsettings->{'recaptchaversion'} = $newversion; } - if (ref($current->{'recaptchakeys'}) eq 'HASH') { - $currpub = $current->{'recaptchakeys'}{'public'}; - $currpriv = $current->{'recaptchakeys'}{'private'}; + if (ref($current{'recaptchakeys'}) eq 'HASH') { + $currpub = $current{'recaptchakeys'}{'public'}; + $currpriv = $current{'recaptchakeys'}{'private'}; unless ($newsettings->{'captcha'} eq 'recaptcha') { $newsettings->{'recaptchakeys'} = { public => '', @@ -11799,8 +16231,8 @@ sub process_captcha { } } } - if ($current->{'captcha'} eq 'recaptcha') { - $currversion = $current->{'recaptchaversion'}; + if ($current{'captcha'} eq 'recaptcha') { + $currversion = $current{'recaptchaversion'}; if ($currversion ne '2') { $currversion = 1; } @@ -11812,6 +16244,8 @@ sub process_captcha { } elsif (!defined($changes->{'cancreate'})) { $changes->{'cancreate'} = ['recaptchaversion']; } + } elsif ($container eq 'passwords') { + $changes->{'reset'} = 1; } else { $changes->{'recaptchaversion'} = 1; } @@ -11823,6 +16257,8 @@ sub process_captcha { } elsif (!defined($changes->{'cancreate'})) { $changes->{'cancreate'} = ['recaptchakeys']; } + } elsif ($container eq 'passwords') { + $changes->{'reset'} = 1; } else { $changes->{'recaptchakeys'} = 1; } @@ -11938,7 +16374,7 @@ sub modify_defaults { my ($resulttext,$mailmsgtxt,%newvalues,%changes,@errors); my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1); my @items = ('auth_def','auth_arg_def','lang_def','timezone_def','datelocale_def', - 'portal_def','intauth_cost','intauth_check','intauth_switch'); + 'portal_def'); my @authtypes = ('internal','krb4','krb5','localauth'); foreach my $item (@items) { $newvalues{$item} = $env{'form.'.$item}; @@ -11976,35 +16412,106 @@ sub modify_defaults { } } elsif ($item eq 'portal_def') { if ($newvalues{$item} ne '') { - unless ($newvalues{$item} =~ /^https?\:\/\/(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9])\/?$/) { + if ($newvalues{$item} =~ /^https?\:\/\/(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9])\/?$/) { + foreach my $field ('email','web') { + if ($env{'form.'.$item.'_'.$field}) { + $newvalues{$item.'_'.$field} = $env{'form.'.$item.'_'.$field}; + } + } + } else { push(@errors,$item); } } - } elsif ($item eq 'intauth_cost') { - if ($newvalues{$item} ne '') { - if ($newvalues{$item} =~ /\D/) { - push(@errors,$item); + } + if (grep(/^\Q$item\E$/,@errors)) { + $newvalues{$item} = $domdefaults{$item}; + if ($item eq 'portal_def') { + if ($domdefaults{$item}) { + foreach my $field ('email','web') { + if (exists($domdefaults{$item.'_'.$field})) { + $newvalues{$item.'_'.$field} = $domdefaults{$item.'_'.$field}; + } + } } } - } elsif ($item eq 'intauth_check') { - if ($newvalues{$item} ne '') { - unless ($newvalues{$item} =~ /^(0|1|2)$/) { - push(@errors,$item); + } elsif ($domdefaults{$item} ne $newvalues{$item}) { + $changes{$item} = 1; + } + if ($item eq 'portal_def') { + unless (grep(/^\Q$item\E$/,@errors)) { + if ($newvalues{$item} eq '') { + foreach my $field ('email','web') { + if (exists($domdefaults{$item.'_'.$field})) { + delete($domdefaults{$item.'_'.$field}); + } + } + } else { + unless ($changes{$item}) { + foreach my $field ('email','web') { + if ($domdefaults{$item.'_'.$field} ne $newvalues{$item.'_'.$field}) { + $changes{$item} = 1; + last; + } + } + } + foreach my $field ('email','web') { + if ($newvalues{$item.'_'.$field}) { + $domdefaults{$item.'_'.$field} = $newvalues{$item.'_'.$field}; + } elsif (exists($domdefaults{$item.'_'.$field})) { + delete($domdefaults{$item.'_'.$field}); + } + } } } - } elsif ($item eq 'intauth_switch') { - if ($newvalues{$item} ne '') { - unless ($newvalues{$item} =~ /^(0|1|2)$/) { - push(@errors,$item); + } + $domdefaults{$item} = $newvalues{$item}; + } + my %staticdefaults = ( + 'intauth_cost' => 10, + 'intauth_check' => 0, + 'intauth_switch' => 0, + ); + foreach my $item ('intauth_cost','intauth_check','intauth_switch') { + if (exists($domdefaults{$item})) { + $newvalues{$item} = $domdefaults{$item}; + } else { + $newvalues{$item} = $staticdefaults{$item}; + } + } + my ($unamemaprules,$ruleorder); + my @possunamemaprules = &Apache::loncommon::get_env_multiple('form.unamemap_rule'); + if (@possunamemaprules) { + ($unamemaprules,$ruleorder) = + &Apache::lonnet::inst_userrules($dom,'unamemap'); + if ((ref($unamemaprules) eq 'HASH') && (ref($ruleorder) eq 'ARRAY')) { + if (@{$ruleorder} > 0) { + my %possrules; + map { $possrules{$_} = 1; } @possunamemaprules; + foreach my $rule (@{$ruleorder}) { + if ($possrules{$rule}) { + push(@{$newvalues{'unamemap_rule'}},$rule); + } } } } - if (grep(/^\Q$item\E$/,@errors)) { - $newvalues{$item} = $domdefaults{$item}; - } elsif ($domdefaults{$item} ne $newvalues{$item}) { - $changes{$item} = 1; + } + if (ref($domdefaults{'unamemap_rule'}) eq 'ARRAY') { + if (ref($newvalues{'unamemap_rule'}) eq 'ARRAY') { + my @rulediffs = &Apache::loncommon::compare_arrays($domdefaults{'unamemap_rule'}, + $newvalues{'unamemap_rule'}); + if (@rulediffs) { + $changes{'unamemap_rule'} = 1; + $domdefaults{'unamemap_rule'} = $newvalues{'unamemap_rule'}; + } + } elsif (@{$domdefaults{'unamemap_rule'}} > 0) { + $changes{'unamemap_rule'} = 