--- loncom/interface/domainprefs.pm 2022/11/11 02:30:19 1.416 +++ loncom/interface/domainprefs.pm 2023/06/03 19:26:31 1.426 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Handler to set domain-wide configuration settings # -# $Id: domainprefs.pm,v 1.416 2022/11/11 02:30:19 raeburn Exp $ +# $Id: domainprefs.pm,v 1.426 2023/06/03 19:26:31 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -105,7 +105,7 @@ $datatable - HTML containing form eleme In the case of course requests, radio buttons are displayed for each institutional affiliate type (and also default, and _LC_adv) for each of the course types (official, unofficial, community, textbook, placement, and lti). -In each case the radio buttons allow the selection of one of four values: +In each case the radio buttons allow the selection of one of four values: 0, approval, validate, autolimit=N (where N is blank, or a positive integer). which have the following effects: @@ -167,6 +167,7 @@ use Apache::lonmsg(); use Apache::lonconfigsettings; use Apache::lonuserutils(); use Apache::loncoursequeueadmin(); +use Apache::courseprefs(); use LONCAPA qw(:DEFAULT :match); use LONCAPA::Enrollment; use LONCAPA::lonauthcgi(); @@ -177,6 +178,7 @@ use DateTime::TimeZone; use DateTime::Locale; use Time::HiRes qw( sleep ); use Net::CIDR; +use Crypt::CBC; my $registered_cleanup; my $modified_urls; @@ -220,17 +222,27 @@ sub handler { 'serverstatuses','requestcourses','helpsettings', 'coursedefaults','usersessions','loadbalancing', 'requestauthor','selfenrollment','inststatus', - 'ltitools','ssl','trust','lti','ltisec','privacy','passwords', - 'proctoring','wafproxy','ipaccess'],$dom); + 'ltitools','toolsec','ssl','trust','lti','ltisec', + 'privacy','passwords','proctoring','wafproxy','ipaccess'],$dom); my %encconfig = &Apache::lonnet::get_dom('encconfig',['ltitools','lti','proctoring','linkprot'],$dom,undef,1); + my ($checked_is_home,$is_home); if (ref($domconfig{'ltitools'}) eq 'HASH') { if (ref($encconfig{'ltitools'}) eq 'HASH') { + my $home = &Apache::lonnet::domain($dom,'primary'); + unless (($home eq 'no_host') || ($home eq '')) { + my @ids=&Apache::lonnet::current_machine_ids(); + if (grep(/^\Q$home\E$/,@ids)) { + $is_home = 1; + } + } + $checked_is_home = 1; foreach my $id (keys(%{$domconfig{'ltitools'}})) { if ((ref($domconfig{'ltitools'}{$id}) eq 'HASH') && (ref($encconfig{'ltitools'}{$id}) eq 'HASH')) { - foreach my $item ('key','secret') { - $domconfig{'ltitools'}{$id}{$item} = $encconfig{'ltitools'}{$id}{$item}; + $domconfig{'ltitools'}{$id}{'key'} = $encconfig{'ltitools'}{$id}{'key'}; + if (($is_home) && ($phase eq 'process')) { + $domconfig{'ltitools'}{$id}{'secret'} = $encconfig{'ltitools'}{$id}{'secret'}; } } } @@ -238,11 +250,22 @@ sub handler { } if (ref($domconfig{'lti'}) eq 'HASH') { if (ref($encconfig{'lti'}) eq 'HASH') { + unless ($checked_is_home) { + my $home = &Apache::lonnet::domain($dom,'primary'); + unless (($home eq 'no_host') || ($home eq '')) { + my @ids=&Apache::lonnet::current_machine_ids(); + if (grep(/^\Q$home\E$/,@ids)) { + $is_home = 1; + } + } + $checked_is_home = 1; + } foreach my $id (keys(%{$domconfig{'lti'}})) { if ((ref($domconfig{'lti'}{$id}) eq 'HASH') && (ref($encconfig{'lti'}{$id}) eq 'HASH')) { - foreach my $item ('key','secret') { - $domconfig{'lti'}{$id}{$item} = $encconfig{'lti'}{$id}{$item}; + $domconfig{'lti'}{$id}{'key'} = $encconfig{'lti'}{$id}{'key'}; + if (($is_home) && ($phase eq 'process')) { + $domconfig{'lti'}{$id}{'secret'} = $encconfig{'lti'}{$id}{'secret'}; } } } @@ -581,11 +604,15 @@ sub handler { print => \&print_loadbalancing, modify => \&modify_loadbalancing, }, - 'ltitools' => + 'ltitools' => {text => 'External Tools (LTI)', help => 'Domain_Configuration_LTI_Tools', - header => [{col1 => 'Setting', - col2 => 'Value',}], + header => [{col1 => 'Encryption of shared secrets', + col2 => 'Settings'}, + {col1 => 'Rules for shared secrets', + col2 => 'Settings'}, + {col1 => 'Providers', + col2 => 'Settings',}], print => \&print_ltitools, modify => \&modify_ltitools, }, @@ -635,12 +662,12 @@ sub handler { print => \&print_trust, modify => \&modify_trust, }, - 'lti' => + 'lti' => {text => 'LTI Link Protection and LTI Consumers', help => 'Domain_Configuration_LTI_Provider', header => [{col1 => 'Encryption of shared secrets', col2 => 'Settings'}, - {col1 => 'Rules for shared secrets', + {col1 => 'Rules for shared secrets', col2 => 'Settings'}, {col1 => 'Link Protectors', col2 => 'Settings'}, @@ -649,7 +676,7 @@ sub handler { print => \&print_lti, modify => \&modify_lti, }, - 'ipaccess' => + 'ipaccess' => {text => 'IP-based access control', help => 'Domain_Configuration_IP_Access', header => [{col1 => 'Setting', @@ -890,12 +917,12 @@ sub print_config_box { &Apache::lonuserutils::custom_role_privs(\%privs,\%full,\%levels,\%levelscurrent); my @templateroles = &Apache::lonuserutils::custom_template_roles($context,$crstype); $output = - &Apache::lonuserutils::custom_roledefs_js($context,$crstype,$formname,\%full, + &Apache::lonuserutils::custom_roledefs_js($context,$crstype,$formname,\%full, \@templateroles); } elsif ($action eq 'ltitools') { - $output .= <itools_javascript($settings); + $output .= &Apache::lonconfigsettings::ltitools_javascript($settings); } elsif ($action eq 'lti') { - $output .= &passwords_javascript('secrets')."\n". + $output .= &passwords_javascript('ltisecrets')."\n". <i_javascript($dom,$settings); } elsif ($action eq 'proctoring') { $output .= &proctoring_javascript($settings); @@ -950,7 +977,8 @@ sub print_config_box { ($action eq 'usermodification') || ($action eq 'defaults') || ($action eq 'coursedefaults') || ($action eq 'selfenrollment') || ($action eq 'usersessions') || ($action eq 'ssl') || ($action eq 'directorysrch') || ($action eq 'trust') || ($action eq 'helpsettings') || - ($action eq 'contacts') || ($action eq 'privacy') || ($action eq 'wafproxy') || ($action eq 'lti')) { + ($action eq 'contacts') || ($action eq 'privacy') || ($action eq 'wafproxy') || + ($action eq 'lti') || ($action eq 'ltitools')) { $output .= $item->{'print'}->('top',$dom,$settings,\$rowtotal); } elsif ($action eq 'passwords') { $output .= $item->{'print'}->('top',$dom,$confname,$settings,\$rowtotal); @@ -986,7 +1014,8 @@ sub print_config_box { ($action eq 'selfcreation') || ($action eq 'selfenrollment') || ($action eq 'usersessions') || ($action eq 'coursecategories') || ($action eq 'trust') || ($action eq 'contacts') || ($action eq 'defaults') || - ($action eq 'privacy') || ($action eq 'passwords') || ($action eq 'lti')) { + ($action eq 'privacy') || ($action eq 'passwords') || ($action eq 'lti') || + ($action eq 'ltitools')) { if ($action eq 'coursecategories') { $output .= &print_coursecategories('middle',$dom,$item,$settings,\$rowtotal); $colspan = ' colspan="2"'; @@ -1277,8 +1306,7 @@ sub print_config_box { $output .= &print_quotas($dom,$settings,\$rowtotal,$action); } elsif (($action eq 'autoenroll') || ($action eq 'autocreate') || ($action eq 'serverstatuses') || ($action eq 'loadbalancing') || - ($action eq 'ltitools') || ($action eq 'proctoring') || - ($action eq 'ipaccess')) { + ($action eq 'proctoring') || ($action eq 'ipaccess')) { $output .= $item->{'print'}->($dom,$settings,\$rowtotal); } } @@ -3431,8 +3459,17 @@ ENDSCRIPT sub lti_javascript { my ($dom,$settings) = @_; my $togglejs = <i_toggle_js($dom); + my $linkprot_js = &Apache::courseprefs::linkprot_javascript(); unless (ref($settings) eq 'HASH') { - return $togglejs; + return $togglejs.' +<script type="text/javascript"> +// <![CDATA[ + +'.$linkprot_js.' + +// ]]> +</script> +'; } my (%ordered,$total,%jstext); $total = scalar(keys(%{$settings})); @@ -3450,7 +3487,6 @@ sub lti_javascript { push(@jsarray,$ordered{$item}); } my $jstext = ' var lti = Array('."'".join("','",@jsarray)."'".');'."\n"; - my $linkprot_js = &Apache::courseprefs::linkprot_javascript(); return <<"ENDSCRIPT"; <script type="text/javascript"> // <![CDATA[ @@ -3517,7 +3553,6 @@ sub lti_toggle_js { my %servers = &Apache::lonnet::get_servers($dom,'library'); my $primary = &Apache::lonnet::domain($dom,'primary'); my $course_servers = "'".join("','",keys(%servers))."'"; - return <<"ENDSCRIPT"; <script type="text/javascript"> // <![CDATA[ @@ -3616,7 +3651,7 @@ function toggleLTI(form,setting,item) { break; } } - } + } } if (!setvis) { if (document.getElementById(divid)) { @@ -3693,7 +3728,7 @@ function toggleLTI(form,setting,item) { var divid = 'lti_menufield_'+item; var setvis = ''; for (var i=0; i<menus.length; i++) { - var radioname = menus[i]; + var radioname = menus[i]; var num = form.elements[radioname].length; if (num) { for (var j=0; j<num; j++) { @@ -3721,124 +3756,6 @@ function toggleLTI(form,setting,item) { return; } -function toggleLTIEncKey(form) { - var shownhosts = new Array(); - var hiddenhosts = new Array(); - var forcourse = new Array($course_servers); - var fromdomain = '$primary'; - var crsradio = form.elements['ltisec_crslinkprot']; - if (crsradio.length) { - for (var i=0; i<crsradio.length; i++) { - if (crsradio[i].checked) { - if (crsradio[i].value == 1) { - if (forcourse.length > 0) { - for (var j=0; j<forcourse.length; j++) { - if (!shownhosts.includes(forcourse[j])) { - shownhosts.push(forcourse[j]); - } - } - } - } else { - if (forcourse.length > 0) { - for (var j=0; j<forcourse.length; j++) { - if (!hiddenhosts.includes(forcourse[j])) { - hiddenhosts.push(forcourse[j]); - } - } - } - } - } - } - } - var domradio = form.elements['ltisec_domlinkprot']; - if (domradio.length) { - for (var i=0; i<domradio.length; i++) { - if (domradio[i].checked) { - if (domradio[i].value == 1) { - if (!shownhosts.includes(fromdomain)) { - shownhosts.push(fromdomain); - } - } else { - if (!hiddenhosts.includes(fromdomain)) { - hiddenhosts.push(fromdomain); - } - } - } - } - } - var consumersradio = form.elements['ltisec_consumers']; - if (consumersradio.length) { - for (var i=0; i<consumersradio.length; i++) { - if (consumersradio[i].checked) { - if (consumersradio[i].value == 1) { - if (!shownhosts.includes(fromdomain)) { - shownhosts.push(fromdomain); - } - } else { - if (!hiddenhosts.includes(fromdomain)) { - hiddenhosts.push(fromdomain); - } - } - } - } - } - if (shownhosts.length > 0) { - for (var i=0; i<shownhosts.length; i++) { - if (document.getElementById('ltisec_info_'+shownhosts[i])) { - document.getElementById('ltisec_info_'+shownhosts[i]).style.display = 'block'; - } - } - if (document.getElementById('ltisec_noprivkey')) { - document.getElementById('ltisec_noprivkey').style.display = 'none'; - } - } else { - if (document.getElementById('ltisec_noprivkey')) { - document.getElementById('ltisec_noprivkey').style.display = 'inline-block'; - } - } - if (hiddenhosts.length > 0) { - for (var i=0; i<hiddenhosts.length; i++) { - if (!shownhosts.includes(hiddenhosts[i])) { - if (document.getElementById('ltisec_info_'+hiddenhosts[i])) { - document.getElementById('ltisec_info_'+hiddenhosts[i]).style.display = 'none'; - } - } - } - } - return; -} - -function togglePrivKey(form,hostid) { - var radioname = ''; - var currdivid = ''; - var newdivid = ''; - if ((document.getElementById('ltisec_divcurrprivkey_'+hostid)) && - (document.getElementById('ltisec_divchgprivkey_'+hostid))) { - currdivid = document.getElementById('ltisec_divcurrprivkey_'+hostid); - newdivid = document.getElementById('ltisec_divchgprivkey_'+hostid); - radioname = form.elements['ltisec_changeprivkey_'+hostid]; - if (radioname) { - if (radioname.length > 0) { - var setvis; - for (var i=0; i<radioname.length; i++) { - if (radioname[i].checked == true) { - if (radioname[i].value == 1) { - newdivid.style.display = 'inline-block'; - currdivid.style.display = 'none'; - setvis = 1; - } - break; - } - } - if (!setvis) { - newdivid.style.display = 'none'; - currdivid.style.display = 'inline-block'; - } - } - } - } -} - // ]]> </script> @@ -3919,16 +3836,16 @@ sub saml_javascript { return <<"ENDSCRIPT"; <script type="text/javascript"> // <![CDATA[ -function toggleSamlOptions(form,hostid) { +function toggleSamlOptions(form,hostid) { var radioname = 'saml_'+hostid; var tablecellon = 'samloptionson_'+hostid; var tablecelloff = 'samloptionsoff_'+hostid; var num = form.elements[radioname].length; if (num) { - var setvis = ''; + var setvis = ''; for (var i=0; i<num; i++) { if (form.elements[radioname][i].checked) { - if (form.elements[radioname][i].value == '1') { + if (form.elements[radioname][i].value == '1') { if (document.getElementById(tablecellon)) { document.getElementById(tablecellon).style.display=''; } @@ -4696,7 +4613,7 @@ sub print_contacts { map {$excluded{$_} = 1; } @{$lonstatus{'excluded'}}; } } - foreach my $item ('errorthreshold','errorsysmail') { + foreach my $item ('errorthreshold','errorsysmail') { $css_class = $rownum%2?' class="LC_odd_row"':''; $datatable .= '<tr'.$css_class.'>'. '<td class="LC_left_item"><span class="LC_nobreak">'. @@ -4778,7 +4695,7 @@ sub print_contacts { $includeloc{'override_'.$key} = ''; $includestr{'override_'.$key} = ''; if ($settings->{'overrides'}{$key}{'include'} ne '') { - ($includeloc{'override_'.$key},$includestr{'override_'.$key}) = + ($includeloc{'override_'.$key},$includestr{'override_'.$key}) = split(/:/,$settings->{'overrides'}{$key}{'include'},2); $includestr{'override_'.$key} = &unescape($includestr{'override_'.$key}); } @@ -4790,7 +4707,6 @@ sub print_contacts { my $optionsprefix = 'LC_options_helpdesk_'; my $onclicktypes = "toggleHelpdeskRow(this.form,'overrides','$customclass','$optionsprefix');"; - $datatable .= &insttypes_row($settings,$types,$usertypes,$dom, $numinrow,$othertitle,'overrides', \$rownum,$onclicktypes,$customclass); @@ -4857,7 +4773,7 @@ sub overridden_helpdesk { } my $title; if (ref($short_titles) eq 'HASH') { - $title = $short_titles->{$item}; + $title = $short_titles->{$item}; } $output .= '<label>'. '<input type="checkbox" name="override_'.$type.'"'.$check. @@ -4936,7 +4852,6 @@ function toggleHelpdeskRow(form,checkbox return; } - // ]]> </script> @@ -5390,421 +5305,50 @@ sub radiobutton_prefs { } sub print_ltitools { - my ($dom,$settings,$rowtotal) = @_; - my $rownum = 0; - my $css_class; - my $itemcount = 1; - my $maxnum = 0; - my %ordered; + my ($position,$dom,$settings,$rowtotal) = @_; + my (%rules,%encrypt,%privkeys,%linkprot); if (ref($settings) eq 'HASH') { - foreach my $item (keys(%{$settings})) { - if (ref($settings->{$item}) eq 'HASH') { - my $num = $settings->{$item}{'order'}; - $ordered{$num} = $item; - } - } - } - my $confname = $dom.'-domainconfig'; - my $switchserver = &check_switchserver($dom,$confname); - my $maxnum = scalar(keys(%ordered)); - my $datatable; - my %lt = <itools_names(); - my @courseroles = ('cc','in','ta','ep','st'); - my @ltiroles = qw(Instructor ContentDeveloper TeachingAssistant Learner); - my @fields = ('fullname','firstname','lastname','email','roles','user'); - if (keys(%ordered)) { - my @items = sort { $a <=> $b } keys(%ordered); - for (my $i=0; $i<@items; $i++) { - $css_class = $itemcount%2?' class="LC_odd_row"':''; - my $item = $ordered{$items[$i]}; - my ($title,$key,$secret,$url,$lifetime,$imgsrc,%sigsel); - if (ref($settings->{$item}) eq 'HASH') { - $title = $settings->{$item}->{'title'}; - $url = $settings->{$item}->{'url'}; - $key = $settings->{$item}->{'key'}; - $secret = $settings->{$item}->{'secret'}; - $lifetime = $settings->{$item}->{'lifetime'}; - my $image = $settings->{$item}->{'image'}; - if ($image ne '') { - $imgsrc = '<img src="'.$image.'" alt="'.&mt('Tool Provider icon').'" />'; - } - if ($settings->{$item}->{'sigmethod'} eq 'HMAC-256') { - $sigsel{'HMAC-256'} = ' selected="selected"'; - } else { - $sigsel{'HMAC-SHA1'} = ' selected="selected"'; - } - } - my $chgstr = ' onchange="javascript:reorderLTITools(this.form,'."'ltitools_".$item."'".');"'; - $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">' - .'<select name="ltitools_'.$item.'"'.$chgstr.'>'; - for (my $k=0; $k<=$maxnum; $k++) { - my $vpos = $k+1; - my $selstr; - if ($k == $i) { - $selstr = ' selected="selected" '; - } - $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>'; - } - $datatable .= '</select>'.(' 'x2). - '<label><input type="checkbox" name="ltitools_del" value="'.$item.'" />'. - &mt('Delete?').'</label></span></td>'. - '<td colspan="2">'. - '<fieldset><legend>'.&mt('Required settings').'</legend>'. - '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="20" name="ltitools_title_'.$i.'" value="'.$title.'" /></span> '. - (' 'x2). - '<span class="LC_nobreak">'.$lt{'version'}.':<select name="ltitools_version_'.$i.'">'. - '<option value="LTI-1p0" selected="selected">1.1</option></select></span> '. - (' 'x2). - '<span class="LC_nobreak">'.$lt{'msgtype'}.':<select name="ltitools_msgtype_'.$i.'">'. - '<option value="basic-lti-launch-request" selected="selected">Launch</option></select></span> '. - (' 'x2). - '<span class="LC_nobreak">'.$lt{'sigmethod'}.':<select name="ltitools_sigmethod_'.$i.'">'. - '<option value="HMAC-SHA1"'.$sigsel{'HMAC-SHA1'}.'>HMAC-SHA1</option>'. - '<option value="HMAC-SHA256"'.$sigsel{'HMAC-SHA256'}.'>HMAC-SHA256</option></select></span>'. - '<br /><br />'. - '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="40" name="ltitools_url_'.$i.'"'. - ' value="'.$url.'" /></span>'. - (' 'x2). - '<span class="LC_nobreak">'.$lt{'key'}.':'. - '<input type="text" size="25" name="ltitools_key_'.$i.'" value="'.$key.'" /></span> '. - (' 'x2). - '<span class="LC_nobreak">'.$lt{'lifetime'}.':'. - '<input type="text" size="5" name="ltitools_lifetime_'.$i.'" value="'.$lifetime.'" /></span> '. - (' 'x2). - '<span class="LC_nobreak">'.$lt{'secret'}.':'. - '<input type="password" size="20" name="ltitools_secret_'.$i.'" value="'.$secret.'" />'. - '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.ltitools_secret_'.$i.'.type='."'text'".' } else { this.form.ltitools_secret_'.$i.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'. - '<input type="hidden" name="ltitools_id_'.$i.'" value="'.$item.'" /></span>'. - '</fieldset>'. - '<fieldset><legend>'.&mt('Optional settings').'</legend>'. - '<span class="LC_nobreak">'.&mt('Display target:'); - my %currdisp; - if (ref($settings->{$item}->{'display'}) eq 'HASH') { - if ($settings->{$item}->{'display'}->{'target'} eq 'window') { - $currdisp{'window'} = ' checked="checked"'; - } elsif ($settings->{$item}->{'display'}->{'target'} eq 'tab') { - $currdisp{'tab'} = ' checked="checked"'; - } else { - $currdisp{'iframe'} = ' checked="checked"'; - } - if ($settings->{$item}->{'display'}->{'width'} =~ /^(\d+)$/) { - $currdisp{'width'} = $1; - } - if ($settings->{$item}->{'display'}->{'height'} =~ /^(\d+)$/) { - $currdisp{'height'} = $1; - } - $currdisp{'linktext'} = $settings->{$item}->{'display'}->{'linktext'}; - $currdisp{'explanation'} = $settings->{$item}->{'display'}->{'explanation'}; - } else { - $currdisp{'iframe'} = ' checked="checked"'; - } - foreach my $disp ('iframe','tab','window') { - $datatable .