1; + delete($domdefaults{'unamemap_rule'}); + } + } elsif (ref($newvalues{'unamemap_rule'}) eq 'ARRAY') { + if (@{$newvalues{'unamemap_rule'}} > 0) { + $changes{'unamemap_rule'} = 1; + $domdefaults{'unamemap_rule'} = $newvalues{'unamemap_rule'}; } - $domdefaults{$item} = $newvalues{$item}; } my %defaults_hash = ( defaults => \%newvalues, @@ -12024,9 +16531,18 @@ sub modify_defaults { } my @todelete = &Apache::loncommon::get_env_multiple('form.inststatus_delete'); my @allpos; - my %guests; my %alltypes; - my ($currtitles,$currguests,$currorder); + my @inststatusguest; + if (ref($currinststatus) eq 'HASH') { + if (ref($currinststatus->{'inststatusguest'}) eq 'ARRAY') { + foreach my $type (@{$currinststatus->{'inststatusguest'}}) { + unless (grep(/^\Q$type\E$/,@todelete)) { + push(@inststatusguest,$type); + } + } + } + } + my ($currtitles,$currorder); if (ref($currinststatus) eq 'HASH') { if (ref($currinststatus->{'inststatusorder'}) eq 'ARRAY') { foreach my $type (@{$currinststatus->{'inststatusorder'}}) { @@ -12041,14 +16557,8 @@ sub modify_defaults { $allpos[$position] = $type; $alltypes{$type} = $env{'form.inststatus_title_'.$type}; $alltypes{$type} =~ s/`//g; - if ($env{'form.inststatus_guest_'.$type}) { - $guests{$type} = 1; - } } } - if (ref($currinststatus->{'inststatusguest'}) eq 'ARRAY') { - $currguests = join(',',@{$currinststatus->{'inststatusguest'}}); - } $currorder = join(',',@{$currinststatus->{'inststatusorder'}}); $currtitles =~ s/,$//; } @@ -12057,9 +16567,6 @@ sub modify_defaults { my $newtype = $env{'form.addinststatus'}; $newtype =~ s/\W//g; unless (exists($alltypes{$newtype})) { - if ($env{'form.addinststatus_guest'}) { - $guests{$newtype} = 1; - } $alltypes{$newtype} = $env{'form.addinststatus_title'}; $alltypes{$newtype} =~ s/`//g; my $position = $env{'form.addinststatus_pos'}; @@ -12069,13 +16576,10 @@ sub modify_defaults { } } } - my (@orderedstatus,@orderedguests); + my @orderedstatus; foreach my $type (@allpos) { unless (($type eq '') || (grep(/^\Q$type\E$/,@orderedstatus))) { push(@orderedstatus,$type); - if ($guests{$type}) { - push(@orderedguests,$type); - } } } foreach my $type (keys(%alltypes)) { @@ -12086,7 +16590,7 @@ sub modify_defaults { $defaults_hash{'inststatus'} = { inststatustypes => \%alltypes, inststatusorder => \@orderedstatus, - inststatusguest => \@orderedguests, + inststatusguest => \@inststatusguest, }; if (ref($defaults_hash{'inststatus'}) eq 'HASH') { foreach my $item ('inststatustypes','inststatusorder','inststatusguest') { @@ -12096,9 +16600,6 @@ sub modify_defaults { if ($currorder ne join(',',@orderedstatus)) { $changes{'inststatus'}{'inststatusorder'} = 1; } - if ($currguests ne join(',',@orderedguests)) { - $changes{'inststatus'}{'inststatusguest'} = 1; - } my $newtitles; foreach my $item (@orderedstatus) { $newtitles .= $alltypes{$item}.','; @@ -12117,27 +16618,36 @@ sub modify_defaults { foreach my $item (sort(keys(%changes))) { if ($item eq 'inststatus') { if (ref($changes{'inststatus'}) eq 'HASH') { - if (($changes{'inststatus'}{'inststatustypes'}) || $changes{'inststatus'}{'inststatusorder'}) { + if (@orderedstatus) { $resulttext .= '<li>'.&mt('Institutional user status types set to:').' '; foreach my $type (@orderedstatus) { $resulttext .= $alltypes{$type}.', '; } $resulttext =~ s/, $//; $resulttext .= '</li>'; + } else { + $resulttext .= '<li>'.&mt('Institutional user status types deleted').'</li>'; } - if ($changes{'inststatus'}{'inststatusguest'}) { - $resulttext .= '<li>'; - if (@orderedguests) { - $resulttext .= &mt('Types assignable to "non-institutional" usernames set to:').' '; - foreach my $type (@orderedguests) { - $resulttext .= $alltypes{$type}.', '; + } + } elsif ($item eq 'unamemap_rule') { + if (ref($newvalues{'unamemap_rule'}) eq 'ARRAY') { + my @rulenames; + if (ref($unamemaprules) eq 'HASH') { + foreach my $rule (@{$newvalues{'unamemap_rule'}}) { + if (ref($unamemaprules->{$rule}) eq 'HASH') { + push(@rulenames,$unamemaprules->{$rule}->{'name'}); } - $resulttext =~ s/, $//; - } else { - $resulttext .= &mt('Types assignable to "non-institutional" usernames set to none.'); } - $resulttext .= '</li>'; } + if (@rulenames) { + $resulttext .= '<li>'.&mt('Mapping for missing usernames includes: [_1]', + '<ul><li>'.join('</li><li>',@rulenames).'</li></ul>'). + '</li>'; + } else { + $resulttext .= '<li>'.&mt('No mapping for missing usernames via standard log-in').'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('Mapping for missing usernames via standard log-in deleted').'</li>'; } } else { my $value = $env{'form.'.$item}; @@ -12152,31 +16662,22 @@ sub modify_defaults { localauth => 'loc', ); $value = $authnames{$shortauth{$value}}; - } elsif ($item eq 'intauth_switch') { - my %optiondesc = &Apache::lonlocal::texthash ( - 0 => 'No', - 1 => 'Yes', - 2 => 'Yes, and copy existing passwd file to passwd.bak file', - ); - if ($value =~ /^(0|1|2)$/) { - $value = $optiondesc{$value}; - } else { - $value = &mt('none -- defaults to No'); - } - } elsif ($item eq 'intauth_check') { - my %optiondesc = &Apache::lonlocal::texthash ( - 0 => 'No', - 1 => 'Yes, allow login then update passwd file using default cost (if higher)', - 2 => 'Yes, disallow login if stored cost is less than domain default', - ); - if ($value =~ /^(0|1|2)$/) { - $value = $optiondesc{$value}; - } else { - $value = &mt('none -- defaults to No'); - } } $resulttext .