= '<label><input type="radio" name="ltitools_target_'.$i.'" value="'.$disp.'"'.$currdisp{$disp}.' />'. - $lt{$disp}.'</label>'.(' 'x2); - } - $datatable .= (' 'x4); - foreach my $dimen ('width','height') { - $datatable .= '<label>'.$lt{$dimen}.' '. - '<input type="text" name="ltitools_'.$dimen.'_'.$i.'" size="5" value="'.$currdisp{$dimen}.'" /></label>'. - (' 'x2); - } - $datatable .= '</span><br />'. - '<div class="LC_left_float">'.$lt{'linktext'}.'<br />'. - '<input type="text" name="ltitools_linktext_'.$i.'" size="25" value="'.$currdisp{'linktext'}.'" /></div>'. - '<div class="LC_left_float">'.$lt{'explanation'}.'<br />'. - '<textarea name="ltitools_explanation_'.$i.'" rows="5" cols="40">'.$currdisp{'explanation'}. - '</textarea></div><div style=""></div><br />'; - my %units = ( - 'passback' => 'days', - 'roster' => 'seconds', - ); - foreach my $extra ('passback','roster') { - my $validsty = 'none'; - my $currvalid; - my $checkedon = ''; - my $checkedoff = ' checked="checked"'; - if ($settings->{$item}->{$extra}) { - $checkedon = $checkedoff; - $checkedoff = ''; - $validsty = 'inline-block'; - if ($settings->{$item}->{$extra.'valid'} =~ /^\d+\.?\d*$/) { - $currvalid = $settings->{$item}->{$extra.'valid'}; - } - } - my $onclick = ' onclick="toggleLTITools(this.form,'."'$extra','$i'".');"'; - $datatable .= '<div class="LC_floatleft"><span class="LC_nobreak">'.$lt{$extra}.' '. - '<label><input type="radio" name="ltitools_'.$extra.'_'.$i.'" value="0"'.$checkedoff.$onclick.' />'. - &mt('No').'</label>'.(' 'x2). - '<label><input type="radio" name="ltitools_'.$extra.'_'.$i.'" value="1"'.$checkedon.$onclick.' />'. - &mt('Yes').'</label></span></div>'. - '<div class="LC_floatleft" style="display:'.$validsty.';" id="ltitools_'.$extra.'time_'.$i.'">'. - '<span class="LC_nobreak">'. - &mt("at least [_1] $units{$extra} after launch", - '<input type="text" name="ltitools_'.$extra.'valid_'.$i.'" value="'.$currvalid.'" />'). - '</span></div><div style="padding:0;clear:both;margin:0;border:0"></div>'; - } - $datatable .= '<span class="LC_nobreak">'.$lt{'icon'}.': '; - if ($imgsrc) { - $datatable .= $imgsrc. - '<label><input type="checkbox" name="ltitools_image_del"'. - ' value="'.$item.'" />'.&mt('Delete?').'</label></span> '. - '<span class="LC_nobreak"> '.&mt('Replace:').' '; - } else { - $datatable .= '('.&mt('if larger than 21x21 pixels, image will be scaled').') '; - } - if ($switchserver) { - $datatable .= &mt('Upload to library server: [_1]',$switchserver); - } else { - $datatable .= '<input type="file" name="ltitools_image_'.$i.'" value="" />'; - } - $datatable .= '</span></fieldset>'; - my (%checkedfields,%rolemaps,$userincdom); - if (ref($settings->{$item}) eq 'HASH') { - if (ref($settings->{$item}->{'fields'}) eq 'HASH') { - %checkedfields = %{$settings->{$item}->{'fields'}}; - } - $userincdom = $settings->{$item}->{'incdom'}; - if (ref($settings->{$item}->{'roles'}) eq 'HASH') { - %rolemaps = %{$settings->{$item}->{'roles'}}; - $checkedfields{'roles'} = 1; - } - } - $datatable .= '<fieldset><legend>'.&mt('User data sent on launch').'</legend>'. - '<span class="LC_nobreak">'; - my $userfieldstyle = 'display:none;'; - my $seluserdom = ''; - my $unseluserdom = ' selected="selected"'; - foreach my $field (@fields) { - my ($checked,$onclick,$id,$spacer); - if ($checkedfields{$field}) { - $checked = ' checked="checked"'; - } - if ($field eq 'user') { - $id = ' id="ltitools_user_field_'.$i.'"'; - $onclick = ' onclick="toggleLTITools(this.form,'."'$field','$i'".')"'; - if ($checked) { - $userfieldstyle = 'display:inline-block'; - if ($userincdom) { - $seluserdom = $unseluserdom; - $unseluserdom = ''; - } + if ($position eq 'top') { + if (exists($settings->{'encrypt'})) { + if (ref($settings->{'encrypt'}) eq 'HASH') { + foreach my $key (keys(%{$settings->{'encrypt'}})) { + $encrypt{'toolsec_'.$key} = $settings->{'encrypt'}{$key}; } - } else { - $spacer = (' ' x2); } - $datatable .= '<label>'. - '<input type="checkbox" name="ltitools_fields_'.$i.'" value="'.$field.'"'.$id.$checked.$onclick.' />'. - $lt{$field}.'</label>'.$spacer; } - $datatable .= '</span>'; - $datatable .= '<div style="'.$userfieldstyle.'" id="ltitools_user_div_'.$i.'">'. - '<span class="LC_nobreak"> : '. - '<select name="ltitools_userincdom_'.$i.'">'. - '<option value="">'.&mt('Select').'</option>'. - '<option value="0"'.$unseluserdom.'>'.&mt('username').'</option>'. - '<option value="1"'.$seluserdom.'>'.&mt('username:domain').'</option>'. - '</select></span></div>'; - $datatable .= '</fieldset>'. - '<fieldset><legend>'.&mt('Role mapping').'</legend><table><tr>'; - foreach my $role (@courseroles) { - my ($selected,$selectnone); - if (!$rolemaps{$role}) { - $selectnone = ' selected="selected"'; - } - $datatable .= '<td style="text-align: center">'. - &Apache::lonnet::plaintext($role,'Course').'<br />'. - '<select name="ltitools_roles_'.$role.'_'.$i.'">'. - '<option value=""'.$selectnone.'>'.&mt('Select').'</option>'; - foreach my $ltirole (@ltiroles) { - unless ($selectnone) { - if ($rolemaps{$role} eq $ltirole) { - $selected = ' selected="selected"'; - } else { - $selected = ''; + if (exists($settings->{'private'})) { + if (ref($settings->{'private'}) eq 'HASH') { + if (ref($settings->{'private'}) eq 'HASH') { + if (ref($settings->{'private'}{'keys'}) eq 'ARRAY') { + map { $privkeys{$_} = 1; } (@{$settings->{'private'}{'keys'}}); } } - $datatable .= '<option value="'.$ltirole.'"'.$selected.'>'.$ltirole.'</option>'; - } - $datatable .= '</select></td>'; - } - $datatable .= '</tr></table></fieldset>'; - my %courseconfig; - if (ref($settings->{$item}) eq 'HASH') { - if (ref($settings->{$item}->{'crsconf'}) eq 'HASH') { - %courseconfig = %{$settings->{$item}->{'crsconf'}}; } } - $datatable .= '<fieldset><legend>'.&mt('Configurable in course').'</legend><span class="LC_nobreak">'; - foreach my $item ('label','title','target','linktext','explanation','append') { - my $checked; - if ($courseconfig{$item}) { - $checked = ' checked="checked"'; + } elsif ($position eq 'middle') { + if (exists($settings->{'rules'})) { + if (ref($settings->{'rules'}) eq 'HASH') { + %rules = %{$settings->{'rules'}}; } - $datatable .= '<label>'. - '<input type="checkbox" name="ltitools_courseconfig_'.$i.'" value="'.$item.'"'.$checked.' />'. - $lt{'crs'.$item}.'</label> '."\n"; } - $datatable .= '</span></fieldset>'. - '<fieldset><legend>'.&mt('Custom items sent on launch').'</legend>'. - '<table><tr><th>'.&mt('Action').'</th><th>'.&mt('Name').'</th><th>'.&mt('Value').'</th></tr>'; - if (ref($settings->{$item}->{'custom'}) eq 'HASH') { - my %custom = %{$settings->{$item}->{'custom'}}; - if (keys(%custom) > 0) { - foreach my $key (sort(keys(%custom))) { - $datatable .= '<tr><td><span class="LC_nobreak">'. - '<label><input type="checkbox" name="ltitools_customdel_'.$i.'" value="'. - $key.'" />'.&mt('Delete').'</label></span></td><td>'.$key.'</td>'. - '<td><input type="text" name="ltitools_customval_'.$key.'_'.$i.'"'. - ' value="'.$custom{$key}.'" /></td></tr>'; - } + } else { + foreach my $key ('encrypt','private','rules') { + if (exists($settings->{$key})) { + delete($settings->{$key}); } } - $datatable .= '<tr><td><span class="LC_nobreak">'. - '<label><input type="checkbox" name="ltitools_customadd" value="'.$i.'" />'. - &mt('Add').'</label></span></td><td><input type="text" name="ltitools_custom_name_'.$i.'" />'. - '</td><td><input type="text" name="ltitools_custom_value_'.$i.'" /></td></tr>'; - $datatable .= '</table></fieldset></td></tr>'."\n"; - $itemcount ++; } } - $css_class = $itemcount%2?' class="LC_odd_row"':''; - my $chgstr = ' onchange="javascript:reorderLTITools(this.form,'."'ltitools_add_pos'".');"'; - $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'."\n". - '<input type="hidden" name="ltitools_maxnum" value="'.$maxnum.'" />'."\n". - '<select name="ltitools_add_pos"'.$chgstr.'>'; - for (my $k=0; $k<$maxnum+1; $k++) { - my $vpos = $k+1; - my $selstr; - if ($k == $maxnum) { - $selstr = ' selected="selected" '; - } - $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>'; + my $datatable; + my $itemcount = 1; + if ($position eq 'top') { + $datatable = &secrets_form($dom,'toolsec',\%encrypt,\%privkeys,$rowtotal); + } elsif ($position eq 'middle') { + $datatable = &password_rules('toolsecrets',\$itemcount,\%rules); + $$rowtotal += $itemcount; + } else { + $datatable = &Apache::courseprefs::print_ltitools($dom,'',$settings,\$rowtotal,'','','domain'); } - $datatable .= '</select> '."\n". - '<input type="checkbox" name="ltitools_add" value="1" />'.&mt('Add').'</span></td>'."\n". - '<td colspan="2">'. - '<fieldset><legend>'.&mt('Required settings').'</legend>'. - '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="20" name="ltitools_add_title" value="" /></span> '."\n". - (' 'x2). - '<span class="LC_nobreak">'.$lt{'version'}.':<select name="ltitools_add_version">'. - '<option value="LTI-1p0" selected="selected">1.1</option></select></span> '."\n". - (' 'x2). - '<span class="LC_nobreak">'.$lt{'msgtype'}.':<select name="ltitools_add_msgtype">'. - '<option value="basic-lti-launch-request" selected="selected">Launch</option></select></span> '. - '<span class="LC_nobreak">'.$lt{'sigmethod'}.':<select name="ltitools_add_sigmethod">'. - '<option value="HMAC-SHA1" selected="selected">HMAC-SHA1</option>'. - '<option value="HMAC-SHA256">HMAC-SHA256</option></select></span>'. - '<br />'. - '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="40" name="ltitools_add_url" value="" /></span> '."\n". - (' 'x2). - '<span class="LC_nobreak">'.$lt{'key'}.':<input type="text" size="25" name="ltitools_add_key" value="" /></span> '."\n". - (' 'x2). - '<span class="LC_nobreak">'.$lt{'lifetime'}.':<input type="text" size="5" name="ltitools_add_lifetime" value="300" /></span> '."\n". - (' 'x2). - '<span class="LC_nobreak">'.$lt{'secret'}.':<input type="password" size="20" name="ltitools_add_secret" value="" />'. - '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.ltitools_add_secret.type='."'text'".' } else { this.form.ltitools_add_secret.type='."'password'".' }" />'.&mt('Visible input').'</label></span> '."\n". - '</fieldset>'. - '<fieldset><legend>'.&mt('Optional settings').'</legend>'. - '<span class="LC_nobreak">'.&mt('Display target:'); - my %defaultdisp; - $defaultdisp{'iframe'} = ' checked="checked"'; - foreach my $disp ('iframe','tab','window') { - $datatable .= '<label><input type="radio" name="ltitools_add_target" value="'.$disp.'"'.$defaultdisp{$disp}.' />'. - $lt{$disp}.'</label>'.(' 'x2); - } - $datatable .= (' 'x4); - foreach my $dimen ('width','height') { - $datatable .= '<label>'.$lt{$dimen}.' '. - '<input type="text" name="ltitools_add_'.$dimen.'" size="5" /></label>'. - (' 'x2); - } - $datatable .= '</span><br />'. - '<div class="LC_left_float">'.$lt{'linktext'}.'<br />'. - '<input type="text" name="ltitools_add_linktext" size="5" /></div>'. - '<div class="LC_left_float">'.$lt{'explanation'}.'<br />'. - '<textarea name="ltitools_add_explanation" rows="5" cols="40"></textarea>'. - '</div><div style=""></div><br />'; - my %units = ( - 'passback' => 'days', - 'roster' => 'seconds', - ); - my %defaulttimes = ( - 'passback' => '7', - 'roster' => '300', - ); - foreach my $extra ('passback','roster') { - my $onclick = ' onclick="toggleLTITools(this.form,'."'$extra','add'".');"'; - $datatable .= '<div class="LC_floatleft"><span class="LC_nobreak">'.$lt{$extra}.' '. - '<label><input type="radio" name="ltitools_'.$extra.'_add" value="0" checked="checked"'.$onclick.' />'. - &mt('No').'</label></span>'.(' 'x2).'<span class="LC_nobreak">'. - '<label><input type="radio" name="ltitools_'.$extra.'_add" value="1"'.$onclick.' />'. - &mt('Yes').'</label></span></div>'. - '<div class="LC_floatleft" style="display:none;" id="ltitools_'.$extra.'time_add">'. - '<span class="LC_nobreak">'. - &mt("at least [_1] $units{$extra} after launch", - '<input type="text" name="ltitools_'.$extra.'valid_add" value="'.$defaulttimes{$extra}.'" />'). - '</span></div><div style="padding:0;clear:both;margin:0;border:0"></div>'; - } - $datatable .= '<span class="LC_nobreak">'.$lt{'icon'}.': '. - '('.&mt('if larger than 21x21 pixels, image will be scaled').') '; - if ($switchserver) { - $datatable .= &mt('Upload to library server: [_1]',$switchserver); - } else { - $datatable .= '<input type="file" name="ltitools_add_image" value="" />'; - } - $datatable .= '</span></fieldset>'. - '<fieldset><legend>'.&mt('User data sent on launch').'</legend>'. - '<span class="LC_nobreak">'; - foreach my $field (@fields) { - my ($id,$onclick,$spacer); - if ($field eq 'user') { - $id = ' id="ltitools_user_field_add"'; - $onclick = ' onclick="toggleLTITools(this.form,'."'$field','add'".')"'; - } else { - $spacer = (' ' x2); - } - $datatable .= '<label>'. - '<input type="checkbox" name="ltitools_add_fields" value="'.$field.'"'.$id.$onclick.' />'. - $lt{$field}.'</label>'.$spacer; - } - $datatable .= '</span>'. - '<div style="display:none;" id="ltitools_user_div_add">'. - '<span class="LC_nobreak"> : '. - '<select name="ltitools_userincdom_add">'. - '<option value="" selected="selected">'.&mt('Select').'</option>'. - '<option value="0">'.&mt('username').'</option>'. - '<option value="1">'.&mt('username:domain').'</option>'. - '</select></span></div></fieldset>'; - $datatable .= '<fieldset><legend>'.&mt('Role mapping').'</legend><table><tr>'; - foreach my $role (@courseroles) { - my ($checked,$checkednone); - $datatable .= '<td style="text-align: center">'. - &Apache::lonnet::plaintext($role,'Course').'<br />'. - '<select name="ltitools_add_roles_'.$role.'">'. - '<option value="" selected="selected">'.&mt('Select').'</option>'; - foreach my $ltirole (@ltiroles) { - $datatable .= '<option value="'.$ltirole.'">'.$ltirole.'</option>'; - } - $datatable .= '</select></td>'; - } - $datatable .= '</tr></table></fieldset>'. - '<fieldset><legend>'.&mt('Configurable in course').'</legend><span class="LC_nobreak">'; - foreach my $item ('label','title','target','linktext','explanation','append') { - $datatable .= '<label>'. - '<input type="checkbox" name="ltitools_courseconfig" value="'.$item.'" checked="checked" />'. - $lt{'crs'.$item}.'</label>'.(' ' x2)."\n"; - } - $datatable .= '</span></fieldset>'. - '<fieldset><legend>'.&mt('Custom items sent on launch').'</legend>'. - '<table><tr><th>'.&mt('Action').'</th><th>'.&mt('Name').'</th><th>'.&mt('Value').'</th></tr>'. - '<tr><td><span class="LC_nobreak">'. - '<label><input type="checkbox" name="ltitools_add_custom" value="1" />'. - &mt('Add').'</label></span></td><td><input type="text" name="ltitools_add_custom_name" />'. - '</td><td><input type="text" name="ltitools_add_custom_value" /></td></tr>'. - '</table></fieldset>'."\n". - '</td>'."\n". - '</tr>'."\n"; - $itemcount ++; return $datatable; } @@ -5818,7 +5362,7 @@ sub ltitools_names { 'key' => 'Key', 'lifetime' => 'Nonce lifetime (s)', 'secret' => 'Secret', - 'icon' => 'Icon', + 'icon' => 'Icon', 'user' => 'User', 'fullname' => 'Full Name', 'firstname' => 'First Name', @@ -5836,7 +5380,7 @@ sub ltitools_names { 'roster' => 'Tool can retrieve roster:', 'crstarget' => 'Display target', 'crslabel' => 'Course label', - 'crstitle' => 'Course title', + 'crstitle' => 'Course title', 'crslinktext' => 'Link Text', 'crsexplanation' => 'Explanation', 'crsappend' => 'Provider URL', @@ -5844,6 +5388,123 @@ sub ltitools_names { return %lt; } +sub secrets_form { + my ($dom,$context,$encrypt,$privkeys,$rowtotal) = @_; + my @ids=&Apache::lonnet::current_machine_ids(); + my %servers = &Apache::lonnet::get_servers($dom,'library'); + my $primary = &Apache::lonnet::domain($dom,'primary'); + my ($css_class,$extra,$numshown,$itemcount,$output); + $itemcount = 0; + foreach my $hostid (sort(keys(%servers))) { + my ($showextra,$divsty,$switch); + if ($hostid eq $primary) { + if ($context eq 'ltisec') { + if (($encrypt->{'ltisec_consumers'}) || ($encrypt->{'ltisec_domlinkprot'})) { + $showextra = 1; + } + if ($encrypt->{'ltisec_crslinkprot'}) { + $showextra = 1; + } + } else { + if (($encrypt->{'toolsec_crs'}) || ($encrypt->{'toolsec_dom'})) { + $showextra = 1; + } + } + unless (grep(/^\Q$hostid\E$/,@ids)) { + $switch = 1; + } + if ($showextra) { + $numshown ++; + $divsty = 'display:inline-block'; + } else { + $divsty = 'display:none'; + } + $extra .= '<fieldset id="'.$context.'_info_'.$hostid.'" style="'.$divsty.'">'. + '<legend>'.$hostid.'</legend>'; + if ($switch) { + my $switchserver = '<a href="/adm/switchserver?otherserver='.$hostid.'&role='. + &HTML::Entities::encode($env{'request.role'},'\'<>"&'). + '&destinationurl=/adm/domainprefs">'.&mt('Switch Server').'</a>'; + if (exists($privkeys->{$hostid})) { + $extra .= '<div id="'.$context.'_divcurrprivkey_'.$hostid.'" style="display:inline-block" />'. + '<span class="LC_nobreak">'. + &mt('Encryption Key').': ['.&mt('not shown').'] '.(' 'x2).'</span></div>'. + '<span class="LC_nobreak">'.&mt('Change?'). + '<label><input type="radio" value="0" name="'.$context.'_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$context','$hostid'".');" checked="checked" />'.&mt('No').'</label>'. + (' 'x2). + '<label><input type="radio" value="1" name="'.$context.'_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$context','$hostid'".');" />'.&mt('Yes'). + '</label> </span><div id="'.$context.'_divchgprivkey_'.$hostid.'" style="display:none" />'. + '<span class="LC_nobreak"> - '.&mt('submit from server ([_1]): [_2].',$hostid,$switchserver). + '</span></div>'; + } else { + $extra .= '<span class="LC_nobreak">'. + &mt('Key required').' - '.&mt('submit from server ([_1]): [_2].',$hostid,$switchserver). + '</span>'."\n"; + } + } elsif (exists($privkeys->{$hostid})) { + $extra .= '<div id="'.$context.'_divcurrprivkey_'.$hostid.'" style="display:inline-block" /><span class="LC_nobreak">'. + &mt('Encryption Key').': ['.&mt('not shown').'] '.(' 'x2).'</span></div>'. + '<span class="LC_nobreak">'.&mt('Change?'). + '<label><input type="radio" value="0" name="'.$context.'_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$context','$hostid'".');" checked="checked" />'.&mt('No').'</label>'. + (' 'x2). + '<label><input type="radio" value="1" name="'.$context.'_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$context','$hostid'".');" />'.&mt('Yes'). + '</label> </span><div id="'.$context.'_divchgprivkey_'.$hostid.'" style="display:none" />'. + '<span class="LC_nobreak">'.&mt('New Key').':'. + '<input type="password" size="20" name="'.$context.'_privkey_'.$hostid.'" value="" autocomplete="new-password" />'. + '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.'.$context.'_privkey_'.$hostid.'.type='."'text'".' } else { this.form.'.$context.'_privkey_'.$hostid.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'. + '</span></div>'; + } else { + $extra .= '<span class="LC_nobreak">'.&mt('Encryption Key').':'. + '<input type="password" size="20" name="'.$context.'_privkey_'.$hostid.'" value="" autocomplete="new-password" />'. + '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.'.$context.'_privkey_'.$hostid.'.type='."'text'".' } else { this.form.'.$context.'_privkey_'.$hostid.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'; + } + $extra .= '</fieldset>'; + } + } + my (%choices,@toggles,%defaultchecked); + if ($context eq 'ltisec') { + %choices = &Apache::lonlocal::texthash ( + ltisec_crslinkprot => 'Encrypt stored link protection secrets defined in courses', + ltisec_domlinkprot => 'Encrypt stored link protection secrets defined in domain', + ltisec_consumers => 'Encrypt stored consumer secrets defined in domain', + ); + @toggles = qw(ltisec_crslinkprot ltisec_domlinkprot ltisec_consumers); + %defaultchecked = ( + 'ltisec_crslinkprot' => 'off', + 'ltisec_domlinkprot' => 'off', + 'ltisec_consumers' => 'off', + ); + } else { + %choices = &Apache::lonlocal::texthash ( + toolsec_crs => 'Encrypt stored external tool secrets defined in courses', + toolsec_dom => 'Encrypt stored external tool secrets defined in domain', + ); + @toggles = qw(toolsec_crs toolsec_dom); + %defaultchecked = ( + 'toolsec_crs' => 'off', + 'toolsec_dom' => 'off', + ); + } + my ($onclick,$itemcount); + $onclick = 'javascript:toggleLTIEncKey(this.form,'."'$context'".');'; + ($output,$itemcount) = &radiobutton_prefs($encrypt,\@toggles,\%defaultchecked, + \%choices,$itemcount,$onclick,'','left','no'); + + $css_class = $itemcount%2?' class="LC_odd_row"':''; + my $noprivkeysty = 'display:inline-block'; + if ($numshown) { + $noprivkeysty = 'display:none'; + } + $output .= '<tr '.$css_class.'><td><span class="LC_nobreak">'.&mt('Encryption Key(s)').'</td>'. + '<td><div id="'.$context.'_noprivkey" style="'.$noprivkeysty.'" >'. + '<span class="LC_nobreak">'.&mt('Not in use').'</span></div>'. + $extra. + '</td></tr>'; + $itemcount ++; + $$rowtotal += $itemcount; + return $output; +} + sub print_proctoring { my ($dom,$settings,$rowtotal) = @_; my $itemcount = 1; @@ -6529,104 +6190,16 @@ sub print_lti { } } if ($position eq 'top') { - my @ids=&Apache::lonnet::current_machine_ids(); - my %servers = &Apache::lonnet::get_servers($dom,'library'); - my $primary = &Apache::lonnet::domain($dom,'primary'); - my ($extra,$numshown); - foreach my $hostid (sort(keys(%servers))) { - my ($showextra,$divsty,$switch); - if ($hostid eq $primary) { - if (($encrypt{'ltisec_consumers'}) || ($encrypt{'ltisec_domlinkprot'})) { - $showextra = 1; - } - } - if ($encrypt{'ltisec_crslinkprot'}) { - $showextra = 1; - } - unless (grep(/^\Q$hostid\E$/,@ids)) { - $switch = 1; - } - if ($showextra) { - $numshown ++; - $divsty = 'display:inline-block'; - } else { - $divsty = 'display:none'; - } - $extra .= '<fieldset id="ltisec_info_'.$hostid.'" style="'.$divsty.'">'. - '<legend>'.$hostid.'</legend>'; - if ($switch) { - my $switchserver = '<a href="/adm/switchserver?otherserver='.$hostid.'&role='. - &HTML::Entities::encode($env{'request.role'},'\'<>"&'). - '&destinationurl=/adm/domainprefs">'.&mt('Switch Server').'</a>'; - if (exists($privkeys{$hostid})) { - $extra .= '<div id="ltisec_divcurrprivkey_'.$hostid.'" style="display:inline-block" />'. - '<span class="LC_nobreak">'. - &mt('Encryption Key').': ['.&mt('not shown').'] '.(' 'x2).'</span></div>'. - '<span class="LC_nobreak">'.&mt('Change?'). - '<label><input type="radio" value="0" name="ltisec_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$hostid'".');" checked="checked" />'.&mt('No').'</label>'. - (' 'x2). - '<label><input type="radio" value="1" name="ltisec_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$hostid'".');" />'.&mt('Yes'). - '</label> </span><div id="ltisec_divchgprivkey_'.$hostid.'" style="display:none" />'. - '<span class="LC_nobreak"> - '.&mt('submit from server ([_1]): [_2].',$hostid,$switchserver). - '</span></div>'; - } else { - $extra .= '<span class="LC_nobreak">'. - &mt('Key required').' - '.&mt('submit from server ([_1]): [_2].',$hostid,$switchserver). - '</span>'."\n"; - } - } elsif (exists($privkeys{$hostid})) { - $extra .= '<div id="ltisec_divcurrprivkey_'.$hostid.'" style="display:inline-block" /><span class="LC_nobreak">'. - &mt('Encryption Key').': ['.&mt('not shown').'] '.(' 'x2).'</span></div>'. - '<span class="LC_nobreak">'.&mt('Change?'). - '<label><input type="radio" value="0" name="ltisec_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$hostid'".');" checked="checked" />'.&mt('No').'</label>'. - (' 'x2). - '<label><input type="radio" value="1" name="ltisec_changeprivkey_'.$hostid.'" onclick="javascript:togglePrivKey(this.form,'."'$hostid'".');" />'.&mt('Yes'). - '</label> </span><div id="ltisec_divchgprivkey_'.$hostid.'" style="display:none" />'. - '<span class="LC_nobreak">'.&mt('New Key').':'. - '<input type="password" size="20" name="ltisec_privkey_'.$hostid.'" value="" autocomplete="new-password" />'. - '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.ltisec_privkey_'.$hostid.'.type='."'text'".' } else { this.form.ltisec_privkey_'.$hostid.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'. - '</span></div>'; - } else { - $extra .= '<span class="LC_nobreak">'.&mt('Encryption Key').':'. - '<input type="password" size="20" name="ltisec_privkey_'.$hostid.'" value="" autocomplete="new-password" />'. - '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.ltisec_privkey_'.$hostid.'.type='."'text'".' } else { this.form.ltisec_privkey_'.$hostid.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'; - } - $extra .= '</fieldset>'; - } - my %choices = &Apache::lonlocal::texthash ( - ltisec_crslinkprot => 'Encrypt stored link protection secrets defined in courses', - ltisec_domlinkprot => 'Encrypt stored link protection secrets defined in domain', - ltisec_consumers => 'Encrypt stored consumer secrets defined in domain', - ); - my @toggles = qw(ltisec_crslinkprot ltisec_domlinkprot ltisec_consumers); - my %defaultchecked = ( - 'ltisec_crslinkprot' => 'off', - 'ltisec_domlinkprot' => 'off', - 'ltisec_consumers' => 'off', - ); - my ($onclick,$itemcount); - $onclick = 'javascript:toggleLTIEncKey(this.form);'; - ($datatable,$itemcount) = &radiobutton_prefs(\%encrypt,\@toggles,\%defaultchecked, - \%choices,$itemcount,$onclick,'','left','no'); - - $css_class = $itemcount%2?' class="LC_odd_row"':''; - my $noprivkeysty = 'display:inline-block'; - if ($numshown) { - $noprivkeysty = 'display:none'; - } - $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'.&mt('Encryption Key(s)').'</td>'. - '<td><div id="ltisec_noprivkey" style="'.$noprivkeysty.'" >'. - '<span class="LC_nobreak">'.&mt('Not in use').'</span></div>'. - $extra. - '</td></tr>'; - $itemcount ++; - $$rowtotal += $itemcount; + $datatable = &secrets_form($dom,'ltisec',\%encrypt,\%privkeys,$rowtotal); } elsif ($position eq 'middle') { - $datatable = &password_rules('secrets',\$itemcount,\%rules); + $datatable = &password_rules('ltisecrets',\$itemcount,\%rules); $$rowtotal += $itemcount; } elsif ($position eq 'lower') { $datatable .= &Apache::courseprefs::print_linkprotection($dom,'',$settings,$rowtotal,'','','domain'); } else { + my ($switchserver,$switchmessage); + $switchserver = &check_switchserver($dom); + $switchmessage = &mt("submit from domain's primary library server: [_1].",$switchserver); my $maxnum = 0; my %ordered; if (ref($settings) eq 'HASH') { @@ -6647,10 +6220,10 @@ sub print_lti { for (my $i=0; $i<@items; $i++) { $css_class = $itemcount%2?' class="LC_odd_row"':''; my $item = $ordered{$items[$i]}; - my ($key,$secret,$lifetime,$consumer,$requser,$crsinc,$current); + my ($key,$secret,$usable,$lifetime,$consumer,$requser,$crsinc,$current); if (ref($settings->{$item}) eq 'HASH') { $key = $settings->{$item}->{'key'}; - $secret = $settings->{$item}->{'secret'}; + $usable = $settings->{$item}->{'usable'}; $lifetime = $settings->{$item}->{'lifetime'}; $consumer = $settings->{$item}->{'consumer'}; $requser = $settings->{$item}->{'requser'}; @@ -6698,8 +6271,56 @@ sub print_lti { '<option value="LTI-1p0" selected="selected">1.1</option></select></span> '. (' 'x2). '<span class="LC_nobreak">'.$lt{'lifetime'}.':<input type="text" name="lti_lifetime_'.$i.'"'. - 'value="'.$lifetime.'" size="3" /></span>'. - (' 'x2). + 'value="'.$lifetime.'" size="3" /></span><br /><br />'; + if ($key ne '') { + $datatable .= '<span class="LC_nobreak">'.$lt{'key'}; + if ($switchserver) { + $datatable .= ': ['.&mt('[_1] to view/edit',$switchserver).']'; + } else { + $datatable .= ':<input type="text" size="25" name="lti_key_'.$i.'" value="'.$key.'" autocomplete="off" />'; + } + $datatable .= '</span> '.(' 'x2); + } elsif (!$switchserver) { + $datatable .= '<span class="LC_nobreak">'.$lt{'key'}.':'. + '<input type="text" size="25" name="lti_key_'.$i.'" value="'.$key.'" autocomplete="off" />'. + '</span> '.(' 'x2); + } + if ($switchserver) { + if ($usable ne '') { + $datatable .= '<div id="lti_divcurrsecret_'.$i.'" style="display:inline-block" /><span class="LC_nobreak">'. + $lt{'secret'}.': ['.&mt('not shown').'] '.(' 'x2).'</span></div>'. + '<span class="LC_nobreak">'.&mt('Change secret?'). + '<label><input type="radio" value="0" name="lti_changesecret_'.$i.'" onclick="javascript:toggleChgSecret(this.form,'."'$i','secret','lti'".');" checked="checked" />'.&mt('No').'</label>'. + (' 'x2). + '<label><input type="radio" value="1" name="lti_changesecret_'.$i.'" onclick="javascript:toggleChgSecret(this.form,'."'$i','secret','lti'".');" />'.&mt('Yes').'</label>'.(' 'x2). + '</span><div id="lti_divchgsecret_'.$i.'" style="display:none" />'. + '<span class="LC_nobreak"> - '.$switchmessage.'</span>'. + '</div>'; + } elsif ($key eq '') { + $datatable .= '<span class="LC_nobreak">'.&mt('Key and Secret are required').' - '.$switchmessage.'</span>'."\n"; + } else { + $datatable .= '<span class="LC_nobreak">'.&mt('Secret required').' - '.$switchmessage.'</span>'."\n"; + } + } else { + if ($usable ne '') { + $datatable .= '<div id="lti_divcurrsecret_'.$i.'" style="display:inline-block" /><span class="LC_nobreak">'. + $lt{'secret'}.': ['.&mt('not shown').'] '.(' 'x2).'</span></div>'. + '<span class="LC_nobreak">'.&mt('Change?'). + '<label><input type="radio" value="0" name="lti_changesecret_'.$i.'" onclick="javascript:toggleChgSecret(this.form,'."'$i','secret','lti'".');" checked="checked" />'.&mt('No').'</label>'. + (' 'x2). + '<label><input type="radio" value="1" name="lti_changesecret_'.$i.'" onclick="javascript:toggleChgSecret(this.form,'."'$i','secret','lti'".');" />'.&mt('Yes'). + '</label> </span><div id="lti_divchgsecret_'.$i.'" style="display:none" />'. + '<span class="LC_nobreak">'.&mt('New Secret').':'. + '<input type="password" size="20" name="lti_secret_'.$i.'" value="" autocomplete="new-password" />'. + '<label><input type="checkbox" name="lti_visible_'.$i.'" id="lti_visible_'.$i.'" onclick="if (this.checked) { this.form.lti_secret_'.$i.'.type='."'text'".' } else { this.form.lti_secret_'.$i.'.type='."'password'".' }" />'.&mt('Visible input').'</label></span></div>'; + } else { + $datatable .= + '<span class="LC_nobreak">'.$lt{'secret'}.':'. + '<input type="password" size="20" name="lti_secret_'.$i.'" value="" autocomplete="new-password" />'. + '<label><input type="checkbox" name="lti_visible_'.$i.'" id="lti_visible_'.$i.'" onclick="if (this.checked) { this.form.lti_secret_'.$i.'.type='."'text'".' } else { this.form.lti_secret_'.$i.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'; + } + } + $datatable .= '<br /><br />'. '<span class="LC_nobreak">'.$lt{'requser'}.':'. '<label><input type="radio" name="lti_requser_'.$i.'" value="1"'.$onclickrequser.$checkedrequser{yes}.' />'.&mt('Yes').'</label> '."\n". '<label><input type="radio" name="lti_requser_'.$i.'" value="0"'.$onclickrequser.$checkedrequser{no}.' />'.&mt('No').'</label></span>'."\n". @@ -6708,12 +6329,6 @@ sub print_lti { '<label><input type="radio" name="lti_crsinc_'.$i.'" value="1"'.$onclickcrsinc.$checkedcrsinc{yes}.' />'.&mt('Yes').'</label> '."\n". '<label><input type="radio" name="lti_crsinc_'.$i.'" value="0"'.$onclickcrsinc.$checkedcrsinc{no}.' />'.&mt('No').'</label></span>'."\n". (' 'x4). - '<span class="LC_nobreak">'.$lt{'key'}. - ':<input type="text" size="25" name="lti_key_'.$i.'" value="'.$key.'" /></span> '. - (' 'x2). - '<span class="LC_nobreak">'.$lt{'secret'}.':'. - '<input type="password" size="20" name="lti_secret_'.$i.'" value="'.$secret.'" />'. - '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.lti_secret_'.$i.'.type='."'text'".' } else { this.form.lti_secret_'.$i.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'. '<input type="hidden" name="lti_id_'.$i.'" value="'.$item.'" /></span>'. '</fieldset>'.<i_options($i,$current,$itemcount,%lt).'</td></tr>'; $itemcount ++; @@ -6742,8 +6357,16 @@ sub print_lti { '<span class="LC_nobreak">'.$lt{'version'}.':<select name="lti_version_add">'. '<option value="LTI-1p0" selected="selected">1.1</option></select></span> '."\n". (' 'x2). - '<span class="LC_nobreak">'.$lt{'lifetime'}.':<input type="text" size="3" name="lti_lifetime_add" value="300" /></span> '."\n". - (' 'x2). + '<span class="LC_nobreak">'.$lt{'lifetime'}.':<input type="text" size="3" name="lti_lifetime_add" value="300" /></span><br /><br />'."\n"; + if ($switchserver) { + $datatable .= '<span class="LC_nobreak">'.&mt('Key and Secret are required').' - '.$switchmessage.'</span>'."\n"; + } else { + $datatable .= '<span class="LC_nobreak">'.$lt{'key'}.':<input type="text" size="25" name="lti_key_add" value="" autocomplete="off" /></span> '."\n". + (' 'x2). + '<span class="LC_nobreak">'.$lt{'secret'}.':<input type="password" size="20" name="lti_secret_add" value="" autocomplete="new-password" />'. + '<label><input type="checkbox" name="lti_add_visible" id="lti_add_visible" onclick="if (this.checked) { this.form.lti_secret_add.type='."'text'".' } else { this.form.lti_secret_add.type='."'password'".' }" />'.&mt('Visible input').'</label></span> '."\n"; + } + $datatable .= '<br /><br />'. '<span class="LC_nobreak">'.$lt{'requser'}.':'. '<label><input type="radio" name="lti_requser_add" value="1" onclick="toggleLTI(this.form,'."'requser','add'".');" checked="checked" />'.&mt('Yes').'</label> '."\n". '<label><input type="radio" name="lti_requser_add" value="0" onclick="toggleLTI(this.form,'."'requser','add'".');" />'.&mt('No').'</label></span>'."\n". @@ -6751,11 +6374,6 @@ sub print_lti { '<span class="LC_nobreak">'.$lt{'crsinc'}.':'. '<label><input type="radio" name="lti_crsinc_add" value="1" onclick="toggleLTI(this.form,'."'crsinc','add'".');" checked="checked" />'.&mt('Yes').'</label> '."\n". '<label><input type="radio" name="lti_crsinc_add" value="0" onclick="toggleLTI(this.form,'."'crsinc','add'".');" />'.&mt('No').'</label></span>'."\n". - (' 'x4). - '<span class="LC_nobreak">'.$lt{'key'}.':<input type="text" size="25" name="lti_key_add" value="" /></span> '."\n". - (' 'x2). - '<span class="LC_nobreak">'.$lt{'secret'}.':<input type="password" size="20" name="lti_secret_add" value="" />'. - '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.lti_secret_add.type='."'text'".' } else { this.form.lti_secret_add.type='."'password'".' }" />'.&mt('Visible input').'</label></span> '."\n". '</fieldset>'.<i_options('add',undef,$itemcount,%lt). '</td>'."\n". '</tr>'."\n"; @@ -6828,7 +6446,7 @@ sub lti_options { if (($current->{'mapuser'} ne '') && ($current->{'mapuser'} ne 'lis_person_sourcedid')) { $checked{'mapuser'}{'sourcedid'} = ''; if ($current->{'mapuser'} eq 'lis_person_contact_email_primary') { - $checked{'mapuser'}{'email'} = ' checked="checked"'; + $checked{'mapuser'}{'email'} = ' checked="checked"'; } else { $checked{'mapuser'}{'other'} = ' checked="checked"'; $userfield = $current->{'mapuser'}; @@ -6838,7 +6456,7 @@ sub lti_options { if (($current->{'mapcrs'} ne '') && ($current->{'mapcrs'} ne 'course_offering_sourcedid')) { $checked{'mapcrs'}{'course_offering_sourcedid'} = ''; if ($current->{'mapcrs'} eq 'context_id') { - $checked{'mapcrs'}{'context_id'} = ' checked="checked"'; + $checked{'mapcrs'}{'context_id'} = ' checked="checked"'; } else { $checked{'mapcrs'}{'other'} = ' checked="checked"'; $cidfield = $current->{'mapcrs'}; @@ -6866,7 +6484,7 @@ sub lti_options { $checked{'lcauth'}{$1} = ' checked="checked"'; unless (($current->{'lcauth'} eq 'lti') || ($current->{'lcauth'} eq 'internal')) { $lcauthparm = $current->{'lcauthparm'}; - $lcauthparmstyle = 'display:table-row'; + $lcauthparmstyle = 'display:table-row'; if ($current->{'lcauth'} eq 'localauth') { $lcauthparmtext = &mt('Local auth argument'); } else { @@ -6883,7 +6501,7 @@ sub lti_options { %rolemaps = %{$current->{'maproles'}}; } if ($current->{'section'} ne '') { - $checked{'crssec'}{'Y'} = ' checked="checked"'; + $checked{'crssec'}{'Y'} = ' checked="checked"'; $crssecfieldsty = 'inline-block'; if ($current->{'section'} eq 'course_section_sourcedid') { $checked{'crssecsrc'}{'sourcedid'} = ' checked="checked"'; @@ -6929,9 +6547,9 @@ sub lti_options { $checked{'crssec'}{'N'} = ' checked="checked"'; $checked{'callback'}{'N'} = ' checked="checked"'; $checked{'topmenu'}{'N'} = ' checked="checked"'; - $checked{'inlinemenu'}{'Y'} = ' checked="checked"'; + $checked{'inlinemenu'}{'Y'} = ' checked="checked"'; $checked{'menuitem'}{'grades'} = ' checked="checked"'; - $menusty = 'inline-block'; + $menusty = 'inline-block'; } my @coursetypes = ('official','unofficial','community','textbook','placement','lti'); my %coursetypetitles = &Apache::lonlocal::texthash ( @@ -6984,7 +6602,7 @@ sub lti_options { '<fieldset class="ltioption_usr_'.$num.'" style="display:'.$optionsty.'"><legend>'.&mt('Roles which may create user accounts').'</legend>'; foreach my $ltirole (@ltiroles) { $output .= '<span class="LC_nobreak"><label><input type="checkbox" name="lti_makeuser_'.$num.'" value="'.$ltirole.'"'. - $checked{'makeuser'}{$ltirole}.' />'.$ltirole.'</label> </span> '; + $checked{'makeuser'}{$ltirole}.' />'.$ltirole.'</label> </span> '; } $output .= '</fieldset>'. '<fieldset class="ltioption_usr_'.$num.'" style="display:'.$optionsty.'"><legend>'.&mt('New user accounts created for LTI users').'</legend>'. @@ -7116,9 +6734,9 @@ sub lti_options { if ($extra eq 'passback') { $pb1p1chk = ' checked="checked"'; $pb1p0chk = ''; - $onclickpb = ' onclick="toggleLTI(this.form,'."'passback','$num'".');"'; + $onclickpb = ' onclick="toggleLTI(this.form,'."'passback','$num'".');"'; } else { - $onclickpb = ''; + $onclickpb = ''; } if (ref($current) eq 'HASH') { if (($current->{$extra})) { @@ -7164,22 +6782,6 @@ sub ltimenu_titles { ); } -sub check_switchserver { - my ($home) = @_; - my $switchserver; - if ($home ne '') { - my $allowed; - my @ids=&Apache::lonnet::current_machine_ids(); - foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } - if (!$allowed) { - $switchserver='<a href="/adm/switchserver?otherserver='.