= '<li>'.&mt('[_1] set to "[_2]"',$title->{$item},$value).'</li>'; - $mailmsgtext .= "$title->{$item} set to $value\n"; + $mailmsgtext .= "$title->{$item} set to $value\n"; + if ($item eq 'portal_def') { + if ($env{'form.'.$item} ne '') { + foreach my $field ('email','web') { + $value = $env{'form.'.$item.'_'.$field}; + if ($value) { + $value = &mt('Yes'); + } else { + $value = &mt('No'); + } + $resulttext .= '<li>'.&mt('[_1] set to "[_2]"',$title->{$field},$value).'</li>'; + } + } + } } } $resulttext .= '</ul>'; @@ -12222,7 +16723,7 @@ sub modify_scantron { my $custom = 'custom.tab'; my $default = 'default.tab'; my $servadm = $r->dir_config('lonAdmEMail'); - my ($configuserok,$author_ok,$switchserver) = + my ($configuserok,$author_ok,$switchserver) = &config_check($dom,$confname,$servadm); if ($env{'form.scantronformat.filename'} ne '') { my $error; @@ -12257,6 +16758,67 @@ sub modify_scantron { if ($env{'form.scantronformat_del'}) { $confhash{'scantron'}{'scantronformat'} = ''; $changes{'scantronformat'} = 1; + } else { + $confhash{'scantron'}{'scantronformat'} = $domconfig{'scantron'}{'scantronformat'}; + } + } + } + my @options = ('hdr','pad','rem'); + my @fields = &scantroncsv_fields(); + my %titles = &scantronconfig_titles(); + my @formats = &Apache::loncommon::get_env_multiple('form.scantronconfig'); + my ($newdat,$currdat,%newcol,%currcol); + if (grep(/^dat$/,@formats)) { + $confhash{'scantron'}{config}{dat} = 1; + $newdat = 1; + } else { + $newdat = 0; + } + if (grep(/^csv$/,@formats)) { + my %bynum; + foreach my $field (@fields) { + if ($env{'form.scantronconfig_csv_'.$field} =~ /^(\d+)$/) { + my $posscol = $1; + if (($posscol < 20) && (!$bynum{$posscol})) { + $confhash{'scantron'}{config}{csv}{fields}{$field} = $posscol; + $bynum{$posscol} = $field; + $newcol{$field} = $posscol; + } + } + } + if (keys(%newcol)) { + foreach my $option (@options) { + if ($env{'form.scantroncsv_'.$option}) { + $confhash{'scantron'}{config}{csv}{options}{$option} = 1; + } + } + } + } + $currdat = 1; + if (ref($domconfig{'scantron'}) eq 'HASH') { + if (ref($domconfig{'scantron'}{'config'}) eq 'HASH') { + unless (exists($domconfig{'scantron'}{'config'}{'dat'})) { + $currdat = 0; + } + if (ref($domconfig{'scantron'}{'config'}{'csv'}) eq 'HASH') { + if (ref($domconfig{'scantron'}{'config'}{'csv'}{'fields'}) eq 'HASH') { + %currcol = %{$domconfig{'scantron'}{'config'}{'csv'}{'fields'}}; + } + } + } + } + if ($currdat != $newdat) { + $changes{'config'} = 1; + } else { + foreach my $field (@fields) { + if ($currcol{$field} ne '') { + if ($currcol{$field} ne $newcol{$field}) { + $changes{'config'} = 1; + last; + } + } elsif ($newcol{$field} ne '') { + $changes{'config'} = 1; + last; } } } @@ -12267,29 +16829,64 @@ sub modify_scantron { if (keys(%changes) > 0) { if (ref($confhash{'scantron'}) eq 'HASH') { $resulttext = &mt('Changes made:').'<ul>'; - if ($confhash{'scantron'}{'scantronformat'} eq '') { - $resulttext .= '<li>'.&mt('[_1] bubblesheet format file removed; [_2] file will be used for courses in this domain.',$custom,$default).'</li>'; - } else { - $resulttext .= '<li>'.&mt('Custom bubblesheet format file ([_1]) uploaded for use with courses in this domain.',$custom).'</li>'; + if ($changes{'scantronformat'}) { + if ($confhash{'scantron'}{'scantronformat'} eq '') { + $resulttext .= '<li>'.&mt('[_1] bubblesheet format file removed; [_2] file will be used for courses in this domain.',$custom,$default).'</li>'; + } else { + $resulttext .= '<li>'.&mt('Custom bubblesheet format file ([_1]) uploaded for use with courses in this domain.',$custom).'</li>'; + } + } + if ($changes{'config'}) { + if (ref($confhash{'scantron'}{'config'}) eq 'HASH') { + if ($confhash{'scantron'}{'config'}{'dat'}) { + $resulttext .= '<li>'.&mt('Bubblesheet data upload formats includes .dat format').'</li>'; + } + if (ref($confhash{'scantron'}{'config'}{'csv'}) eq 'HASH') { + if (ref($confhash{'scantron'}{'config'}{'csv'}{'fields'}) eq 'HASH') { + if (keys(%{$confhash{'scantron'}{'config'}{'csv'}{'fields'}})) { + $resulttext .= '<li>'.&mt('Bubblesheet data upload formats includes .csv format, with following fields/column numbers supported:').'<ul>'; + foreach my $field (@fields) { + if ($confhash{'scantron'}{'config'}{'csv'}{'fields'}{$field} ne '') { + my $showcol = $confhash{'scantron'}{'config'}{'csv'}{'fields'}{$field} + 1; + $resulttext .= '<li>'.$titles{$field}.': '.$showcol.'</li>'; + } + } + $resulttext .= '</ul></li>'; + if (ref($confhash{'scantron'}{'config'}{'csv'}{'options'}) eq 'HASH') { + if (keys(%{$confhash{'scantron'}{'config'}{'csv'}{'options'}})) { + $resulttext .= '<li>'.&mt('Bubblesheet data upload formats includes .csv format, with following options:').'<ul>'; + foreach my $option (@options) { + if ($confhash{'scantron'}{'config'}{'csv'}{'options'}{$option} ne '') { + $resulttext .= '<li>'.$titles{$option}.'</li>'; + } + } + $resulttext .