$home.'&role='. - &HTML::Entities::encode($env{'request.role'},'\'<>"&'). - '&destinationurl=/adm/domainprefs">'.&mt('Switch Server').'</a>'; - } - } - return $switchserver; -} - sub print_coursedefaults { my ($position,$dom,$settings,$rowtotal) = @_; my ($css_class,$datatable,%checkedon,%checkedoff,%defaultchecked,@toggles); @@ -7197,12 +6799,16 @@ sub print_coursedefaults { canclone => "People who may clone a course (besides course's owner and coordinators)", mysqltables => 'Lifetime (s) of "Temporary" MySQL tables (student performance data) on homeserver', ltiauth => 'Student username in LTI launch of deep-linked URL can be accepted without re-authentication', + domexttool => 'External Tools defined in the domain may be used in courses/communities (by type)', + exttool => 'External Tools can be defined and configured in courses/communities (by type)', ); my %staticdefaults = ( anonsurvey_threshold => 10, uploadquota => 500, postsubmit => 60, mysqltables => 172800, + domexttool => 1, + exttool => 0, ); if ($position eq 'top') { %defaultchecked = ( @@ -7320,11 +6926,33 @@ sub print_coursedefaults { my $currusecredits = 0; my $postsubmitclient = 1; my $ltiauth = 0; + my %domexttool; + my %exttool; my @types = ('official','unofficial','community','textbook','placement'); if (ref($settings) eq 'HASH') { if ($settings->{'ltiauth'}) { $ltiauth = 1; } + if (ref($settings->{'domexttool'}) eq 'HASH') { + foreach my $type (@types) { + if ($settings->{'domexttool'}->{$type}) { + $domexttool{$type} = ' checked="checked"'; + } + } + } else { + foreach my $type (@types) { + if ($staticdefaults{'domexttool'}) { + $domexttool{$type} = ' checked="checked"'; + } + } + } + if (ref($settings->{'exttool'}) eq 'HASH') { + foreach my $type (@types) { + if ($settings->{'exttool'}->{$type}) { + $exttool{$type} = ' checked="checked"'; + } + } + } $currdefresponder = $settings->{'anonsurvey_threshold'}; if (ref($settings->{'uploadquota'}) eq 'HASH') { foreach my $type (keys(%{$settings->{'uploadquota'}})) { @@ -7376,6 +7004,9 @@ sub print_coursedefaults { } else { foreach my $type (@types) { $deftimeout{$type} = $staticdefaults{'postsubmit'}; + if ($staticdefaults{'domexttool'}) { + $domexttool{$type} = ' checked="checked"'; + } } } if (!$currdefresponder) { @@ -7479,7 +7110,35 @@ sub print_coursedefaults { &radiobutton_prefs($current,\@toggles,\%defaultchecked, \%choices,$itemcount,undef,undef,'left'); $datatable .= $table; + $css_class = $itemcount%2 ? ' class="LC_odd_row"' : ''; + $datatable .= '<tr'.$css_class.'><td><span class="LC_nobreak">'. + $choices{'domexttool'}. + '</span></td>'. + '<td style="text-align: right" class="LC_right_item">'. + '<table><tr>'; + foreach my $type (@types) { + $datatable .= '<td style="text-align: left">'. + '<span class="LC_nobreak">'. + '<input type="checkbox" name="domexttool"'. + ' value="'.$type.'"'.$domexttool{$type}.' />'. + &mt($type).'</span></td>'."\n"; + } + $datatable .= '</tr></table></td></tr>'."\n"; $itemcount ++; + $css_class = $itemcount%2 ? ' class="LC_odd_row"' : ''; + $datatable .= '<tr'.$css_class.'><td><span class="LC_nobreak">'. + $choices{'exttool'}. + '</span></td>'. + '<td style="text-align: right" class="LC_right_item">'. + '<table><tr>'; + foreach my $type (@types) { + $datatable .= '<td style="text-align: left">'. + '<span class="LC_nobreak">'. + '<input type="checkbox" name="exttool"'. + ' value="'.$type.'"'.$exttool{$type}.' />'. + &mt($type).'</span></td>'."\n"; + } + $datatable .= '</tr></table></td></tr>'."\n"; } $$rowtotal += $itemcount; return $datatable; @@ -7714,7 +7373,9 @@ sub print_privacy { my ($position,$dom,$settings,$rowtotal) = @_; my ($datatable,$css_class,$numinrow,@items,%names,$othertitle,$usertypes,$types); my $itemcount = 0; - unless ($position eq 'top') { + if ($position eq 'top') { + $numinrow = 2; + } else { @items = ('domain','author','course','community'); %names = &Apache::lonlocal::texthash ( domain => 'Assigned domain role(s)', @@ -7739,6 +7400,7 @@ sub print_privacy { auto => 'Unrestricted', instdom => 'Other domain shares institution/provider', extdom => 'Other domain has different institution/provider', + notify => 'Notify when role needs authorization', ); my %names = &Apache::lonlocal::texthash ( domain => 'Domain role', @@ -7790,6 +7452,28 @@ sub print_privacy { $datatable .= '</td></tr>'; $itemcount ++; } + $css_class = $itemcount%2?' class="LC_odd_row"':''; + $datatable .= '<tr'.$css_class.'><td>'.$titles{'notify'}.'</td>'. + '<td class="LC_left_item">'; + if ((@instdoms > 1) || (keys(%by_location) > 0)) { + my %curr; + if (ref($settings) eq 'HASH') { + if ($settings->{'notify'} ne '') { + map {$curr{$_}=1;} split(/,/,$settings->{'notify'}); + } + } + $css_class = $itemcount%2?' class="LC_odd_row"':''; + my ($numdc,$table,$rows) = &active_dc_picker($dom,$numinrow,'checkbox', + 'privacy_notify',%curr); + if ($numdc > 0) { + $datatable .= $table; + } else { + $datatable .= &mt('There are no active Domain Coordinators'); + } + } else { + $datatable .= &mt('Nothing to set here, as there are no other domains'); + } + $datatable .='</td></tr>'; } elsif ($position eq 'middle') { if ((@instdoms > 1) || (keys(%by_location) > 0)) { if ((ref($types) eq 'ARRAY') && (ref($usertypes) eq 'HASH')) { @@ -8203,7 +7887,7 @@ sub password_rules { max => 'Maximum password length', chars => 'Required characters', ); - } elsif ($prefix eq 'secrets') { + } elsif (($prefix eq 'ltisecrets') || ($prefix eq 'toolsecrets')) { %titles = &Apache::lonlocal::texthash ( min => 'Minimum secret length', max => 'Maximum secret length', @@ -8226,7 +7910,7 @@ sub password_rules { if (ref($settings->{chars}) eq 'ARRAY') { map { $chars{$_} = 1; } (@{$settings->{chars}}); } - if ($prefix eq 'passwords') { + if ($prefix eq 'passwords') { if ($settings->{expire}) { $expire = $settings->{expire}; } @@ -8369,7 +8053,7 @@ sub print_wafproxy { my %config = &Apache::lonnet::get_dom('configuration',['wafproxy'],$domain); if (ref($config{'wafproxy'}) eq 'HASH') { $aliases{$domain} = $config{'wafproxy'}{'alias'}; - if (exists($config{'wafproxy'}{'saml'})) { + if (exists($config{'wafproxy'}{'saml'})) { $saml{$domain} = $config{'wafproxy'}{'saml'}; } foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') { @@ -8434,10 +8118,10 @@ sub print_wafproxy { (' 'x2).'<span class="LC_nobreak">'. &mt('Alias used for SSO Auth').': <label>'. '<input type="radio" value="0"'.$samloff.' name="wafproxy_alias_saml_'.$server.'" />'. - &mt('No').'</label> <label>'. + &mt('No').'</label> <label>'. '<input type="radio" value="1"'.$samlon.' name="wafproxy_alias_saml_'.$server.'" />'. &mt('Yes').'</label></span>'. - '</td>'; + '</td>'; } $aliasrows .= '</tr>'; $aliasinfo{$dom_in_effect} .= $aliasrows; @@ -9347,7 +9031,7 @@ sub print_loadbalancing { no => ' checked="checked"', ); my %balcookiechecked = ( - no => ' checked="checked"', + no => ' checked="checked"', ); foreach my $sparetype (@sparestypes) { my $targettable; @@ -9934,7 +9618,7 @@ sub print_selfcreation { ($datatable,$itemcount) = &radiobutton_prefs(\%radiohash,\@toggles,\%defaultchecked, \%choices,$itemcount,$onclick); $$rowtotal += $itemcount; - + if (ref($usertypes) eq 'HASH') { if (keys(%{$usertypes}) > 0) { $datatable .= &insttypes_row($createsettings,$types,$usertypes, @@ -10071,7 +9755,7 @@ sub print_selfcreation { my $currstyle = 'display:none'; if (grep(/^\Q$status\E$/,@ordered)) { $currstyle = $rowstyle; - $hidden = 0; + $hidden = 0; } $datatable .= &noninst_users($processing,$emailverified,$emailoptions,$emaildomain, $emailrules,$emailruleorder,$settings,$status,$rowid, @@ -10098,8 +9782,8 @@ sub print_selfcreation { foreach my $status (@posstypes) { my $rowid = $classprefix.$status; my $datarowstyle = 'display:none'; - if (grep(/^\Q$status\E$/,@ordered)) { - $datarowstyle = $rowstyle; + if (grep(/^\Q$status\E$/,@ordered)) { + $datarowstyle = $rowstyle; } $datatable .= &modifiable_userdata_row('cancreate','emailusername_'.$status,$settings, $numinrow,$$rowtotal,\%usertypeshash,$infofields, @@ -10201,7 +9885,7 @@ function toggleEmailOptions(form,radio,p document.getElementById(altprefix+'_inst_'+status).style.display = 'none'; document.getElementById(altprefix+'_noninst_'+status).style.display = 'none'; if (curr == 'custom') { - if (prefix) { + if (prefix) { document.getElementById(prefix+'_'+status).style.display = 'inline'; } } else if (curr == 'inst') { @@ -10224,10 +9908,10 @@ ENDSCRIPT sub noninst_users { my ($processing,$emailverified,$emailoptions,$emaildomain,$emailrules, - $emailruleorder,$settings,$type,$rowid,$typetitle,$css_class,$rowstyle,$intdom) = @_; + $emailruleorder,$settings,$type,$rowid,$typetitle,$css_class,$rowstyle,$intdom) = @_; my $class = 'LC_left_item'; if ($css_class) { - $css_class = ' class="'.$css_class.'"'; + $css_class = ' class="'.$css_class.'"'; } if ($rowid) { $rowid = ' id="'.$rowid.'"'; @@ -10242,10 +9926,10 @@ sub noninst_users { $description = &mt('Requests for: [_1] (status self-reported)',$typetitle); } $output = '<tr'.$css_class.$rowid.$rowstyle.'>'. - "<td>$description</td>\n". + "<td>$description</td>\n". '<td class="'.$class.'" colspan="2">'. '<table><tr>'; - my %headers = &Apache::lonlocal::texthash( + my %headers = &Apache::lonlocal::texthash( approve => 'Processing', email => 'E-mail', username => 'Username', @@ -10370,7 +10054,7 @@ sub noninst_users { my $value; if (ref($emaildomain) eq 'HASH') { if (ref($emaildomain->{$type}) eq 'HASH') { - $value = $emaildomain->{$type}->{$option}; + $value = $emaildomain->{$type}->{$option}; } } if ($value eq '') { @@ -10688,7 +10372,7 @@ sub print_defaults { if ($defaults{$item.'_'.$field}) { $checkedon = $checkedoff; $checkedoff = ''; - } + } $datatable .= '<div id="'.$item.'_'.$field.'_div" style="display:'.$portalsty.'">'. '<span class="LC_nobreak">'.$titles->{$field}.' '. '<label><input type="radio" name="'.$item.'_'.$field.'" value="1"'.$checkedon.'/>'.&mt('Yes').'</label>'. @@ -11027,10 +10711,13 @@ sub legacy_scantronformat { my ($url,$error); my @statinfo = &Apache::lonnet::stat_file($newurl); if ((!@statinfo) || ($statinfo[0] eq 'no_such_dir')) { + my $modified = []; (my $result,$url) = - &publishlogo($r,'copy',$legacyfile,$dom,$confname,'scantron', - '','',$newfile); - if ($result ne 'ok') { + &Apache::lonconfigsettings::publishlogo($r,'copy',$legacyfile,$dom,$confname, + 'scantron','','',$newfile,$modified); + if ($result eq 'ok') { + &update_modify_urls($r,$modified); + } else { $error = &mt("An error occurred publishing the [_1] bubblesheet format file in RES space. Error was: [_2].",$newfile,$result); } } @@ -11514,7 +11201,7 @@ sub defaults_javascript { function portalExtras(caller) { var x = caller.value; var y = new Array('email','web'); - for (var i=0; i<y.length; i++) { + for (var i=0; i<y.length; i++) { if (document.getElementById('portal_def_'+y[i]+'_div')) { var z = document.getElementById('portal_def_'+y[i]+'_div'); if (x.length > 0) { @@ -11610,7 +11297,7 @@ sub passwords_javascript { passexp => 'Warning: days before password expiration must be a positive integer (or blank).', passnum => 'Warning: number of previous passwords to save must be a positive integer (or blank).', ); - } elsif ($prefix eq 'secrets') { + } elsif (($prefix eq 'ltisecrets') || ($prefix eq 'toolsecrets')) { %intalert = &Apache::lonlocal::texthash ( passmin => 'Warning: minimum secret length must be a positive integer greater than 6.', passmax => 'Warning: maximum secret length must be a positive integer (or blank).', @@ -11618,7 +11305,7 @@ sub passwords_javascript { } &js_escape(\%intalert); my $defmin = $Apache::lonnet::passwdmin; - my $intauthjs; + my $intauthjs; if ($prefix eq 'passwords') { $intauthjs = <<"ENDSCRIPT"; function warnIntAuth(field) { @@ -12012,7 +11699,6 @@ sub modifiable_userdata_row { '<td class="LC_left_item" colspan="2"><table>'; my $rem; my %checks; - my %current; if (ref($settings) eq 'HASH') { my $hashref; if ($context eq 'lti') { @@ -12038,7 +11724,7 @@ sub modifiable_userdata_row { } } } - if (ref($hashref) eq 'HASH') { + if (ref($hashref) eq 'HASH') { foreach my $field (@fields) { if ($hashref->{$field}) { if ($role eq 'emailusername') { @@ -12050,7 +11736,6 @@ sub modifiable_userdata_row { } } } - my $total = scalar(@fields); for (my $i=0; $i<$total; $i++) { $rem = $i%($numinrow); @@ -12214,7 +11899,7 @@ sub insttypes_row { } else { $output .= '<td class="LC_left_item">'; } - $output .= ' '; + $output .= ' '; } else { if ($rem == 0) { $output .= '<tr>'; @@ -12484,13 +12169,16 @@ sub modify_login { if ($addedfile ne '') { push(@allnew,$addedfile); } + my $modified = []; foreach my $lang (@allnew) { my $formelem = 'loginhelpurl_'.$lang; if ($lang eq $env{'form.loginhelpurl_add_lang'}) { $formelem = 'loginhelpurl_add_file'; } - (my $result,$newurl{$lang}) = &publishlogo($r,'upload',$formelem,$dom,$confname, - "help/$lang",'','',$newfile{$lang}); + (my $result,$newurl{$lang}) = + &Apache::lonconfigsettings::publishlogo($r,'upload',$formelem,$dom,$confname, + "help/$lang",'','',$newfile{$lang}, + $modified); if ($result eq 'ok') { $loginhash{'login'}{'helpurl'}{$lang} = $newurl{$lang}; $changes{'helpurl'}{$lang} = 1; @@ -12503,6 +12191,7 @@ sub modify_login { } } } + &update_modify_urls($r,$modified); } else { $error = &mt("Upload of custom log-in help file(s) failed because an author role could not be assigned to a Domain Configuration user ([_1]) in domain: [_2]. Error was: [_3].",$confname,$dom,$author_ok); } @@ -12560,11 +12249,14 @@ sub modify_login { if ($switchserver) { $error = &mt("Upload of custom markup is not permitted to this server: [_1]",$switchserver); } elsif ($author_ok eq 'ok') { + my $modified = []; foreach my $lonhost (@newhosts) { my $formelem = 'loginheadtag_'.$lonhost; - (my $result,$newheadtagurls{$lonhost}) = &publishlogo($r,'upload',$formelem,$dom,$confname, - "login/headtag/$lonhost",'','', - $env{'form.loginheadtag_'.$lonhost.'.filename'}); + (my $result,$newheadtagurls{$lonhost}) = + &Apache::lonconfigsettings::publishlogo($r,'upload',$formelem,$dom,$confname, + "login/headtag/$lonhost",'','', + $env{'form.loginheadtag_'.$lonhost.'.filename'}, + $modified); if ($result eq 'ok') { $loginhash{'login'}{'headtag'}{$lonhost}{'url'} = $newheadtagurls{$lonhost}; $changes{'headtag'}{$lonhost} = 1; @@ -12581,6 +12273,7 @@ sub modify_login { } } } + &update_modify_urls($r,$modified); } else { $error = &mt("Upload of custom markup file(s) failed because an author role could not be assigned to a Domain Configuration user ([_1]) in domain: [_2]. Error was: [_3].",$confname,$dom,$author_ok); } @@ -12636,15 +12329,15 @@ sub modify_login { $currsaml{$lonhost}{$item} = $env{'form.saml_'.$item.'_'.$lonhost}; } } else { - if ($saml{$lonhost}) { + if ($saml{$lonhost}) { $changes{'saml'}{$lonhost} = 1; delete($currsaml{$lonhost}); } } } foreach my $posshost (keys(%currsaml)) { - unless (exists($domservers{$posshost})) { - delete($currsaml{$posshost}); + unless (exists($domservers{$posshost})) { + delete($currsaml{$posshost}); } } %{$loginhash{'login'}{'saml'}} = %currsaml; @@ -12655,11 +12348,14 @@ sub modify_login { if ($switchserver) { $error = &mt("Upload of SSO Button Image is not permitted to this server: [_1].",$switchserver); } elsif ($author_ok eq 'ok') { + my $modified = []; foreach my $lonhost (@newsamlimgs) { my $formelem = 'saml_img_'.$lonhost; - my ($result,$imgurl) = &publishlogo($r,'upload',$formelem,$dom,$confname, - "login/saml/$lonhost",'','', - $env{'form.saml_img_'.$lonhost.'.filename'}); + my ($result,$imgurl) = + &Apache::lonconfigsettings::publishlogo($r,'upload',$formelem,$dom,$confname, + "login/saml/$lonhost",'','', + $env{'form.saml_img_'.$lonhost.'.filename'}, + $modified); if ($result eq 'ok') { $currsaml{$lonhost}{'img'} = $imgurl; $loginhash{'login'}{'saml'}{$lonhost}{'img'} = $imgurl; @@ -12670,6 +12366,7 @@ sub modify_login { $errors .= '<li><span class="LC_error">'.$puberror.'</span></li>'; } } + &update_modify_urls($r,$modified); } else { $error = &mt("Upload of SSO button image file(s) failed because an author role could not be assigned to a Domain Configuration user ([_1]) in domain: [_2]. Error was: [_3].",$confname,$dom,$author_ok); } @@ -13024,7 +12721,7 @@ sub modify_ipaccess { $possrange =~ s/,+/,/g; if ($possrange ne '') { my (@ok,$count); - $count = 0; + $count = 0; foreach my $poss (split(/\,/,$possrange)) { $count ++; $poss = &validate_ip_pattern($poss); @@ -13057,9 +12754,9 @@ sub modify_ipaccess { } } $confhash{$itemid}{'commblocks'} = {}; - + my %commblocks; - map { $commblocks{$_} = 1; } &Apache::loncommon::get_env_multiple('form.ipaccess_block_'.$idx); + map { $commblocks{$_} = 1; } &Apache::loncommon::get_env_multiple('form.ipaccess_block_'.$idx); foreach my $type (@{$typeorder}) { if ($commblocks{$type}) { $confhash{$itemid}{'commblocks'}{$type} = 'on'; @@ -13091,7 +12788,7 @@ sub modify_ipaccess { } $env{'form.ipaccess_cnum_'.$idx} =~ s/^\s+|\s+$//g; $env{'form.ipaccess_cdom_'.$idx} =~ s/^\s+|\s+$//g; - if (($env{'form.ipaccess_cnum_'.$idx} =~ /^$match_courseid$/) && + if (($env{'form.ipaccess_cnum_'.$idx} =~ /^$match_courseid$/) && ($env{'form.ipaccess_cdom_'.$idx} =~ /^$match_domain$/)) { if (&Apache::lonnet::homeserver($env{'form.ipaccess_cnum_'.$idx}, $env{'form.ipaccess_cdom_'.$idx}) eq 'no_host') { @@ -13171,7 +12868,7 @@ sub modify_ipaccess { if (keys(%{$confhash{$itemid}{'courses'}})) { my @courses; foreach my $cid (sort(keys(%{$confhash{$itemid}{'courses'}}))) { - my %courseinfo = &Apache::lonnet::coursedescription($cid,{'one_time' => 1}); + my %courseinfo = &Apache::lonnet::coursedescription($cid,{'one_time' => 1}); push(@courses,$courseinfo{'description'}.' ('.$cid.')'); } $resulttext .= '<li>'.&mt('Courses/Communities allowed').':<ul><li>'. @@ -13374,12 +13071,15 @@ sub modify_colors { $error = &mt("Upload of [_1] image for $role page(s) is not permitted to this server: [_2]",$choices{$img},$switchserver); } else { if ($author_ok eq 'ok') { + my $modified = []; my ($result,$logourl) = - &publishlogo($r,'upload',$role.'_'.$img, - $dom,$confname,$img,$width,$height); + &Apache::lonconfigsettings::publishlogo($r,'upload',$role.'_'.$img, + $dom,$confname,$img,$width,$height, + '',$modified); if ($result eq 'ok') { $confhash->{$role}{$img} = $logourl; $changes{$role}{'images'}{$img} = 1; + &update_modify_urls($r,$modified); } else { $error = &mt("Upload of [_1] image for $role page(s) failed because an error occurred publishing the file in RES space. Error was: [_2].",$choices{img},$result); } @@ -13401,12 +13101,15 @@ sub modify_colors { # is confname an author? if ($switchserver eq '') { if ($author_ok eq 'ok') { + my $modified = []; my ($result,$logourl) = - &publishlogo($r,'copy',$domconfig->{$role}{$img}, - $dom,$confname,$img,$width,$height); + &Apache::lonconfigsettings::publishlogo($r,'copy',$domconfig->{$role}{$img}, + $dom,$confname,$img,$width,$height, + '',$modified); if ($result eq 'ok') { $confhash->{$role}{$img} = $logourl; $changes{$role}{'images'}{$img} = 1; + &update_modify_urls($r,$modified); } } } @@ -13700,229 +13403,16 @@ sub check_authorstatus { return $author_ok; } -sub publishlogo { - my ($r,$action,$formname,$dom,$confname,$subdir,$thumbwidth,$thumbheight,$savefileas) = @_; - my ($output,$fname,$logourl,$madethumb); - if ($action eq 'upload') { - $fname=$env{'form.'