= '</ul></li>'; + } + } + } + } + } + } else { + $resulttext .= '<li>'.&mt('No bubblesheet data upload formats set -- will default to assuming .dat format').'</li>'; + } } $resulttext .= '</ul>'; } else { $resulttext = &mt('Changes made to bubblesheet format file.'); } - $resulttext .= '</ul>'; &Apache::loncommon::devalidate_domconfig_cache($dom); if (ref($lastactref) eq 'HASH') { $lastactref->{'domainconfig'} = 1; } } else { - $resulttext = &mt('No changes made to bubblesheet format file'); + $resulttext = &mt('No changes made to bubblesheet format settings'); } } else { $resulttext = '<span class="LC_error">'. &mt('An error occurred: [_1]',$putresult).'</span>'; } } else { - $resulttext = &mt('No changes made to bubblesheet format file'); + $resulttext = &mt('No changes made to bubblesheet format settings'); } if ($errors) { $resulttext .= &mt('The following errors occurred: ').'<ul>'. @@ -12538,6 +17135,10 @@ sub modify_coursecategories { } $resulttext .= '</ul></li>'; } + &Apache::lonnet::do_cache_new('cats',$dom,$cathash,3600); + if (ref($lastactref) eq 'HASH') { + $lastactref->{'cats'} = 1; + } } $resulttext .= '</ul>'; if ($changes{'unauth'} || $changes{'auth'}) { @@ -13018,9 +17619,11 @@ sub modify_coursedefaults { my ($resulttext,$errors,%changes,%defaultshash); my %defaultchecked = ( 'uselcmath' => 'on', - 'usejsme' => 'on' + 'usejsme' => 'on', + 'inline_chem' => 'on', + 'ltiauth' => 'off', ); - my @toggles = ('uselcmath','usejsme'); + my @toggles = ('uselcmath','usejsme','inline_chem','ltiauth'); my @numbers = ('anonsurvey_threshold','uploadquota_official','uploadquota_unofficial', 'uploadquota_community','uploadquota_textbook','mysqltables_official', 'mysqltables_unofficial','mysqltables_community','mysqltables_textbook'); @@ -13031,7 +17634,11 @@ sub modify_coursedefaults { postsubmit => 60, mysqltables => 172800, ); - + my %texoptions = ( + MathJax => 'MathJax', + mimetex => &mt('Convert to Images'), + tth => &mt('TeX to HTML'), + ); $defaultshash{'coursedefaults'} = {}; if (ref($domconfig{'coursedefaults'}) ne 'HASH') { @@ -13078,7 +17685,6 @@ sub modify_coursedefaults { $defaultshash{'coursedefaults'}{$setting}{$type} = $newdef; } if ($currdef ne $newdef) { - my $staticdef; if ($item eq 'anonsurvey_threshold') { unless (($currdef eq '') && ($newdef == $staticdefaults{$item})) { $changes{$item} = 1; @@ -13091,6 +17697,21 @@ sub modify_coursedefaults { } } } + my $texengine; + if ($env{'form.texengine'} =~ /^(MathJax|mimetex|tth)$/) { + $texengine = $env{'form.texengine'}; + my $currdef = $domconfig{'coursedefaults'}{'texengine'}; + if ($currdef eq '') { + unless ($texengine eq $Apache::lonnet::deftex) { + $changes{'texengine'} = 1; + } + } elsif ($currdef ne $texengine) { + $changes{'texengine'} = 1; + } + } + if ($texengine ne '') { + $defaultshash{'coursedefaults'}{'texengine'} = $texengine; + } my $currclone = $domconfig{'coursedefaults'}{'canclone'}; my @currclonecode; if (ref($currclone) eq 'HASH') { @@ -13211,8 +17832,9 @@ sub modify_coursedefaults { my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1); if (($changes{'uploadquota'}) || ($changes{'postsubmit'}) || ($changes{'coursecredits'}) || ($changes{'uselcmath'}) || ($changes{'usejsme'}) || - ($changes{'canclone'}) || ($changes{'mysqltables'})) { - foreach my $item ('uselcmath','usejsme') { + ($changes{'canclone'}) || ($changes{'mysqltables'}) || ($changes{'texengine'}) || + ($changes{'inline_chem'}) || ($changes{'ltiauth'})) { + foreach my $item ('uselcmath','usejsme','inline_chem','texengine','ltiauth') { if ($changes{$item}) { $domdefaults{$item}=$defaultshash{'coursedefaults'}{$item}; } @@ -13275,6 +17897,17 @@ sub modify_coursedefaults { } else { $resulttext .= '<li>'.&mt('Molecule editor uses JME (Java), if supported by client OS.').'</li>'; } + } elsif ($item eq 'inline_chem') { + if ($env{'form.'.$item} eq '1') { + $resulttext .= '<li>'.&mt('Chemical Reaction Response uses inline previewer').'</li>'; + } else { + $resulttext .= '<li>'.&mt('Chemical Reaction Response uses pop-up previewer').'</li>'; + } + } elsif ($item eq 'texengine') { + if ($defaultshash{'coursedefaults'}{'texengine'} ne '') { + $resulttext .= '<li>'.&mt('Default method to display mathematics set to: "[_1]"', + $texoptions{$defaultshash{'coursedefaults'}{'texengine'}}).'</li>'; + } } elsif ($item eq 'anonsurvey_threshold') { $resulttext .= '<li>'.&mt('Responder count required for display of anonymous survey submissions set to [_1].',$defaultshash{'coursedefaults'}{'anonsurvey_threshold'}).'</li>'; } elsif ($item eq 'uploadquota') { @@ -13366,6 +17999,12 @@ sub modify_coursedefaults { } else { $resulttext .= '<li>'.&mt('By default, only course owner and coordinators may clone a course.').'</li>'; } + } elsif ($item eq 'ltiauth') { + if ($env{'form.'.$item} eq '1') { + $resulttext .= '<li>'.&mt('LTI launch of deep-linked URL need not require re-authentication').'</li>'; + } else { + $resulttext .= '<li>'.&mt('LTI launch of deep-linked URL will require re-authentication').'</li>'; + } } } $resulttext .= '</ul>'; @@ -13599,12 +18238,12 @@ sub modify_selfenrollment { $resulttext .