.$formname.'.filename'}; - chop($env{'form.'.$formname}); - } else { - ($fname) = ($formname =~ /([^\/]+)$/); - } - if ($savefileas ne '') { - $fname = $savefileas; - } - $fname=&Apache::lonnet::clean_filename($fname); -# See if there is anything left - unless ($fname) { return ('error: no uploaded file'); } - $fname="$subdir/$fname"; - my $docroot=$r->dir_config('lonDocRoot'); - my $filepath="$docroot/priv"; - my $relpath = "$dom/$confname"; - my ($fnamepath,$file,$fetchthumb); - $file=$fname; - if ($fname=~m|/|) { - ($fnamepath,$file) = ($fname =~ m|^(.*)/([^/]+)$|); - } - my @parts=split(/\//,"$filepath/$relpath/$fnamepath"); - my $count; - for ($count=5;$count<=$#parts;$count++) { - $filepath.="/$parts[$count]"; - if ((-e $filepath)!=1) { - mkdir($filepath,02770); - } - } - # Check for bad extension and disallow upload - if ($file=~/\.(\w+)$/ && - (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { - $output = - &mt('Invalid file extension ([_1]) - reserved for internal use.',$1); - } elsif ($file=~/\.(\w+)$/ && - !defined(&Apache::loncommon::fileembstyle($1))) { - $output = &mt('Unrecognized file extension ([_1]) - rename the file with a proper extension and re-upload.',$1); - } elsif ($file=~/\.(\d+)\.(\w+)$/) { - $output = &mt('Filename not allowed - rename the file to remove the number immediately before the file extension([_1]) and re-upload.',$2); - } elsif (-d "$filepath/$file") { - $output = &mt('Filename is a directory name - rename the file and re-upload'); - } else { - my $source = $filepath.'/'.$file; - my $logfile; - if (!open($logfile,">>",$source.'.log')) { - return (&mt('No write permission to Authoring Space')); - } - print $logfile -"\n================= Publish ".localtime()." ================\n". -$env{'user.name'}.':'.$env{'user.domain'}."\n"; -# Save the file - if (!open(FH,">",$source)) { - &Apache::lonnet::logthis('Failed to create '.$source); - return (&mt('Failed to create file')); - } - if ($action eq 'upload') { - if (!print FH ($env{'form.'.$formname})) { - &Apache::lonnet::logthis('Failed to write to '.$source); - return (&mt('Failed to write file')); - } - } else { - my $original = &Apache::lonnet::filelocation('',$formname); - if(!copy($original,$source)) { - &Apache::lonnet::logthis('Failed to copy '.$original.' to '.$source); - return (&mt('Failed to write file')); - } - } - close(FH); - chmod(0660, $source); # Permissions to rw-rw---. - - my $targetdir=$docroot.'/res/'.$dom.'/'.$confname .'/'.$fnamepath; - my $copyfile=$targetdir.'/'.$file; - - my @parts=split(/\//,$targetdir); - my $path="/$parts[1]/$parts[2]/$parts[3]/$parts[4]"; - for (my $count=5;$count<=$#parts;$count++) { - $path.="/$parts[$count]"; - if (!-e $path) { - print $logfile "\nCreating directory ".$path; - mkdir($path,02770); - } - } - my $versionresult; - if (-e $copyfile) { - $versionresult = &logo_versioning($targetdir,$file,$logfile); - } else { - $versionresult = 'ok'; - } - if ($versionresult eq 'ok') { - if (copy($source,$copyfile)) { - print $logfile "\nCopied original source to ".$copyfile."\n"; - $output = 'ok'; - $logourl = '/res/'.$dom.'/'.$confname.'/'.$fname; - push(@{$modified_urls},[$copyfile,$source]); - my $metaoutput = - &write_metadata($dom,$confname,$formname,$targetdir,$file,$logfile); - unless ($registered_cleanup) { - my $handlers = $r->get_handlers('PerlCleanupHandler'); - $r->set_handlers('PerlCleanupHandler' => [\¬ifysubscribed,@{$handlers}]); - $registered_cleanup=1; - } - } else { - print $logfile "\nUnable to write ".$copyfile.':'.$!."\n"; - $output = &mt('Failed to copy file to RES space').", $!"; - } - if (($thumbwidth =~ /^\d+$/) && ($thumbheight =~ /^\d+$/)) { - my $inputfile = $filepath.'/'.$file; - my $outfile = $filepath.'/'.'tn-'.$file; - my ($fullwidth,$fullheight) = &check_dimensions($inputfile); - if ($fullwidth ne '' && $fullheight ne '') { - if ($fullwidth > $thumbwidth && $fullheight > $thumbheight) { - my $thumbsize = $thumbwidth.'x'.$thumbheight; - my @args = ('convert','-sample',$thumbsize,$inputfile,$outfile); - system({$args[0]} @args); - chmod(0660, $filepath.'/tn-'.$file); - if (-e $outfile) { - my $copyfile=$targetdir.'/tn-'.$file; - if (copy($outfile,$copyfile)) { - print $logfile "\nCopied source to ".$copyfile."\n"; - my $thumb_metaoutput = - &write_metadata($dom,$confname,$formname, - $targetdir,'tn-'.$file,$logfile); - push(@{$modified_urls},[$copyfile,$outfile]); - unless ($registered_cleanup) { - my $handlers = $r->get_handlers('PerlCleanupHandler'); - $r->set_handlers('PerlCleanupHandler' => [\¬ifysubscribed,@{$handlers}]); - $registered_cleanup=1; - } - $madethumb = 1; - } else { - print $logfile "\nUnable to write ".$copyfile. - ':'.$!."\n"; - } - } - } - } - } - } else { - $output = $versionresult; +sub update_modify_urls { + my ($r,$modified) = @_; + if ((ref($modified) eq 'ARRAY') && (@{$modified})) { + push(@{$modified_urls},$modified); + unless ($registered_cleanup) { + my $handlers = $r->get_handlers('PerlCleanupHandler'); + $r->set_handlers('PerlCleanupHandler' => [\¬ifysubscribed,@{$handlers}]); + $registered_cleanup=1; } } - return ($output,$logourl,$madethumb); -} - -sub logo_versioning { - my ($targetdir,$file,$logfile) = @_; - my $target = $targetdir.'/'.$file; - my ($maxversion,$fn,$extn,$output); - $maxversion = 0; - if ($file =~ /^(.+)\.(\w+)$/) { - $fn=$1; - $extn=$2; - } - opendir(DIR,$targetdir); - while (my $filename=readdir(DIR)) { - if ($filename=~/\Q$fn\E\.(\d+)\.\Q$extn\E$/) { - $maxversion=($1>$maxversion)?$1:$maxversion; - } - } - $maxversion++; - print $logfile "\nCreating old version ".$maxversion."\n"; - my $copyfile=$targetdir.'/'.$fn.'.'.$maxversion.'.'.$extn; - if (copy($target,$copyfile)) { - print $logfile "Copied old target to ".$copyfile."\n"; - $copyfile=$copyfile.'.meta'; - if (copy($target.'.meta',$copyfile)) { - print $logfile "Copied old target metadata to ".$copyfile."\n"; - $output = 'ok'; - } else { - print $logfile "Unable to write metadata ".$copyfile.':'.$!."\n"; - $output = &mt('Failed to copy old meta').", $!, "; - } - } else { - print $logfile "Unable to write ".$copyfile.':'.$!."\n"; - $output = &mt('Failed to copy old target').", $!, "; - } - return $output; -} - -sub write_metadata { - my ($dom,$confname,$formname,$targetdir,$file,$logfile) = @_; - my (%metadatafields,%metadatakeys,$output); - $metadatafields{'title'}=$formname; - $metadatafields{'creationdate'}=time; - $metadatafields{'lastrevisiondate'}=time; - $metadatafields{'copyright'}='public'; - $metadatafields{'modifyinguser'}=$env{'user.name'}.':'. - $env{'user.domain'}; - $metadatafields{'authorspace'}=$confname.':'.$dom; - $metadatafields{'domain'}=$dom; - { - print $logfile "\nWrite metadata file for ".$targetdir.'/'.$file; - my $mfh; - if (open($mfh,">",$targetdir.'/'.$file.'.meta')) { - foreach (sort(keys(%metadatafields))) { - unless ($_=~/\./) { - my $unikey=$_; - $unikey=~/^([A-Za-z]+)/; - my $tag=$1; - $tag=~tr/A-Z/a-z/; - print $mfh "\n\<$tag"; - foreach (split(/\,/,$metadatakeys{$unikey})) { - my $value=$metadatafields{$unikey.'.'.$_}; - $value=~s/\"/\'\'/g; - print $mfh ' '.$_.'="'.$value.'"'; - } - print $mfh '>'. - &HTML::Entities::encode($metadatafields{$unikey},'<>&"') - .'</'.$tag.'>'; - } - } - $output = 'ok'; - print $logfile "\nWrote metadata"; - close($mfh); - } else { - print $logfile "\nFailed to open metadata file"; - $output = &mt('Could not write metadata'); - } - } - return $output; } sub notifysubscribed { @@ -13973,15 +13463,21 @@ sub subscribed_hosts { sub check_switchserver { my ($dom,$confname) = @_; - my ($allowed,$switchserver); - my $home = &Apache::lonnet::homeserver($confname,$dom); - if ($home eq 'no_host') { + my ($allowed,$switchserver,$home); + if ($confname eq '') { $home = &Apache::lonnet::domain($dom,'primary'); + } else { + $home = &Apache::lonnet::homeserver($confname,$dom); + if ($home eq 'no_host') { + $home = &Apache::lonnet::domain($dom,'primary'); + } } my @ids=&Apache::lonnet::current_machine_ids(); foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } if (!$allowed) { - $switchserver='<a href="/adm/switchserver?otherserver='.$home.'&role=dc./'.$dom.'/&destinationurl=/adm/domainprefs">'.&mt('Switch Server').'</a>'; + $switchserver='<a href="/adm/switchserver?otherserver='.$home.'&role='. + &HTML::Entities::encode($env{'request.role'},'\'<>"&'). + '&destinationurl=/adm/domainprefs">'.&mt('Switch Server').'</a>'; } return $switchserver; } @@ -14704,11 +14200,14 @@ sub process_textbook_image { $error = &mt('Upload of textbook image is not permitted to this server: [_1]', $switchserver); } elsif ($author_ok eq 'ok') { + my $modified = []; my ($result,$imageurl) = - &publishlogo($r,'upload',$caller,$dom,$confname, - "$type/$cdom/$cnum/cover",$width,$height); + &Apache::lonconfigsettings::publishlogo($r,'upload',$caller,$dom,$confname, + "$type/$cdom/$cnum/cover",$width,$height, + '',$modified); if ($result eq 'ok') { $url = $imageurl; + &update_modify_urls($r,$modified); } else { $error = &mt("Upload of [_1] failed because an error occurred publishing the file in RES space. Error was: [_2].",$filename,$result); } @@ -14723,656 +14222,361 @@ sub process_textbook_image { sub modify_ltitools { my ($r,$dom,$action,$lastactref,%domconfig) = @_; - my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1); - my ($newid,@allpos,%changes,%confhash,%encconfig,$errors,$resulttext); + my (%currtoolsec,%secchanges,%newtoolsec,%newkeyset); + &fetch_secrets($dom,'toolsec',\%domconfig,\%currtoolsec,\%secchanges,\%newtoolsec,\%newkeyset); + my $confname = $dom.'-domainconfig'; my $servadm = $r->dir_config('lonAdmEMail'); my ($configuserok,$author_ok,$switchserver) = &config_check($dom,$confname,$servadm); - my (%posslti,%possfield); - my @courseroles = ('cc','in','ta','ep','st'); - my @ltiroles = qw(Instructor ContentDeveloper TeachingAssistant Learner); - map { $posslti{$_} = 1; } @ltiroles; - my @allfields = ('fullname','firstname','lastname','email','user','roles'); - map { $possfield{$_} = 1; } @allfields; - my %lt = <itools_names(); - if ($env{'form.ltitools_add'}) { - my $title = $env{'form.ltitools_add_title'}; - $title =~ s/(`)/'/g; - ($newid,my $error) = &get_ltitools_id($dom,$title); - if ($newid) { - my $position = $env{'form.ltitools_add_pos'}; - $position =~ s/\D+//g; - if ($position ne '') { - $allpos[$position] = $newid; - } - $changes{$newid} = 1; - foreach my $item ('title','url','key','secret','lifetime') { - $env{'form.ltitools_add_'.$item} =~ s/(`)/'/g; - if ($item eq 'lifetime') { - $env{'form.ltitools_add_'.$item} =~ s/[^\d.]//g; - } - if ($env{'form.ltitools_add_'.$item}) { - if (($item eq 'key') || ($item eq 'secret')) { - $encconfig{$newid}{$item} = $env{'form.ltitools_add_'.$item}; - } else { - $confhash{$newid}{$item} = $env{'form.ltitools_add_'.$item}; - } - } - } - if ($env{'form.ltitools_add_version'} eq 'LTI-1p0') { - $confhash{$newid}{'version'} = $env{'form.ltitools_add_version'}; - } - if ($env{'form.ltitools_add_msgtype'} eq 'basic-lti-launch-request') { - $confhash{$newid}{'msgtype'} = $env{'form.ltitools_add_msgtype'}; - } - if ($env{'form.ltitools_add_sigmethod'} eq 'HMAC-SHA256') { - $confhash{$newid}{'sigmethod'} = $env{'form.ltitools_add_sigmethod'}; - } else { - $confhash{$newid}{'sigmethod'} = 'HMAC-SHA1'; - } - foreach my $item ('width','height','linktext','explanation') { - $env{'form.ltitools_add_'.$item} =~ s/^\s+//; - $env{'form.ltitools_add_'.$item} =~ s/\s+$//; - if (($item eq 'width') || ($item eq 'height')) { - if ($env{'form.ltitools_add_'.$item} =~ /^\d+$/) { - $confhash{$newid}{'display'}{$item} = $env{'form.ltitools_add_'.$item}; - } - } else { - if ($env{'form.ltitools_add_'.$item} ne '') { - $confhash{$newid}{'display'}{$item} = $env{'form.ltitools_add_'.$item}; - } - } - } - if ($env{'form.ltitools_add_target'} eq 'window') { - $confhash{$newid}{'display'}{'target'} = $env{'form.ltitools_add_target'}; - } elsif ($env{'form.ltitools_add_target'} eq 'tab') { - $confhash{$newid}{'display'}{'target'} = $env{'form.ltitools_add_target'}; - } else { - $confhash{$newid}{'display'}{'target'} = 'iframe'; - } - foreach my $item ('passback','roster') { - if ($env{'form.ltitools_'.$item.'_add'}) { - $confhash{$newid}{$item} = 1; - if ($env{'form.ltitools_'.$item.'valid_add'} ne '') { - my $lifetime = $env{'form.ltitools_'.$item.'valid_add'}; - $lifetime =~ s/^\s+|\s+$//g; - if ($lifetime =~ /^\d+\.?\d*$/) { - $confhash{$newid}{$item.'valid'} = $lifetime; - } - } - } - } - if ($env{'form.ltitools_add_image.filename'} ne '') { - my ($imageurl,$error) = - &process_ltitools_image($r,$dom,$confname,'ltitools_add_image',$newid, - $configuserok,$switchserver,$author_ok); - if ($imageurl) { - $confhash{$newid}{'image'} = $imageurl; - } - if ($error) { - &Apache::lonnet::logthis($error); - $errors .= '<li><span class="LC_error">'.$error.'</span></li>'; - } - } - my @fields = &Apache::loncommon::get_env_multiple('form.ltitools_add_fields'); - foreach my $field (@fields) { - if ($possfield{$field}) { - if ($field eq 'roles') { - foreach my $role (@courseroles) { - my $choice = $env{'form.ltitools_add_roles_'.$role}; - if (($choice ne '') && ($posslti{$choice})) { - $confhash{$newid}{'roles'}{$role} = $choice; - if ($role eq 'cc') { - $confhash{$newid}{'roles'}{'co'} = $choice; - } - } + + my ($resulttext,$ltitoolsoutput,$is_home,$errors,%ltitoolschg,%newtoolsenc,%newltitools); + my $toolserror = + &Apache::courseprefs::process_ltitools($r,$dom,$confname,$domconfig{'ltitools'},\%ltitoolschg,'domain', + $lastactref,$configuserok,$switchserver,$author_ok); + + my $home = &Apache::lonnet::domain($dom,'primary'); + unless (($home eq 'no_host') || ($home eq '')) { + my @ids=&Apache::lonnet::current_machine_ids(); + foreach my $id (@ids) { if ($id eq $home) { $is_home=1; last; } } + } + + if (keys(%ltitoolschg)) { + foreach my $id (keys(%ltitoolschg)) { + if (ref($ltitoolschg{$id}) eq 'HASH') { + foreach my $inner (keys(%{$ltitoolschg{$id}})) { + if (($inner eq 'secret') || ($inner eq 'key')) { + if ($is_home) { + $newtoolsenc{$id}{$inner} = $ltitoolschg{$id}{$inner}; } - } else { - $confhash{$newid}{'fields'}{$field} = 1; - } - } - } - if (ref($confhash{$newid}{'fields'}) eq 'HASH') { - if ($confhash{$newid}{'fields'}{'user'}) { - if ($env{'form.ltitools_userincdom_add'}) { - $confhash{$newid}{'incdom'} = 1; } } } - my @courseconfig = &Apache::loncommon::get_env_multiple('form.ltitools_courseconfig'); - foreach my $item (@courseconfig) { - $confhash{$newid}{'crsconf'}{$item} = 1; - } - if ($env{'form.ltitools_add_custom'}) { - my $name = $env{'form.ltitools_add_custom_name'}; - my $value = $env{'form.ltitools_add_custom_value'}; - $value =~ s/(`)/'/g; - $name =~ s/(`)/'/g; - $confhash{$newid}{'custom'}{$name} = $value; - } - } else { - my $error = &mt('Failed to acquire unique ID for new external tool'); - $errors .= '<li><span class="LC_error">'.$error.'</span></li>'; - } - } - if (ref($domconfig{$action}) eq 'HASH') { - my %deletions; - my @todelete = &Apache::loncommon::get_env_multiple('form.ltitools_del'); - if (@todelete) { - map { $deletions{$_} = 1; } @todelete; } - my %customadds; - my @newcustom = &Apache::loncommon::get_env_multiple('form.ltitools_customadd'); - if (@newcustom) { - map { $customadds{$_} = 1; } @newcustom; - } - my %imgdeletions; - my @todeleteimages = &Apache::loncommon::get_env_multiple('form.ltitools_image_del'); - if (@todeleteimages) { - map { $imgdeletions{$_} = 1; } @todeleteimages; + $ltitoolsoutput = &Apache::courseprefs::store_ltitools($dom,'','domain',\%ltitoolschg,$domconfig{'ltitools'}); + if (keys(%ltitoolschg)) { + %newltitools = %ltitoolschg; } - my $maxnum = $env{'form.ltitools_maxnum'}; - for (my $i=0; $i<=$maxnum; $i++) { - my $itemid = $env{'form.ltitools_id_'.$i}; - $itemid =~ s/\D+//g; - if (ref($domconfig{$action}{$itemid}) eq 'HASH') { - if ($deletions{$itemid}) { - if ($domconfig{$action}{$itemid}{'image'}) { - #FIXME need to obsolete item in RES space - } - $changes{$itemid} = $domconfig{$action}{$itemid}{'title'}; - next; - } else { - my $newpos = $env{'form.ltitools_'.$itemid}; - $newpos =~ s/\D+//g; - foreach my $item ('title','url','lifetime') { - $confhash{$itemid}{$item} = $env{'form.ltitools_'.$item.'_'.$i}; - if ($domconfig{$action}{$itemid}{$item} ne $confhash{$itemid}{$item}) { - $changes{$itemid} = 1; - } - } - foreach my $item ('key','secret') { - $encconfig{$itemid}{$item} = $env{'form.ltitools_'.$item.'_'.$i}; - if ($domconfig{$action}{$itemid}{$item} ne $encconfig{$itemid}{$item}) { - $changes{$itemid} = 1; - } - } - if ($env{'form.ltitools_version_'.$i} eq 'LTI-1p0') { - $confhash{$itemid}{'version'} = $env{'form.ltitools_version_'.$i}; - } - if ($env{'form.ltitools_msgtype_'.$i} eq 'basic-lti-launch-request') { - $confhash{$itemid}{'msgtype'} = $env{'form.ltitools_msgtype_'.$i}; - } - if ($env{'form.ltitools_sigmethod_'.$i} eq 'HMAC-SHA256') { - $confhash{$itemid}{'sigmethod'} = $env{'form.ltitools_sigmethod_'.$i}; - } else { - $confhash{$itemid}{'sigmethod'} = 'HMAC-SHA1'; - } - if ($domconfig{$action}{$itemid}{'sigmethod'} eq '') { - if ($confhash{$itemid}{'sigmethod'} ne 'HMAC-SHA1') { - $changes{$itemid} = 1; - } - } elsif ($domconfig{$action}{$itemid}{'sigmethod'} ne $confhash{$itemid}{'sigmethod'}) { - $changes{$itemid} = 1; - } - foreach my $size ('width','height') { - $env{'form.ltitools_'.$size.'_'.$i} =~ s/^\s+//; - $env{'form.ltitools_'.$size.'_'.$i} =~ s/\s+$//; - if ($env{'form.ltitools_'.$size.'_'.$i} =~ /^\d+$/) { - $confhash{$itemid}{'display'}{$size} = $env{'form.ltitools_'.$size.'_'.$i}; - if (ref($domconfig{$action}{$itemid}{'display'}) eq 'HASH') { - if ($domconfig{$action}{$itemid}{'display'}{$size} ne $confhash{$itemid}{'display'}{$size}) { - $changes{$itemid} = 1; - } - } else { - $changes{$itemid} = 1; - } - } elsif (ref($domconfig{$action}{$itemid}{'display'}) eq 'HASH') { - if ($domconfig{$action}{$itemid}{'display'}{$size} ne '') { - $changes{$itemid} = 1; - } - } - } - foreach my $item ('linktext','explanation') { - $env{'form.ltitools_'.$item.'_'.$i} =~ s/^\s+//; - $env{'form.ltitools_'.$item.'_'.$i} =~ s/\s+$//; - if ($env{'form.ltitools_'.$item.'_'.$i} ne '') { - $confhash{$itemid}{'display'}{$item} = $env{'form.ltitools_'.$item.'_'.$i}; - if (ref($domconfig{$action}{$itemid}{'display'}) eq 'HASH') { - if ($domconfig{$action}{$itemid}{'display'}{$item} ne $confhash{$itemid}{'display'}{$item}) { - $changes{$itemid} = 1; - } - } else { - $changes{$itemid} = 1; - } - } elsif (ref($domconfig{$action}{$itemid}{'display'}) eq 'HASH') { - if ($domconfig{$action}{$itemid}{'display'}{$item} ne '') { - $changes{$itemid} = 1; - } - } - } - if ($env{'form.ltitools_target_'.