= '</ul></li>'; } } - if ((exists($changes{'admin'})) || (exists($changes{'default'}))) { - my $cachetime = 24*60*60; - &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime); - if (ref($lastactref) eq 'HASH') { - $lastactref->{'domdefaults'} = 1; - } + } + if ((exists($changes{'admin'})) || (exists($changes{'default'}))) { + my $cachetime = 24*60*60; + &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime); + if (ref($lastactref) eq 'HASH') { + $lastactref->{'domdefaults'} = 1; } } $resulttext .= '</ul>'; @@ -13618,6 +18257,344 @@ sub modify_selfenrollment { return $resulttext; } +sub modify_wafproxy { + my ($dom,$action,$lastactref,%domconfig) = @_; + my %servers = &Apache::lonnet::internet_dom_servers($dom); + my (%othercontrol,%canset,%values,%curralias,%currsaml,%currvalue,@warnings, + %wafproxy,%changes,%expirecache,%expiresaml); + foreach my $server (sort(keys(%servers))) { + my $serverhome = &Apache::lonnet::get_server_homeID($servers{$server}); + if ($serverhome eq $server) { + my $serverdom = &Apache::lonnet::host_domain($server); + if ($serverdom eq $dom) { + $canset{$server} = 1; + } + } + } + if (ref($domconfig{'wafproxy'}) eq 'HASH') { + %{$values{$dom}} = (); + if (ref($domconfig{'wafproxy'}{'alias'}) eq 'HASH') { + %curralias = %{$domconfig{'wafproxy'}{'alias'}}; + } + if (ref($domconfig{'wafproxy'}{'saml'}) eq 'HASH') { + %currsaml = %{$domconfig{'wafproxy'}{'saml'}}; + } + foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') { + $currvalue{$item} = $domconfig{'wafproxy'}{$item}; + } + } + my $output; + if (keys(%canset)) { + %{$wafproxy{'alias'}} = (); + %{$wafproxy{'saml'}} = (); + foreach my $key (sort(keys(%canset))) { + if ($env{'form.wafproxy_'.$dom}) { + $wafproxy{'alias'}{$key} = $env{'form.wafproxy_alias_'.$key}; + $wafproxy{'alias'}{$key} =~ s/^\s+|\s+$//g; + if ($wafproxy{'alias'}{$key} ne $curralias{$key}) { + $changes{'alias'} = 1; + } + if ($env{'form.wafproxy_alias_saml_'.$key}) { + $wafproxy{'saml'}{$key} = 1; + } + if ($wafproxy{'saml'}{$key} ne $currsaml{$key}) { + $changes{'saml'} = 1; + } + } else { + $wafproxy{'alias'}{$key} = ''; + $wafproxy{'saml'}{$key} = ''; + if ($curralias{$key}) { + $changes{'alias'} = 1; + } + if ($currsaml{$key}) { + $changes{'saml'} = 1; + } + } + if ($wafproxy{'alias'}{$key} eq '') { + if ($curralias{$key}) { + $expirecache{$key} = 1; + } + delete($wafproxy{'alias'}{$key}); + } + if ($wafproxy{'saml'}{$key} eq '') { + if ($currsaml{$key}) { + $expiresaml{$key} = 1; + } + delete($wafproxy{'saml'}{$key}); + } + } + unless (keys(%{$wafproxy{'alias'}})) { + delete($wafproxy{'alias'}); + } + unless (keys(%{$wafproxy{'saml'}})) { + delete($wafproxy{'saml'}); + } + # Localization for values in %warn occurs in &mt() calls separately. + my %warn = ( + trusted => 'trusted IP range(s)', + vpnint => 'internal IP range(s) for VPN sessions(s)', + vpnext => 'IP range(s) for backend WAF connections', + ); + foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') { + my $possible = $env{'form.wafproxy_'.$item}; + $possible =~ s/^\s+|\s+$//g; + if ($possible ne '') { + if ($item eq 'remoteip') { + if ($possible =~ /^[mhn]$/) { + $wafproxy{$item} = $possible; + } + } elsif ($item eq 'ipheader') { + if ($wafproxy{'remoteip'} eq 'h') { + $wafproxy{$item} = $possible; + } + } elsif ($item eq 'sslopt') { + if ($possible =~ /^0|1$/) { + $wafproxy{$item} = $possible; + } + } else { + my (@ok,$count); + if (($item eq 'vpnint') || ($item eq 'vpnext')) { + unless ($env{'form.wafproxy_vpnaccess'}) { + $possible = ''; + } + } elsif ($item eq 'trusted') { + unless ($wafproxy{'remoteip'} eq 'h') { + $possible = ''; + } + } + unless ($possible eq '') { + $possible =~ s/[\r\n]+/\s/g; + $possible =~ s/\s*-\s*/-/g; + $possible =~ s/\s+/,/g; + $possible =~ s/,+/,/g; + } + $count = 0; + if ($possible ne '') { + foreach my $poss (split(/\,/,$possible)) { + $count ++; + $poss = &validate_ip_pattern($poss); + if ($poss ne '') { + push(@ok,$poss); + } + } + my $diff = $count - scalar(@ok); + if ($diff) { + push(@warnings,'<li>'. + &mt('[quant,_1,IP] invalid and excluded from saved value for [_2]', + $diff,$warn{$item}). + '</li>'); + } + if (@ok) { + my @cidr_list; + foreach my $item (@ok) { + @cidr_list = &Net::CIDR::cidradd($item,@cidr_list); + } + $wafproxy{$item} = join(',',@cidr_list); + } + } + } + if ($wafproxy{$item} ne $currvalue{$item}) { + $changes{$item} = 1; + } + } elsif ($currvalue{$item}) { + $changes{$item} = 1; + } + } + } else { + if (keys(%curralias)) { + $changes{'alias'} = 1; + } + if (keys(%currsaml)) { + $changes{'saml'} = 1; + } + if (keys(%currvalue)) { + foreach my $key (keys(%currvalue)) { + $changes{$key} = 1; + } + } + } + if (keys(%changes)) { + my %defaultshash = ( + wafproxy => \%wafproxy, + ); + my $putresult = &Apache::lonnet::put_dom('configuration',\%defaultshash, + $dom); + if ($putresult eq 'ok') { + my $cachetime = 24*60*60; + my (%domdefaults,$updatedomdefs); + foreach my $item ('ipheader','trusted','vpnint','vpnext','sslopt') { + if ($changes{$item}) { + unless ($updatedomdefs) { + %domdefaults = &Apache::lonnet::get_domain_defaults($dom); + $updatedomdefs = 1; + } + if ($wafproxy{$item}) { + $domdefaults{'waf_'.$item} = $wafproxy{$item}; + } elsif (exists($domdefaults{'waf_'.$item})) { + delete($domdefaults{'waf_'.$item}); + } + } + } + if ($updatedomdefs) { + &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime); + if (ref($lastactref) eq 'HASH') { + $lastactref->{'domdefaults'} = 1; + } + } + if ((exists($wafproxy{'alias'})) || (keys(%expirecache))) { + my %updates = %expirecache; + foreach my $key (keys(%expirecache)) { + &Apache::lonnet::devalidate_cache_new('proxyalias',$key); + } + if (ref($wafproxy{'alias'}) eq 'HASH') { + my $cachetime = 24*60*60; + foreach my $key (keys(%{$wafproxy{'alias'}})) { + $updates{$key} = 1; + &Apache::lonnet::do_cache_new('proxyalias',$key,$wafproxy{'alias'}{$key}, + $cachetime); + } + } + if (ref($lastactref) eq 'HASH') { + $lastactref->{'proxyalias'} = \%updates; + } + } + if ((exists($wafproxy{'saml'})) || (keys(%expiresaml))) { + my %samlupdates = %expiresaml; + foreach my $key (keys(%expiresaml)) { + &Apache::lonnet::devalidate_cache_new('proxysaml',$key); + } + if (ref($wafproxy{'saml'}) eq 'HASH') { + my $cachetime = 24*60*60; + foreach my $key (keys(%{$wafproxy{'saml'}})) { + $samlupdates{$key} = 1; + &Apache::lonnet::do_cache_new('proxysaml',$key,$wafproxy{'saml'}{$key}, + $cachetime); + } + } + if (ref($lastactref) eq 'HASH') { + $lastactref->{'proxysaml'} = \%samlupdates; + } + } + $output = &mt('Changes were made to Web Application Firewall/Reverse Proxy').'<ul>'; + foreach my $item ('alias','saml','remoteip','ipheader','trusted','vpnint','vpnext','sslopt') { + if ($changes{$item}) { + if ($item eq 'alias') { + my $numaliased = 0; + if (ref($wafproxy{'alias'}) eq 'HASH') { + my $shown; + if (keys(%{$wafproxy{'alias'}})) { + foreach my $server (sort(keys(%{$wafproxy{'alias'}}))) { + $shown .= '<li>'.&mt('[_1] aliased by [_2]', + &Apache::lonnet::hostname($server), + $wafproxy{'alias'}{$server}).'</li>'; + $numaliased ++; + } + if ($numaliased) { + $output .= '<li>'.&mt('Aliases for hostnames set to: [_1]', + '<ul>'.$shown.'</ul>').'</li>'; + } + } + } + unless ($numaliased) { + $output .= '<li>'.&mt('Aliases deleted for hostnames').'</li>'; + } + } elsif ($item eq 'saml') { + my $shown; + if (ref($wafproxy{'saml'}) eq 'HASH') { + if (keys(%{$wafproxy{'saml'}})) { + $shown = join(', ',sort(keys(%{$wafproxy{'saml'}}))); + } + } + if ($shown) { + $output .= '<li>'.&mt('Alias used by SSO Auth for: [_1]', + $shown).'</li>'; + } else { + $output .= '<li>'.&mt('No alias used for SSO Auth').'</li>'; + } + } else { + if ($item eq 'remoteip') { + my %ip_methods = &remoteip_methods(); + if ($wafproxy{$item} =~ /^[mh]$/) { + $output .= '<li>'.&mt("Method for determining user's IP set to: [_1]", + $ip_methods{$wafproxy{$item}}).'</li>'; + } else { + if (($env{'form.wafproxy_'.$dom}) && (ref($wafproxy{'alias'}) eq 'HASH')) { + $output .= '<li>'.&mt("No method in use to get user's real IP (will report IP used by WAF)."). + '</li>'; + } else { + $output .= '<li>'.&mt('WAF/Reverse Proxy not in use').'</li>'; + } + } + } elsif ($item eq 'ipheader') { + if ($wafproxy{$item}) { + $output .= '<li>'.&mt('Request header with remote IP set to: [_1]', + $wafproxy{$item}).'</li>'; + } else { + $output .= '<li>'.&mt('Request header with remote IP deleted').'</li>'; + } + } elsif ($item eq 'trusted') { + if ($wafproxy{$item}) { + $output .= '<li>'.&mt('Trusted IP range(s) set to: [_1]', + $wafproxy{$item}).'</li>'; + } else { + $output .= '<li>'.&mt('Trusted IP range(s) deleted').'</li>'; + } + } elsif ($item eq 'vpnint') { + if ($wafproxy{$item}) { + $output .= '<li>'.&mt('Internal IP Range(s) for VPN sessions set to: [_1]', + $wafproxy{$item}).'</li>'; + } else { + $output .= '<li>'.&mt('Internal IP Range(s) for VPN sessions deleted').'</li>'; + } + } elsif ($item eq 'vpnext') { + if ($wafproxy{$item}) { + $output .= '<li>'.&mt('IP Range(s) for backend WAF connections set to: [_1]', + $wafproxy{$item}).'</li>'; + } else { + $output .= '<li>'.&mt('IP Range(s) for backend WAF connections deleted').'</li>'; + } + } elsif ($item eq 'sslopt') { + if ($wafproxy{$item}) { + $output .= '<li>'.&mt('WAF/Reverse Proxy expected to forward requests to https on LON-CAPA node, regardless of original protocol in web browser (http or https).').'</li>'; + } else { + $output .= '<li>'.&mt('WAF/Reverse Proxy expected to preserve original protocol in web browser (either http or https) when forwarding to LON-CAPA node.').'</li>'; + } + } + } + } + } + } else { + $output = '<span class="LC_error">'. + &mt('An error occurred: [_1]',$putresult).'</span>'; + } + } elsif (keys(%canset)) { + $output = &mt('No changes made to Web Application Firewall/Reverse Proxy settings'); + } + if (@warnings) { + $output .= '<br />'.&mt('Warnings:').'<ul>'. + join("\n",@warnings).'</ul>'; + } + return $output; +} + +sub validate_ip_pattern { + my ($pattern) = @_; + if ($pattern =~ /^([^-]+)\-([^-]+)$/) { + my ($start,$end) = ($1,$2); + if ((&Net::CIDR::cidrvalidate($start)) && (&Net::CIDR::cidrvalidate($end))) { + if (($start !~ m{/}) && ($end !~ m{/})) { + return $start.'-'.