$i} eq 'window') { - $confhash{$itemid}{'display'}{'target'} = $env{'form.ltitools_target_'.$i}; - } elsif ($env{'form.ltitools_target_'.$i} eq 'tab') { - $confhash{$itemid}{'display'}{'target'} = $env{'form.ltitools_target_'.$i}; - } else { - $confhash{$itemid}{'display'}{'target'} = 'iframe'; - } - if (ref($domconfig{$action}{$itemid}{'display'}) eq 'HASH') { - if ($domconfig{$action}{$itemid}{'display'}{'target'} ne $confhash{$itemid}{'display'}{'target'}) { - $changes{$itemid} = 1; - } - } else { - $changes{$itemid} = 1; - } - foreach my $extra ('passback','roster') { - if ($env{'form.ltitools_'.$extra.'_'.$i}) { - $confhash{$itemid}{$extra} = 1; - if ($env{'form.ltitools_'.$extra.'valid_'.$i} ne '') { - my $lifetime = $env{'form.ltitools_'.$extra.'valid_'.$i}; - $lifetime =~ s/^\s+|\s+$//g; - if ($lifetime =~ /^\d+\.?\d*$/) { - $confhash{$itemid}{$extra.'valid'} = $lifetime; - } - } - } - if ($domconfig{$action}{$itemid}{$extra} ne $confhash{$itemid}{$extra}) { - $changes{$itemid} = 1; - } - if ($domconfig{$action}{$itemid}{$extra.'valid'} ne $confhash{$itemid}{$extra.'valid'}) { - $changes{$itemid} = 1; - } - } - my @courseconfig = &Apache::loncommon::get_env_multiple('form.ltitools_courseconfig_'.$i); - foreach my $item ('label','title','target','linktext','explanation','append') { - if (grep(/^\Q$item\E$/,@courseconfig)) { - $confhash{$itemid}{'crsconf'}{$item} = 1; - if (ref($domconfig{$action}{$itemid}{'crsconf'}) eq 'HASH') { - if ($domconfig{$action}{$itemid}{'crsconf'}{$item} ne $confhash{$itemid}{'crsconf'}{$item}) { - $changes{$itemid} = 1; - } - } else { - $changes{$itemid} = 1; - } - } - } - my @fields = &Apache::loncommon::get_env_multiple('form.ltitools_fields_'.$i); - foreach my $field (@fields) { - if ($possfield{$field}) { - if ($field eq 'roles') { - foreach my $role (@courseroles) { - my $choice = $env{'form.ltitools_roles_'.$role.'_'.$i}; - if (($choice ne '') && ($posslti{$choice})) { - $confhash{$itemid}{'roles'}{$role} = $choice; - if ($role eq 'cc') { - $confhash{$itemid}{'roles'}{'co'} = $choice; - } - } - if (ref($domconfig{$action}{$itemid}{'roles'}) eq 'HASH') { - if ($domconfig{$action}{$itemid}{'roles'}{$role} ne $confhash{$itemid}{'roles'}{$role}) { - $changes{$itemid} = 1; - } - } elsif ($confhash{$itemid}{'roles'}{$role}) { - $changes{$itemid} = 1; - } - } - } else { - $confhash{$itemid}{'fields'}{$field} = 1; - if (ref($domconfig{$action}{$itemid}{'fields'}) eq 'HASH') { - if ($domconfig{$action}{$itemid}{'fields'}{$field} ne $confhash{$itemid}{'fields'}{$field}) { - $changes{$itemid} = 1; - } - } else { - $changes{$itemid} = 1; - } - } - } - } - if (ref($confhash{$itemid}{'fields'}) eq 'HASH') { - if ($confhash{$itemid}{'fields'}{'user'}) { - if ($env{'form.ltitools_userincdom_'.$i}) { - $confhash{$itemid}{'incdom'} = 1; - } - if ($domconfig{$action}{$itemid}{'incdom'} ne $confhash{$itemid}{'incdom'}) { - $changes{$itemid} = 1; - } - } - } - $allpos[$newpos] = $itemid; - } - if ($imgdeletions{$itemid}) { - $changes{$itemid} = 1; - #FIXME need to obsolete item in RES space - } elsif ($env{'form.ltitools_image_'.$i.'.filename'}) { - my ($imgurl,$error) = &process_ltitools_image($r,$dom,$confname,'ltitools_image_'.$i, - $itemid,$configuserok,$switchserver, - $author_ok); - if ($imgurl) { - $confhash{$itemid}{'image'} = $imgurl; - $changes{$itemid} = 1; - } - if ($error) { - &Apache::lonnet::logthis($error); - $errors .= '<li><span class="LC_error">'.$error.'</span></li>'; - } - } elsif ($domconfig{$action}{$itemid}{'image'}) { - $confhash{$itemid}{'image'} = - $domconfig{$action}{$itemid}{'image'}; - } - if ($customadds{$i}) { - my $name = $env{'form.ltitools_custom_name_'.$i}; - $name =~ s/(`)/'/g; - $name =~ s/^\s+//; - $name =~ s/\s+$//; - my $value = $env{'form.ltitools_custom_value_'.$i}; - $value =~ s/(`)/'/g; - $value =~ s/^\s+//; - $value =~ s/\s+$//; - if ($name ne '') { - $confhash{$itemid}{'custom'}{$name} = $value; - $changes{$itemid} = 1; - } - } - my %customdels; - my @customdeletions = &Apache::loncommon::get_env_multiple('form.ltitools_customdel_'.$i); - if (@customdeletions) { - $changes{$itemid} = 1; - } - map { $customdels{$_} = 1; } @customdeletions; - if (ref($domconfig{$action}{$itemid}{'custom'}) eq 'HASH') { - foreach my $key (keys(%{$domconfig{$action}{$itemid}{'custom'}})) { - unless ($customdels{$key}) { - if ($env{'form.ltitools_customval_'.$key.'_'.$i} ne '') { - $confhash{$itemid}{'custom'}{$key} = $env{'form.ltitools_customval_'.$key.'_'.$i}; - } - if ($domconfig{$action}{$itemid}{'custom'}{$key} ne $env{'form.ltitools_customval_'.$key.'_'.$i}) { - $changes{$itemid} = 1; - } - } - } - } - unless ($changes{$itemid}) { - foreach my $key (keys(%{$domconfig{$action}{$itemid}})) { - if (ref($domconfig{$action}{$itemid}{$key}) eq 'HASH') { - if (ref($confhash{$itemid}{$key}) eq 'HASH') { - foreach my $innerkey (keys(%{$domconfig{$action}{$itemid}{$key}})) { - unless (exists($confhash{$itemid}{$key}{$innerkey})) { - $changes{$itemid} = 1; - last; - } - } - } elsif (keys(%{$domconfig{$action}{$itemid}{$key}}) > 0) { - $changes{$itemid} = 1; + } + if (ref($domconfig{'ltitools'}) eq 'HASH') { + foreach my $id (%{$domconfig{'ltitools'}}) { + next if ($id !~ /^\d+$/); + unless (exists($ltitoolschg{$id})) { + if (ref($domconfig{'ltitools'}{$id}) eq 'HASH') { + foreach my $inner (keys(%{$domconfig{'ltitools'}{$id}})) { + if (($inner eq 'secret') || ($inner eq 'key')) { + if ($is_home) { + $newtoolsenc{$id}{$inner} = $domconfig{'ltitools'}{$id}{$inner}; } + } else { + $newltitools{$id}{$inner} = $domconfig{'ltitools'}{$id}{$inner}; } - last if ($changes{$itemid}); } + } else { + $newltitools{$id} = $domconfig{'ltitools'}{$id}; } } } } - if (@allpos > 0) { - my $idx = 0; - foreach my $itemid (@allpos) { - if ($itemid ne '') { - $confhash{$itemid}{'order'} = $idx; - if (ref($domconfig{$action}) eq 'HASH') { - if (ref($domconfig{$action}{$itemid}) eq 'HASH') { - if ($domconfig{$action}{$itemid}{'order'} ne $idx) { - $changes{$itemid} = 1; - } - } - } - $idx ++; - } + if ($toolserror) { + $errors = '<li>'.$toolserror.'</li>'; + } + if ((keys(%ltitoolschg) == 0) && (keys(%secchanges) == 0)) { + $resulttext = &mt('No changes made.'); + if ($errors) { + $resulttext .= '<br />'.&mt('The following errors occurred: ').'<ul>'. + $errors.'</ul>'; } + return $resulttext; } my %ltitoolshash = ( - $action => { %confhash } + $action => { %newltitools } ); - my $putresult = &Apache::lonnet::put_dom('configuration',\%ltitoolshash, - $dom); + if (keys(%secchanges)) { + $ltitoolshash{'toolsec'} = \%newtoolsec; + } + my $putresult = &Apache::lonnet::put_dom('configuration',\%ltitoolshash,$dom); if ($putresult eq 'ok') { - my %ltienchash = ( - $action => { %encconfig } - ); - &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom,undef,1); - if (keys(%changes) > 0) { + my %keystore; + if ($is_home) { + my %toolsenchash = ( + $action => { %newtoolsenc } + ); + &Apache::lonnet::put_dom('encconfig',\%toolsenchash,$dom,undef,1); my $cachetime = 24*60*60; - my %ltiall = %confhash; - foreach my $id (keys(%ltiall)) { - if (ref($encconfig{$id}) eq 'HASH') { - foreach my $item ('key','secret') { - $ltiall{$id}{$item} = $encconfig{$id}{$item}; + &Apache::lonnet::do_cache_new('ltitoolsenc',$dom,\%newtoolsenc,$cachetime); + &store_security($dom,'ltitools',\%secchanges,\%newkeyset,\%keystore,$lastactref); + } + $resulttext = &mt('Changes made:').'<ul>'; + if (keys(%secchanges) > 0) { + $resulttext .= <i_security_results($dom,'ltitools',\%secchanges,\%newtoolsec,\%newkeyset,\%keystore); + } + if (keys(%ltitoolschg) > 0) { + $resulttext .= $ltitoolsoutput; + } + my $cachetime = 24*60*60; + &Apache::lonnet::do_cache_new('ltitools',$dom,\%newltitools,$cachetime); + if (ref($lastactref) eq 'HASH') { + $lastactref->{'ltitools'} = 1; + } + } else { + $errors .= '<li><span class="LC_error">'.&mt('Failed to save changes').'</span></li>'; + } + if ($errors) { + $resulttext .= '<p>'.&mt('The following errors occurred: ').'<ul>'. + $errors.'</ul></p>'; + } + return $resulttext; +} + +sub fetch_secrets { + my ($dom,$context,$domconfig,$currsec,$secchanges,$newsec,$newkeyset) = @_; + my %keyset; + %{$currsec} = (); + $newsec->{'private'}{'keys'} = []; + $newsec->{'encrypt'} = {}; + $newsec->{'rules'} = {}; + if ($context eq 'ltisec') { + $newsec->{'linkprot'} = {}; + } + if (ref($domconfig->{$context}) eq 'HASH') { + %{$currsec} = %{$domconfig->{$context}}; + if ($context eq 'ltisec') { + if (ref($currsec->{'linkprot'}) eq 'HASH') { + foreach my $id (keys(%{$currsec->{'linkprot'}})) { + unless ($id =~ /^\d+$/) { + delete($currsec->{'linkprot'}{$id}); } } } - &Apache::lonnet::do_cache_new('ltitools',$dom,\%ltiall,$cachetime); - if (ref($lastactref) eq 'HASH') { - $lastactref->{'ltitools'} = 1; + } + if (ref($currsec->{'private'}) eq 'HASH') { + if (ref($currsec->{'private'}{'keys'}) eq 'ARRAY') { + $newsec->{'private'}{'keys'} = $currsec->{'private'}{'keys'}; + map { $keyset{$_} = 1; } @{$currsec->{'private'}{'keys'}}; } - $resulttext = &mt('Changes made:').'<ul>'; - my %bynum; - foreach my $itemid (sort(keys(%changes))) { - my $position = $confhash{$itemid}{'order'}; - $bynum{$position} = $itemid; + } + } + my @items= ('crs','dom'); + if ($context eq 'ltisec') { + push(@items,'consumers'); + } + foreach my $item (@items) { + my $formelement; + if (($context eq 'toolsec') || ($item eq 'consumers')) { + $formelement = 'form.'.$context.'_'.$item; + } else { + $formelement = 'form.'.$context.'_'.$item.'linkprot'; + } + if ($env{$formelement}) { + $newsec->{'encrypt'}{$item} = 1; + if (ref($currsec->{'encrypt'}) eq 'HASH') { + unless ($currsec->{'encrypt'}{$item}) { + $secchanges->{'encrypt'} = 1; + } + } else { + $secchanges->{'encrypt'} = 1; } - foreach my $pos (sort { $a <=> $b } keys(%bynum)) { - my $itemid = $bynum{$pos}; - if (ref($confhash{$itemid}) ne 'HASH') { - $resulttext .= '<li>'.&mt('Deleted: [_1]',$changes{$itemid}).'</li>'; - } else { - $resulttext .= '<li><b>'.$confhash{$itemid}{'title'}.'</b>'; - if ($confhash{$itemid}{'image'}) { - $resulttext .= ' '. - '<img src="'.$confhash{$itemid}{'image'}.'"'. - ' alt="'.&mt('Tool Provider icon').'" />'; - } - $resulttext .= '</li><ul>'; - my $position = $pos + 1; - $resulttext .= '<li>'.&mt('Order: [_1]',$position).'</li>'; - foreach my $item ('version','msgtype','sigmethod','url','lifetime') { - if ($confhash{$itemid}{$item} ne '') { - $resulttext .= '<li>'.$lt{$item}.': '.$confhash{$itemid}{$item}.'</li>'; - } - } - if ($encconfig{$itemid}{'key'} ne '') { - $resulttext .= '<li>'.$lt{'key'}.': '.$encconfig{$itemid}{'key'}.'</li>'; - } - if ($encconfig{$itemid}{'secret'} ne '') { - $resulttext .= '<li>'.$lt{'secret'}.': '; - my $num = length($encconfig{$itemid}{'secret'}); - $resulttext .= ('*'x$num).'</li>'; - } - $resulttext .= '<li>'.&mt('Configurable in course:'); - my @possconfig = ('label','title','target','linktext','explanation','append'); - my $numconfig = 0; - if (ref($confhash{$itemid}{'crsconf'}) eq 'HASH') { - foreach my $item (@possconfig) { - if ($confhash{$itemid}{'crsconf'}{$item}) { - $numconfig ++; - $resulttext .= ' "'.$lt{'crs'.$item}.'"'; - } - } - } - if (!$numconfig) { - $resulttext .= ' '.&mt('None'); - } - $resulttext .= '</li>'; - foreach my $item ('passback','roster') { - $resulttext .= '<li>'.$lt{$item}.' '; - if ($confhash{$itemid}{$item}) { - $resulttext .= &mt('Yes'); - if ($confhash{$itemid}{$item.'valid'}) { - if ($item eq 'passback') { - $resulttext .= ' '.&mt('valid for at least [quant,_1,day] after launch', - $confhash{$itemid}{$item.'valid'}); - } else { - $resulttext .= ' '.&mt('valid for at least [quant,_1,second] after launch', - $confhash{$itemid}{$item.'valid'}); - } - } - } else { - $resulttext .= &mt('No'); - } - $resulttext .= '</li>'; - } - if (ref($confhash{$itemid}{'display'}) eq 'HASH') { - my $displaylist; - if ($confhash{$itemid}{'display'}{'target'}) { - $displaylist = &mt('Display target').': '. - $confhash{$itemid}{'display'}{'target'}.','; - } - foreach my $size ('width','height') { - if ($confhash{$itemid}{'display'}{$size}) { - $displaylist .= (' 'x2).$lt{$size}.': '. - $confhash{$itemid}{'display'}{$size}.','; - } - } - if ($displaylist) { - $displaylist =~ s/,$//; - $resulttext .= '<li>'.$displaylist.'</li>'; - } - foreach my $item ('linktext','explanation') { - if ($confhash{$itemid}{'display'}{$item}) { - $resulttext .= '<li>'.$lt{$item}.': '.$confhash{$itemid}{'display'}{$item}.'</li>'; - } - } - } - if (ref($confhash{$itemid}{'fields'}) eq 'HASH') { - my $fieldlist; - foreach my $field (@allfields) { - if ($confhash{$itemid}{'fields'}{$field}) { - $fieldlist .= (' 'x2).$lt{$field}.','; - } - } - if ($fieldlist) { - $fieldlist =~ s/,$//; - if ($confhash{$itemid}{'fields'}{'user'}) { - if ($confhash{$itemid}{'incdom'}) { - $fieldlist .= ' ('.&mt('username:domain').')'; - } else { - $fieldlist .= ' ('.&mt('username').')'; - } - } - $resulttext .= '<li>'.&mt('Data sent').':'.$fieldlist.'</li>'; + } elsif (ref($currsec->{'encrypt'}) eq 'HASH') { + if ($currsec->{'encrypt'}{$item}) { + $secchanges->{'encrypt'} = 1; + } + } + } + my $secrets; + if ($context eq 'ltisec') { + $secrets = 'ltisecrets'; + } else { + $secrets = 'toolsecrets'; + } + unless (exists($currsec->{'rules'})) { + $currsec->{'rules'} = {}; + } + &password_rule_changes($secrets,$newsec->{'rules'},$currsec->{'rules'},$secchanges); + + my @ids=&Apache::lonnet::current_machine_ids(); + my %servers = &Apache::lonnet::get_servers($dom,'library'); + + foreach my $hostid (keys(%servers)) { + if (($hostid ne '') && (grep(/^\Q$hostid\E$/,@ids))) { + my $keyitem = 'form.'.$context.'_privkey_'.$hostid; + if (exists($env{$keyitem})) { + $env{$keyitem} =~ s/(`)/'/g; + if ($keyset{$hostid}) { + if ($env{'form.'.$context.'_changeprivkey_'.$hostid}) { + if ($env{$keyitem} ne '') { + $secchanges->{'private'} = 1; + $newkeyset->{$hostid} = $env{$keyitem}; } } - if (ref($confhash{$itemid}{'roles'}) eq 'HASH') { - my $rolemaps; - foreach my $role (@courseroles) { - if ($confhash{$itemid}{'roles'}{$role}) { - $rolemaps .= (' 'x2).&Apache::lonnet::plaintext($role,'Course').'='. - $confhash{$itemid}{'roles'}{$role}.','; - } - } - if ($rolemaps) { - $rolemaps =~ s/,$//; - $resulttext .= '<li>'.&mt('Role mapping:').$rolemaps.'</li>'; - } + } elsif ($env{$keyitem} ne '') { + unless (grep(/^\Q$hostid\E$/,@{$newsec->{'private'}{'keys'}})) { + push(@{$newsec->{'private'}{'keys'}},$hostid); } - if (ref($confhash{$itemid}{'custom'}) eq 'HASH') { - my $customlist; - if (keys(%{$confhash{$itemid}{'custom'}})) { - foreach my $key (sort(keys(%{$confhash{$itemid}{'custom'}}))) { - $customlist .= $key.':'.$confhash{$itemid}{'custom'}{$key}.(' 'x2); - } - } - if ($customlist) { - $resulttext .= '<li>'.&mt('Custom items').': '.$customlist.'</li>'; - } - } - $resulttext .= '</ul></li>'; + $secchanges->{'private'} = 1; + $newkeyset->{$hostid} = $env{$keyitem}; } } - $resulttext .= '</ul>'; - } else { - $resulttext = &mt('No changes made.'); } - } else { - $errors .= '<li><span class="LC_error">'.&mt('Failed to save changes').'</span></li>'; - } - if ($errors) { - $resulttext .= &mt('The following errors occurred: ').'<ul>'. - $errors.'</ul>'; } - return $resulttext; } -sub process_ltitools_image { - my ($r,$dom,$confname,$caller,$itemid,$configuserok,$switchserver,$author_ok) = @_; - my $filename = $env{'form.'.$caller.'.filename'}; - my ($error,$url); - my ($width,$height) = (21,21); - if ($configuserok eq 'ok') { - if ($switchserver) { - $error = &mt('Upload of Tool Provider (LTI) icon is not permitted to this server: [_1]', - $switchserver); - } elsif ($author_ok eq 'ok') { - my ($result,$imageurl,$madethumb) = - &publishlogo($r,'upload',$caller,$dom,$confname, - "ltitools/$itemid/icon",$width,$height); - if ($result eq 'ok') { - if ($madethumb) { - my ($path,$imagefile) = ($imageurl =~ m{^(.+)/([^/]+)$}); - my $imagethumb = "$path/tn-".$imagefile; - $url = $imagethumb; - } else { - $url = $imageurl; - } - } else { - $error = &mt("Upload of [_1] failed because an error occurred publishing the file in RES space. Error was: [_2].",$filename,$result); +sub store_security { + my ($dom,$context,$secchanges,$newkeyset,$keystore) = @_; + return unless ((ref($secchanges) eq 'HASH') && (ref($newkeyset) eq 'HASH') && + (ref($keystore) eq 'HASH')); + if (keys(%{$secchanges})) { + if ($secchanges->{'private'}) { + my $who = &escape($env{'user.name'}.':'.$env{'user.domain'}); + foreach my $hostid (keys(%{$newkeyset})) { + my $storehash = { + key => $newkeyset->{$hostid}, + who => $env{'user.name'}.':'.$env{'user.domain'}, + }; + $keystore->{$hostid} = &Apache::lonnet::store_dom($storehash,$context,'private', + $dom,$hostid); } - } else { - $error = &mt("Upload of [_1] failed because an author role could not be assigned to a Domain Configuration user ([_2]) in domain: [_3]. Error was: [_4].",$filename,$confname,$dom,$author_ok); } - } else { - $error = &mt("Upload of [_1] failed because a Domain Configuration user ([_2]) could not be created in domain: [_3]. Error was: [_4].",$filename,$confname,$dom,$configuserok); } - return ($url,$error); } -sub get_ltitools_id { - my ($cdom,$title) = @_; - # get lock on ltitools db - my $lockhash = { - lock => $env{'user.name'}. - ':'.$env{'user.domain'}, - }; - my $tries = 0; - my $gotlock = &Apache::lonnet::newput_dom('ltitools',$lockhash,$cdom); - my ($id,$error); - - while (($gotlock ne 'ok') && ($tries<10)) { - $tries ++; - sleep (0.1); - $gotlock = &Apache::lonnet::newput_dom('ltitools',$lockhash,$cdom); - } - if ($gotlock eq 'ok') { - my %currids = &Apache::lonnet::dump_dom('ltitools',$cdom); - if ($currids{'lock'}) { - delete($currids{'lock'}); - if (keys(%currids)) { - my @curr = sort { $a <=> $b } keys(%currids); - if ($curr[-1] =~ /^\d+$/) { - $id = 1 + $curr[-1]; - } +sub lti_security_results { + my ($dom,$context,$secchanges,$newsec,$newkeyset,$keystore) = @_; + my $output; + my %domdefaults = &Apache::lonnet::get_domain_defaults($dom); + my $needs_update; + foreach my $item (keys(%{$secchanges})) { + if ($item eq 'encrypt') { + $needs_update = 1; + my %encrypted; + if ($context eq 'lti') { + %encrypted = ( + crs => { + on => &mt('Encryption of stored link protection secrets defined in courses enabled'), + off => &mt('Encryption of stored link protection secrets defined in courses disabled'), + }, + dom => { + on => &mt('Encryption of stored link protection secrets defined in domain enabled'), + off => &mt('Encryption of stored link protection secrets defined in domain disabled'), + }, + consumers => { + on => &mt('Encryption of stored consumer secrets defined in domain enabled'), + off => &mt('Encryption of stored consumer secrets defined in domain disabled'), + }, + ); } else { - $id = 1; + %encrypted = ( + crs => { + on => &mt('Encryption of stored external tool secrets defined in courses enabled'), + off => &mt('Encryption of stored external tool secrets defined in courses disabled'), + }, + dom => { + on => &mt('Encryption of stored external tool secrets defined in domain enabled'), + off => &mt('Encryption of stored external tool secrets defined in domain disabled'), + }, + ); + } - if ($id) { - unless (&Apache::lonnet::newput_dom('ltitools',{ $id => $title },$cdom) eq 'ok') { - $error = 'nostore'; + my @types= ('crs','dom'); + if ($context eq 'lti') { + foreach my $type (@types) { + undef($domdefaults{'linkprotenc_'.$type}); + } + push(@types,'consumers'); + undef($domdefaults{'ltienc_consumers'}); + } elsif ($context eq 'ltitools') { + foreach my $type (@types) { + undef($domdefaults{'toolenc_'.$type}); + } + } + foreach my $type (@types) { + my $shown = $encrypted{$type}{'off'}; + if (ref($newsec->{$item}) eq 'HASH') { + if ($newsec->{$item}{$type}) { + if ($context eq 'lti') { + if ($type eq 'consumers') { + $domdefaults{'ltienc_consumers'} = 1; + } else { + $domdefaults{'linkprotenc_'.$type} = 1; + } + } elsif ($context eq 'ltitools') { + $domdefaults{'toolenc_'.$type} = 1; + } + $shown = $encrypted{$type}{'on'}; + } + } + $output .= '<li>'.$shown.'</li>'; + } + } elsif ($item eq 'rules') { + my %titles = &Apache::lonlocal::texthash( + min => 'Minimum password length', + max => 'Maximum password length', + chars => 'Required characters', + ); + foreach my $rule ('min','max') { + if ($newsec->{rules}{$rule} eq '') { + if ($rule eq 'min') { + $output .= '<li>'.&mt('[_1] not set.',$titles{$rule}); + ' '.&mt('Default of [_1] will be used', + $Apache::lonnet::passwdmin).'</li>'; + } else { + $output .= '<li>'.&mt('[_1] set to none',$titles{$rule}).'</li>'; + } + } else { + $output .= '<li>'.&mt('[_1] set to [_2]',$titles{$rule},$newsec->{rules}{$rule}).'</li>'; + } + } + if (ref($newsec->{'rules'}{'chars'}) eq 'ARRAY') { + if (@{$newsec->{'rules'}{'chars'}} > 0) { + my %rulenames = &Apache::lonlocal::texthash( + uc => 'At least one upper case letter', + lc => 'At least one lower case letter', + num => 'At least one number', + spec => 'At least one non-alphanumeric', + ); + my $needed = '<ul><li>'. + join('</li><li>',map {$rulenames{$_} } @{$newsec->{'rules'}{'chars'}}). + '</li></ul>'; + $output .= '<li>'.&mt('[_1] set to: [_2]',$titles{'chars'},$needed).'</li>'; + } else { + $output .= '<li>'.&mt('[_1] set to none',$titles{'chars'}).'</li>'; } } else { - $error = 'nonumber'; + $output .= '<li>'.&mt('[_1] set to none',$titles{'chars'}).'</li>'; + } + } elsif ($item eq 'private') { + $needs_update = 1; + if ($context eq 'lti') { + undef($domdefaults{'ltiprivhosts'}); + } elsif ($context eq 'ltitools') { + undef($domdefaults{'toolprivhosts'}); + } + if (keys(%{$newkeyset})) { + my @privhosts; + foreach my $hostid (sort(keys(%{$newkeyset}))) { + if ($keystore->{$hostid} eq 'ok') { + $output .= '<li>'.&mt('Encryption key for storage of shared secrets saved for [_1]',$hostid).'</li>'; + unless (grep(/^\Q$hostid\E$/,@privhosts)) { + push(@privhosts,$hostid); + } + } + } + if (@privhosts) { + if ($context eq 'lti') { + $domdefaults{'ltiprivhosts'} = \@privhosts; + } elsif ($context eq 'ltitools') { + $domdefaults{'toolprivhosts'} = \@privhosts; + } + } } + } elsif ($item eq 'linkprot') { + next; } - my $dellockoutcome = &Apache::lonnet::del_dom('ltitools',['lock'],$cdom); - } else { - $error = 'nolock'; } - return ($id,$error); + if ($needs_update) { + my $cachetime = 24*60*60; + &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime); + } + return $output; } sub modify_proctoring { @@ -15882,9 +15086,11 @@ sub process_proctoring_image { $error = &mt('Upload of Remote Proctoring Provider icon is not permitted to this server: [_1]', $switchserver); } elsif ($author_ok eq 'ok') { + my $modified = []; my ($result,$imageurl,$madethumb) = - &publishlogo($r,'upload',$caller,$dom,$confname, - "proctoring/$provider/icon",$width,$height); + &Apache::lonconfigsettings::publishlogo($r,'upload',$caller,$dom,$confname, + "proctoring/$provider/icon",$width,$height, + '',$modified); if ($result eq 'ok') { if ($madethumb) { my ($path,$imagefile) = ($imageurl =~ m{^(.+)/([^/]+)$}); @@ -15893,6 +15099,7 @@ sub process_proctoring_image { } else { $url = $imageurl; } + &update_modify_urls($r,$modified); } else { $error = &mt("Upload of [_1] failed because an error occurred publishing the file in RES space. Error was: [_2].",$filename,$result); } @@ -15908,7 +15115,7 @@ sub process_proctoring_image { sub modify_lti { my ($r,$dom,$action,$lastactref,%domconfig) = @_; my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1); - my ($newid,@allpos,%changes,%confhash,%encconfig,$errors,$resulttext); + my ($newid,@allpos,%changes,%confhash,%ltienc,$errors,$resulttext); my (%posslti,%posslticrs,%posscrstype); my @courseroles = ('cc','in','ta','ep','st'); my @ltiroles = qw(Learner Instructor ContentDeveloper TeachingAssistant Mentor Member Manager Administrator); @@ -15929,81 +15136,9 @@ sub modify_lti { map { $posscrstype{$_} = 1; } @coursetypes; my %menutitles = <imenu_titles(); + my (%currltisec,%secchanges,%newltisec,%newltienc,%newkeyset); - my (%currltisec,%secchanges,%newltisec,%newltienc,%keyset,%newkeyset); - $newltisec{'private'}{'keys'} = []; - $newltisec{'encrypt'} = {}; - $newltisec{'rules'} = {}; - $newltisec{'linkprot'} = {}; - if (ref($domconfig{'ltisec'}) eq 'HASH') { - %currltisec = %{$domconfig{'ltisec'}}; - if (ref($currltisec{'linkprot'}) eq 'HASH') { - foreach my $id (keys(%{$currltisec{'linkprot'}})) { - unless ($id =~ /^\d+$/) { - delete($currltisec{'linkprot'}{$id}); - } - } - } - if (ref($currltisec{'private'}) eq 'HASH') { - if (ref($currltisec{'private'}{'keys'}) eq 'ARRAY') { - $newltisec{'private'}{'keys'} = $currltisec{'private'}{'keys'}; - map { $keyset{$_} = 1; } @{$currltisec{'private'}{'keys'}}; - } - } - } - foreach my $item ('crs','dom','consumers') { - my $formelement; - if ($item eq 'consumers') { - $formelement = 'form.ltisec_'.$item; - } else { - $formelement = 'form.ltisec_'.$item.'linkprot'; - } - if ($env{$formelement}) { - $newltisec{'encrypt'}{$item} = 1; - if (ref($currltisec{'encrypt'}) eq 'HASH') { - unless ($currltisec{'encrypt'}{$item}) { - $secchanges{'encrypt'} = 1; - } - } else { - $secchanges{'encrypt'} = 1; - } - } elsif (ref($currltisec{'encrypt'}) eq 'HASH') { - if ($currltisec{'encrypt'}{$item}) { - $secchanges{'encrypt'} = 1; - } - } - } - unless (exists($currltisec{'rules'})) { - $currltisec{'rules'} = {}; - } - &password_rule_changes('secrets',$newltisec{'rules'},$currltisec{'rules'},\%secchanges); - - my @ids=&Apache::lonnet::current_machine_ids(); - my %servers = &Apache::lonnet::get_servers($dom,'library'); - - foreach my $hostid (keys(%servers)) { - if (($hostid ne '') && (grep(/^\Q$hostid\E$/,@ids))) { - my $newkey; - my $keyitem = 'form.ltisec_privkey_'.$hostid; - if (exists($env{$keyitem})) { - $env{$keyitem} =~ s/(`)/'/g; - if ($keyset{$hostid}) { - if ($env{'form.ltisec_changeprivkey_'.$hostid}) { - if ($env{$keyitem} ne '') { - $secchanges{'private'} = 1; - $newkeyset{$hostid} = $env{$keyitem}; - } - } - } elsif ($env{$keyitem} ne '') { - unless (grep(/^\Q$hostid\E$/,@{$newltisec{'private'}{'keys'}})) { - push(@{$newltisec{'private'}{'keys'}},$hostid); - } - $secchanges{'private'} = 1; - $newkeyset{$hostid} = $env{$keyitem}; - } - } - } - } + &fetch_secrets($dom,'ltisec',\%domconfig,\%currltisec,\%secchanges,\%newltisec,\%newkeyset); my (%linkprotchg,$linkprotoutput,$is_home); my $proterror = &Apache::courseprefs::process_linkprot($dom,'',$currltisec{'linkprot'}, @@ -16094,29 +15229,43 @@ sub modify_lti { } } } + my (%keystore,$secstored); + if ($is_home) { + &store_security($dom,'lti',\%secchanges,\%newkeyset,\%keystore); + } + + my ($cipher,$privnum); + if ((@items > 0) && ($is_home)) { + ($cipher,$privnum) = &get_priv_creds($dom,$home,$secchanges{'encrypt'}, + $newltisec{'encrypt'},$keystore{$home}); + } foreach my $idx (@items) { my $itemid = $itemids{$idx}; next unless ($itemid); + my %currlti; + unless ($idx eq 'add') { + if (ref($domconfig{$action}) eq 'HASH') { + if (ref($domconfig{$action}{$itemid}) eq 'HASH') { + %currlti = %{$domconfig{$action}{$itemid}}; + } + } + } my $position = $env{'form.lti_pos_'.$itemid}; $position =~ s/\D+//g; if ($position ne '') { $allpos[$position] = $itemid; } - foreach my $item ('consumer','key','secret','lifetime','requser','crsinc') { + foreach my $item ('consumer','lifetime','requser','crsinc') { my $formitem = 'form.lti_'.$item.'_'.$idx; $env{$formitem} =~ s/(`)/'/g; if ($item eq 'lifetime') { $env{$formitem} =~ s/[^\d.]//g; } if ($env{$formitem} ne '') { - if (($item eq 'key') || ($item eq 'secret')) { - $encconfig{$itemid}{$item} = $env{$formitem}; - } else { - $confhash{$itemid}{$item} = $env{$formitem}; - unless (($idx eq 'add') || ($changes{$itemid})) { - if ($domconfig{$action}{$itemid}{$item} ne $confhash{$itemid}{$item}) { - $changes{$itemid} = 1; - } + $confhash{$itemid}{$item} = $env{$formitem}; + unless (($idx eq 'add') || ($changes{$itemid})) { + if ($currlti{$item} ne $confhash{$itemid}{$item}) { + $changes{$itemid} = 1; } } } @@ -16257,27 +15406,27 @@ sub modify_lti { unless (($idx eq 'add') || ($changes{$itemid})) { if ($confhash{$itemid}{'crsinc'}) { foreach my $field ('mapcrs','storecrs','makecrs','section','passback','roster') { - if ($domconfig{$action}{$itemid}{$field} ne $confhash{$itemid}{$field}) { + if ($currlti{$field} ne $confhash{$itemid}{$field}) { $changes{$itemid} = 1; } } unless ($changes{$itemid}) { - if ($domconfig{$action}{$itemid}{'passback'} eq $confhash{$itemid}{'passback'}) { - if ($domconfig{$action}{$itemid}{'passbackformat'} ne $confhash{$itemid}{'passbackformat'}) { + if ($currlti{'passback'} eq $confhash{$itemid}{'passback'}) { + if ($currlti{'passbackformat'} ne $confhash{$itemid}{'passbackformat'}) { $changes{$itemid} = 1; } } } foreach my $field ('mapcrstype','selfenroll') { unless ($changes{$itemid}) { - if (ref($domconfig{$action}{$itemid}{$field}) eq 'ARRAY') { + if (ref($currlti{$field}) eq 'ARRAY') { if (ref($confhash{$itemid}{$field}) eq 'ARRAY') { - my @diffs = &Apache::loncommon::compare_arrays($domconfig{$action}{$itemid}{$field}, + my @diffs = &Apache::loncommon::compare_arrays($currlti{$field}, $confhash{$itemid}{$field}); if (@diffs) { $changes{$itemid} = 1; } - } elsif (@{$domconfig{$action}{$itemid}{$field}} > 0) { + } elsif (@{$currlti{$field}} > 0) { $changes{$itemid} = 1; } } elsif (ref($confhash{$itemid}{$field}) eq 'ARRAY') { @@ -16288,10 +15437,10 @@ sub modify_lti { } } unless ($changes{$itemid}) { - if (ref($domconfig{$action}{$itemid}{'maproles'}) eq 'HASH') { + if (ref($currlti{'maproles'}) eq 'HASH') { if (ref($confhash{$itemid}{'maproles'}) eq 'HASH') { - foreach my $ltirole (keys(%{$domconfig{$action}{$itemid}{'maproles'}})) { - if ($domconfig{$action}{$itemid}{'maproles'}{$ltirole} ne + foreach my $ltirole (keys(%{$currlti{'maproles'}})) { + if ($currlti{'maproles'}{$ltirole} ne $confhash{$itemid}{'maproles'}{$ltirole}) { $changes{$itemid} = 1; last; @@ -16300,13 +15449,13 @@ sub modify_lti { unless ($changes{$itemid}) { foreach my $ltirole (keys(%{$confhash{$itemid}{'maproles'}})) { if ($confhash{$itemid}{'maproles'}{$ltirole} ne - $domconfig{$action}{$itemid}{'maproles'}{$ltirole}) { + $currlti{'maproles'}{$ltirole}) { $changes{$itemid} = 1; last; } } } - } elsif (keys(%{$domconfig{$action}{$itemid}{'maproles'}}) > 0) { + } elsif (keys(%{$currlti{'maproles'}}) > 0) { $changes{$itemid} = 1; } } elsif (ref($confhash{$itemid}{'maproles'}) eq 'HASH') { @@ -16320,20 +15469,20 @@ sub modify_lti { } unless ($changes{$itemid}) { foreach my $field ('mapuser','lcauth','lcauthparm','topmenu','inlinemenu','callback') { - if ($domconfig{$action}{$itemid}{$field} ne $confhash{$itemid}{$field}) { + if ($currlti{$field} ne $confhash{$itemid}{$field}) { $changes{$itemid} = 1; } } unless ($changes{$itemid}) { foreach my $field ('makeuser','lcmenu') { - if (ref($domconfig{$action}{$itemid}{$field}) eq 'ARRAY') { + if (ref($currlti{$field}) eq 'ARRAY') { if (ref($confhash{$itemid}{$field}) eq 'ARRAY') { - my @diffs = &Apache::loncommon::compare_arrays($domconfig{$action}{$itemid}{$field}, + my @diffs = &Apache::loncommon::compare_arrays($currlti{$field}, $confhash{$itemid}{$field}); if (@diffs) { $changes{$itemid} = 1; } - } elsif (@{$domconfig{$action}{$itemid}{$field}} > 0) { + } elsif (@{$currlti{$field}} > 0) { $changes{$itemid} = 1; } } elsif (ref($confhash{$itemid}{$field}) eq 'ARRAY') { @@ -16346,6 +15495,71 @@ sub modify_lti { } } } + if ($is_home) { + my $keyitem = 'form.lti_key_'.$idx; + $env{$keyitem} =~ s/(`)/'/g; + if ($env{$keyitem} ne '') { + $ltienc{$itemid}{'key'} = $env{$keyitem}; + unless ($changes{$itemid}) { + if ($currlti{'key'} ne $env{$keyitem}) { + $changes{$itemid} = 1; + } + } + } + my $secretitem = 'form.lti_secret_'.$idx; + $env{$secretitem} =~ s/(`)/'/g; + if ($currlti{'usable'}) { + if ($env{'form.lti_changesecret_'.$idx}) { + if ($env{$secretitem} ne '') { + if ($privnum && $cipher) { + $ltienc{$itemid}{'secret'} = $cipher->encrypt_hex($env{$secretitem}); + $confhash{$itemid}{'cipher'} = $privnum; + } else { + $ltienc{$itemid}{'secret'} = $env{$secretitem}; + } + $changes{$itemid} = 1; + } + } else { + $ltienc{$itemid}{'secret'} = $currlti{'secret'}; + $confhash{$itemid}{'cipher'} = $currlti{'cipher'}; + } + if (ref($ltienc{$itemid}) eq 'HASH') { + if (($ltienc{$itemid}{'key'} ne '') && ($ltienc{$itemid}{'secret'} ne '')) { + $confhash{$itemid}{'usable'} = 1; + } + } + } elsif ($env{$secretitem} ne '') { + if ($privnum && $cipher) { + $ltienc{$itemid}{'secret'} = $cipher->encrypt_hex($env{$secretitem}); + $confhash{$itemid}{'cipher'} = $privnum; + } else { + $ltienc{$itemid}{'secret'} = $env{$secretitem}; + } + if (ref($ltienc{$itemid}) eq 'HASH') { + if (($ltienc{$itemid}{'key'} ne '') && ($ltienc{$itemid}{'key'} ne '')) { + $confhash{$itemid}{'usable'} = 1; + } + } + $changes{$itemid} = 1; + } + } + unless ($changes{$itemid}) { + foreach my $key (keys(%currlti)) { + if (ref($currlti{$key}) eq 'HASH') { + if (ref($confhash{$itemid}{$key}) eq 'HASH') { + foreach my $innerkey (keys(%{$currlti{$key}})) { + unless (exists($confhash{$itemid}{$key}{$innerkey})) { + $changes{$itemid} = 1; + last; + } + } + } elsif (keys(%{$currlti{$key}}) > 0) { + $changes{$itemid} = 1; + } + } + last if ($changes{$itemid}); + } + } } if (@allpos > 0) { my $idx = 0; @@ -16363,12 +15577,21 @@ sub modify_lti { } } } + + if ((keys(%changes) == 0) && (keys(%secchanges) == 0)) { + return &mt('No changes made.'); + } + my %ltihash = ( $action => { %confhash } ); - my %ltienchash = ( - $action => { %encconfig } - ); + my %ltienchash; + + if ($is_home) { + %ltienchash = ( + $action => { %ltienc } + ); + } if (keys(%secchanges)) { $ltihash{'ltisec'} = \%newltisec; if ($secchanges{'linkprot'}) { @@ -16379,130 +15602,32 @@ sub modify_lti { } my $putresult = &Apache::lonnet::put_dom('configuration',\%ltihash,$dom); if ($putresult eq 'ok') { - my %keystore; - if (keys(%secchanges)) { - if ($secchanges{'private'}) { - my $who = &escape($env{'user.name'}.':'.$env{'user.domain'}); - foreach my $hostid (keys(%newkeyset)) { - my $storehash = { - key => $newkeyset{$hostid}, - who => $env{'user.name'}.':'.$env{'user.domain'}, - }; - $keystore{$hostid} = &Apache::lonnet::store_dom($storehash,'lti','private', - $dom,$hostid); - } - } - if (ref($lastactref) eq 'HASH') { - if (($secchanges{'encrypt'}) || ($secchanges{'private'})) { - $lastactref->{'domdefaults'} = 1; - } - } - } - &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom,undef,1); - if ((keys(%changes) == 0) && (keys(%secchanges) == 0)) { - return &mt('No changes made.'); + if (keys(%ltienchash)) { + &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom,undef,1); } $resulttext = &mt('Changes made:').'<ul>'; if (keys(%secchanges) > 0) { - foreach my $item (keys(%secchanges)) { - if ($item eq 'encrypt') { - my %encrypted = ( - crs => { - on => &mt('Encryption of stored link protection secrets defined in courses enabled'), - off => &mt('Encryption of stored link protection secrets defined in courses disabled'), - }, - dom => { - on => &mt('Encryption of stored link protection secrets defined in domain enabled'), - off => &mt('Encryption of stored link protection secrets defined in domain disabled'), - }, - consumers => { - on => &mt('Encryption of stored consumer secrets defined in domain enabled'), - off => &mt('Encryption of stored consumer secrets defined in domain disabled'), - }, - ); - foreach my $type ('crs','dom','consumers') { - my $shown = $encrypted{$type}{'off'}; - if (ref($newltisec{$item}) eq 'HASH') { - if ($newltisec{$item}{$type}) { - $shown = $encrypted{$type}{'on'}; - } - } - $resulttext .= '<li>'.$shown.'</li>'; - } - } elsif ($item eq 'rules') { - my %titles = &Apache::lonlocal::texthash( - min => 'Minimum password length', - max => 'Maximum password length', - chars => 'Required characters', - ); - foreach my $rule ('min','max') { - if ($newltisec{rules}{$rule} eq '') { - if ($rule eq 'min') { - $resulttext .= '<li>'.&mt('[_1] not set.',$titles{$rule}); - ' '.&mt('Default of [_1] will be used', - $Apache::lonnet::passwdmin).'</li>'; - } else { - $resulttext .= '<li>'.&mt('[_1] set to none',$titles{$rule}).'</li>'; - } - } else { - $resulttext .= '<li>'.&mt('[_1] set to [_2]',$titles{$rule},$newltisec{rules}{$rule}).'</li>'; - } - } - if (ref($newltisec{'rules'}{'chars'}) eq 'ARRAY') { - if (@{$newltisec{'rules'}{'chars'}} > 0) { - my %rulenames = &Apache::lonlocal::texthash( - uc => 'At least one upper case letter', - lc => 'At least one lower case letter', - num => 'At least one number', - spec => 'At least one non-alphanumeric', - ); - my $needed = '<ul><li>'. - join('</li><li>',map {$rulenames{$_} } @{$newltisec{'rules'}{'chars'}}). - '</li></ul>'; - $resulttext .= '<li>'.&mt('[_1] set to: [_2]',$titles{'chars'},$needed).'</li>'; - } else { - $resulttext .= '<li>'.&mt('[_1] set to none',$titles{'chars'}).'</li>'; - } - } else { - $resulttext .= '<li>'.&mt('[_1] set to none',$titles{'chars'}).'</li>'; - } - } elsif ($item eq 'private') { - if (keys(%newkeyset)) { - foreach my $hostid (sort(keys(%newkeyset))) { - if ($keystore{$hostid} eq 'ok') { - $resulttext .= '<li>'.&mt('Encryption key for storage of shared secrets saved for [_1]',$hostid).'</li>'; - } - } - } - } elsif ($item eq 'linkprot') { - $resulttext .= $linkprotoutput; - } + $resulttext .= <i_security_results($dom,'lti',\%secchanges,\%newltisec,\%newkeyset,\%keystore); + if (exists($secchanges{'linkprot'})) { + $resulttext .