$end; + } + } + } elsif ($pattern ne '') { + $pattern = &Net::CIDR::cidrvalidate($pattern); + if ($pattern ne '') { + return $pattern; + } + } + return; +} + sub modify_usersessions { my ($dom,$lastactref,%domconfig) = @_; my @hostingtypes = ('version','excludedomain','includedomain'); @@ -13785,6 +18762,7 @@ sub modify_usersessions { } } $defaultshash{'usersessions'}{'offloadnow'} = {}; + $defaultshash{'usersessions'}{'offloadoth'} = {}; my @offloadnow = &Apache::loncommon::get_env_multiple('form.offloadnow'); my @okoffload; if (@offloadnow) { @@ -13801,6 +18779,22 @@ sub modify_usersessions { } } } + my @offloadoth = &Apache::loncommon::get_env_multiple('form.offloadoth'); + my @okoffloadoth; + if (@offloadoth) { + foreach my $server (@offloadoth) { + if (&Apache::lonnet::hostname($server) ne '') { + unless (grep(/^\Q$server\E$/,@okoffloadoth)) { + push(@okoffloadoth,$server); + } + } + } + if (@okoffloadoth) { + foreach my $lonhost (@okoffloadoth) { + $defaultshash{'usersessions'}{'offloadoth'}{$lonhost} = 1; + } + } + } if (ref($domconfig{'usersessions'}) eq 'HASH') { if (ref($domconfig{'usersessions'}{'spares'}) eq 'HASH') { if (ref($changes{'spares'}) eq 'HASH') { @@ -13811,26 +18805,38 @@ sub modify_usersessions { } else { $savespares = 1; } - if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') { - foreach my $lonhost (keys(%{$domconfig{'usersessions'}{'offloadnow'}})) { - unless ($defaultshash{'usersessions'}{'offloadnow'}{$lonhost}) { - $changes{'offloadnow'} = 1; - last; - } - } - unless ($changes{'offloadnow'}) { - foreach my $lonhost (keys(%{$defaultshash{'usersessions'}{'offloadnow'}})) { - unless ($domconfig{'usersessions'}{'offloadnow'}{$lonhost}) { - $changes{'offloadnow'} = 1; + foreach my $offload ('offloadnow','offloadoth') { + if (ref($domconfig{'usersessions'}{$offload}) eq 'HASH') { + foreach my $lonhost (keys(%{$domconfig{'usersessions'}{$offload}})) { + unless ($defaultshash{'usersessions'}{$offload}{$lonhost}) { + $changes{$offload} = 1; last; } } + unless ($changes{$offload}) { + foreach my $lonhost (keys(%{$defaultshash{'usersessions'}{$offload}})) { + unless ($domconfig{'usersessions'}{$offload}{$lonhost}) { + $changes{$offload} = 1; + last; + } + } + } + } else { + if (($offload eq 'offloadnow') && (@okoffload)) { + $changes{'offloadnow'} = 1; + } + if (($offload eq 'offloadoth') && (@okoffloadoth)) { + $changes{'offloadoth'} = 1; + } } - } elsif (@okoffload) { + } + } else { + if (@okoffload) { $changes{'offloadnow'} = 1; } - } elsif (@okoffload) { - $changes{'offloadnow'} = 1; + if (@okoffloadoth) { + $changes{'offloadoth'} = 1; + } } my $nochgmsg = &mt('No changes made to settings for user session hosting/offloading.'); if ((keys(%changes) > 0) || ($savespares)) { @@ -13847,6 +18853,9 @@ sub modify_usersessions { if (ref($defaultshash{'usersessions'}{'offloadnow'}) eq 'HASH') { $domdefaults{'offloadnow'} = $defaultshash{'usersessions'}{'offloadnow'}; } + if (ref($defaultshash{'usersessions'}{'offloadoth'}) eq 'HASH') { + $domdefaults{'offloadoth'} = $defaultshash{'usersessions'}{'offloadoth'}; + } } my $cachetime = 24*60*60; &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime); @@ -13920,16 +18929,31 @@ sub modify_usersessions { if ($changes{'offloadnow'}) { if (ref($defaultshash{'usersessions'}{'offloadnow'}) eq 'HASH') { if (keys(%{$defaultshash{'usersessions'}{'offloadnow'}}) > 0) { - $resulttext .= '<li>'.&mt('Switch active users on next access, for server(s):').'<ul>'; + $resulttext .= '<li>'.&mt('Switch any active user on next access, for server(s):').'<ul>'; foreach my $lonhost (sort(keys(%{$defaultshash{'usersessions'}{'offloadnow'}}))) { $resulttext .= '<li>'.$lonhost.'</li>'; } $resulttext .= '</ul>'; } else { - $resulttext .= '<li>'.&mt('No servers now set to switch active users on next access.'); + $resulttext .= '<li>'.&mt('No servers now set to switch any active user on next access.'); + } + } else { + $resulttext .= '<li>'.&mt('No servers now set to switch any active user on next access.').'</li>'; + } + } + if ($changes{'offloadoth'}) { + if (ref($defaultshash{'usersessions'}{'offloadoth'}) eq 'HASH') { + if (keys(%{$defaultshash{'usersessions'}{'offloadoth'}}) > 0) { + $resulttext .= '<li>'.&mt('Switch other institutions on next access, for server(s):').'<ul>'; + foreach my $lonhost (sort(keys(%{$defaultshash{'usersessions'}{'offloadoth'}}))) { + $resulttext .= '<li>'.$lonhost.'</li>'; + } + $resulttext .= '</ul>'; + } else { + $resulttext .= '<li>'.&mt('No servers now set to switch other institutions on next access.'); } } else { - $resulttext .= '<li>'.&mt('No servers now set to switch active users on next access.').'</li>'; + $resulttext .= '<li>'.&mt('No servers now set to switch other institutions on next access.').'</li>'; } } $resulttext .= '</ul>'; @@ -13957,12 +18981,12 @@ sub modify_loadbalancing { my @sparestypes = ('primary','default'); my %typetitles = &sparestype_titles(); my $resulttext; - my (%currbalancer,%currtargets,%currrules,%existing); + my (%currbalancer,%currtargets,%currrules,%existing,%currcookies); if (ref($domconfig{'loadbalancing'}) eq 'HASH') { %existing = %{$domconfig{'loadbalancing'}}; } &get_loadbalancers_config(\%servers,\%existing,\%currbalancer, - \%currtargets,\%currrules); + \%currtargets,\%currrules,\%currcookies); my ($saveloadbalancing,%defaultshash,%changes); my ($alltypes,$othertypes,$titles) = &loadbalancing_titles($dom,$intdom,$usertypes,$types); @@ -14014,6 +19038,18 @@ sub modify_loadbalancing { } $defaultshash{'loadbalancing'}{$balancer}{'targets'}{$sparetype} = \@offloadto; } + if ($env{'form.loadbalancing_cookie_'.