= $linkprotoutput; } } if (keys(%changes) > 0) { my $cachetime = 24*60*60; - my %ltiall = %confhash; - foreach my $id (keys(%ltiall)) { - if (ref($encconfig{$id}) eq 'HASH') { - foreach my $item ('key','secret') { - $ltiall{$id}{$item} = $encconfig{$id}{$item}; - } - } - } - &Apache::lonnet::do_cache_new('lti',$dom,\%ltiall,$cachetime); + &Apache::lonnet::do_cache_new('lti',$dom,\%confhash,$cachetime); if (ref($lastactref) eq 'HASH') { $lastactref->{'lti'} = 1; } my %bynum; foreach my $itemid (sort(keys(%changes))) { - my $position = $confhash{$itemid}{'order'}; - $bynum{$position} = $itemid; + if (ref($confhash{$itemid}) eq 'HASH') { + my $position = $confhash{$itemid}{'order'}; + $bynum{$position} = $itemid; + } } foreach my $pos (sort { $a <=> $b } keys(%bynum)) { my $itemid = $bynum{$pos}; - if (ref($confhash{$itemid}) ne 'HASH') { - $resulttext .= '<li>'.&mt('Deleted: [_1]',$changes{$itemid}).'</li>'; - } else { + if (ref($confhash{$itemid}) eq 'HASH') { $resulttext .= '<li><b>'.$confhash{$itemid}{'consumer'}.'</b><ul>'; my $position = $pos + 1; $resulttext .= '<li>'.&mt('Order: [_1]',$position).'</li>'; @@ -16511,13 +15636,11 @@ sub modify_lti { $resulttext .= '<li>'.$lt{$item}.': '.$confhash{$itemid}{$item}.'</li>'; } } - if ($encconfig{$itemid}{'key'} ne '') { - $resulttext .= '<li>'.$lt{'key'}.': '.$encconfig{$itemid}{'key'}.'</li>'; + if ($ltienc{$itemid}{'key'} ne '') { + $resulttext .= '<li>'.$lt{'key'}.': '.$ltienc{$itemid}{'key'}.'</li>'; } - if ($encconfig{$itemid}{'secret'} ne '') { - $resulttext .= '<li>'.$lt{'secret'}.': '; - my $num = length($encconfig{$itemid}{'secret'}); - $resulttext .= ('*'x$num).'</li>'; + if ($ltienc{$itemid}{'secret'} ne '') { + $resulttext .= '<li>'.$lt{'secret'}.': ['.&mt('not shown').']</li>'; } if ($confhash{$itemid}{'requser'}) { if ($confhash{$itemid}{'callback'}) { @@ -16669,8 +15792,18 @@ sub modify_lti { $resulttext .= '</ul></li>'; } } + if (keys(%deletions)) { + foreach my $itemid (sort { $a <=> $b } keys(%deletions)) { + $resulttext .= '<li>'.&mt('Deleted: [_1]',$changes{$itemid}).'</li>'; + } + } } $resulttext .= '</ul>'; + if (ref($lastactref) eq 'HASH') { + if (($secchanges{'encrypt'}) || ($secchanges{'private'})) { + $lastactref->{'domdefaults'} = 1; + } + } } else { $errors .= '<li><span class="LC_error">'.&mt('Failed to save changes').'</span></li>'; } @@ -16681,6 +15814,30 @@ sub modify_lti { return $resulttext; } +sub get_priv_creds { + my ($dom,$home,$encchg,$encrypt,$storedsec) = @_; + my ($needenc,$cipher,$privnum); + my %domdefs = &Apache::lonnet::get_domain_defaults($dom); + if (($encchg) && (ref($encrypt) eq 'HASH')) { + $needenc = $encrypt->{'consumers'} + } else { + $needenc = $domdefs{'ltienc_consumers'}; + } + if ($needenc) { + if (($storedsec eq 'ok') || ((ref($domdefs{'ltiprivhosts'}) eq 'ARRAY') && + (grep(/^\Q$home\E$/,@{$domdefs{'ltiprivhosts'}})))) { + my %privhash = &Apache::lonnet::restore_dom('lti','private',$dom,$home,1); + my $privkey = $privhash{'key'}; + $privnum = $privhash{'version'}; + if (($privnum) && ($privkey ne '')) { + $cipher = Crypt::CBC->new({'key' => $privkey, + 'cipher' => 'DES'}); + } + } + } + return ($cipher,$privnum); +} + sub get_lti_id { my ($domain,$consumer) = @_; # get lock on lti db @@ -17483,7 +16640,7 @@ sub modify_contacts { $contacts_hash{'contacts'}{'overrides'}{$type}{'include'} = $includeloc{$type}.':'.&escape($includestr{$type}); $newsetting{'override_'.$type}{'include'} = $contacts_hash{'contacts'}{'overrides'}{$type}{'include'}; } - } + } } } if (keys(%currsetting) > 0) { @@ -17541,12 +16698,12 @@ sub modify_contacts { } } if (@statuses) { - if (ref($currsetting{'overrides'}) eq 'HASH') { + if (ref($currsetting{'overrides'}) eq 'HASH') { foreach my $key (keys(%{$currsetting{'overrides'}})) { if (ref($currsetting{'overrides'}{$key}) eq 'HASH') { if (ref($newsetting{'override_'.$key}) eq 'HASH') { foreach my $item (@contacts,'bcc','others','include') { - if ($currsetting{'overrides'}{$key}{$item} ne $newsetting{'override_'.$key}{$item}) { + if ($currsetting{'overrides'}{$key}{$item} ne $newsetting{'override_'.$key}{$item}) { push(@{$changes{'overrides'}},$key); last; } @@ -17563,7 +16720,7 @@ sub modify_contacts { } } else { foreach my $key (@overrides) { - push(@{$changes{'overrides'}},$key); + push(@{$changes{'overrides'}},$key); } } } @@ -17745,7 +16902,7 @@ sub modify_contacts { $resulttext .= $bcctext.': <span class="LC_cusr_emph">'.$bcc{$type}.'</span>'; } elsif (!@text) { $resulttext .= &mt('No one'); - } + } if ($includestr{$type} ne '') { if ($includeloc{$type} eq 'b') { $resulttext .= '<br />'.&mt('Text automatically added to e-mail body:').' '.$includestr{$type}; @@ -17769,14 +16926,14 @@ sub modify_contacts { if (ref($newsetting{'override_'.$type}) eq 'HASH') { my @text; foreach my $item (@contacts) { - if ($newsetting{'override_'.$type}{$item}) { + if ($newsetting{'override_'.$type}{$item}) { push(@text,$short_titles->{$item}); } } if ($newsetting{'override_'.$type}{'others'} ne '') { push(@text,$newsetting{'override_'.$type}{'others'}); } - + if (@text) { $resulttext .= &mt('Helpdesk e-mail sent to: [_1]', '<span class="LC_cusr_emph">'.join(', ',@text).'</span>'); @@ -17969,6 +17126,7 @@ sub modify_privacy { user => 'User authorizes', domain => 'Domain Coordinator authorizes', auto => 'Unrestricted', + notify => 'Notify when role needs authorization', ); my %fieldnames = &Apache::lonlocal::texthash ( id => 'Student/Employee ID', @@ -18086,6 +17244,18 @@ sub modify_privacy { } } } + my %domcoords = &Apache::lonnet::get_active_domroles($dom,['dc']); + my %notify; + foreach my $possdc (&Apache::loncommon::get_env_multiple('form.privacy_notify')) { + if (exists($domcoords{$possdc})) { + $notify{$possdc} = 1; + } + } + my $notify = join(',',sort(keys(%notify))); + if ($current{'notify'} ne $notify) { + $changes{'notify'} = 1; + } + $privacyhash{'notify'} = $notify; } my %confighash = ( privacy => \%privacyhash, @@ -18094,7 +17264,7 @@ sub modify_privacy { if ($putresult eq 'ok') { if (keys(%changes) > 0) { $resulttext = &mt('Changes made: ').'<ul>'; - foreach my $key ('approval','othdom','priv','unpriv') { + foreach my $key ('approval','notify','othdom','priv','unpriv') { if ($changes{$key}) { $resulttext .= '<li>'.$titles{$key}.':<ul>'; if ($key eq 'approval') { @@ -18112,6 +17282,15 @@ sub modify_privacy { } $resulttext .= '</ul></li>'; } + } elsif ($key eq 'notify') { + if ($privacyhash{$key}) { + foreach my $dc (split(/,/,$privacyhash{$key})) { + my ($dcname,$dcdom) = split(/:/,$dc); + $resulttext .= '<li>'.&Apache::loncommon::plainname($dcname,$dcdom).'</li>'; + } + } else { + $resulttext .= '<li>'.&mt('No DCs to notify').'</li>'; + } } elsif ($key eq 'othdom') { my @statuses; if (ref($types) eq 'ARRAY') { @@ -18152,6 +17331,7 @@ sub modify_privacy { $resulttext .= '</ul></li>'; } } + $resulttext .= '</ul>'; } else { $resulttext = &mt('No changes made to user information settings'); } @@ -18338,12 +17518,15 @@ sub modify_passwords { $error = &mt("Upload of file containing domain-specific text is not permitted to this server: [_1]",$switchserver); } else { if ($author_ok eq 'ok') { + my $modified = []; my ($result,$customurl) = - &publishlogo($r,'upload','passwords_customfile',$dom, - $confname,'customtext/resetpw','','',$customfn); + &Apache::lonconfigsettings::publishlogo($r,'upload','passwords_customfile',$dom, + $confname,'customtext/resetpw','','',$customfn, + $modified); if ($result eq 'ok') { $newvalues{'resetcustom'} = $customurl; $changes{'reset'} = 1; + &update_modify_urls($r,$modified); } else { $error = &mt("Upload of [_1] failed because an error occurred publishing the file in RES space. Error was: [_2].",$customfn,$result); } @@ -18591,7 +17774,7 @@ sub modify_passwords { ); my $needed = '<ul><li>'. join('</li><li>',map {$rulenames{$_} } @{$confighash{'passwords'}{'chars'}}). - '</li></ul>'; + '</li></ul>'; $resulttext .= '<li>'.&mt('[_1] set to: [_2]',$titles{'chars'},$needed).'</li>'; } else { $resulttext .= '<li>'.&mt('[_1] set to none',$titles{'chars'}).'</li>'; @@ -18664,7 +17847,7 @@ sub password_rule_changes { my (@rules,%staticdefaults); if ($prefix eq 'passwords') { @rules = ('min','max','expire','numsaved'); - } elsif ($prefix eq 'secrets') { + } elsif (($prefix eq 'ltisecrets') || ($prefix eq 'toolsecrets')) { @rules = ('min','max'); } $staticdefaults{'min'} = $Apache::lonnet::passwdmin; @@ -19074,7 +18257,7 @@ sub modify_selfcreation { if (($chosen eq 'inst') || ($chosen eq 'noninst')) { my $emaildom; if ($env{'form.cancreate_emaildomain_'.$chosen.'_'.$type} =~ /^\@[^\@]+$/) { - $emaildom = $env{'form.cancreate_emaildomain_'.$chosen.'_'.$type}; + $emaildom = $env{'form.cancreate_emaildomain_'.$chosen.'_'.$type}; $cancreate{'emaildomain'}{$type}{$chosen} = $emaildom; if (ref($curremaildom{$type}) eq 'HASH') { if (exists($curremaildom{$type}{$chosen})) { @@ -19086,7 +18269,7 @@ sub modify_selfcreation { } } elsif ($emaildom ne '') { push(@{$changes{'cancreate'}},'emaildomain'); - } + } } $cancreate{'emailoptions'}{$type} = $env{'form.cancreate_emailoptions_'.$type}; } elsif ($chosen eq 'custom') { @@ -19513,7 +18696,7 @@ sub modify_selfcreation { ); if (@types) { if (@statuses) { - $chgtext .= &mt('Processing of requests to create account with e-mail verification set as follows:'). + $chgtext .= &mt('Processing of requests to create account with e-mail verification set as follows:'). '<ul>'; foreach my $status (@statuses) { if ($status eq 'default') { @@ -19599,7 +18782,7 @@ sub modify_selfcreation { $output = '<li>'.$usertypes{$type}.' -- '.&mt('No restriction on e-mail domain').'</li>'; } else { $output = '<li>'.$usertypes{$type}.' -- '.&mt("User's e-mail address needs to end: [_1]", - $cancreate{'emaildomain'}{$type}{'inst'}).'</li>'; + $cancreate{'emaildomain'}{$type}{'inst'}).'</li>'; } } } elsif ($cancreate{'emailoptions'}{$type} eq 'noninst') { @@ -19617,7 +18800,7 @@ sub modify_selfcreation { $output = '<li>'.$usertypes{$type}.' -- '.&mt('No restriction on e-mail domain').'</li>'; } else { $output = '<li>'.$usertypes{$type}.' -- '.&mt("User's e-mail address must not end: [_1]", - $cancreate{'emaildomain'}{$type}{'noninst'}).'</li>'; + $cancreate{'emaildomain'}{$type}{'noninst'}).'</li>'; } } } @@ -19721,7 +18904,7 @@ sub modify_selfcreation { $typename = $othertitle; } else { $typename = $usertypes{$type}; - } + } $chgtext .= &mt('(Affiliation: [_1])',$typename); } if (@{$email_rule{$type}} > 0) { @@ -20066,7 +19249,7 @@ sub modify_defaults { } if ($item eq 'portal_def') { unless (grep(/^\Q$item\E$/,@errors)) { - if ($newvalues{$item} eq '') { + if ($newvalues{$item} eq '') { foreach my $field ('email','web') { if (exists($domdefaults{$item.'_'.$field})) { delete($domdefaults{$item.'_'.$field}); @@ -20251,7 +19434,7 @@ sub modify_defaults { $resulttext =~ s/, $//; $resulttext .= '</li>'; } else { - $resulttext .= '<li>'.&mt('Institutional user status types deleted').'</li>'; + $resulttext .= '<li>'.&mt('Institutional user status types deleted').'</li>'; } } } elsif ($item eq 'unamemap_rule') { @@ -20358,12 +19541,15 @@ sub modify_scantron { $error = &mt("Upload of bubblesheet format file is not permitted to this server: [_1]",$switchserver); } else { if ($author_ok eq 'ok') { + my $modified = []; my ($result,$scantronurl) = - &publishlogo($r,'upload','scantronformat',$dom, - $confname,'scantron','','',$custom); + &Apache::lonconfigsettings::publishlogo($r,'upload','scantronformat',$dom, + $confname,'scantron','','',$custom, + $modified); if ($result eq 'ok') { $confhash{'scantron'}{'scantronformat'} = $scantronurl; $changes{'scantronformat'} = 1; + &update_modify_urls($r,$modified); } else { $error = &mt("Upload of [_1] failed because an error occurred publishing the file in RES space. Error was: [_2].",$custom,$result); } @@ -21291,6 +20477,7 @@ sub modify_coursedefaults { uploadquota => 500, postsubmit => 60, mysqltables => 172800, + domexttool => 1, ); my %texoptions = ( MathJax => 'MathJax', @@ -21482,6 +20669,47 @@ sub modify_coursedefaults { $changes{'postsubmit'} = 1; } } + my (%newdomexttool,%newexttool,%olddomexttool,%oldexttool); + map { $newdomexttool{$_} = 1; } &Apache::loncommon::get_env_multiple('form.domexttool'); + map { $newexttool{$_} = 1; } &Apache::loncommon::get_env_multiple('form.exttool'); + if (ref($domconfig{'coursedefaults'}{'domexttool'}) eq 'HASH') { + %olddomexttool = %{$domconfig{'coursedefaults'}{'domexttool'}}; + } else { + foreach my $type (@types) { + if ($staticdefaults{'domexttool'}) { + $olddomexttool{$type} = 1; + } else { + $olddomexttool{$type} = 0; + } + } + } + if (ref($domconfig{'coursedefaults'}{'exttool'}) eq 'HASH') { + %oldexttool = %{$domconfig{'coursedefaults'}{'exttool'}}; + } else { + foreach my $type (@types) { + if ($staticdefaults{'exttool'}) { + $oldexttool{$type} = 1; + } else { + $oldexttool{$type} = 0; + } + } + } + foreach my $type (@types) { + unless ($newdomexttool{$type}) { + $newdomexttool{$type} = 0; + } + unless ($newexttool{$type}) { + $newexttool{$type} = 0; + } + if ($newdomexttool{$type} != $olddomexttool{$type}) { + $changes{'domexttool'} = 1; + } + if ($newexttool{$type} != $oldexttool{$type}) { + $changes{'exttool'} = 1; + } + } + $defaultshash{'coursedefaults'}{'domexttool'} = \%newdomexttool; + $defaultshash{'coursedefaults'}{'exttool'} = \%newexttool; } my $putresult = &Apache::lonnet::put_dom('configuration',\%defaultshash, $dom); @@ -21491,8 +20719,10 @@ sub modify_coursedefaults { if (($changes{'canuse_pdfforms'}) || ($changes{'uploadquota'}) || ($changes{'postsubmit'}) || ($changes{'coursecredits'}) || ($changes{'uselcmath'}) || ($changes{'usejsme'}) || ($changes{'canclone'}) || ($changes{'mysqltables'}) || ($changes{'texengine'}) || - ($changes{'inline_chem'}) || ($changes{'ltiauth'})) { - foreach my $item ('canuse_pdfforms','uselcmath','usejsme','inline_chem','texengine','ltiauth') { + ($changes{'inline_chem'}) || ($changes{'ltiauth'}) || ($changes{'domexttool'}) || + ($changes{'exttool'}) ) { + foreach my $item ('canuse_pdfforms','uselcmath','usejsme','inline_chem','texengine', + 'ltiauth') { if ($changes{$item}) { $domdefaults{$item}=$defaultshash{'coursedefaults'}{$item}; } @@ -21535,6 +20765,20 @@ sub modify_coursedefaults { $domdefaults{'canclone'}=$defaultshash{'coursedefaults'}{'canclone'}; } } + if ($changes{'domexttool'}) { + if (ref($defaultshash{'coursedefaults'}{'domexttool'}) eq 'HASH') { + foreach my $type (@types) { + $domdefaults{$type.'domexttool'}=$defaultshash{'coursedefaults'}{'domexttool'}{$type}; + } + } + } + if ($changes{'exttool'}) { + if (ref($defaultshash{'coursedefaults'}{'exttool'}) eq 'HASH') { + foreach my $type (@types) { + $domdefaults{$type.'exttool'}=$defaultshash{'coursedefaults'}{'exttool'}{$type}; + } + } + } my $cachetime = 24*60*60; &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime); if (ref($lastactref) eq 'HASH') { @@ -21672,6 +20916,34 @@ sub modify_coursedefaults { } else { $resulttext .= '<li>'.&mt('LTI launch of deep-linked URL will require re-authentication').'</li>'; } + } elsif ($item eq 'domexttool') { + my @noyes = (&mt('no'),&mt('yes')); + if (ref($defaultshash{'coursedefaults'}{'domexttool'}) eq 'HASH') { + $resulttext .= '<li>'.&mt('External Tools defined in the domain may be used as follows:').'<ul>'. + '<li>'.&mt('Official courses: [_1]','<b>'.$noyes[$defaultshash{'coursedefaults'}{'domexttool'}{'official'}].'</b>').'</li>'. + '<li>'.&mt('Unofficial courses: [_1]','<b>'.$noyes[$defaultshash{'coursedefaults'}{'domexttool'}{'unofficial'}].'</b>').'</li>'. + '<li>'.&mt('Textbook courses: [_1]','<b>'.$noyes[$defaultshash{'coursedefaults'}{'domexttool'}{'textbook'}].'</b>').'</li>'. + '<li>'.&mt('Placement tests: [_1]','<b>'.$noyes[$defaultshash{'coursedefaults'}{'domexttool'}{'placement'}].'</b>').'</li>'. + '<li>'.&mt('Communities: [_1]','<b>'.$noyes[$defaultshash{'coursedefaults'}{'domexttool'}{'community'}].'</b>').'</li>'. + '</ul>'. + '</li>'; + } else { + $resulttext .= '<li>'.&mt('External Tools defined in the domain may be used in all course types, by default').'</li>'; + } + } elsif ($item eq 'exttool') { + my @noyes = (&mt('no'),&mt('yes')); + if (ref($defaultshash{'coursedefaults'}{'exttool'}) eq 'HASH') { + $resulttext .= '<li>'.&mt('External Tools can be defined and configured in course containers as follows:').'<ul>'. + '<li>'.&mt('Official courses: [_1]','<b>'.$noyes[$defaultshash{'coursedefaults'}{'exttool'}{'official'}].'</b>').'</li>'. + '<li>'.&mt('Unofficial courses: [_1]','<b>'.$noyes[$defaultshash{'coursedefaults'}{'exttool'}{'unofficial'}].'</b>').'</li>'. + '<li>'.&mt('Textbook courses: [_1]','<b>'.$noyes[$defaultshash{'coursedefaults'}{'exttool'}{'textbook'}].'</b>').'</li>'. + '<li>'.&mt('Placement tests: [_1]','<b>'.$noyes[$defaultshash{'coursedefaults'}{'exttool'}{'placement'}].'</b>').'</li>'. + '<li>'.&mt('Communities: [_1]','<b>'.$noyes[$defaultshash{'coursedefaults'}{'exttool'}{'community'}].'</b>').'</li>'. + '</ul>'. + '</li>'; + } else { + $resulttext .= '<li>'.&mt('External Tools can not be defined in any course types, by default').'</li>'; + } } } $resulttext .= '</ul>'; @@ -22065,7 +21337,7 @@ sub modify_wafproxy { } } elsif ($currvalue{$item}) { $changes{$item} = 1; - } + } } } else { if (keys(%curralias)) { @@ -22073,7 +21345,7 @@ sub modify_wafproxy { } if (keys(%currsaml)) { $changes{'saml'} = 1; - } + } if (keys(%currvalue)) { foreach my $key (keys(%currvalue)) { $changes{$key} = 1; @@ -22083,7 +21355,7 @@ sub modify_wafproxy { if (keys(%changes)) { my %defaultshash = ( wafproxy => \%wafproxy, - ); + ); my $putresult = &Apache::lonnet::put_dom('configuration',\%defaultshash, $dom); if ($putresult eq 'ok') { @@ -22099,7 +21371,7 @@ sub modify_wafproxy { $domdefaults{'waf_'.$item} = $wafproxy{$item}; } elsif (exists($domdefaults{'waf_'.$item})) { delete($domdefaults{'waf_'.$item}); - } + } } } if ($updatedomdefs) { @@ -22166,7 +21438,7 @@ sub modify_wafproxy { $output .= '<li>'.&mt('Aliases deleted for hostnames').'</li>'; } } elsif ($item eq 'saml') { - my $shown; + my $shown; if (ref($wafproxy{'saml'}) eq 'HASH') { if (keys(%{$wafproxy{'saml'}})) { $shown = join(', ',sort(keys(%{$wafproxy{'saml'}}))); @@ -22230,6 +21502,7 @@ sub modify_wafproxy { } } } + $output .= '</ul>'; } else { $output = '<span class="LC_error">'. &mt('An error occurred: [_1]',$putresult).'</span>'; @@ -22495,7 +21768,7 @@ sub modify_usersessions { if (($offload eq 'offloadoth') && (@okoffloadoth)) { $changes{'offloadoth'} = 1; } - } + } } } else { if (@okoffload) { @@ -23033,7 +22306,7 @@ sub modify_loadbalancing { } if ($env{'form.loadbalancing_cookie_'.$i}) { $defaultshash{'loadbalancing'}{$balancer}{'cookie'} = 1; - if (exists($currbalancer{$balancer})) { + if (exists($currbalancer{$balancer})) { unless ($currcookies{$balancer}) { $changes{'curr'}{$balancer}{'cookie'} = 1; } @@ -23719,7 +22992,6 @@ function balancerChange(balnum,baltotal, END } - sub new_spares_js { my @sparestypes = ('primary','default'); my $types = join("','",@sparestypes);