$i}) { + $defaultshash{'loadbalancing'}{$balancer}{'cookie'} = 1; + if (exists($currbalancer{$balancer})) { + unless ($currcookies{$balancer}) { + $changes{'curr'}{$balancer}{'cookie'} = 1; + } + } + } elsif (exists($currbalancer{$balancer})) { + if ($currcookies{$balancer}) { + $changes{'curr'}{$balancer}{'cookie'} = 1; + } + } if (ref($currtargets{$balancer}) eq 'HASH') { foreach my $sparetype (@sparestypes) { if (ref($currtargets{$balancer}{$sparetype}) eq 'ARRAY') { @@ -14167,27 +19203,36 @@ sub modify_loadbalancing { } } } - if (keys(%toupdate)) { - my %thismachine; - my $updatedhere; - my $cachetime = 60*60*24; - map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids(); - foreach my $lonhost (keys(%toupdate)) { - if ($thismachine{$lonhost}) { - unless ($updatedhere) { - &Apache::lonnet::do_cache_new('loadbalancing',$dom, - $defaultshash{'loadbalancing'}, - $cachetime); - $updatedhere = 1; - } - } else { - my $cachekey = &escape('loadbalancing').':'.&escape($dom); - &Apache::lonnet::remote_devalidate_cache($lonhost,[$cachekey]); - } + if ($changes{'curr'}{$balancer}{'cookie'}) { + if ($currcookies{$balancer}) { + $resulttext .= '<li>'.&mt('Load Balancer: [_1] -- cookie use disabled', + $balancer).'</li>'; + } else { + $resulttext .= '<li>'.&mt('Load Balancer: [_1] -- cookie use enabled', + $balancer).'</li>'; } } } } + if (keys(%toupdate)) { + my %thismachine; + my $updatedhere; + my $cachetime = 60*60*24; + map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids(); + foreach my $lonhost (keys(%toupdate)) { + if ($thismachine{$lonhost}) { + unless ($updatedhere) { + &Apache::lonnet::do_cache_new('loadbalancing',$dom, + $defaultshash{'loadbalancing'}, + $cachetime); + $updatedhere = 1; + } + } else { + my $cachekey = &escape('loadbalancing').':'.&escape($dom); + &Apache::lonnet::remote_devalidate_cache($lonhost,[$cachekey]); + } + } + } if ($resulttext ne '') { $resulttext = &mt('Changes made:').'<ul>'.$resulttext.'</ul>'; } else { @@ -14396,12 +19441,12 @@ sub lonbalance_targets_js { } push(@alltypes,'default','_LC_adv','_LC_author','_LC_internetdom','_LC_external'); $allinsttypes = join("','",@alltypes); - my (%currbalancer,%currtargets,%currrules,%existing); + my (%currbalancer,%currtargets,%currrules,%existing,%currcookies); if (ref($settings) eq 'HASH') { %existing = %{$settings}; } &get_loadbalancers_config($servers,\%existing,\%currbalancer, - \%currtargets,\%currrules); + \%currtargets,\%currrules,\%currcookies); my $balancers = join("','",sort(keys(%currbalancer))); return <<"END"; @@ -14886,6 +19931,7 @@ function toggleDisplay(domForm,caller) { var optionsElement = domForm.coursecredits; var checkval = 1; var dispval = 'block'; + var selfcreateRegExp = /^cancreate_emailverified/; if (caller == 'emailoptions') { optionsElement = domForm.cancreate_email; } @@ -14896,6 +19942,11 @@ function toggleDisplay(domForm,caller) { optionsElement = domForm.canclone; checkval = 'instcode'; } + if (selfcreateRegExp.test(caller)) { + optionsElement = domForm.elements[caller]; + checkval = 'other'; + dispval = 'inline' + } if (optionsElement.length) { var currval; for (var i=0; i<optionsElement.length; i++) { @@ -14937,16 +19988,49 @@ sub devalidate_remote_domconfs { my %servers = &Apache::lonnet::internet_dom_servers($dom); my %thismachine; map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids(); - my @posscached = ('domainconfig','domdefaults','ltitools','usersessions','directorysrch'); + my @posscached = ('domainconfig','domdefaults','ltitools','usersessions', + 'directorysrch','passwdconf','cats','proxyalias','proxysaml', + 'ipaccess'); + my %cache_by_lonhost; + if (exists($cachekeys->{'samllanding'})) { + if (ref($cachekeys->{'samllanding'}) eq 'HASH') { + my %landing = %{$cachekeys->{'samllanding'}}; + my %domservers = &Apache::lonnet::get_servers($dom); + if (keys(%domservers)) { + foreach my $server (keys(%domservers)) { + my @cached; + next if ($thismachine{$server}); + if ($landing{$server}) { + push(@cached,&escape('samllanding').':'.&escape($server)); + } + if (@cached) { + $cache_by_lonhost{$server} = \@cached; + } + } + } + } + } if (keys(%servers)) { foreach my $server (keys(%servers)) { next if ($thismachine{$server}); my @cached; foreach my $name (@posscached) { if ($cachekeys->{$name}) { - push(@cached,&escape($name).':'.&escape($dom)); + if (($name eq 'proxyalias') || ($name eq 'proxysaml')) { + if (ref($cachekeys->{$name}) eq 'HASH') { + foreach my $key (keys(%{$cachekeys->{$name}})) { + push(@cached,&escape($name).':'.&escape($key)); + } + } + } else { + push(@cached,&escape($name).':'.&escape($dom)); + } } } + if ((exists($cache_by_lonhost{$server})) && + (ref($cache_by_lonhost{$server}) eq 'ARRAY')) { + push(@cached,@{$cache_by_lonhost{$server}}); + } if (@cached) { &Apache::lonnet::remote_devalidate_cache($server,\@cached); }